Design of a Password Authentication and Key Agreement Scheme to Access e-Healthcare Services

The telecare medical information system (TMIS) offers remote healthcare services to the patients at their doorstep. Including this serenity, it is compulsory to preserve privacy and to give guaranty to the patients for secured TMIS communication. Authentication protocols are usually exploited to ensure privacy and protect communication between patients and remote assistance. Currently, we observe the inaccuracy of an authentication protocol for TMIS. The scheme is recently proposed by Qiu et al. to realize healthcare services. We find that their protocol is vulnerable to offline password guessing, replay, and anonymity violation attacks. To avoid these weaknesses, we have developed an improved biometric-based protocol. Our proposed protocol is capable to prevent the said attacks. We validate the security of our proposed protocol using Burrows–Abadi–Needham logic. We compare the performance of the proposed protocol with the preceding protocols and conclude that the proposed protocol is more secure and efficient as compared to its former counterparts.