احراز هويت و توافق كليد ناشناس در سامانه‌هاي مراقبت پزشكي از راه دور

With the rapid development of information technology on the one hand and the experience of the COVID-19 pandemic on the other, people nowadays prefer to access healthcare services remotely. Telemedicine Information System (TMIS) provides flexible and convenient electronic healthcare services to all people, especially those who do not have access to a physician due to geographical reasons, and reduces the cost of healthcare. However, due to the sensitivity of medical information, it is very important to prevent unauthorized access to patient data and maintain patient privacy. In this paper, two authentication key agreement schemes for medical systems are proposed. In the first scheme, to maintain privacy, the patientʹs identity is hidden from all internal and external entities. In this scheme, not only the eavesdropper but also the physician and the gateway will not know the patientʹs identity. In addition, the physicianʹs identity is kept secret from all external factors. In the second proposed scheme, the goal is to reduce the computational burden on the patient side so that the proposed algorithm can be implemented on lightweight processors. In this scheme, the patientʹs identity is hidden from all external factors and the physician, but the gateway is aware of the patientʹs real identity. On the other hand, the physicianʹs identity is kept hidden from external factors. In addition to examining the security features intuitively, the proposed schemes have also been eva‎luated using the ProVerif security verification tool for security assessment. Security analysis of the proposed methods shows that the proposed solutions are secure against common attacks.

6