With the advancement and innovations in mobile and wireless communication technologies including cloud computing and Internet of Things, the paradigms of dispensing heath-based services have massively transformed. The telecare medical information system (TMIS) or wireless body area networks technology frameworks facilitate patients to remotely receive medical treatment from physicians through the Internet without paying a visit to the hospital. In order to ensure the medical privacy of the patients and the verification of authenticity of all entities in TMIS-based system before exchange of sensitive credentials and diagnosis reports, many TMIS-based authentication protocols have been presented so far; however, there is a still need of more efficient and secure key agreements. Recently, Karthegaveni et al. demonstrated a remote health care monitoring protocol with the use of elliptic curve cryptography crypto-primitives. However, we discover many drawbacks in their protocol including replay attack, denial of service attack, lacking mutual authenticity between the client and server. Moreover, the scheme has several technical limitations. We propose an efficient and secure TMIS-based protocol employing lightweight symmetric key operations. The contributed model is proven by rigorous formal security analysis, while its security features are also validated under automated ProVerif tool. The proposed scheme supports 38% more security features on average than compared schemes. The performance evaluation also depicts that the demonstrated and comparative findings are in the favour of the proposed model.

随着包括云计算和物联网在内的移动和无线通信技术的进步和创新，分配基于健康的服务的范例已发生了巨大变化。远程医疗信息系统（TMIS）或无线人体局域网技术框架可帮助患者通过Internet远程从医生那里接受医疗服务，而无需去医院就诊。为了确保患者的医疗隐私并在交换敏感凭证和诊断报告之前在基于TMIS的系统中验证所有实体的真实性，到目前为止，已经提出了许多基于TMIS的身份验证协议。但是，仍然需要更有效和安全的密钥协议。最近，Karthegaveni等人。演示了使用椭圆曲线密码学加密原语的远程医疗监控协议。但是，我们发现其协议中存在许多缺点，包括重播攻击，拒绝服务攻击，客户端和服务器之间缺乏相互真实性。此外，该方案具有若干技术限制。我们提出了一种有效且安全的基于TMIS的协议，该协议采用轻量级对称密钥操作。通过严格的正式安全分析证明了该贡献模型，同时还通过自动ProVerif工具验证了其安全功能。与比较方案相比，所提出的方案平均支持38％的安全功能。绩效评估还表明，已证明的和可比较的发现对所提出的模型有利。