Design Flaws and Cryptanalysis of a Standard Mutual Authentication Protocol for Cloud Computing-Based Healthcare System

As the connectivity of the people with the Internet is increasing the use of the healthcare system. Due to this technology, it is possible to save time and expenditure of the patients. In medical communication, security and privacy are an important concern. Authentication is the essential validating part of secure information and network communication. A mutual authentication scheme for cloud-assisted medical system is published by Mohit et al. (J Med Syst 41(4):50, 2017. https://doi.org/10.1007/s10916-017-0699-2). We have examined this protocol and found some design flaws and security issues in cloud environment. This protocol is vulnerable in different steps and phases. The proposed work shows that Mohit et al. framework inefficient in different phases. Therefore, mutual authentication and session key could not possible in these phases in telecare medical information system (TMIS). Finally, we provide solutions of Mohit et al. scheme.