# A Smart Card-Based Two-Factor Mutual Authentication Scheme for Efficient Deployment of an IoT-Based Telecare Medical Information System

^{1}

^{2}

^{3}

^{4}

^{5}

^{*}

## Abstract

**:**

## 1. Introduction

- We propose an efficient and provably secure two-factor authentication scheme based on hyperelliptic curve cryptography (HECC) with a smart card-based approach;
- We use the most advantageous property of HECC, a smaller key size, to make the proposed scheme as lightweight as possible;
- The proposed authentication scheme consists of two steps: validation and verification; on the reader side, the smart card performs the first phase of authentication while the server manages the second phase.
- The proposed scheme is resistant to a variety of attacks, as demonstrated by formal and informal analyses;
- Finally, after comparing the performance of the proposed scheme with that of the existing schemes, it was found that the proposed scheme is more cost-effective than the existing schemes in terms of computation and communication costs.

## 2. Literature Review

## 3. Network Architecture

## 4. Proposed Smart Card-Based Two-Factor Mutual Authentication Scheme

- Initialization: The telemedicine server (TMS) can select the hyperelliptic curve ($HE{C}_{g=2}$) with a genus equal to or less than 2 and a devisor ($\mathcal{D}$) that contains 80 bits. Additionally, the finite field (${F}_{d}$) has a size that is not greater than 80 bits. The TMS selects its private key from ($TM{S}_{pr}$) and computes its master public key using the equation $TM{S}_{pb}$ = $TM{S}_{pr}.\mathcal{D}$. At the very end, it is possible for it to define some hash functions, such as ($\mathrm{H}$), from the SHA family.
- Key Generation: The user (${U}_{i}$) selects his private key from (${U}_{pr}$) and computes his public key using the equation ${U}_{pb}={U}_{pr}.\mathcal{D}$
- Registrations: With the real identity of ($R{L}_{id}$) and password ($R{L}_{pw}$), the user (${U}_{i}$) can perform the following steps:
- Choose ($r$) from ${F}_{d}$ and compute ${U}_{idi}={E}_{TM{S}_{pb}}\left(R{L}_{id},T,r\right)$;
- Calculate ${U}_{ipwi}={E}_{TM{S}_{pb}}\left(R{L}_{pw},T,r\right)$, ${H}_{1}=h\left(R{L}_{id},T,r\right)$;
- Calculate ${H}_{2}=h\left(R{L}_{pw},T,r\right)$ and send (${H}_{1},{U}_{idi},{H}_{2},{U}_{ipwi}$) to the TMS;

- When (${H}_{1},{U}_{idi},{H}_{2},{U}_{ipwi}$) is received by the TMS, it performs the following steps:

- It calculates ${H}_{3}=h\left({H}_{1},{H}_{2},r\right)$ and ${H}_{k}=h\left({H}_{1},{H}_{2}\right)\oplus h\left(\mathrm{r},TM{S}_{pr}\right)$;
- Then, the TMS stores the values (${H}_{3},{H}_{k},r,T,TM{S}_{pb}$) into the smart card of ${U}_{i}$.

- Login: The user ${U}_{i}$ must insert their identity $R{L}_{id}$ and secret password $R{L}_{pw}$ into the smart card reader during the login process. The smart card reader (SCR) performs the first level of authentication, as covered in the following steps.
- The SCR calculates ${H}_{new1}=h\left(R{L}_{id},T,r\right)$ and ${H}_{new2}=h\left(R{L}_{pw},T,r\right)$;
- If ${H}_{3}=h\left({H}_{new1},{H}_{new2},r\right)$ is satisfied, then the login is accepted; otherwise, the login is denied;
- Calculates ${H}_{k}\oplus h\left({H}_{1},{H}_{2}\right)=h\left(\mathrm{r},TM{S}_{pr}\right)$ and chooses ($x$) from ${F}_{d}$;
- Calculates the equation $Z$=$x.TM{S}_{pb}$ and $S$=$h\left(h\left(r,T,TM{S}_{pr}\right),h\left(x.TM{S}_{pb}\right)\right)$;
- Performs encryption for a random number $x$ as $V={E}_{TM{S}_{pb}}\left(x\right)$;
- Generates a login request by using ($V,S,T$) and then send it to the TMS.

- Mutual Authentication: If the TMS receives the login request triples ($V,S,T$), then it first checks the validity of the timestamp ($T$); if it is valid, then the TMS decrypts $\left(x\right)={D}_{TM{S}_{pr}}\left(V\right)$. After this, the TMS calculates $R$ =$h\left(h\left(r,T,TM{S}_{pr}\right),h\left(x.TM{S}_{pb}\right)\right)$ and compares the value of equality, i.e., $R$ =$S$; if it is satisfied, then the server calculates $K$=$h\left(j.{U}_{pb}\right)$ and $L$=$h\left(j.D\right)$, where $j$ is a chosen number. Then, it sends ($T,L$) to${U}_{i}$. When ${U}_{i}$ receives ($L,T$), it checks the validity of $T$ and calculates $K$=$h\left(L.{U}_{pr}\right)$. Then, it passes the mutual authentication process and sets $K$ as a secret key for communication. After, the user encrypts $m$ as $C={E}_{\mathrm{K}}\left(m\right)$ and sends $C$ to the TMS. When the TMS receives $\left(C\right)$, it decrypts $C$ as $m={D}_{\mathrm{K}}\left(C\right)$.
- Password Update: This step is identical to the password update phase presented in [24].

## 5. Security Analysis

#### 5.1. Formal Security Analysis

**Theorem**

**1.**

**Proof of Theorem**

**1:**

#### 5.2. Informal Security Analysis

#### 5.2.1. Confidentiality

#### 5.2.2. Integrity

#### 5.2.3. Forward Security

#### 5.2.4. Anonymity and Untraceability

- Calculate ${H}_{new1}=h\left(R{L}_{id},T,r\right)$ and ${H}_{new2}=h\left(R{L}_{pw},T,r\right)$;
- Verify if ${H}_{3}=h({H}_{new1},{H}_{new2},r$) is satisfied; if yes, the login will be authorized; otherwise, the login will be denied;
- Calculate ${H}_{k}\oplus h\left({H}_{1},{H}_{2}\right)=h\left(\mathrm{r},TM{S}_{pr}\right)$ and choose ($x$) from ${F}_{d}$;
- Calculate the equation $Z$ = $x.TM{S}_{pb}$ and $S$ = $h\left(h\left(r,T,TM{S}_{pr}\right),h\left(x.TM{S}_{pb}\right)\right)$;
- Perform encryption for a random number $x$ as $V={E}_{TM{S}_{pb}}\left(x\right)$;
- Generate a login request by using ($V,S,T$) and sends it to the TMS.

#### 5.2.5. Resist against Replay Attack

_{i}must insert their identity $R{L}_{id}$ and secret password $R{L}_{pw}$ into the smart card reader during the login process. The SCR performs the first level of authentication, detailed in the following steps.

- Calculates ${H}_{new1}=h\left(R{L}_{id},T,r\right)$ and ${H}_{new2}=h\left(R{L}_{pw},T,r\right)$;
- Checks if ${H}_{3}=h\left({H}_{new1},{H}_{new2},r\right)$ is satisfied; if yes, then the login will be permitted; otherwise, it rejects the login;
- Computes ${H}_{k}\oplus h\left({H}_{1},{H}_{2}\right)=h\left(\mathrm{r},TM{S}_{pr}\right)$ and chooses ($x$) from ${F}_{d}$;
- Compute the equations $Z$ = $x.TM{S}_{pb}$ and $S$ = $h\left(h\left(r,T,TM{S}_{pr}\right),h\left(x.TM{S}_{pb}\right)\right)$;
- Does encryption for a random number $x$ as V = E
_{(TMSpb)}(X); - Generates a login request by using ($V,S,T$) and sends it to the TMS.

#### 5.2.6. Resistant against Denial-of-Service Attacks

#### 5.2.7. Mutual Authentication

#### 5.2.8. Key Agreement

## 6. Performance Analysis

#### 6.1. Computational Cost

- The CPU architecture is 64 bits, and the processor is an Intel Core i5-10400 running at 2.90 GHz with six cores; there is also 16 GB of RAM;
- Operating System: Ubuntu 18.04 LTS;
- Library: MIRACL [26].

- Maximum time in milliseconds: considering the maximum time, Qiu et al. [21] need $8T{M}_{h}+2T{M}_{em}=8\times 0.149+2\times 2.737=6.666$ at sender side, $5T{M}_{h}+2T{M}_{em}=5\times 0.149+2\times 2.737=6.219$ at the receiver side, and the total is $13T{M}_{h}+4T{M}_{em}=13\times 0.149+4\times 2.737=12.885$; Ostad-Sharif et al. [22] need $7T{M}_{h}+2T{M}_{em}=7\times 0.149+2\times 2.737=6.517$ at sender side, $7T{M}_{h}+2T{M}_{em}=7\times 0.149+2\times 2.737=6.517$ at the receiver side, and the total is $14T{M}_{h}+4T{M}_{em}=14\times 0.149+4\times 2.737=13.034$; Radhakrishnan et al. [24] need $10T{M}_{h}+3T{M}_{em}=10\times 0.149+3\times 2.737=9.701$ at sender side, $3T{M}_{h}+3T{M}_{em}=3\times 0.149+3\times 2.737=8.653$ at the receiver side, and the total is $13T{M}_{h}+6T{M}_{em}=13\times 0.149+6\times 2.737=18.354$; and our proposed scheme needs $10T{M}_{h}+3T{M}_{hm}=10\times 0.149+3\times 1.3685=5.5955$ at sender side, $3T{M}_{h}+3T{M}_{hm}=3\times 0.149+3\times 1.3685=4.5525$ at the receiver side, and the total is $13T{M}_{h}+3T{M}_{hm}=13\times 0.149+6\times 1.3685=10.148$
- Minimum time in milliseconds: for the minimum time in milliseconds, Qiu et al. [21] need $8T{M}_{h}+2T{M}_{em}=8\times 0.024+2\times 0.472=1.136$ at sender side, $5T{M}_{h}+2T{M}_{em}=5\times 0.024+2\times 0.472=1.064$ at the receiver side, and the total is $13T{M}_{h}+4T{M}_{em}=13\times 0.024+4\times 0.472=2.2;$ Ostad-Sharif et al. [22] need $7T{M}_{h}+2T{M}_{em}=7\times 0.024+2\times 0.472=1.112$ at sender side, $7T{M}_{h}+2T{M}_{em}=7\times 0.024+2\times 0.472=1.112$ at the receiver side, and the total is $14T{M}_{h}+4T{M}_{em}=14\times 0.024+4\times 0.472=2.224$; Radhakrishnan et al. [24] need $10T{M}_{h}+3T{M}_{em}=10\times 0.024+3\times 0.472=1.656$ at sender side, $3T{M}_{h}+3T{M}_{em}=3\times 0.024+3\times 0.472=1.488$ at the receiver side, and the total is $13T{M}_{h}+6T{M}_{em}=13\times 0.024+6\times 0.472=3.144$; and our proposed scheme needs $10T{M}_{h}+3T{M}_{hm}=10\times 0.024+3\times 0.236=0.948$ at sender side, $3T{M}_{h}+3T{M}_{hm}=3\times 0.024+3\times 0.236=0.78$ at the receiver side, and the total is $13T{M}_{h}+3T{M}_{hm}=13\times 0.024+6\times 0.236=1.728.$
- Average time in milliseconds: for the average time in milliseconds, Qiu et al. [21] need $8T{M}_{h}+2T{M}_{em}=8\times 0.055+2\times 0.522=1.484$ at sender side, $5T{M}_{h}+2T{M}_{em}=5\times 0.055+2\times 0.522=1.319$ at the receiver side, and the total is $13T{M}_{h}+4T{M}_{em}=13\times 0.055+4\times 0.522=2.803;$ Ostad-Sharif et al. [22] need $7T{M}_{h}+2T{M}_{em}=7\times 0.055+2\times 0.522=1.429$ at sender side, $7T{M}_{h}+2T{M}_{em}=7\times 0.055+2\times 0.522=1.429$ at the receiver side, and the total is $14T{M}_{h}+4T{M}_{em}=14\times 0.055+4\times 0.522=2.858$; Radhakrishnan et al. [24] need $10T{M}_{h}+3T{M}_{em}=10\times 0.055+3\times 0.522=2.116$ at sender side, $3T{M}_{h}+3T{M}_{em}=3\times 0.055+3\times 0.522=1.721$ at the receiver side, and the total is $13T{M}_{h}+6T{M}_{em}=13\times 0.055+6\times 0.522=3.837$; and our proposed scheme needs $10T{M}_{h}+3T{M}_{hm}=10\times 0.055+3\times 0.261=1.333$ at sender side, $3T{M}_{h}+3T{M}_{hm}=3\times 0.055+3\times 0.261=0.948$ at the receiver side, and the total is $13T{M}_{h}+3T{M}_{hm}=13\times 0.055+6\times 0.261=2.281.$

#### 6.2. Communication Cost

## 7. Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Conflicts of Interest

## Abbreviations

BP | bilinear pairing |

DOS | denial of service |

ECC | elliptic curve cryptography |

HECC | hyperelliptic curve cryptography |

HECDLP | hyperelliptic curve discrete logarithm problem |

IoT | Internet of things |

KGC | key generation centre |

MIRACL | multiprecision integer and rational arithmetic cryptographic |

ROM | random oracle mode |

ROR | real-or-random |

RSA | Rivest-Shamir-Adleman |

SHA | secure hashing algorithm |

TMIS | telecare medicine information system |

TMS | telemedicine server |

## References

- Ullah, I.; Khan, M.A.; Abdullah, A.M.; Noor, F.; Innab, N.; Chen, C.-M. Enabling Secure Communication in Wireless Body Area Networks with Heterogeneous Authentication Scheme. Sensors
**2023**, 23, 1121. [Google Scholar] [CrossRef] [PubMed] - Ullah, I.; Zeadally, S.; Amin, N.U.; Khan, M.A.; Khattak, H. Lightweight and provable secure cross-domain access control scheme for Internet of things (IoT) based wireless body area networks (WBAN). Microprocess. Microsyst.
**2020**, 81, 103477. [Google Scholar] [CrossRef] - AlQahtani, S.A. An Evaluation of e-Health Service Performance through the Integration of 5G IoT, Fog, and Cloud Computing. Sensors
**2023**, 23, 5006. [Google Scholar] [CrossRef] - Al-kahtani, M.S.; Khan, F.; Taekeun, W. Application of Internet of Things and Sensors in Healthcare. Sensors
**2022**, 22, 5738. [Google Scholar] [CrossRef] [PubMed] - Gao, H.; Zhou, L.; Kim, J.Y.; Li, Y.; Huang, W. Applying probabilistic model checking to the behavior guidance and abnormality detection for A-MCI patients under wireless sensor network. ACM Trans. Sens. Netw.
**2023**, 19, 1–24. [Google Scholar] [CrossRef] - Döschl, A.; Keller, M.-E.; Mandl, P. Performance evaluation of GPU- and cluster-computing for parallelization of compute-intensive tasks. Int. J. Web Inf. Syst.
**2021**, 17, 377–402. [Google Scholar] [CrossRef] - Cardinale, Y.; Cornejo-Lupa, M.A.; Pinto-De la Gala, A.; Ticona-Herrera, R. Application of a methodological approach to compare ontologies. Int. J. Web Inf. Syst.
**2021**, 17, 333–376. [Google Scholar] [CrossRef] - Khan, M.A.; Rehman, S.U.; Uddin, M.I.; Nisar, S.; Noor, F.; Alzahrani, A.; Ullah, I. An Online-Offline Certificateless Signature Scheme for Internet of Health Things. J. Health Eng.
**2020**, 2020, 6654063. [Google Scholar] [CrossRef] - Chen, C.M.; Liu, S.; Chaudhry, S.A.; Chen, Y.C.; Khan, M.A. A Lightweight and Robust User Authentication Protocol with User Anonymity for IoT-Based Healthcare. CMES-Comput. Model. Eng. Sci.
**2022**, 131, 307–329. [Google Scholar] [CrossRef] - Lamport, L. Password authentication with insecure communication. Commun. ACM
**1981**, 24, 770–772. [Google Scholar] [CrossRef] [Green Version] - Ullah, I.; Alomari, A.; Ul Amin, N.; Khan, M.A.; Khattak, H. An Energy Efficient and Formally Secured Certificate-Based Signcryption for Wireless Body Area Networks with the Internet of Things. Electronics
**2019**, 8, 1171. [Google Scholar] [CrossRef] [Green Version] - Khan, J.; Khan, G.A.; Li, J.P.; AlAjmi, M.F.; Haq, A.U.; Khan, S.; Ahmad, N.; Parveen, S.; Shahid, M.; Ahmad, S. Secure smart healthcare monitoring in industrial Internet of things (iiot) ecosystem with cosine function hybrid chaotic map encryption. Sci. Program.
**2022**, 2022, 8853448. [Google Scholar] [CrossRef] - Khan, J.; Li, J.P.; Haq, A.U.; Khan, G.A.; Ahmad, S.; Abdullah Alghamdi, A.; Golilarz, N.A. Efficient secure surveillance on smart healthcare IoT system through cosine-transform encryption. J. Intell. Fuzzy Syst.
**2021**, 40, 1417–1442. [Google Scholar] [CrossRef] - Chaudhry, S.A.; Irshad, A.; Khan, M.A.; Khan, S.A.; Nosheen, S.; AlZubi, A.A.; Zikria, Y.B. A Lightweight Authentication Scheme for 6G-IoT Enabled Maritime Transport System. IEEE Trans. Intell. Transp. Syst.
**2021**, 24, 2401–2410. [Google Scholar] [CrossRef] - Wu, Z.Y.; Lee, Y.C.; Lai, F.; Lee, H.C.; Chung, Y. A secure authentication scheme for telecare medicine information systems. J. Med. Syst.
**2010**, 36, 1529–1535. [Google Scholar] [CrossRef] - He, D.; Chen, J.; Zhang, R. A more secure authentication scheme for telecare medicine information systems. J. Med. Syst.
**2012**, 36, 1989–1995. [Google Scholar] - Wei, J.; Hu, X.; Liu, W. An improved authentication scheme for telecare medicine information systems. J. Med. Syst.
**2012**, 36, 3597–3604. [Google Scholar] [CrossRef] - Xu, X.; Zhu, P.; Wen, Q.; Jin, Z.; Zhang, H.; He, L. A secure and efficient authentication and key agreement scheme based on ECC for telecare medicine information systems. J. Med. Syst.
**2014**, 38, 9994. [Google Scholar] [CrossRef] - Islam, S.H.; Khan, M.K. Cryptanalysis and Improvement of Authentication and Key Agreement Protocols for Telecare Medicine Information Systems. J. Med. Syst.
**2014**, 38, 135. [Google Scholar] [CrossRef] - Chaudhry, S.A.; Naqvi, H.; Shon, T.; Sher, M.; Farash, M.S. Cryptanalysis and Improvement of an Improved Two Factor Authentication Protocol for Telecare Medical Information Systems. J. Med. Syst.
**2015**, 39, 66. [Google Scholar] [CrossRef] - Qiu, S.; Xu, G.; Ahmad, H.; Wang, L. A Robust Mutual Authentication Scheme Based on Elliptic Curve Cryptography for Telecare Medical Information Systems. IEEE Access
**2018**, 6, 7452–7463. [Google Scholar] [CrossRef] - Ostad-Sharif, A.; Abbasinezhad-Mood, D.; Nikooghadm, M. A robust and efficient ECC-based mutual authentication and session key generation scheme for healthcare applications. J. Med. Syst.
**2019**, 43, 10. [Google Scholar] [CrossRef] [PubMed] - Kumari, S.; Chaudhary, P.; Chen, C.M.; Khan, M.K. Questioning key compromise attack on Ostad-Sharif et al.’s authentication and session key generation scheme for healthcare applications. IEEE Access
**2019**, 7, 39717–39720. [Google Scholar] [CrossRef] - Radhakrishnan, N.; Muniyandi, A.P. Dependable and Provable Secure Two-Factor Mutual Authentication Scheme Using ECC for IoT-Based Telecare Medical Information System. J. Healthc. Eng.
**2022**, 2022, 9273662. [Google Scholar] [CrossRef] - Xie, P.-S.; Pan, X.-J.; Wang, H.; Wang, J.L.; Feng, T.; Yan, Y. Conditional Privacy-Preserving Authentication Scheme for IoV Based on ECC. Int. J. Netw. Secur.
**2022**, 24, 501–510. [Google Scholar] - Shamus Sofware Ltd. Miracl Library. Available online: http://github.com/miracl/MIRACL (accessed on 15 April 2023).
- Khan, M.A.; Shah, H.; Rehman, S.U.; Kumar, N.; Ghazali, R.; Shehzad, D.; Ullah, I. Securing Internet of drones with identity-based proxy signcryption. IEEE Access
**2021**, 9, 89133–89142. [Google Scholar] [CrossRef] - Ullah, I.; Khan, M.A.; Khan, F.; Jan, M.A.; Srinivasan, R.; Mastorakis, S.; Hussain, S.; Khattak, H. An Efficient and Secure Multi-message and Multi-receiver Signcryption Scheme for Edge Enabled Internet of Vehicles. IEEE Internet Things J.
**2021**, 9, 2688–2697. [Google Scholar] [CrossRef]

S. No | Symbol | Description |
---|---|---|

1 | $h$ | The hash function that belongs to the SHA family |

2 | $TM{S}_{pr}$ | The private key of the TMS, which is selected from the finite field (${F}_{d}$) |

3 | (${F}_{d}$) | The finite field of a hyperelliptic curve has a size that is not greater than 80 bits |

4 | ($HE{C}_{g=2}$) | The hyperelliptic curve with genus equal to or less than 2 |

5 | ($\mathcal{D}$) | The devisor is on a hyperelliptic curve and has a size that is not greater than 80 bits |

6 | $R{L}_{id}$ | The real identity of the user ${U}_{i}$ |

7 | ($R{L}_{pw}$) | The password for the user ${U}_{i}$ |

8 | $TM{S}_{pb}$ | The public key of the TMS which is the multiplication of the private key $TM{S}_{pr}\mathrm{and}\mathrm{devisor}\left(\mathcal{D}\right)$ |

9 | ${E}_{TM{S}_{pb}}$ | Encryption process by using the public key of the TMS |

10 | $\oplus $ | Used to represent the encryption and decryption |

11 | ${D}_{TM{S}_{pr}}$ | Decryption process by using the private key of the TMS |

12 | $T$ | It is used to represent the timestamp |

13 | $x,r,j$ | Three randomly generated numbers from (${F}_{d}$) |

14 | $K$ | The secret key which is shared among the TMS and the user |

15 | ${E}_{\mathrm{K}}$ | Encryption process by using the shared secret key of the TMS and the user |

16 | ${D}_{\mathrm{K}}$ | Decryption process by using the shared secret key of the TMS and the user |

Schemes | Communication Cost | Communication Cost in Bits |
---|---|---|

Qiu et al. [21] | $2B{M}_{h}+3B{M}_{em}$ | $992$ |

Ostad-Sharif et al. [22] | $4B{M}_{h}+3B{M}_{em}$ | $1504$ |

Radhakrishnan et al. [24] | $2B{M}_{h}+3B{M}_{em}$ | $992$ |

Proposed Scheme | $2B{M}_{h}+2B{M}_{hm}$ | $672$ |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Khan, M.A.; Alhakami, H.; Alhakami, W.; Shvetsov, A.V.; Ullah, I.
A Smart Card-Based Two-Factor Mutual Authentication Scheme for Efficient Deployment of an IoT-Based Telecare Medical Information System. *Sensors* **2023**, *23*, 5419.
https://doi.org/10.3390/s23125419

**AMA Style**

Khan MA, Alhakami H, Alhakami W, Shvetsov AV, Ullah I.
A Smart Card-Based Two-Factor Mutual Authentication Scheme for Efficient Deployment of an IoT-Based Telecare Medical Information System. *Sensors*. 2023; 23(12):5419.
https://doi.org/10.3390/s23125419

**Chicago/Turabian Style**

Khan, Muhammad Asghar, Hosam Alhakami, Wajdi Alhakami, Alexey V. Shvetsov, and Insaf Ullah.
2023. "A Smart Card-Based Two-Factor Mutual Authentication Scheme for Efficient Deployment of an IoT-Based Telecare Medical Information System" *Sensors* 23, no. 12: 5419.
https://doi.org/10.3390/s23125419