An Anonymous Authenticated Key Agreement Scheme for Telecare Medical Information Systems
Round 1
Reviewer 1 Report
Comments and Suggestions for AuthorsThe paper proposes an authenticated key agreement scheme for TMIS that protects both patient and physician identities. The proposed scheme is evaluated through security analyses and found to be secure against various attacks. the subject is very interesting and will have important ramifications in the near future.
While the methodology described is rigorous, and the experimental results prove the implementation proposed by the authors, there are some observations that should be mentioned:
1. Keywords should be sorted alphabetically.
2. Abbreviations should be preserved once explained: "With Telecare Medical Information System...". Use TIMS directly.
3. The subsection of motivation in section 1 must start with a capital letter.
4. Paper outline is written wrong. The preliminaries are presented in section 2, while in 3 related works are presented, in 4 the implementation, security and efficiency analyzes in 5 and 6 and it ends with the conclusions in section 7.
5. My opinion is that sections 2 and 3 should be interchanged, so that the related works section follows the introduction.
6. Attention to spaces: for example, in the related works section, a space was omitted in "A protocol is proposed in[8]..."
7. Also, in the related works section, the sentences should not start directly with the reference, or use the reference as the subject, for example: "[11] proposes a secure and lightweight authentication scheme using Wireless Multimedia Sensor Networks (WMSN) for remote patient monitoring.". You could use "The authors of the paper [11] proposes...". Same observation for [21], [22], [30], [33], [39].
8. Why you presented article [35] in two different places in the related works section? You should move the text below table 1 where you first presented paper [35].
9. Before presenting paper [39] there is a free space. Remove it.
10. The compared papers in the Table 1 are not sorted in ascending order.
11. Works [39] and [40] are almost the only ones from the related works section that do not present disadvantages. They should also be included in table 1, for comparison.
12. Also, the proposed work should be included in the table for comparison with existing works.
13. In Figure 5, both the patient and the doctor were marked with P in the legend (patient, physician). But in the figure, the doctor is abbreviated with the letter D (probably from doctor). I suggest that the legend or the text in the figure be corrected.
14. The title of Figure 4 is incorrect. The figure shows the supervisor's registration at the gateway.
15. I noticed that in several places in the text, the authors categorize the attacker as a woman (she). I suggest using objective personal pronouns (it) because we cannot assume the gender of the attacker: ", she cannot create a valid MAC for his messages"
16. In subsection 5.2, reference is made to Figure 6 (actually it is Figure 7). Similarly, on page 14, under table 3, it is about figure 8, not figure 7.
17. Table 3 should be moved to section 6, because it is presented there.
18. The operations in table 4 do not correspond to the explanations in the text. Either the explanations or the text must be corrected, depending on what was written incorrectly.
19. Table 5 and 6 must be interchanged, to be in ascending order.
20. Please identify the following reference: "Based on the source [? ],"
Comments on the Quality of English LanguageThere are no observations regarding the quality of the English language. The language used is clear and concise.
Author Response
Please see the attachment.
Author Response File: 
Author Response.pdf
Reviewer 2 Report
Comments and Suggestions for AuthorsGraphical representation of the results will help readers understand the information presented in a better manner.
The paper talks about applying known schemes and methods to the health industry. The papers does not specifically address the issues specific to health industry. More innovative schemes can be utilized using hardware based security methods, Attacks related to false SQL injections can also be addressed.
Comments on the Quality of English LanguageVery minor revisions required.
Author Response
Please see the attachment.
Author Response File: Author Response.pdf
Round 2
Reviewer 2 Report
Comments and Suggestions for AuthorsThe presentation of the paper improved greatly compared to the previous version. Though the paper is significant when it comes to the content, it still lacks enough motivation. Could you please show stronger motivation, or other generalized ways the method can be used.
Comments on the Quality of English LanguageThe words "figures" and "tables" should always start with a capital f (F) and t (T). eg. Table and Figure
Author Response
Dear honored reviewers,
Hello,
First of all, we would like to thank you for your precise and practical comments on our paper which lead us for a better presentation of our work. Our response to your comments is as follows:
Point-by-point response to Reviewer 2:
The presentation of the paper improved greatly compared to the previous version. Though the paper is significant when it comes to the content, it still lacks enough motivation. Could you please show stronger motivation, or other generalized ways the method can be used.
Thank you for this comment. In order to strengthen the motivation, we added more description in Page 2. The edited text is highlighted.
The words "figures" and "tables" should always start with a capital f (F) and t (T). eg. Table and Figure
Thank you for your attention. we checked the paper, in 5 cases, the word table started with a lowercase letter, all cases were corrected.
In order to be compatible with the literature in the field of security protocols, the word "algorithm" has been replaced by the word "scheme" in the entire text.
Author Response File: Author Response.pdf
