Motivation Many of the schemes Lin Wei et al

Motivation: Many of the schemes (Lin, 2013; Wei et al., 2012; Xie et al., 2013; Zhu, 2012; Xu et al., 2014; Lee et al., 2013) cannot identify the correctness of input which leads to a denial of service scenario in the case of incorrect input in the password change phase (Mishra, 2015a,b). A single mistake in the password change phase does not allow a user to login to the server using the same smart card. In other words, an authorized user can never use the smart card to login to the server if he/she commits a mistake in password change. It is a serious security pitfall as user’s may himself/herself cause denial of service attack. In general, a user cannot be considered an expert who never commits a mistake. It is always be possible that a human may sometimes forget the password or commit a mistake while entering the password. Moreover, a user may have several accounts and may use different passwords for different accounts; in that case it caffeic acid is also possible to use one account password in another account by mistake. Thus, the mistake in the password change phase should not affect the outcome the denial of service attack. In order to overcome this drawback, efficient authentication schemes should be able to quickly detect incorrect inputs so that the denial of service scenario can be avoided for authorized users.
Our contributions: In this article, we propose an improved scheme with the aim to achieve an efficient login phase and password change phase. The proposed scheme protects the user’s privacy and resists guessing attack. Moreover, we demonstrate the validity of the proposed scheme through the BAN (Burrows, Abadi, and Needham) logic.
Organization of the article: The rest of the article is sketched as follows: The proposed password based authentication scheme for TMIS is presented in Section 2. Section 3 presents the security analysis. Section 4 discuss the comparative performance of the proposed scheme. Finally, the conclusion is drawn in Section 5.

Proposed password based authentication scheme
In this section, we propose an improved scheme to ensure efficient authorized communication. The proposed scheme is designed with the aim to provide an anonymous and efficient authentication phase. In fossil fuels scheme, a new user first completes his registration with the server, and achieved a personalized smart card. Then, the registered user can establish an authorized session with the server. The scheme comprises of four phases, namely, registration, login, authentication and password change. The notations used in the proposed scheme are given in Table 2.

Security analysis

Performance analysis
In this section, we show the efficiency analysis of proposed schemes with similar password based remote user authentication protocols based on smart card for the TMIS. Let the user identity ID, password PW, random variables, time stamp and output size of hash function is 128-bits while all are of 1024-bits. Let and denote the time complexity of the hash function, exponential operation and XOR operation, respectively. It is well known that the time complexity of the XOR operation is negligible as compared to two other operations. So, we do not take into account. In general, the time complexity associated with and can be more or less expressed as (Potlapally et al., 2006; Wong et al., 2001). Then, the extra communication and computation overheads are as follows:
In Lin’s scheme, computation of is required in the login phase, and and is required in the verification phase. So the computation overhead in the login phase is and the verification phase is . The user and server transmit the messages and , therefore the communication overhead is bits. The smart card stores the values and t, therefore, the memory required is .
In Xie et al.’s scheme, user’s smart card computes and AID in the login phase. Therefore, computation cost in the login phase is . In the verification phase, smart card computes and while server computes and . Therefore, the computation overhead in the verification phase is . The user transmits the message and , therefore the communication overhead is bits. The smart card stores the values , therefore, the memory required is bits.