Login Phase. The login phase is executed whenever the Ui wants to gain access to WSN. In this phase, Xx sends the login request to GWN. Figure 5 illustrates the login and verification phase for our proposed scheme. In detail, this process is:
(1) Ui inserts Ui’s smart card into a terminal, and inputs the IDi and PWi. The smart card computes the masked password PWi∗ = h(PWi||b) and v∗ = Ni ⊕ h(IDi||PWi∗). The smart card further computes Mi∗ = h(PWi∗||v∗ ), and compares it with the stored value Mi. If this condition is satisfied, the smart card acknowledges the legitimacy of the Ui, and proceeds with the next step. Otherwise, it terminates this phase.
(2) The smart card chooses a random nonce R1 ∈ {0, 1}l , and computes DIDi = h(IDi||R1). The smart card then computes k = h(DIDi||v∗||T1) and Ai = Ek(DIDi||R1||T1).
(3) Finally, Xx sends a login request message (XXXx, Ai, T1) to GWN through a public channel. User (U ) Gateway (GW ) Sensor (Sn) Inputs (IDi, PWi) PWi∗ = h(PWi||b) v∗ = Ni ⊕ h(IDi||PWi∗) Mi∗ = h(PWi∗||v∗) Checks M∗ =? M
i i Chooses a random nonce R1 ∈ {0, 1}l DIDi = h(IDi||R1), k = h(DIDi||v∗||T1) Ai = Ek (DIDi||R1||T1) (XXXx, Xx, T1) Checks |T1′ − T1| < ∆T k = h(DIDi||h(xa)||T1) Dk(Ai ) = {DIDi, R1, T1} Checks DIDi, T1 Chooses a random nonce R2 ∈ {0, 1}l Mi = R2 ⊕ h(xs||SIDn) SK = h(DIDi||h(xs||SIDn)||R2||T2) Bi = h(DIDi||SK||h(xs||SIDn)||SIDn||T2) (Mi, XXXx, Bi, T2) Checks |T2′ − T2| < ∆T R2 = Mi ⊕ h(xs||SIDn) SK = h(DIDi||h(xs||SIDn)||R2||T2) Bi∗ = h(DIDi||SK||h(xs||SIDn)||SIDn||T2) Checks B∗ =? B Ci = h(h(xs||SIDn)||SK||DIDi||SIDn||T3) (Ci, T3) Checks |T3′ − T3| < ∆T Ci∗ = h(h(xs||SIDn)||SK||DIDi||SIDn||T3) Checks C∗ =? C Di = Ek (DIDi||SIDn||SK||R1||T4) (Di, T4) Checks |T4′ − T4| < ∆T Dk (Di) = {DIDi, SIDn, SK, R1, T4} Checks DIDi, R1, T4
Login Phase. During this phase the user with identity IDi can login to the server with the smart card and the password the user and the server will authenticate each other and establish a session key is used to secure further communications between that user and the server the attacker can initiate a log-in request on behalf of the user, or act as the server by sending messages to the user. An active attacker can also request any session keys adaptively (if the protocol supports key agreement). It is evident that an active attacker is more powerful than a passive attacker. On the other hand, smart-card-based password authentication provides two-factor authentication, namely something the user has: a valid smart card. Something the user knows: a correct password. Successful log-in requires a valid smart card and the correct password.
Login Phase. Step 1: Ui inputs IDi∗ and pwi∗ into SCi. ? Step 2: SCi computes RNr∗ = h(pwi∗ ) ⊕ XPWi, HPWi∗ = h(pwi∗ ||RNr∗ ), XS∗i = Ci ⊕ h(IDS||HPWi∗ ), Bi∗ = h(HPWi∗ ⊕ XS∗i . Then, SCi verifies Bi∗ = Bi. If it is valid, SCi computes ki = h(XS∗i ||Ti), DIDi = h(HPWi∗ ||XS∗i ) ⊕ ki, MUi ,G = h(Ai||XS∗i ||Ti), where Ti is the timestamp. Step 3: Ui sends {XXXx, MUi ,G , Xx, TIDi} to GWN.
Login Phase. At this stage, user logs in and assigns a key to the cloud server. As shown in Fig. 4 and Fig. 5, the user and the cloud server performs this process as bellow. Ci Join Phase
1) User U login to the cloud server Ci.
2) Ci sends its identity IDi to U via the secure channel.
Login Phase. When Ui logins the system, he/she can perform the next steps. • Ui inserts his/her smart card into a card reader and enters the identity IDi, password PWi. The smart card SC computes bt = B ⊕ IDi ⊕ PWi, Ct = C2 ⊕ h(bt ǁPWi) ⊕ h(IDi), Ct = h(Ct ), and phase, authentication phase and password change phase. 1 t 3 1 compares C3 with C3 stored in the smart card. Only if the equation holds, XX performs the following steps. • SC generates a random number v and computes V = gv mod n, h(xǁy) = c4 ⊕ h(bǁPWi), CIDi = h(IDi)⊕h(V ǁh(xǁy)), M1 = h(CIDiǁV ||C1). Then, Xx sends login request message {CIDi, V, M1} to Si.
Login Phase. When Ui logins the system, he/she can perform the next steps. 3 • Ui inserts his/her smart card into a card reader and enters the identity IDi, password PWi. The smart card SC computes b = B ⊕ IDi ⊕ PWi, RPWi = h(b PWi), C1 = C2 RPWi, d = C4 h(C1 RPWi), t = h(C1 d), and compares Ct with C3 stored in the smart card. Only if the equation holds, SC per- forms the following steps. • SC generates a random number v and computes V = gv mod n, D = gd mod n, h(xǁyǁD) = C5 ⊕ h(C1ǁIDi), CIDi = IDi ⊕ h(V ǁh(xǁyǁD)), F1 = RPWi ⊕h(C1ǁIDi), F2 = C4 ⊕h(V ǁC1)⊕h(xǁyǁD), M1 = h(IDiǁRPWiǁV ǁC1ǁd). Then, Xx sends login
Login Phase. A user Ui inserts his smart card into a card reader to login on to server S and submits his identity IDi and password Pi. Smart card verifies authenticity of the user Ui and sends user Ui’s verification information to the destination server S.
Login Phase. When A wants to communicate to B, A performs this login phase with B via TS. Figure 4 shows the steps of it and the detailed processes are as follows.
Step 1: A inputs XXX and PWA. A’s SC computes WA’ = IDAXOR PWA and checks whether V2equals to H(WA’). If not, the SC stops the phase. Step 2: Otherwise, A’s SC chooses a random number RA and computes XA = ê(RA, P), YA = ê(RA, F)XOR XXX, VA’ = V1 XOR WA’, MA = H(VA’||XXX||IDB) and CA-TS= KA-TS(MA||IDB). After that, A sends the message <XA, YA, CA-TS> to TS through a public channel.
Login Phase. When A wants to communicate toB, A performs this login phase with TS. The details of this phase are as follows.
Step 1: A inputs XXX and PWA. A’s smart card computes WA’ = XXX⨁PWA and checks whether V2equals to h(WA’). If not, the smart card stops the phase.
Step 2: Otherwise, A’s smart card chooses a random number RA and computes XA = ê(RA, P), YA = ê(RA, F) ⨁ XXX, VA’ = V1 ⨁ WA’, MA = h(VA||XXX||IDB) and PA = EKA-TS(MA|| IDB). And then, sends the message <XA, YA, PA> to TS through a public channel.
