Password Change Phase. In case of changing her or his password, MU inserts her or his smart card into a card reader and performs the following steps:
Password Change Phase. In this phase, we argue that the user’s SC must have the ability to detect the login failure trials. Once the number of login failure exceeds a predefined system value, the SC must be locked immediately to prevent the exhaustive password guessing behavior. This phase involves the following steps.
Password Change Phase. C1 The algorithm is invoked whenever Ui wants to new (Ci , pk ) . Additionally, both of above messages are random values relied on the random number α or β .
Password Change Phase. When a mobile user MN wants to renew a password, MN can insert his smart card into the card reader and per- forms the following steps. Figure 2: The authentication and key agreement phase of the proposed protocol
Password Change Phase. Step 1: Ui inputs {IDi∗, pwi∗, pwni} into SCi, where pwni is a new password.
Password Change Phase. The user Ui has to authenticate itself to smart card before requesting the password change.
Password Change Phase. When the userUi wants to update his password without the help of RC, he inserts his smart card to card reader and inputs (IDi , PWi ) corresponding to the smart card.
Password Change Phase. Assume that SC has the ability to detect the login failure trials. If the failure times exceed a given number, SC will be soon locked to prevent from guessing password attack. i • Ui inserts the smart card into a card reader and in- puts identity IDi, password PWi and a new pass- word PWnew. ǁ ⊕ • SC calculates bt = B ⊕ ID ⊕ PW , Ct = C ⊕ 3 C3 = h(C1), C4 = h(bǁPWi) ⊕ h(xǁy).
Password Change Phase. || || ⊕ ⊕
