An Energy Efficient Mutual Authentication and Key Agreement Scheme Preserving Anonymity for Wireless Sensor Networks

. 2016 Jun 8;16(6):837. doi: 10.3390/s16060837

Algorithm 1

E X P 1_{A}^{Ω}

1:
Eavesdrop the login message ${D_{i}, E_{i}}$ , $D_{i} = E n c_{h (T I D_{i}, X_{k})} (I D_{i}, T_{1}, T I D_{i}, r_{i})$ , $E_{i} = h (h (I D_{i}, X_{k}), r_{i}, T_{1})$
2:
Call Reveal1 oracle. Let $(I D_{i}^{^{'}}, T_{1}^{^{'}}, T I D_{i}^{^{'}}, r_{i}^{^{'}}) \leftarrow R e v e a l 1 (D_{i})$
3:
Intercept the authenticated message ${F_{i}, G_{i}}$ , where $F_{i} = E_{h (I D_{S N_{j}} \oplus S_{r a n})} (r_{k} \oplus r_{i}, T I D_{i}, T_{1}, T_{2})$ , $G_{i} = h (T I D_{i}, I D_{S N_{j}}, h (I D_{S N_{j}} \oplus S_{r a n}), I D_{G W N}, T_{2}, r_{k}, r_{i})$ .
4:
Call Reveal1 oracle. Let $(r_{k}^{*}, r_{i}^{*}, T I D_{i}^{*}, T_{1}^{*}, T_{2}^{*}) \leftarrow R e v e a l (F_{i})$
5:
If ( $T_{1}^{'} = T_{1}^{*}$ ) then
6:
Accept $I D_{i}^{'}$ as the true identity of the user $U_{i}$
7:
return 1
8:
else
9:
return 0
10:
end if