{"component": "clause", "props": {"groups": [{"samples": [{"hash": "fqyjq0JK4Rw", "uri": "/contracts/fqyjq0JK4Rw#authentication-phase", "label": "Authentication and Key Agreement Scheme", "score": 24.2361392975, "published": true}, {"hash": "au2UAW5J6gG", "uri": "/contracts/au2UAW5J6gG#authentication-phase", "label": "Authentication and Key Agreement Scheme", "score": 24.2361392975, "published": true}], "size": 2, "snippet": "The authentication phase aims to mutually authenticate both of the sensor nodes and the remote user. To communicate the health-related data to the remote user, each sensor must execute the authentication process. The proposed scheme supports two cases of sensors authentication. The first case when the sensor nodes are not in the same location as the remote user, and in the second case, they are in the same location. The proposed authentication and key agreement scheme is as follows (see Figure 3): The sensor node initiates the authentication phase, it generates a random nonce N on 8 bytes and sends a message composed of the generated nonce N, its masked identity MSIdi, and a h(MSIdi, N, Idi) to the remote user. Upon receiving the message by the remote user, the message is verified by checking whether received hash is equal to the computed hash. If the matching is successful, the remote user generates a random nonce M on 8 bytes, else it is an authentication failure. The remote user checks the location of the sensor node. If the remote user cannot reach the sensor node in his Wi-Fi covered area, then: Case \u2018not in the area\u2019: The remote user transmits to the gateway node a message composed by the masked identity of the sensor node MSIdi, the received nonce N, the nonce M, and a h(MSIdi, N, M). Upon receiving the message by the gateway node, it verifies the message by checking whether the received hash is equal to the computed hash. If the check is successful, the gateway node generates a random nonce S on 8 bytes, and applies an XOR with the received nonce N: (T = N S). Then, it sends to the remote user a message composed of the received nonces N and M, the computed value T and a h(M, \u2587\u2587\u2587, S), otherwise the authentication fails. When the remote user receives the message, the nonce value S is computed as follows: (S = N T) and the message is verified by checking whether the received hash is equal to the computed hash. If the check is successful, the remote user also generates a random nonce W on 8 bytes, applies an XOR with value S as:", "snippet_links": [{"key": "remote-user", "type": "definition", "offset": [88, 99]}, {"key": "related-data", "type": "definition", "offset": [127, 139]}, {"key": "authentication-process", "type": "definition", "offset": [189, 211]}, {"key": "the-proposed-scheme", "type": "clause", "offset": [213, 232]}, {"key": "same-location", "type": "definition", "offset": [331, 344]}, {"key": "key-agreement", "type": "clause", "offset": [452, 465]}, {"key": "figure-3", "type": "definition", "offset": [492, 500]}, {"key": "upon-receiving", "type": "clause", "offset": [721, 735]}, {"key": "equal-to", "type": "definition", "offset": [829, 837]}, {"key": "location-of", "type": "definition", "offset": [1008, 1019]}, {"key": "covered-area", "type": "clause", "offset": [1098, 1110]}, {"key": "the-area", "type": "clause", "offset": [1131, 1139]}, {"key": "computed-value", "type": "clause", "offset": [1684, 1698]}], "hash": "ba6bce7861a85ee0af179da7ac82e57d", "id": 1}, {"samples": [{"hash": "k83Lf5dg6dU", "uri": "/contracts/k83Lf5dg6dU#authentication-phase", "label": "Authenticated Key Agreement Scheme", "score": 29.6237239838, "published": true}, {"hash": "7li1A9bwaK8", "uri": "/contracts/7li1A9bwaK8#authentication-phase", "label": "Authenticated Key Agreement Scheme", "score": 24.319644928, "published": true}], "size": 2, "snippet": "Consider an UAV that has been assigned to collect field information from a particular region. In each region, a MEC operator selected by the USP helps the UAV in transfer- ring/receiving packets. In this phase of the proposed scheme, both the UAV and USP authenticate each other and establish a session key for secure communication. In this regard, the MEC operator helps them in exchanging the communication messages. The detailed description of the phase is as follows:", "snippet_links": [{"key": "information-from", "type": "clause", "offset": [56, 72]}, {"key": "phase-of", "type": "clause", "offset": [204, 212]}, {"key": "the-proposed-scheme", "type": "clause", "offset": [213, 232]}, {"key": "session-key", "type": "definition", "offset": [295, 306]}, {"key": "secure-communication", "type": "clause", "offset": [311, 331]}, {"key": "phase-is", "type": "definition", "offset": [451, 459]}], "hash": "11f7381b42f4305045ea0ccdfb5af39e", "id": 2}, {"samples": [{"hash": "7X4cv2RMCX7", "uri": "/contracts/7X4cv2RMCX7#authentication-phase", "label": "Password Authenticated Key Agreement Protocol", "score": 26.7392223655, "published": true}], "size": 2, "snippet": "When user U wishes to login to the server, it must inserts its smart card to a card reader and inputs its username and password PW . Then the smart card and the server cooperate to perform the following steps as shown in Fig1. (Username, PW , Smartcard (R, a)) Server (s) 1. b \u2208 Z * , V = bR + h(username)P , W = bh(h(PW a) username)P REQUEST (username,V ,W )", "snippet_links": [{"key": "smart-card", "type": "definition", "offset": [63, 73]}, {"key": "card-reader", "type": "clause", "offset": [79, 90]}, {"key": "username-and-password", "type": "clause", "offset": [106, 127]}, {"key": "as-shown", "type": "definition", "offset": [209, 217]}], "hash": "509eebeeecc18e7f2388c3e74a002b94", "id": 3}, {"samples": [{"hash": "5NvobUvPD2b", "uri": "/contracts/5NvobUvPD2b#authentication-phase", "label": "Key Agreement Protocol", "score": 23.1861743927, "published": true}], "size": 2, "snippet": "We can think of the authentica- tion phase of Li et al.\u2019s scheme as a two-pass protocol. The individual steps are outlined below:\u200c Step 1: N IN : tidN , yN , aN , bN , tN . N picks a random rN and creates timestamp tN . Then it computes xN = aN \u2295idN , yN = xN \u2295rN and tidN = h(idN \u2295tN , rN ) and forwards the tuple \u27e8tidN , yN , aN , bN , tN \u27e9 to IN .", "snippet_links": [{"key": "phase-of", "type": "clause", "offset": [37, 45]}, {"key": "the-individual", "type": "clause", "offset": [89, 103]}, {"key": "step-1", "type": "definition", "offset": [131, 137]}], "hash": "7c5e2bcc46f628166c09788afed3e9ba", "id": 4}, {"samples": [{"hash": "7umcItwbZxd", "uri": "/contracts/7umcItwbZxd#authentication-phase", "label": "Key Agreement Protocol", "score": 27.3708705902, "published": true}], "size": 1, "snippet": "The various steps of the authen- tication phase are depicted in Fig. 4 and are as follows:", "snippet_links": [], "hash": "5961a0983cd977ed45cda342c5c53be6", "id": 5}, {"samples": [{"hash": "c5nkipYTfRp", "uri": "/contracts/c5nkipYTfRp#authentication-phase", "label": "Enhanced Anonymous Password Based Authenticated Key Agreement Scheme", "score": 24.2403373718, "published": true}], "size": 1, "snippet": "Notation Description Si server i E attacker PWi Uijs password IDi Uijs identity x secret key generated by \u2587\u2587 y public key generated by \u2587\u2587 b a random number generated by Ui v a random number generated by Ui w a random number generated by Si h(\u00b7) a one-way hash function \u01c1 concatenation \u2295 bitwise exclusive-or operation Ui and Si achieve mutual authentication as follows. \u2022 Upon receiving the login message {CIDi, V, M1}, Si computes h(x\u01c1y), h(IDi) = CIDi \u2295 h(V \u01c1h(x\u01c1y)), Ct = h(h(IDi) \u2295 x), Mt = h(CIDi\u01c1V \u01c1Ct ), and", "snippet_links": [{"key": "public-key", "type": "clause", "offset": [111, 121]}, {"key": "mutual-authentication", "type": "clause", "offset": [336, 357]}, {"key": "upon-receiving", "type": "clause", "offset": [372, 386]}], "hash": "a64354d3200b47a7d06ca0a76dc78ff3", "id": 6}, {"samples": [{"hash": "5NvobUvPD2b", "uri": "/contracts/5NvobUvPD2b#authentication-phase", "label": "Key Agreement Protocol", "score": 23.1861743927, "published": true}], "size": 1, "snippet": "The various steps of the authen- tication phase are depicted in Fig. 4 and are as follows: Step 1: N IN : tidN , yN , aN , bN , tN , id\u2032N . N picks a random rN and creates timestamp tN . It then computes are changed in every other run of the protocol, the anonymity of node N is preserved. In \u2587\u2587 et al\u2019s scheme, an adversary was able to link two sessions to the same node N because of the unmasking of the updated authentication parameters (a+ , b+ ) xN = aN \u2295 idN , yN = xN \u2295 rN . It further picks a random pseudonym id\u2032N to be used as a temporary identifier for this session only, and calculates tidN = h(idN , id\u2032N , tN , rN ) and sets the \u201cRelay Field\u201d of the underlying \u201cMAC Header\u201d to value 1, according to sub-clause 6.10 of [3].", "snippet_links": [{"key": "step-1", "type": "definition", "offset": [91, 97]}, {"key": "the-protocol", "type": "clause", "offset": [238, 250]}, {"key": "in-\u2587", "type": "clause", "offset": [290, 294]}, {"key": "value-1", "type": "definition", "offset": [691, 698]}, {"key": "according-to", "type": "definition", "offset": [700, 712]}], "hash": "18b86e711ad537231056de7b1a340531", "id": 7}, {"samples": [{"hash": "fYJRVbjpEAP", "uri": "/contracts/fYJRVbjpEAP#authentication-phase", "label": "Key Agreement Protocols", "score": 27.0351886749, "published": true}], "size": 1, "snippet": "The various steps of the authentication phase are depicted in Fig. 4 and are as follows: calculates tidN = h(idN , idNj , tN , rN ) and sets the \u201cRelay Field\u201d of the underlying \u201cMAC Header\u201d to value 1, according to sub-clause 6.10 of [3].", "snippet_links": [{"key": "value-1", "type": "definition", "offset": [193, 200]}, {"key": "according-to", "type": "definition", "offset": [202, 214]}], "hash": "1f46d436d25399879825aecbbd95891b", "id": 8}, {"samples": [{"hash": "2j2zt6yOfmC", "uri": "/contracts/2j2zt6yOfmC#authentication-phase", "label": "Authenticated Key Agreement Protocol", "score": 25.6297054291, "published": true}], "size": 1, "snippet": "When user U wishes to login to the server, it must inserts its smart card to a card reader and inputs its username and password PW . Then the smart card and the server cooperate to perform the following steps as shown in Fig1. (Username, PW , Smartcard (R, a)) Server (s) 1. b \u2208 Z * , V = bR + h(username)P , W = bh(h(PW a) username)P REQUEST (username,V ,W ) 2. X = h(username)P W ' = s2 (V \u2212 X ) , W =W ' If the equation holds, c \u2208 Z * , r \u2208 Z * S = cP , K = cs(V \u2212 X ) SK = h1 (K r username) Auth = h (K W ' r SK ) CHALLENGE(realm, Auths , S, r)", "snippet_links": [{"key": "smart-card", "type": "definition", "offset": [63, 73]}, {"key": "card-reader", "type": "clause", "offset": [79, 90]}, {"key": "username-and-password", "type": "clause", "offset": [106, 127]}, {"key": "as-shown", "type": "definition", "offset": [209, 217]}], "hash": "9fd2b99a8d098ddde5843df99d43d415", "id": 9}, {"samples": [{"hash": "cS16qQ8u1Hx", "uri": "/contracts/cS16qQ8u1Hx#authentication-phase", "label": "Authentication Key Agreement Scheme", "score": 24.7262153625, "published": true}], "size": 1, "snippet": "Our scheme mutually authenticates remote user and the server. The session key is agreed using following steps:\nStep 1: On receiving {Ei, Fi, Auth1, R2 } login message, the server SR extracts R2 = R2 \u2295 h(MQi || IDi), IDi = Ei \u2295 h(R2 || MQi), Fi = h(R2 || MQi || Di), Auth1 = h(IDi || Fi || R2 || MQi )Q (mod N). SR validates if Fi =? Fi and Auth1 =? Auth1. If both conditions fail, the request is aborted. Else, it proceeds further by generating random R3, calculates Auth2 = h(MQi || Di || R3), Gi = R3 \u2295 h(MQi || IDi), Auth3 = h(IDi || Auth2 || MQi || R2 || R3). SR transmits {Auth2, Gi, Auth3} to Ui.\nStep 2: On receipt of {Auth2, Gi, Auth2}, Ui extracts R3 = Gi \u2295 h(MQi || IDi) and calculates Auth2 = h(MQi || Di || R3 ), Auth3 = h(IDi || Auth2 || MQi || R2 || R3 ). Ui validates if Auth2 =? Auth2 and Auth3 =? Auth3. If both holds, user is authenticated by remote server. Else, SR aborts the process. Both entities agree on a session key SKey = h(Di || MQi || R2 || R3).", "snippet_links": [{"key": "our-scheme", "type": "definition", "offset": [0, 10]}, {"key": "remote-user", "type": "definition", "offset": [34, 45]}, {"key": "session-key", "type": "definition", "offset": [66, 77]}, {"key": "step-1", "type": "definition", "offset": [111, 117]}, {"key": "the-request", "type": "clause", "offset": [381, 392]}, {"key": "step-2", "type": "definition", "offset": [603, 609]}, {"key": "receipt-of", "type": "clause", "offset": [614, 624]}, {"key": "the-process", "type": "clause", "offset": [892, 903]}, {"key": "both-entities", "type": "clause", "offset": [905, 918]}], "hash": "75ba4b07352167784cbab38b8bfe7000", "id": 10}], "next_curs": "Cl0SV2oVc35sYXdpbnNpZGVyY29udHJhY3RzcjkLEhZDbGF1c2VTbmlwcGV0R3JvdXBfdjU2Ih1hdXRoZW50aWNhdGlvbi1waGFzZSMwMDAwMDAwYQyiAQJlbhgAIAA=", "clause": {"title": "Authentication Phase", "size": 18, "parents": [["preliminaries", "PRELIMINARIES"], ["our-proposed-scheme", "OUR PROPOSED SCHEME"], ["introduction", "Introduction"], ["functioning-of-the-proposed-scheme", "Functioning of the proposed scheme"], ["proposed-scheme", "Proposed Scheme"]], "children": [["", ""], ["formal-security-analysis-using-ror-model", "Formal Security Analysis Using RoR Model"], ["assumptions", "Assumptions"], ["mutual-authentication", "Mutual Authentication"], ["computation-cost", "Computation Cost"]], "id": "authentication-phase", "related": [["authentication-date", "Authentication Date", "Authentication Date"], ["authentication-of-notes", "Authentication of Notes", "Authentication of Notes"], ["authentication-of-trust-certificates", "Authentication of Trust Certificates", "Authentication of Trust Certificates"], ["authentication-and-delivery", "Authentication and Delivery", "Authentication and Delivery"], ["authentication", "Authentication", "Authentication"]], "related_snippets": [], "updated": "2025-07-17T06:09:22+00:00", "also_ask": [], "drafting_tip": "", "explanation": "The Authentication Phase clause defines the process by which parties verify their identities before accessing a system or entering into a contractual relationship. Typically, this involves the use of credentials such as passwords, digital certificates, or multi-factor authentication methods to ensure that only authorized individuals can proceed. By establishing clear requirements for identity verification, this clause helps prevent unauthorized access and protects sensitive information, thereby reducing the risk of fraud or security breaches."}, "json": true, "cursor": ""}}