Security Model. The model is defined by the following game which is run between a challenger C H and an adversary A . A controls all communications from and to the protocol participants via accessing to a set of oracles as described below. Every participant involved in a session is treated as an oracle. We denote an instance i of the participant U as k = sr (R + PK − X ) = sr (r + s − x )P = ∏i , where U ∈ {C , · · · ,C } S S. Each client C has an 3 S C C C S C C C U 1 n (rC + sC − xC)rSsP = (rC + sC − xC)RS = k4. Thus the client C and the server S establish a common session key sk = H4(IDC, RS, RC,WC, Ppub, k3) = H4(IDC, RS, RC,WC, Ppub, k4).
Appears in 2 contracts
Sources: Remote User Authentication and Key Agreement Scheme, Authentication and Key Agreement Scheme