a) Impersonation attack: According to Lemmas 1 and 2
proposed in Section VI-B7, we could infer that any adversary
without the client’s (application provider’s) private cannot generate a valid login (response) message {W, X, tc} ({Y, Auth}).
Then, the client and the application provider could discover the
impersonation attack by checking the validity of {W, X, tc} and
{Y, Auth}, respectively. Therefore, our AA scheme for WBANs
could withstand the impersonation attack.
b) Replay attack: If the adversary intercepts the login
message {W, X, tc} and replays it to the application provider.
The application provider will check the freshness of tc before
executing other steps. In this case, the application provider
could find about the replay attack easily. Besides, the client
generates a new number x ∈ Z∗q randomly and calculates
X = x · P in each session. Then, the client could find the
reply of response message by checking the correctness of Auth.Therefore, our AA scheme for WBANs could withstand the
replay attack.
c) Modification attack: The login message
{W, X, tc}, (X, U) contains the signature of the message
(id, right, Qid, QNM, X, X
, tc), where X = x · P, X = x · QAP, Qid = H(idright), v = h(id, right, Qid, QNM, X, X
, tc), k = h(X, X
, tc), U = Sid + x · v · Qid, and W = Ek(id, right, U). The application provider could detect
any modification of the message {W, X, tc} by checking the
validity of the signature. Besides, Auth in the response message
{Y, Auth} is the message authentication code of the message
(W, X, tc, Y ). The client could detect any modification of the
message {Y, Auth} by checking the validity of the message
authentication code. Therefore, our AA scheme for WBANs
could withstand the modification attack.
d) Stolen verifier table attack: In our AA scheme, none
of the network manager, the application provider, and the
client maintains a table for achieving mutual authentication.
Therefore, our AA scheme for WBANs could withstand the
stolen verifier table attack.
e) Man-in-the-middle attack: According to the above
analysis, we know that our AA scheme could provide mutual
authentication between two participants. Therefore, our AA
scheme for WBANs could resist the man-in-the-middle attack.