While the 6G/IoT transition is on the cards, the real advantage of this transition can be realized only if the user privacy and security are guaranteed. The smartcard and password based authentication protocols can help the transition in a rapid way. However, due to insecurities and/or heavy computation, many such protocols cannot cope with the dynamic requirements of future generation networks. Recently, Kaul and Awasthi presented a robust and secure user authentication protocol based on resource friendly symmetric cryptography primitives. They declared that their introduced protocol is convenient, efficient, and secure for the applications in real-world. In contrast, this article describes that protocol of Kaul and Awasthi is not secure because an attacker can easily find the identity of a legal user that is being sent on the public channel. Further, by using the identity of a legitimate user, an attacker can impersonate himself as a legitimate user of the system and can enjoy the services given by the server. So, their protocol is susceptible to user impersonation attacks, and their claim of being secure is proven to be wrong. Therefore, we have extended their work and presented an upgraded scheme by ensuring secure communication over the entire channel. Moreover, our proposed scheme is safe not solely against user impersonation attack but also major security attacks with reasonable communication, computation, and storage costs and is a better candidate for deployment in 6G/IoT networks.

虽然即将进行6G / IoT过渡，但只有在保证用户隐私和安全的前提下，才能实现此过渡的真正优势。基于智能卡和密码的身份验证协议可以帮助快速过渡。然而，由于不安全和/或繁重的计算，许多这样的协议不能应对下一代网络的动态需求。最近，Kaul和Awasthi提出了一种基于资源友好的对称密码原语的健壮且安全的用户身份验证协议。他们声明，他们引入的协议对于现实世界中的应用程序是方便，高效和安全的。相反，本文描述了Kaul和Awasthi的协议并不安全，因为攻击者可以轻松找到在公共频道上发送的合法用户的身份。此外，通过使用合法用户的身份，攻击者可以将自己冒充为系统的合法用户，并可以享受服务器提供的服务。因此，他们的协议容易受到用户假冒攻击，并且证明其安全性的说法是错误的。因此，我们通过确保在整个渠道上的安全通信来扩展他们的工作，并提出了一种升级的方案。此外，我们提出的方案不仅可以安全地抵御用户假冒攻击，而且可以通过合理的通信，计算和存储成本来抵御重大安全攻击，并且是在6G / IoT网络中进行部署的更好选择。他们的协议容易受到用户假冒攻击，并且他们声称的安全性被证明是错误的。因此，我们通过确保在整个渠道上的安全通信来扩展他们的工作，并提出了一种升级的方案。此外，我们提出的方案不仅可以安全地抵御用户假冒攻击，而且可以通过合理的通信，计算和存储成本来抵御重大安全攻击，并且是在6G / IoT网络中进行部署的更好选择。他们的协议容易受到用户假冒攻击，并且他们声称的安全性被证明是错误的。因此，我们通过确保在整个渠道上的安全通信来扩展他们的工作，并提出了一种升级的方案。此外，我们提出的方案不仅可以安全地抵御用户假冒攻击，而且可以通过合理的通信，计算和存储成本来抵御主要的安全攻击，并且是在6G / IoT网络中进行部署的更好选择。