Due to fast development of wireless technology, wireless sensor networks (WSNs) are used in many applications such environmental monitoring, health monitoring, and area monitoring. To protect WSNs from various security threats, many user authentication protocols have been proposed. Recently, Gope and Hwang have discussed an authentication protocol for WSNs. Here, we show that their scheme is not resistant to stolen verifier, user impersonation, smart card loss, and insider attacks. Also, it does not maintain secrecy of session key and anonymity of sensor node. Then we devise an efficient user authentication protocol using physically unclonable function (PUF) for WSNs to overcome the limitations of their scheme. We present our protocol's informal security analysis to show that is resistant to various known attacks. Formal security verification and analysis of the proposed protocol are done using ProVerif tool and widely accepted Real‐Or‐Random (ROR) model, respectively. In the performance analysis, we show that our protocol offers more security features than the others related schemes.

中文翻译：

---

无线传感器网络的高效匿名用户身份验证和密钥协商协议

由于无线技术的飞速发展，无线传感器网络（WSN）被用于许多应用中，例如环境监测，健康监测和区域监测。为了保护WSN免受各种安全威胁，已经提出了许多用户身份验证协议。最近，Gope和Hwang讨论了WSN的身份验证协议。在这里，我们表明他们的方案不能抵抗验证者被盗，用户假冒，智能卡丢失和内部攻击。同样，它不保持会话密钥的保密性和传感器节点的匿名性。然后，我们为WSN设计了一种使用物理不可克隆功能（PUF）的有效用户身份验证协议，以克服其方案的局限性。我们介绍了协议的非正式安全性分析，以表明它可以抵抗各种已知的攻击。分别使用ProVerif工具和广泛接受的Real-Or-Random（ROR）模型对提议的协议进行正式的安全验证和分析。在性能分析中，我们表明我们的协议提供了比其他相关方案更多的安全功能。