{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T14:14:30Z","timestamp":1760364870921,"version":"build-2065373602"},"reference-count":33,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2020,1,10]],"date-time":"2020-01-10T00:00:00Z","timestamp":1578614400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"National Key R&D Plan of China","award":["No. 2017YFA0604500"],"award-info":[{"award-number":["No. 2017YFA0604500"]}]},{"name":"National Sci-Tech Support Plan of China","award":["No. 2014BAH02F00"],"award-info":[{"award-number":["No. 2014BAH02F00"]}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["No. 61701190"],"award-info":[{"award-number":["No. 61701190"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Youth Science Foundation of Jilin Province of China","award":["No. 20160520011JH & 20180520021JH"],"award-info":[{"award-number":["No. 20160520011JH & 20180520021JH"]}]},{"name":"Youth Sci-Tech Innovation Leader and Team Project of Jilin Province of China","award":["No. 20170519017JH"],"award-info":[{"award-number":["No. 20170519017JH"]}]},{"name":"Key Technology Innovation Cooperation Project of Government and University for the whole Industry Demonstration","award":["No. SXGJSF2017-4"],"award-info":[{"award-number":["No. SXGJSF2017-4"]}]},{"name":"Key scientific and technological R&D Plan of Jilin Province of China","award":["No. 20180201103GX"],"award-info":[{"award-number":["No. 20180201103GX"]}]},{"name":"Project of Jilin Province Development and Reform Commission","award":["No. 2019FGWTZC001"],"award-info":[{"award-number":["No. 2019FGWTZC001"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"The integration of Internet of things (IoT) and cloud computing technology has made our life more convenient in recent years. Cooperating with cloud computing, Internet of things can provide more efficient and practical services. People can accept IoT services via cloud servers anytime and anywhere in the IoT-based cloud computing environment. However, plenty of possible network attacks threaten the security of users and cloud servers. To implement effective access control and secure communication in the IoT-based cloud computing environment, identity authentication is essential. In 2016, He et al. put forward an anonymous authentication scheme, which is based on asymmetric cryptography. It is claimed that their scheme is capable of withstanding all kinds of known attacks and has good performance. However, their scheme has serious security weaknesses according to our cryptanalysis. The scheme is vulnerable to insider attack and DoS attack. For overcoming these weaknesses, we present an improved authentication and key agreement scheme for IoT-based cloud computing environment. The automated security verification (ProVerif), BAN-logic verification, and informal security analysis were performed. The results show that our proposed scheme is secure and can effectively resist all kinds of known attacks. Furthermore, compared with the original scheme in terms of security features and performance, our proposed scheme is feasible.<\/jats:p>","DOI":"10.3390\/sym12010150","type":"journal-article","created":{"date-parts":[[2020,1,13]],"date-time":"2020-01-13T04:05:51Z","timestamp":1578888351000},"page":"150","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["A Secure Authentication and Key Agreement Scheme for IoT-Based Cloud Computing Environment"],"prefix":"10.3390","volume":"12","author":[{"given":"Yicheng","family":"Yu","sequence":"first","affiliation":[{"name":"College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, Jilin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Liang","family":"Hu","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, Jilin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jianfeng","family":"Chu","sequence":"additional","affiliation":[{"name":"College of Computer Science and Technology, Jilin University, Chaoyang District, Changchun 130012, Jilin, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2020,1,10]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"1190","DOI":"10.1080\/24725854.2018.1555383","article-title":"The internet of things for smart manufacturing: A review","volume":"51","author":"Yang","year":"2019","journal-title":"IISE Trans."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Dang, L.M., Piran, M., Han, D., Min, K., and Moon, H. (2019). A Survey on Internet of Things and Cloud Computing for Healthcare. Electronics, 8.","DOI":"10.3390\/electronics8070768"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1109\/MSP.2010.115","article-title":"Understanding cloud computing vulnerabilities","volume":"9","author":"Grobauer","year":"2010","journal-title":"IEEE Secur. Priv."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"770","DOI":"10.1145\/358790.358797","article-title":"Password authentication with insecure communication","volume":"24","author":"Lamport","year":"1981","journal-title":"Commun. ACM"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"361","DOI":"10.1007\/s11277-011-0456-7","article-title":"A smart card based efficient and secured multi-server authentication scheme","volume":"68","author":"Wang","year":"2013","journal-title":"Wirel. Pers. Commun."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"5754","DOI":"10.1016\/j.eswa.2015.02.051","article-title":"An efficient approach for mining association rules from high utility itemsets","volume":"42","author":"Sahoo","year":"2015","journal-title":"Expert Syst. Appl."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Lu, Y., Li, L., Yang, X., and Yang, Y. (2015). Robust biometrics based authentication and key agreement scheme for multi-server environments using smart cards. PLoS ONE, 10.","DOI":"10.1371\/journal.pone.0126323"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"244","DOI":"10.1016\/j.future.2018.08.038","article-title":"Lightweight IoT-based authentication scheme in cloud computing circumstance","volume":"91","author":"Zhou","year":"2019","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_9","first-page":"1123","article-title":"A biometric-based password authentication with key exchange scheme using mobile device for multi-server environment","volume":"9","author":"Li","year":"2015","journal-title":"Appl. Math. Inf. Sci."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"1749","DOI":"10.1109\/JBHI.2018.2870319","article-title":"Anonymity preserving and lightweight multi-medical server authentication protocol for telecare medical information system","volume":"23","author":"Amin","year":"2018","journal-title":"IEEE J. Biomed. Health Inform."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"369","DOI":"10.1016\/j.ins.2018.10.037","article-title":"SUAA: A Secure User Authentication Scheme with Anonymity for the Single & Multi-server Environments","volume":"477","author":"Lwamo","year":"2019","journal-title":"Inf. Sci."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1550147718777654","DOI":"10.1177\/1550147718777654","article-title":"An improved authentication protocol\u2013based dynamic identity for multi-server environments","volume":"14","author":"Cui","year":"2018","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Renuka, K., Kumar, S., Kumari, S., and Chen, C.M. (2019). Cryptanalysis and Improvement of a Privacy-Preserving Three-Factor Authentication Protocol for Wireless Sensor Networks. Sensors, 19.","DOI":"10.3390\/s19214625"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1016\/j.jnca.2017.12.012","article-title":"An untraceable and anonymous password authentication protocol for heterogeneous wireless sensor networks","volume":"104","author":"Amin","year":"2018","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"50","DOI":"10.1007\/s10916-017-0699-2","article-title":"A standard mutual authentication protocol for cloud computing based health care system","volume":"41","author":"Mohit","year":"2017","journal-title":"J. Med. Syst."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Xu, G., Qiu, S., Ahmad, H., Xu, G., Guo, Y., Zhang, M., and Xu, H. (2018). A multi-server two-factor authentication scheme with un-traceability using elliptic curve cryptography. Sensors, 18.","DOI":"10.3390\/s18072394"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1016\/j.comcom.2017.05.009","article-title":"A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC","volume":"110","author":"Chandrakar","year":"2017","journal-title":"Comput. Commun."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"66","DOI":"10.1016\/j.jnca.2019.01.017","article-title":"Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography","volume":"131","author":"Ying","year":"2019","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"183659","DOI":"10.1155\/2015\/183659","article-title":"Novel authentication schemes for IoT based healthcare systems","volume":"11","author":"Hou","year":"2015","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"351","DOI":"10.1007\/s11277-019-06280-7","article-title":"An ECC Based Secure Authentication and Key Exchange Scheme in Multi-server Environment","volume":"107","author":"Tomar","year":"2019","journal-title":"Wirel. Pers. Commun."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"27553","DOI":"10.1007\/s11042-019-07812-w","article-title":"Anonymous biometrics-based authentication with key agreement scheme for multi-server environment using ECC","volume":"78","author":"Qi","year":"2019","journal-title":"Multimed. Tools Appl."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"102","DOI":"10.1109\/TETC.2015.2392380","article-title":"List-free ID-based mutual authentication and key agreement protocol for multiserver architectures","volume":"4","author":"Tseng","year":"2015","journal-title":"IEEE Trans. Emerg. Top. Comput."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Wang, H., Guo, D., Zhang, H., and Wen, Q. (2019). Robust Multiple Servers Architecture Based Authentication Scheme Preserving Anonymity. Sensors, 19.","DOI":"10.3390\/s19143144"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"2052","DOI":"10.1109\/TIFS.2016.2573746","article-title":"Efficient and anonymous mobile user authentication protocol using self-certified public key cryptography for multi-server architectures","volume":"11","author":"He","year":"2016","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_25","unstructured":"Blanchet, B., Smyth, B., Cheval, V., and Sylvestre, M. (2020, January 09). ProVerif 2.00: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial. Available online: https:\/\/prosecco.gforge.inria.fr\/personal\/bblanche\/proverif."},{"key":"ref_26","doi-asserted-by":"crossref","first-page":"233","DOI":"10.1098\/rspa.1989.0125","article-title":"A logic of authentication","volume":"426","author":"Burrows","year":"1989","journal-title":"Proc. R. Soc. Lond. A Math. Phys. Sci."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","article-title":"On the security of public key protocols","volume":"29","author":"Dolev","year":"1983","journal-title":"IEEE Trans. Inf. Theory"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Veyrat-Charvillon, N., and Standaert, F.X. (2011, January 14\u201318). Generic side-channel distinguishers: Improvements and limitations. Proceedings of the Annual Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-642-22792-9_20"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1109\/TDSC.2014.2355850","article-title":"Anonymous two-factor authentication in distributed systems: Certain goals are beyond attainment","volume":"12","author":"Wang","year":"2014","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"1390","DOI":"10.1109\/TPDS.2010.206","article-title":"A generic framework for three-factor authentication: Preserving security and privacy in distributed systems","volume":"22","author":"Huang","year":"2010","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"629","DOI":"10.1109\/TCE.2004.1309441","article-title":"A dynamic ID-based remote user authentication scheme","volume":"50","author":"Das","year":"2004","journal-title":"IEEE Trans. Consum. Electron."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"1086","DOI":"10.1109\/TWC.2008.080128","article-title":"Two-factor user authentication in wireless sensor networks","volume":"8","author":"Das","year":"2009","journal-title":"IEEE Trans. Wirel. Commun."},{"key":"ref_33","unstructured":"Wang, D., Gu, Q., Cheng, H., and Wang, P. (June, January 30). The request for better measurement: A comparative evaluation of two-factor authentication schemes. Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, Xi\u2019an, China."}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/12\/1\/150\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T13:29:21Z","timestamp":1760362161000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/12\/1\/150"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,1,10]]},"references-count":33,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2020,1]]}},"alternative-id":["sym12010150"],"URL":"https:\/\/doi.org\/10.3390\/sym12010150","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2020,1,10]]}}}