In this rapidly growing IoT (Internet of Things) environment, people avail various facilities for different intentions with the help of the Internet generally. There are many application systems, in which both ( server and user) are located at separate locations. Normally, a user requests for availing diverse facilities and a server is available to provide legal services precisely. But, a server cannot grant a right of entry to any user without verifying genuinely else an adversary has many opportunities to exploit the system or users. Hence, there is a need of well-established mutual authentication framework, which can permit legal customers to access provisions and the system can be protected against multiple security attacks. In this paper, we identified that a scheme suggested by Madhusudhan et al. cannot withstand against session key disclosure, smart card lost, and includes a security flaw regarding password update. Therefore, we suggest a new authentication protocol, which can resist upon numerous security vulnerabilities and can perform the verification process within a less time period. Furthermore, the proposed protocol performs effectively in communication, storage, and energy consumption rather than other relevant authentications mechanisms.

• 出版日期2018-8