Umeå University's logo

Internet of Things (IoT) is an expanding technology that facilitate physical devices to inter-connect each other over a public channel. Moreover, the security of the next-generation wireless mobile communication technology, namely 5G with IoT, has been a field of much interest among researchers in the last several years. Previously, Sharif et al. had suggested an IoTbased lightweight three-party authentication scheme proclaiming a secured scheme against different threats. However, it was found that the scheme could not achieve user anonymity and guarantee session key security. Additionally, the scheme fails to provide proper authentication in the login phase, and it s unable to update a new password in the password change phase. Thus, we propose an improved three-factor-based data transmission authentication scheme (TDTAS) to address the weaknesses. The formal security analysis has been proved using the Real-or-Random (RoR) model. The informal security analysis demonstrates that the scheme is secure against several known attacks and achieves more security features. In addition, the comparison of the work with other related schemes demonstrates the proposed scheme has less communicational and storage costs.