Advanced verification system using a smart card for smart city users

In this rapidly growing IoT (Internet of Things) environment, people avail various facilities for different intentions with the help of the Internet generally. There are many application systems, in which both (server and user) are located at separate locations. Normally, a user requests for availing diverse facilities and a server is available to provide legal services precisely. But, a server cannot grant a right of entry to any user without verifying genuinely else an adversary has many opportunities to exploit the system or users. Hence, there is a need of well-established mutual authentication framework, which can permit legal customers to access provisions and the system can be protected against multiple security attacks. In this paper, we identified that a scheme suggested by Madhusudhan et al. cannot withstand against session key disclosure, smart card lost, and includes a security flaw regarding password update. Therefore, we suggest a new authentication protocol, which can resist upon numerous security vulnerabilities and can perform the verification process within a less time period. Furthermore, the proposed protocol performs effectively in communication, storage, and energy consumption rather than other relevant authentications mechanisms.