|
| Protocol | Technique | Advantage | Disadvantage |
|
| [1] | Identity-based | Lightweight and efficient | Cannot provide user anonymity |
| [4] | Identity-based | Provides user anonymity, resists server spoofing attack and impersonation attack, etc. | Cannot resist server spoofing attack and impersonation attacks |
| [5] | Biometrics-based | First truly three-factor authenticated scheme | Cannot resist known session-specific temporary attack and the impersonation attack |
| [6] | Biometrics-based | Provides secure authentication and resists passive and active attacks | Needs registration center online for authentication |
| [7] | Identity-based | Security enhanced and supports smart card revocation and password update without centralized storage | Cannot resist the lost smart card attack and the offline dictionary guessing attack |
| [8] | Biometrics-based | Efficient in terms of computation cost, communication cost, and resists smart card storage cost | High maintenance cost |
| [9] | Biometrics-based | Incurs low overhead, suitable for deployment at mobile devices | Needs registration center online for authentication |
| [10] | Two-factor-based | Security enhanced, lightweight, and efficient | Needs registration center online for authentication |
| [11] | Identity-based | Resists the server spoofing attack | Needs registration center online for authentication |
| [12] | Identity-based | Does not need registration center online for authentication | Cannot provide hierarchical authentication |
| [13] | Identity-based | Provides black/white list-free and simple revocation mechanism | Cannot provide credentials privacy and untraceability |
| [14] | Identity-based | Provides SK-security and strong credentials’ privacy | Cannot provide hierarchical authentication |
| [15] | Identity-based | Uses the self-certified public key cryptography and has lower computation and communication costs | Cannot provide hierarchical authentication |
| [16] | Two-factor-based | Resists server spoofing attack, desynchronization attack, and denial-of-service attack | Cannot provide hierarchical authentication |
| [17] | Two-factor-based | Reduces authentication processing time required by communication and computation between cloud service providers and traditional trusted third-party service | Cannot resist service provider impersonation attack and has no user revocation facility |
| [18] | Biometrics-based | Provides three-factor security, user revocation, and reregistration | Cannot provide hierarchical authentication |
| [19] | Biometrics-based | User anonymity, perfect forward secrecy, and resistance to desynchronization attack | Cannot provide hierarchical authentication |
| [21] | Two-factor-based | Provides user untraceability and perfect forward security | Cannot provide hierarchical authentication |
| [23] | Biometric-based | Uses chaotic map to improve efficiency | Cannot provide hierarchical authentication |
|
