|
| Scheme | Year | Cryptographic techniques | Advantages | Drawbacks/limitations |
|
| Jiang et al. [3] | 2018 | (i) Uses “one-way cryptographic hash function” | (i) Fits for vehicular cloud networking environment | (i) Fails to preserve “revocability” |
| (ii) Prone to “replay attack” |
|
| Alamr et al. [5] | 2018 | (i) Based on “RFID” | (i) Applicable in IoT environment | (i) Does not support “revocability and password/biometric update” |
| (ii) Applies “ECC cryptographic technique” | (ii) Vulnerable to “data integrity and key compromise” |
| (iii) Uses “to support IoT” |
|
| Dinarvand and Barati [6] | 2019 | (i) Based on “RFID technology” uses “one-way cryptographic hash function” | (i) Does not fit for generic IoT networking environment | (i) Fails to preserve “impersonation and key compromise” |
| (ii) Based on “ECC cryptographic technique” | (ii) No “formal security” analysis |
|
| Bagga et al. [1] | 2018 | (i) Based on “three factors (user mobile device, user password, and personal biometrics” | (i) Applicable in industrial IoT environment | (i) Does not support “revocability and password/biometric update” |
| (ii) Applies “ECC cryptographic technique” | (ii) Vulnerable to “known session key attack” |
| (iii) Uses “fuzzy extractor for biometric verification” |
| Kumar et al. [7] | 2020 | (i) Based on “three factors (smart card, user password, and biometrics)” uses “one-way cryptographic hash function” | (i) Fits for generic IoT networking environment | (i) Fails to preserve “revocability” |
| (ii) Based on “fuzzy extractor for biometric verification” | (ii) No “formal security” analysis |
|
| Jiang et al. [4] | 2018 | (i) Based on “three factors (user mobile device, user password, and personal biometrics” | (i) Applicable in cloud environment | (i) Does not support “revocability and password/biometric update” |
| (ii) Applies “ECC cryptographic technique” | (ii) Vulnerable to “known session key attack” |
| (iii) Uses “fuzzy extractor for biometric verification” |
|
| Hosseinzadeh et al. [8] | 2020 | (i) Based on “RFID systems” uses “one-way cryptographic hash function” | (i) Fits for IoT networking environment | (i) Fails to preserve “revocability” |
| (ii) No “session key agreement” |
|
| Zhu [9] | 2020 | (i) Based on “RFID systems and quadratic residue” uses “Gong-Needham-Yahalom (GNY) logic” | (i) Fits for healthcare environment | (i) Fails to preserve “revocability” |
| (ii) Confined to “healthcare system” | (ii) Desynchronization issues |
|
| Gabsi et al. [10] | 2021 | (i) Based on “RFID systems” uses “arithmetic calculation of ECC” | (i) Fits for communicating reader to reader environment | (i) Does not have to freedom to connect with the cloud server |
| (ii) Based on “ECC cryptographic system” | (ii) Not suitable for cloud environment |
|
| Mishra et al. [11] | 2018 | (i) Based on “three factors (user mobile device, user password, and personal biometrics” | (i) Applicable in industrial IoT environment | (i) Does not support “revocability and password/biometric update” |
| (ii) Applies “ECC cryptographic technique” | (ii) Vulnerable to “known session key attack” |
| (iii) Uses “fuzzy extractor for biometric verification” |
|
| Safkhani et al. [2] | 2021 | (i) Based on “RFID and ECC cryptosystem” Uses “one-way cryptographic hash function” | (i) Fits for IoT networking environment | (i) Fails to establish “mutual authentication” |
| (i) No proper “session key agreement” |
| (ii) Could not resist “denial-of-service” |
|
