Next-generation public cloud computing offers unlimited access to resources over the internet [
14]. It is because of the availability of high-speed internet, more individuals and organizations are outsourcing their data to next-generation cloud servers for later access via the internet, and it reduces the burden on local storage. Although, different sources continuously generate a large amount of data that are outsourced to next-generation public cloud servers [
15,
16]. However, securing outsourced data in the cloud is imperative for data owners [
17]. In addition, the authentication protocols enable users to access these services through the remote servers over an insecure network. Furthermore, in this part of the literature, we discuss various schemes that have security vulnerabilities and high computation and communication overheads. In 1981, the author [
18] proposed the first authentication protocol, which uses a username and password to secure a user’s access to a server. Nevertheless, there was a drawback in the protocol because it maintained a password table. As a result, the adversary can intercept the password, perform a replay attack, and successfully log into the server. In 1990, a more secure two-factor authentication protocol was proposed by [
19]. The two-factor authentication protocols use a username, password, and a smartcard. The topic of smartcard loss attacks has recently been brought up in the authentication schemes. Three-factor authentication combines a username, password, and a smartcard, which is a more secure method to access remote servers. Traditional two-factor authentication methods are only used for a single server environment. On the other hand, commercial services are based on a multi-server environment. Thus, the traditional authentication protocols do not provide untraceability and anonymity. Therefore, the author [
20] proposed a three-factor authentication protocol; however, according to [
21], the protocol proposed in [
20] cannot provide user anonymity and is vulnerable to impersonation attacks. Furthermore, a multi-server environment scheme based on three-factor authentication was proposed by [
20,
22]. However, according to [
23], the protocol [
22] is vulnerable to user impersonation attacks. The author [
24] improves the security drawbacks of the scheme [
25]. Moreover, the protocol [
24] is vulnerable to insider and smartcard loss attacks. Therefore, the author [
26] improves and solves the security vulnerabilities of the protocol [
24]. The author [
27] cryptanalysis the scheme [
28] and find out security vulnerabilities such as the scheme cannot provide user anonymity. These security vulnerabilities were solved by [
29]. The protocol designed by [
30] stores the user’s public keys on the server side, and this practice leads to man-in-the-middle attacks. Additionally, the author’s [
31] proposed scheme that cannot provide user untraceability and suffers from insider, server impersonation, and man-in-the-middle attacks. Moreover, the scheme [
32] exposed the security vulnerabilities in protocols [
26,
33]. Therefore, some researchers pay attention to network security, such that [
34] proposed a scheme that places a network inspection detection system to verify packets received by the cloud. However, their approach has some drawbacks in its performance. Furthermore, [
35] focuses on virtual network security to solve security issues between firewalls and virtual machines. However, against malicious external traffic, the scheme is powerless. On the other hand, the DDOS protection service [
36,
37] and the intrusion detection system’s importance were presented by [
38]. Moreover, cloud computing offers multi-type network-based services. Thus, a single network security service will not fulfill the network security requirement. Because the cloud is a multi-tenant environment, the security and privacy challenges differ from those encountered in traditional computing environments [
39]. According to [
40], the existing three-factor authentication schemes have too much communication and computation cost. In addition, they do not have a dynamic revocation mechanism. The scheme proposed by [
41] does not establish a session key, and the communication cost is also very high. According to [
23], the protocol used by [
42] suffers from temporary session information attacks. So far, different approaches have been used to authenticate remote users and eliminate the risk of cyberattacks. The authors [
43] proposed an authentication scheme to provide secure authentication for the telecare medicine information system (TMIS). The protocol [
43] used XOR, a one-way hash function, and a one-time password. The authors [
44,
45] proposed an authentication scheme based on ECC in smart grid environments. The author [
46] proposed an ECC-based authentication scheme for telecare medical information systems. Although, the scheme is robust, but vulnerable to offline password guessing attacks, DoS attacks, and user impersonation attacks and cannot provide perfect forward secrecy and anonymity. Another three-factor authentication protocol is proposed by [
47]. However, according to [
48], the scheme [
47] is vulnerable to insider attacks and cannot provide anonymity. Furthermore, the author [
48] also claimed that there is a flaw in the scheme [
47] password update phase as well. Moreover, accurate authentication of users can prevent forgery attacks. However, to avoid forgery attacks in next-generation public cloud computing, the client and the cloud server must authenticate using mutual or one-way authentication. Although many authentication protocols are proposed in [
33,
49‐
51], but most of these schemes lack mutual authentication. These existing protocols are also vulnerable to MITM, impersonation, synchronization, and playback attacks [
52]. According to [
53], mutual authentication is essential to determine if the communication between two parties is genuine. Recently, researchers have developed authentication schemes based on lattice-based and Identity-Based Encryption (IBE) [
54]. IBE is a two-factor security protection mechanism proposed by the authors [
55]. In the IBE protocol, the sender only needs to know the receiver’s identity to which it wants to send data, and no other information is required. The sender transmits data to the cloud, where the receiver can download the necessary data when needed. To decrypt the data, the receiver needs two things. The first one is the secret key, and the second is a unique personal security device. Hence, it is impossible to decrypt the ciphertext without these two devices. Hereafter, the unique personal device can be revoked if it gets lost. In both cases, the user data on the next-generation public cloud server is highly vulnerable to access by an adversary. Furthermore, in the authentication process, deep learning and neural network are also used [
56]. Deep learning is a type of machine learning in which algorithms are used to learn from large datasets [
57]. Neural networks are a type of artificial neural network (ANN) made up of interconnected layers of neurons that use inputs to generate predictions or decisions [
58,
59]. Both of these technologies are used in authentication systems to assist in identifying and authenticating users, detecting anomalies and fraud, and improving system security. Deep learning can recognize patterns and classify data, whereas neural networks can detect patterns and anomalies, as well as recognize faces and fingerprints. Although, elliptic curve cryptography (ECC) is a prominent asymmetric cryptographic scheme that can provide security like the RSA technique, with a smaller key size and lightweight nature. However, according to [
60] that the scheme used in [
61] and [
62] suffers from no anonymity, DoS, reply, masquerade and impersonation attacks. Meanwhile, in the scheme [
62], information can be easily intercepted and injected by an adversary over a public channel. However, according to [
63,
64], it is impossible for anyone to inject false information and break the credentials of the session shared key by using the Elliptic Curve computation Diffie-Hellman technique [
63] and Elliptic Curve Discrete Logarithmic problem [
64]. As a result, according to the author [
65], the session key is not secure between different peers in the [
66], and the scheme is vulnerable to masquerade attacks. Hence, a protocol has been proposed in [
66] to overcome [
65] scheme issues by using a robust protocol based on ECC by keeping a point at infinity on the curve. Through this technique, the attacker cannot challenge the legitimacy of the peers. Meanwhile, the author [
67] is trying to solve the DoS attack in the scheme [
65]. Finally, the abovementioned schemes have security vulnerabilities, high communication, and computation overheads. Therefore, it is not suitable for resources and energy constraints devices. Thus, we are designing a lightweight authentication protocol for next-generation public cloud computing to achieve lower computation and communication overhead while not compromising on security. We also illustrate a comprehensive literature review in Table
1.
Table 1
Comprehensive literature review
| The scheme is vulnerable to reply, masquerade, DoS, impersonation attacks and unable to provide anonymity. |
| The protocol cannot provide anonymity and is vulnerable to insider attacks. |
| The scheme is vulnerable to offline password guessing, DoS, user impersonation attacks and cannot provide perfect forward secrecy and anonymity. |
| The scheme unable to provide anonymity and vulnerable to masquerade, DOS, reply, impersonation attacks. |
| The protocol cannot provide user untraceability and suffer from insider attacks. |
| The protocol is vulnerable to insider attacks, and smartcard lost attacks. |
| The scheme suffers from user impersonation attacks. |
| The protocol cannot provide user anonymity and vulnerable to impersonation attacks. |
| The scheme is vulnerable to offline password guessing, spoofing, impersonation attacks and unable to provide mutual authentication. |
| The scheme is unable to provide mutual authentication, perfect message authentication and vulnerable to offline password guessing, and de-synchronization attacks. |
| The scheme is vulnerable to de-synchronization, spoofing attacks, and unable to provide perfect message authentication. |
| The protocol is vulnerable to spoofing and de-synchronization attacks. |
| The scheme is vulnerable to spoofing attacks and unable to provide perfect message authentication. |
| The scheme is unable to provide perfect message authentication and vulnerable to de-synchronization, spoofing and impersonation attacks. |
| The protocol is vulnerable to offline password guessing attack, de-synchronization attacks and unable to provide mutual authentication. |
| The protocol is vulnerable to offline password guessing, de-synchronization attacks and unable to provide perfect forward secrecy. |