iAKA-CIoT: An Improved Authentication and Key Agreement Scheme for Cloud Enabled Internet of Things Using Physical Unclonable Function

The Internet of Things (IoT) with cloud services are important functionalities in the latest IoT systems for providing various convenient services. These cloud-enabled IoT environments collect, analyze, and monitor surrounding data, resulting in the most effective handling of large amounts of heterogeneous data. In these environments, secure authentication with a key agreement mechanism is essential to ensure user and data privacy when transmitting data between the cloud server and IoT nodes. In this study, we prove that the previous scheme contains various security threats, and hence cannot guarantee essential security requirements. To overcome these security threats, we propose an improved authentication and key agreement scheme for cloud-enabled IoT using PUF. Furthermore, we evaluate its security by performing informal, formal (mathematical), and simulation analyses using the AVISPA tool and ROR model. The performance and security properties of our scheme are subsequently compared with those of other related schemes. The comparison confirms that our scheme is suitable for a practical cloud-enabled IoT environment because it provides a superior security level and is more efficient than contemporary schemes.


Introduction
The Internet of Things (IoT) and advanced communication technologies are opening up a novel networking paradigm that connects various devices to a public network. By 2025, the number of IoT devices and their market size are estimated to increase to approximately 30 billion [1] and 1.6 trillion [2], respectively. With the expansion of IoT infrastructure, IoT-based smart systems can support social networks in various areas, such as telemedicine, finance, smart grids, intelligent transport systems, and businesses. In these environments, IoT devices analyze the surrounding circumstances, collect data, and send them to service providers to provide various IoT services to users. However, IoT devices generally have limited computing power and storage resources, and do not handle a large amount of heterogeneous data.
Cloud-enabled IoT is known to be the most effective system for handling massive amounts of data generated by IoT devices [3]. In cloud-enabled IoT, a cloud server (CS) has sufficient ability to handle massive amounts of data and has the required storage capability for providing services. IoT devices transfer the collected data by monitoring the surrounding circumstances to utilize the storage and computing power of the CS. Thus, the CS collects IoT data and analyzes it to provide cost-effective and convenient services. Cloud-enabled IoT with communication technologies has become extremely important in human life, and thus the need for security and privacy has become essential for users. This is because of the various sensitive information that IoT data contains, such as health, finance, location, and behavior. Moreover, the Internet is an open channel that causes severe security issues. An adversary can easily forge or intercept data transmitted in an open channel and access user data stored in the CS. Therefore, it is necessary to authenticate entities that attempt to access data.
Numerous authenticated key agreement (AKA) schemes have been presented to guarantee user privacy and data security [4][5][6][7][8][9][10][11]. However, these schemes do not resist physical capture attacks using differential power analysis because IoT devices are not equipped with tamper-proof modules. Although some schemes assume that the devices in their scheme are equipped with tamper-proof modules, they do not present detailed tamper-resistant techniques to prevent physical capture attacks.
A physically unclonable function (PUF) [12] is a novel solution for preventing physical capture attacks targeting devices. The PUF module extracts the unique value corresponding to the inputs from an integrated circuit (IC) that is deployed during the manufacturing process. It has strong and valuable properties, such as tamper-proofing, unpredictable results, and low power consumption, which can be applied to lightweight authentication and identification protocols. In recent years, several PUF-based AKA schemes have been proposed [13][14][15] to ensure the security of the physical layer. In PUF-based AKA schemes, the PUF module can generate the secret value using challenge-response methods from IC which has different physical characteristics. After performing a fuzzy extractor for correcting the noise of a PUF value, it can be applied for AKA schemes as a secret parameter.
In this paper, we cryptanalyze the security flaws of previous schemes and propose an improved AKA scheme for cloud-enabled IoT using a challenge-response-based PUF, called iAKA-CIoT. Additionally, we analyze its security using formal (mathematical) and informal analyses, and conduct a comparative analysis on iAKA-CIoT and other contemporary schemes. Finally, we simulate our scheme to prove that it is secure against potential attacks.

Motivations and Contributions
The main goal of this study was to propose an improved AKA scheme for IoT using PUF to overcome the security threat of the previous scheme [6,10,11,16,17]. In the previous schemes, an attacker can easily disguise a legal user and compute a correct session key between the participants of the protocol. Moreover, the devices of their scheme can be easily compromised by an attacker using physical capture attack. In our AKA scheme, an adversary cannot compromise the IoT devices because they are protected by PUF modules. We perform informal and formal (mathematical) security analysis, which proves that our scheme meets the essential security requirements and session key security in a threat model. We also conducted a formal simulation analysis using the "automated validation of internet security protocols and applications" (AVISPA) [18] to prove its security and suitability for deployment in an open channel. Finally, the comparative analysis is carried out to evaluate performances and security properties compared with the related schemes.
The organization of this paper is as follows. Sections 2-4 discuss the related works, preliminaries and a review of the scheme proposed by Bhuarya et al., respectively. Section 5 presents the security weaknesses of the aforementioned scheme. In Section 6, we propose an improved AKA scheme for IoT using PUF to overcome the security weaknesses of previous schemes. Subsequently, we present the formal-, informal-security and simulation analyses in Section 7. Section 8 presents a comparative analysis of the related schemes. Finally, the conclusion is furnished in Section 9.

Related Works
In the last decade, several studies have been conducted to guarantee user and data privacy in IoT [4][5][6][7][8][9][10][11]13,14]. In 2014, Islam and Biwas [4] proposed a multi-factor authentication method using elliptic curve cryptosystems (ECCs) to provide secure communication for cloud computing. However, Sarvabhatla and Vorugunti [5] showed that the scheme proposed by Islam and Biwas did not prevent offline password guessing, replay, and user impersonation, and subsequently presented an enhanced ECC-based authentication scheme. However, their scheme is inefficient owing to its high computational cost. In 2015, Kalra and Sood [5] proposed an AKA scheme for cloud-enabled IoT using an ECC. However, in 2017, Kumari et al. [6] showed the security flaws of the Kalra and Sood Schemes and presented an AKA scheme using ECC to resolve these issues. Chaudhry et al. [7] and Chang et al. [8] simultaneously proposed an ECC-based remote user AKA scheme to provide secure mutual AKA. However, in 2019, Mo et al. [9] identified that the scheme proposed by Chaudhry et al. [7] did not resist smart-card loss attacks. Karuppiah et al. [10] proposed a remote AKA for cloud environments. However, Bhuarya et al. [11] pointed out that the aforementioned scheme did not prevent a password-guessing attack and did not achieve user anonymity and secure mutual authentication (SMA). Bhuarya et al. [11] cryptanalyzed the scheme proposed by Kumari et al. [6] and proposed an improved ECC-based AKA for cloud-based IoT. In 2022, Qureshi and Munir [13] also proposed a PUF-based robust authentication and key agreement scheme, and Wang et al. [14] proposed PUF-based authentication scheme with blockchain for wireless sensor network to prevent physical capture attacks. Although many schemes have been proposed, they do not prevent physical capture attacks or have a high communication cost while others simply do not consider them at all, which causes critical security issues.

Threat Model
We adopted the Dolev-Yao (DY) threat model [19] to evaluate the security of the cryptographic protocols, including the assumptions proposed by Bhuarya et al. According to the adopted model, an adversary can control all messages transmitted in a public network. Additionally, an adversary can easily guess the identity or password but cannot guess them simultaneously in polynomial time. Moreover, an adversary cannot speculate on the secret parameters (secret key, nonce, random number, etc.) in polynomial time because of its large size. Finally, an adversary can obtain data stored in embedded devices that are not equipped with detailed tamper-proof techniques [20][21][22].

Physical Unclonable Function
A PUF [12] is a physically unclonable one-way function constructed from a semiconductor as an integrated circuit. PUF is based on challenge-response methods and allows for the identification and authentication of the user. In PUF, c is a challenge and is the input, and its unique response r is illustrated as r = PUF(c). Although the same input is provided, PUF returns an inconsistent output. The PUF has following properties: (1) Unclonable: There is no function PUF (c) satisfying PUF(c) = PUF(c), and the probability of duplicating the same result in polynomial time is negligible. (2) Computable and unpredictable: PUF(c) = r is easily computed; however, it is infeasible to correctly guess r of the PUF() corresponding to c in polynomial time.

Fuzzy Extractor
The PUF response r = PUF(c) is not perfect because of its susceptibility to surrounding conditions and noise. Therefore, it cannot be utilized in cryptographic protocols as a secret parameter. To correct the noise or errors, we utilize a fuzzy extractor [23,24] that can recover a uniform PUF response r. A fuzzy extractor consists of the two following functions.
(1) Generation function Gen: Gen(c) = (a, h), where c, a, and h are the input value, return value, and auxiliary string, respectively.

Review of Bhuarya et al. Scheme
This section reviews the scheme proposed by Bhuarya et al. [11] to demonstrate their security limitations. The scheme consists of three phases: initial, registration, and login and authentication. The notations used in this paper are presented in Table 1.

System Setup Phase
This phase is executed by the CS to set up the initial parameters for the system. The CS selects a large prime number p, elliptic curve equation y 2 = x 3 + ax + b over the finite field Z p , and elements a, b ∈ Z p , where a, b satisfy the condition 4a 3 + 27b 2 = 0. G and O are the base points of the elliptic curve and the point at infinity, respectively, where n · G = O. The CS then generates a secret key MX CS and broadcasts the initial public parameters.

Registration Phase
In this phase, embedded devices ED i register themselves with the CS through a secure network to use the CS services. The detailed steps of this phase are as follows.
(1) ED i chooses the identity ID i and password PW i . It then computes and sends it to the CS via a secure channel. (2) After receiving {I i }, the CS selects a random number rn s and computes a pseudo and expiration time e t = E t , and then stores it with PID i and sends {PID i , C k , R i } to ED i through a secure channel. If C k is expired, E t is updated to E t and computes a new cookie

Login and Authentication Phase
In this phase, the CS and ED i authenticate each other, which is executed via a public channel. The detailed steps of this phase are as follows.
(1) A user inputs their identity ID i and password PW i , and then ED i computes If it is valid, ED i chooses a random number rn 1 , a current timestamp T 1 , and computes (2) Upon receiving the login request from ED i , the CS checks the timestamp validity, computes PID i = E ⊕ R i , and finds PID i in the database.
, and Y * = h(P 1 ||P 2 ||K||T 1 ), and then verifies that Y * is equal to Y. If it is correct, the CS chooses a random number rn 2 and a current timestamp T 3 and calculates P 3 = rn 2 · G, P 4 = rn 2 · A i , and S = h(P 3 ||P 4 ||T 3 ). Subsequently, the CS sends the response messages {S, P 3 , , and then verifies that S * ? = S and the timestamp is valid.
If this is correct, ED i generates the session key SK = h(rn 1 · P 3 ||PID i ||T 4 ||A i ) and V i = h((rn 1 · C k )||SK), and then sends the messages {V i , T 4 } to CS. (5) The CS checks the validity of the timestamp and generates the session key If it is, the CS and ED i successfully authenticate each other.

Security Weaknesses of Bhuarya et al.'s Scheme
In this section, we show that the scheme proposed by Bhuarya et al. does not prevent various potential attacks, such as impersonation and man-in-the-middle. Moreover, their scheme has an incorrect authentication mechanism and does not guarantee SMA, which is an essential requirement of an AKA protocol. This analysis was performed under the DY threat model described in Section 3.1.

Impersonation Attack
Owing to the fact that the scheme does not provide detailed tamper-proof techniques, we suppose that an adversary A obtains the embedded device ED i or captures it physically. Subsequently, A can access the data {PID i , R i , C k , I i } stored in ED i and perform impersonation attacks using the obtained data as follows: (1) A chooses a random number rn a and a current timestamp T 1 , and computes P a = rn a · G, On receiving the login request from A, the CS checks the timestamp validity, computes The CS subsequently verifies that Y * is equal to Y. If it correct, the CS selects a random number rn 2 and a current timestamp T 3 , and computes P 3 = rn 2 · G, Afterwards, the CS sends the response messages {S, P 3 , , and then verifies that S * a ? = S and timestamp is valid. If it is correct, A computes the session key SK = h(rn a · P 3 ||PID i ||T 4 ||A a ) and V a = h((rn a · C k )||SK), and then sends the messages {V a , T 4 } to CS. (5) The CS checks the validity of the timestamp and computes the session key SK * = h(rn 2 · P a ||PID i || T 4 ||A a ) and V * a = h((P a · C k ||SK * ). Then, the CS verifies that V * a is equal to V a . If it is, the CS and A successfully authenticate each other.
A can successfully generate a valid login request {E a , P a , Y a , T 1 } and response messages {V a , T 4 }, showing that the aforementioned scheme does not resist impersonation attacks.

Man-in-the-Middle Attack
An adversary A can perform a man-in-the-middle attack as follows: (1) A first intercepts the login request {E, P 1 , Y, T 1 } of ED i , and then chooses a random number rn a and a current timestamp , and sends the login request {E a , P a , Y a , T 1 } to CS. (2) A chooses a random number rn a2 and computes P a3 = rn 2 · G, P a4 = rn 2 · A i , and S a = h(P a3 ||P a4 ||T 3 ), where A i is obtained by the threat model. (3) A intercepts the response messages {S, P 3 , T 3 } of the CS, and then computes SK = h(rn a · P 3 ||PID i ||T 4 ||A a ) and V a = h((rn a · C k )||SK). Finally, A sends {V a , T 4 } and {S a , P a3 , T 3 } to the CS and ED i , respectively.
(4) After receiving {V a , T 4 } and {S a , P a3 , T 3 }, the CS and ED i generates the session key using received messages.
A can successfully establish the session key SK using rn a and rn a2 , which shows that the aforementioned scheme does not prevent man-in-the-middle attacks.

Correctness of Authentication Mechanism
In the login and authentication phase of the scheme, the CS computes {S, P 3 , T 3 } and sends it to ED i . Subsequently, ED i computes S * = h(P * 3 ||P 4 ||T 3 ) and verifies that S ? = S * to authenticate the CS. However, ED i cannot authenticate the CS because S is not equal to S * as follows:

Secure Mutual Authentication
In Sections 5.1 and 5.2, we proved that the scheme proposed by Bhuarya et al. does not resist impersonation and man-in-the-middle attacks. Moreover, we proved that their scheme contains an incorrect authentication mechanism, which causes the authentication process to be aborted. Therefore, the scheme does not ensure SMA.

Proposed Scheme
This section presents an improved AKA scheme for IoT using PUF, which comprises three phases: system setup, registration, and login and authentication. In our scheme, embedded devices are tamper-proof devices that use a PUF to protect the data stored in memory. The embedded devices register their identities with the CS, authenticate them, and establish the session key to each other. After completing the AKA phase, ED i can use the various services offered by the CS.

System Setup Phase
The CS sets up the initial parameters related to the elliptic curve, which is identical to the Bhuarya et al. scheme. The CS then generates a secret key MX CS and broadcasts the initial public parameters.

Embedded Device Registration Phase
This phase is shown in Figure 1, and the detailed steps are as follows: (1) User selects identity ID i , password PW i , challenge c i , and random number rn i for ED i , and then computes Gen(res i ) using the PUF and fuzzy extractor. Afterwards, ED i computes h i = h i ⊕ h(a i ||RPW i ||rn i ) and sends {PID i } to the CS via a secure channel. (2) On receiving the registration request from ED i , the CS chooses a random number x cs−ED i for ED i , and then computes SID i = h(PID i ||S cs−ED i and S ED i = h(PID i ||rn cs || x cs−ED i ). The CS stores SID i with {PID i , S ED i } in a secure database and sends {SID i , S ED i } to ED i through a secure channel.
and Ver i = h(PID i ||S ED i ||rn i ||a i ), and stores {SID i , RPW i , CV i , h i , K i , Ver i } in memory.

Authentication and Key Agreement Phase
This phase is shown in Figure 2, and the detailed steps are as follows: (1) User inputs the identity ID i with password PW i to ED i , and then ED i computes If it is correct, ED i chooses a random number rn 1 and a current timestamp T 1 ; otherwise, it aborts the connection.
(2) On receiving the login request from ED i , the CS checks the timestamp validity and finds {PID i , S ED i } using SID i from a secure database. The CS computes h(PID i ||S ED i || , and then verifies that V * 1 is equal to V 1 . (3) If it is equal, the CS generates computes a random number rn 2 and a current timestamp T 2 ; otherwise, aborts the connection. The CS calculates R 2 = rn 2 · P, M 2 = R 2 ⊕ h(PID i ||S ED i ||T 2 ), the session key SK cs−ED i = rn 2 · R 1 , and V 2 = h(M 2 ||R 2 ||R 1 ||S ED i || ID cs ||SK cs−ED i ). After that, the CS sends the response messages {M 2 , V 2 , T 2 } to ED i . (4) After receiving {M 2 , V 2 , T 2 } from the CS, ED i checks timestamp validity and com- If it is verified, ED i generates a current timestamp T 3 and computes V 3 = h(SK ED i −cs ||R 1 ||R 2 ||S ED i ||T 3 . ED i sends the verification messages {V 3 , T 3 } to the CS. (5) On receiving {V 3 , T 3 } to ED i , the CS computes V * 3 = h(SK cs−ED i ||R 1 ||R 2 ||S ED i ||T 3 and checks its validity. If it is verified, the CS and ED i successfully authenticate each other.

Security Analysis
In this section, we prove that iAKA-CIoT ensures the session key security (SKS) using the real-or-random (RoR) model [25]. We also perform an informal analysis and simulation analysis using the AVISPA verification tool [18] to demonstrate that our scheme is secure against various potential attacks.

Formal Security Analysis Using ROR Model
We prove that our scheme achieves SKS using an ROR model-based mathematical formal proof [26][27][28]. We first discuss the fundamental concept and queries of the ROR model before conducting the formal analysis.  Table 2 to destroy the SKS. • Semantic Security: A tries to find a correct session key from a random number utilizing the ROR queries. If A correctly guesses a bit c, A wins this game and breaks the semantic security of the scheme. Let Adv P = |2Pr[Succ] − 1| be the advantage in breaking the session key of scheme P, where Win is the event of the winning game by A.
• Random oracle: All participant entities can use a random oracle as a collision resistant one-way hash function Hash.

Queries Descriptions
Execute(Π inst 1 ED , Π inst 2 CS ) A can perform an eavesdropping attack using this query under the threat model

ED )
A can perform device stolen attacks using it to retrieve the data stored in ED i .

Send(Π inst , M)
A can send messages and receive its response from the oracle P inst using it.

Test(Π inst )
Under this query, A guesses the probabilistic result for an unbiased coin c. When the freshness of the session key SK is established by P inst and A, A guesses SK by sending a Test query to the oracle. If c = c or c = 1, A obtain an arbitrary number or the correct SK, respectively; otherwise, obtains the NULL (⊥).
Now, we prove that our scheme ensures SKS using the following Definitions 1 and 2 and Theorem 1.

Definition 1.
Elliptic curve discrete logarithm problem (ECDLP): Given P and Q, it is computationally intractable to find integer a such that Q = a · P, where a ∈ Z * p .

Definition 2.
Elliptic curve decision Diffie-Hellman problem (ECDDHP): Given P, xP, and yP, it is computationally difficult to compute x · y · P, where x, y ∈ Z * p .

Theorem 1.
Let an adversary run in polynomial time t as A, and let the advantage of A in breaking the SKS be Adv A P . Then, where q h , Hash, and Adv ECDLP (t) is the number of Hash queries, a collision-resistant hash function Hash, and an advantage in breaking ECDLP, respectively.
The formal proofs consisting of four games G i (i = 0, 1, 2) using the ROR model are as follows: • Game G 0 : A first tosses the coin c and obtains its result at the beginning of this game. Its winning advantage is: where Succ is the event of A winning the game. • Game G 1 : Under this game, Attacker A performs an eavesdropping attack using the A first intercepts the transmitted messages {SID i , M 1 , V 1 , T 1 }, {M 2 , V 2 , T 2 }, and {V 3 , T 3 } to break the SKS. Then, A executes the Test(Π t ) query to guess whether the output of the query is equal to SK or any arbitrary number. However, the winning probability of G 1 does not increase because A does not compute the session key SK ED i −cs = rn 1 · rn 2 · P without breaking the ECDLP and ECDDHP. Thus, we obtain: • Game G 2 : Attacker A performs an active attack using Send(Π inst , M) and Hash queries.
A attempts to guess the correct message digest collision to mislead a participant entity using several Hash queries. However, in our scheme, all transmitted messages are secured because A does not break the Hash oracle in polynomial time. Moreover, A cannot compute the correct messages without the pseudo-identity PID i , secret value S ED i , and tamper-proof value a i . Thus, according to the birthday paradox [29], • Game G 3 : Attacker A performs a final attack and can obtain {SID i , RPW i , CV i , h i , K i , Ver i } stored in the memory of ED i using CorruptED(Π inst 1 ED ). However, A does not compute the valid login request messages . Since A does not know ID i , rn i , PID i and a i , A cannot correctly guess PW i using Send(Π inst , M). Moreover, a i is only generated by the secure PUF function with a fuzzy extractor, which is defined in Section 3.2, and A does not distinguish between the PUF values and those of the noise without help of fuzzy extractor because the guessing probability of fuzzy extractor values len f and lenp is approximately 1 2 len f and 1 2 lenp , respectively. Therefore, from the PUF simulation and Zipf's law on passwords [30], After simulating all the games (G 0 , G 1 , G 2 , G 3 ), A attempts to guess the correct c using the Test query. Therefore, We can obtain the following results using Equations (2), (3) and (6).
Then, we can gain the following results using (5)- (7): Finally, we acquire the final goal by multiplying both sides of (8) by two.

Informal Security Analysis
This section demonstrates that our scheme is secure against various potential attacks, such as impersonation, man-in-the-middle, replay, physical capture, and offline password guessing. In addition, we demonstrate that it guarantees SMA and anonymity.

Impersonation Attack
Under our threat model, an adversary A can acquire the exchanged messages in a public network and extract the stored data {SID i , RPW i , CV i , h i , K i , Ver i } from the memory of ED i . However, A cannot attempt to impersonate a legitimate ED i because A does not successfully generate the login request {SID i , M 1 , V 1 , T 1 } and verification messages {V 3 , T 3 } without knowing ID i , PW i , S ED i and a i . Therefore, iAKA-CIoT is secure against impersonation attacks.

Man-in-the-Middle Attack and Replay Attack
When A tries to perform a man-in-the-middle attack, A should obtain {R 1 , R 2 } and compute the response messages {M 2 , V 2 } and {V 3 }. However, A cannot obtain R 1 and R 2 without obtaining h(PID i ||rn i ||a i ). Moreover, all response messages include a timestamp and are masked by a collision-resistant hash function, which makes it difficult to find original messages in polynomial time. Therefore, iAKA-CIoT resists man-in-the-middle and replay attacks.

Physical Capture Attack
After obtaining the data {SID i , RPW i , CV i , h i , K i , Ver i } stored in the memory of ED i ' using a physical capture attack, the data do not help compute the session key SK because the PUF response a i is only generated by ED i and A cannot retrieve S ED i from K i . Therefore, our scheme protects against physical-capture attacks.

Offline Password Guessing Attack
We assume that A attempts to guess the password of the user by using intercepted messages and extracting data. A must know the real identity ID i , random number rn i , pseudo identity PID i and secure parameter S ED i . However, A does not know these values because it is masked by a collision-resistant hash function, and A cannot simultaneously guess two or three parameters in polynomial time. Therefore, iAKA-CIoT is secure against offline password-guessing attacks.

Secure Mutual Authentication and Anonymity
In the AKA phase of our scheme, the CS and ED i verify the login request V 1 ? = V * 1 and response messages V 2 ? = V * 2 by using PID i and S ED i . According to previous analyses (Sections 7.2.1-7.2.3), A does not compute verification messages V 1 and V 2 without obtaining {PID i , a i , ID i , PW i , S ED i }. Moreover, in our scheme, the user utilizes the pseudo identity PID i for the AKA phase, and A cannot obtain the real identity ID i of the user. Therefore, our scheme achieves SMA and anonymity.

Denial-of-Service Attack
After receiving exchanged messages between CS and ED i , they should perform verification procedures to prove validity of these messages {Ver i , V 1 , V 3 }. If it is not valid, the AKA procedure is immediately aborted. It can mitigate denial of service (DoS)/distributed denial of service (DDoS) attacks because {Ver i , V 1 , V 3 } has freshness which includes timestamp and random number, and can be generated by a legitimate entities.

Simulation Analysis Using AVISPA Tool
In this section, we discuss the simulation of our scheme by using the AVISPA simulation tool to prove its security [18,31]. AVISPA is a well-known formal simulation tool for evaluating the security of protocols, whereby it verifies that a protocol resists manin-the-middle and replay attacks. First, we define the security properties of our scheme by using a high-level protocol specification language (HLPSL) [32]. The defined HLPSL code was transformed into an intermediate format using the HLPSL2IF translator. This simulation was executed under the four back-ends model [33]; "on-the-fly model checker" (OFMC); "tree automata based on a protocol analyzer" (TA4SP); "SAT-based model checker" (SATMC), and "constraint logic-based attack searcher" (CL-AtSE). The procedure of this simulation is shown in Figure 3 and the concept of HLPSL is presented in [31,32].

Comparative Analysis
This section presents a comparative analysis of our scheme on the security property, communication, and computation cost with other related schemes [6,10,11,16,17].

Security Property
We compared the security properties of our scheme with those of the contemporary schemes. Table 3 shows that the previous schemes cannot resist security attacks, achieve anonymity, or SMA. In contrast, we demonstrate that iAKA-CIoT can prevent potential security attacks and guarantee essential security requirements. Therefore, our scheme is more secure than the aforementioned schemes [6,10,11,13,14,16,17].
We demonstrated that Bhuarya et al. [11] is insecure against physical capture attacks in Section 5. We also proved that other related schemes [6,10,16] does not prevent physical capture attacks to highlight our contributions. The detailed processes of AKA schemes refer to [6,10,16,17].
In [6], an adversary A can extract the data {Pid i , C k } stored in the embedded device ED i , and then A selects a random number and computes P 1 = r 1 · G, P 2 = h(r 1 · C k ). Finally A can successfully generate the login request messages {P 1 , P 2 , Pid i } without knowing any other information.
In [10], A can obtain the parameters {B i , N i , N t } and {W i , V i , T u } from the user's smart card and open channel. Then, A tries to obtain the PW i by executing offline password guessing attacks [34] i , A successfully guesses the correct PW i and can correctly generate valid login request.
In [16], we assumed that A is a dishonest registered participant in the system. Then, A can extract the data {AID A , BID A , r A } from smart card and can impersonate a legitimate user U a using it. In their scheme, A can establish the session key of any legitimate user by betraying a trusted server [7]. Therefore, the aforementioned schemes are insecure against physical capture attacks because they stored secret data as plaintext, which causes critical security issues.

Computation, Communication and Storage Costs
In this analysis, we consider the AKA phase for protocols. Tables 4-6 compare the computation, communication and storage costs between our scheme and other related schemes, which is shown in Figures 8, 9 and 10, respectively.   The computation cost analysis was performed using Raspberry PI 4B with Linux Ubuntu 18.04.4 LTS with 64-bits, 8 GB, and MIRACL library. We utilized the average values for each cryptographic primitive, which was run 100 times to measure its execution cost. To evaluate the computational cost of iAKA-CIoT compared with other schemes, we considered four cryptographic primitives, and their execution costs are presented in Table 7.  [13] required 2T aes + 2T em ≈ 0.024 + 5.696 = 5.72 ms; that in Wang et al. [14] required 13T h ≈ 0.663 ms.
The iAKA-CIoT requires a storage cost of 960 bits, whereas the storage cost for other schemes are as follows: that in Kumari et al. [6] required 480 bits; that in Karuppiah et al. [10] required 3712 bits; that in Huang et al. [16] required 320 bits; that in Jiang et al. [17] required 640 bits; that in Bhuarya et al. [11] required 640 bits; that in Qureshi and Munir [13] required 800 bits; and that in Wang et al. [14] required 960 bits. Section 8.1 shows that the abovementioned schemes [6,10,11,13,14,16,17] are insecure against various attacks such as password guessing, impersonation, replay, and physical capture attacks. Moreover, their schemes do not provide anonymity, a formal proof analysis, or SMA. Although some schemes [13,14] can prevent physical capture attacks, their scheme has security weaknesses [15] or high communication costs. Therefore, our scheme is secure and superior for practical IoT environments.

Conclusions
This paper demonstrated that the Bhuarya et al. scheme had an incorrect authentication mechanism, did not resist various attacks, such as impersonation, man-in-the-middle, and physical capture attacks. We also demonstrated that it did not achieve SMA and SKS. We proposed an improved authentication and key agreement scheme for cloud-enabled IoT using PUF to resolve these security flaws. We demonstrated that iAKA-CIoT is secure against impersonation, man-in-the-middle, replay, offline-password guessing, and physical capture attacks, and achieves SMA and anonymity. Formal security proof confirmed that our scheme achieved SKS between the CS and ED using the ROR model. Moreover, we performed a formal simulation analysis using the AVISPA tool and compared it with other related schemes using the Raspberry PI 4B with MIRACL library. Our scheme also provides superior security properties compared to the aforementioned schemes. Therefore, iAKA-CIoT is suitable for practical cloud-enabled IoT environments because it is more secure and superior than the other related schemes.