Hussain, SajidMahmood, KhalidKhan, Muhammad KhurramChen, Chien-MingAlzahrani, Bander A.Chaudhry, Shehzad Ashraf2023-08-052023-08-0520220920-54891872-7018https://hdl.handle.net/11363/5174https://doi.org/The Internet of drones (IoD) is a very useful application of the Internet of things (IoT) and it can help the daily life comfort through various functions including the smart city surveillance. The IoD can enhance the comfort to reach inaccessible and hard to access sites and can save lot of effort, time and cost. However, in addition to traditional threats, the IoD may suffer from new threats and requires customized methods to combat the security weaknesses. Very recently, Wazid et al. proposed a security solution for securing IoD application scenario and claimed its security. However, in this paper we show that their scheme cannot resist stolen verifier and traceability attacks. Moreover, an attacker with access to the verifier, can impersonate any user, drone or server of the system. An enhanced scheme is then proposed to cope with these weaknesses. The security claims of proposed scheme are endorsed by formal and informal security analysis. Moreover, the performance and security comparisons show that proposed scheme completes a cycle of authentication with a slight increase in computation time, but it offers all the required security features as compared with the scheme of Wazid et al.eninfo:eu-repo/semantics/openAccessAttribution-NonCommercial-NoDerivs 3.0 United StatesThree-factor authenticationSmart-card capture attackDrone capture attackProvable securitySmart City securityIoT securityKey-agreementInternet of DronesAuthenticationsDesigning secure and lightweight user access to drone for smart city surveillanceArticle8011110.1016/j.csi.2021.1035662-s2.0-85113279390Q1WOS:000697032600003Q1