مجله بین المللی نوآوری در علوم کامپیوتر و فناوری اطلاعات 1 2 A survey of Cloud-based Radio-frequency Identification Authentication Protocols and Improvements to One of the Latest Proposed Protocols A survey of Cloud-based Radio-frequency Identification Authentication Protocols and Improvements to One of the Latest Proposed Protocols 92 113 10.22051/jera.2021.31891.2698 FA Tahereh MSc student of Kish International Campus, University of Tehran Hossein Associate Professor, Institute of Communication and Information Technology Ali Professor of algorithms and computation, University of Tehran The development of IoT and cloud data storage has enabled several objects to access the internet through radio-frequency identification (RFID) systems. Currently, the use of the cloud as a backend server is considered as a viable and cost-effective option. The connection between reader and server, on one hand, and the connection between tag and reader, on the other hand, need to be secure and private. The wired connection between tag and reader is now a wireless cloud-based system and calls for stricter security requirements. Not only the connection is insecure, but the cloud-provider which has full access to the tag and reader’s confidential information is not necessarily trusted. In this paper, after analyzing previously proposed authentication protocols in RFID systems, a protocol was chosen to be scrutinized in this research. Owing to the features provided by the Scyther tool, the proposed protocol did not have the required privacy and security properties. By reducing the computational overhead between tag and tag reader, and increasing the protocol’s resistance to desynchronized and reply attacks, in the present study, we attempted to further improve the protocol’s shortcomings in privacy and security. The development of IoT and cloud data storage has enabled several objects to access the internet through radio-frequency identification (RFID) systems. Currently, the use of the cloud as a backend server is considered as a viable and cost-effective option. The connection between reader and server, on one hand, and the connection between tag and reader, on the other hand, need to be secure and private. The wired connection between tag and reader is now a wireless cloud-based system and calls for stricter security requirements. Not only the connection is insecure, but the cloud-provider which has full access to the tag and reader’s confidential information is not necessarily trusted. In this paper, after analyzing previously proposed authentication protocols in RFID systems, a protocol was chosen to be scrutinized in this research. Owing to the features provided by the Scyther tool, the proposed protocol did not have the required privacy and security properties. By reducing the computational overhead between tag and tag reader, and increasing the protocol’s resistance to desynchronized and reply attacks, in the present study, we attempted to further improve the protocol’s shortcomings in privacy and security. cloud computing; RFID; security protocol; authentication; Scyther tool /downloadfilepdf/198452