In recent years, Electric Vehicles (EVs) are becoming popular due to their positive effects on the environment. The EVs receive charging service from the power grids, and also act as a charge reservoir to provide services to power grids as and when required. In this communication, the users’ credentials, like identity and credit/debit card details, may be exchanged while providing and receiving services. Since the users’ credentials are very sensitive, we need to protect the communications against any Probabilistic Polynomial Time (PPT) adversary. Therefore, authentication plays a vital role in protecting such sensitive information. In this paper, we analyse the recently proposed authentication protocol by Wang \textit{et} al. (2022) for EV charging. It has been observed that, this protocol is vulnerable to the \emph{Man-In-the-Middle-Attack} against any PPT-adversary under the Dolev-Yao threat model. Thus, Wang \textit{et} al.’s protocol is not suitable for industrial applications. We then propose an enhanced authentication protocol that provide security against all well-known attacks under the widely accepted CK-adversary model. We present a thorough security analysis using the Real-Or-Random (ROR) model to prove the security of the proposed protocol. We also compare our protocol with the existing related protocols to demonstrate the efficiency. The results show that the proposed protocol is efficient and provides high security, and therefore, it is more suitable for industrial applications.

With rapid growth of mobile users, protecting content from unauthorized users become a complex problem. The concept of temporal role-based access control reduces complexity of user management and restricts access to specified time-slots. But, content privacy is still questionable in case of system resources compromise unexpectedly. Therefore, cryptographic solution for time-bound hierarchical content management is an emerging problem. Most of the related schemes focused on individual user keys and/or revocation, but not on time-bound keys. Hence, these are not well suitable for subscription-based services like pay-TV and newspaper. In this paper, we propose a cryptographic time-bound access control with constant size time-bound keys. In our scheme, subscribed time-slots embed into individual user keys to avoid periodical broadcasting of temporal keys. We prove that our scheme is selectively secure against collision attack under chosen-ciphertext attack. We then discuss cloud-based application to show the strategies of efficient revocation and reduced computational overheads for end-users.