As Internet of Things (IoT) technology continues to advance, IoT devices have permeated every part of life. The emergence of cloud computing has become a key technology for solving the memory limitation problem of IoT devices, greatly promoting resource sharing, facilitating user access to information at any time, and providing IoT services. However, IoT message is transferred over public channels and is therefore accessible to attacks in the IoT-based cloud computing environment, resulting in user and server privacy leakage. To solve this issue, Amin et al. proposed an authentication protocol for use in this environment. However, Kang et al. proved that their protocol had many security vulnerabilities and proposed an improved authentication protocol. Recently, Huang et al. found security vulnerabilities in Kang et al.’s protocol and designed an enhanced protocol of their own. In this article, we first demonstrate that Huang et al.’s enhanced protocol is vulnerable to privileged insider attacks and temporary value leakage attacks. Then, based on their protocol an enhanced authentication protocol is proposed for IoT-enabled devices in a distributed cloud computing architecture. Finally, security analysis and performance comparisons are conducted, showing that our protocol has both greater security and better performance.