Currently, the popularity of the Internet of Things (IoT) has brought about an increase in the amount of data, so multi-server distributed cloud computing has been widely used in various applications that have brought convenience to our daily lives. At the same time, the development of the fifth generation (5G) of mobile communication technology has gradually become the main driving force for the popularization of the IoT. Because the 5G network is a heterogeneous network with multiple servers and small cells, the mutual authentication protocol under multiple servers is also applicable to the 5G network environment. However, much of the data will have serious storage and security issues during transmission. Aiming at the security issues in a multi-server (M-S) architecture, in 2018, Wu et al. proposed an authentication protocol in a distributed cloud environment. They claimed that their protocol is secure and resistant to various known types of attacks. However, we found that their protocol does not guarantee perfect forward secrecy (PFS) and suffers from privileged insider (PI) attacks. Such attacks will cause data to be out of sync. Therefore, we improved Wu et al.'s protocol and proposed an improvement in the 5G network environment. Finally, we performed a security analysis on the proposed protocol, including the automatic encryption protocol tool ProVerif, BAN logic, and informal security analysis, which proved that our protocol is secure. Compared with similar existing schemes, we have proved the efficiency of the scheme and achieved higher security standards. INDEX TERMS Authentication, multi-server, 5G networks, cryptanalysis, lightweight. Applying this for each component, we get S6:S j |≡ U i |≡ N i. Using A29, S6, and the jurisdiction rule, we get S7: S j |≡ N i. According to the message M2 and using the seeing rule, we get S8: CS {PID i , B 2 : N i , PID i x ; B 3 : ID i h(PID i N i) ; B 4 , T j }. Using the seeing rule for components we get S9: CS { N i , PID i x }. Using A4, S9, and the MM rule, we get S10: CS |≡ U i |∼ (N i , PID i). Using A5, S3, the freshness rule, and the N-V rule, we get S11: CS |≡ U i |≡ (N i , PID i). Using S11 and the belief rule, we get S12: CS |≡ U i |≡ (N i). S13: CS |≡ U i |≡ (PID i). Using A7, S12, and the jurisdiction rule, we get S14: CS |≡ N i. According to S8 and using the seeing rule, we get S15: CS { ID i h(PID i N i) }. Using A5, S14, and the MM rule, we get S16: CS |≡ U i |∼ ID i. Using A11, S16, and the N-V rule, we get S17: CS |≡ U i |≡ ID i. Using A9, S17, and the jurisdiction rule, we get S18: CS |≡ ID i. Using A14, S14, S18, and the belief rule, we get S19: CS |≡ (ID i , N i , HP i). Because K i = h(N i ID i HP i), we can get S20: CS |≡ k i. According to message M3 and using the seeing rule, we get S21: CS {PSID j , B 5 : N j , PSID i x ; B 6 : SID j h(PSID j N j) ; B 7 , T j }. Using the seeing rule for components we get S22: CS { N j , PSID i x }. Using A15, S22, and the message-meaning rule, we get S23: CS |≡ S j |∼ (N j , PSID j). Using A6, S23, the fresh...