计算机科学
密钥托管
认证(法律)
计算机安全
钥匙(锁)
密钥管理
公钥密码术
计算机网络
架空(工程)
证书颁发机构
密码学
加密
操作系统
作者
Jingnan Dong,Guangxia Xu,Chuang Ma,Jun Liu,Uchani Gutierrez Omar Cliff
出处
期刊:IEEE Internet of Things Journal
[Institute of Electrical and Electronics Engineers]
日期:2023-01-01
卷期号:: 1-1
标识
DOI:10.1109/jiot.2023.3296506
摘要
In Industrial Internet, mutual authentication between enterprises is a prerequisite for establishing reliable upstream and downstream relationships. Existing authentication methods suffer from complicated certificate management and key escrow problems. Moreover, many authentication mechanisms cannot resist common security attacks and have high computational overhead and communication costs. Therefore, this paper proposes a blockchain-based certificate-free cross-domain authentication mechanism for Industrial Internet. By establishing an Ethereum consortium blockchain as the trusted cornerstone among different regions, industrial enterprises in each region generate the user’s private key with the key generation center in the region, thus avoiding the key escrow problem. This consortium blockchain adopts the proof of authority consensus mechanism for scalability and throughput. Industrial enterprises in different regions invoke smart contracts and query other industrial enterprises for mutual authentication and key negotiation. SVO logic proves the proposed scheme achieves the intended authentication goal, and the automated formal verification tool Scyther proves the scheme’s security. In addition, compared with seven related schemes in the last three years, the experimental results show that the proposed scheme has low communication overhead and computational cost in the authentication key negotiation phase. The experiments on the Ethereum consortium blockchain built by Raspberry Pi prove the effectiveness of the proposed scheme. Finally, the comparative analysis of common security properties proves the reliability of the scheme.
科研通智能强力驱动
Strongly Powered by AbleSci AI