[an error occurred while processing this directive]

ZTE Communications ›› 2024, Vol. 22 ›› Issue (2): 30-38.DOI: 10.12142/ZTECOM.202402005

• Special Topic • 上一篇    下一篇

  

  • 收稿日期:2024-03-25 出版日期:2024-06-28 发布日期:2024-06-25

Utilizing Certificateless Cryptography for IoT Device Identity Authentication Protocols in Web3

WU Zhihui1,2, HONG Yuxuan1, ZHOU Enyuan3, LIU Lei1, PEI Qingqi1()   

  1. 1.Guangzhou Institute of Technology, Xidian University, Guangzhou 510700, China
    2.Guangzhou Lianrong Information Technology Co. Ltd. , Guangzhou 510700, China
    3.The Hong Kong Polytechnic University, Hong Kong 999077, China
  • Received:2024-03-25 Online:2024-06-28 Published:2024-06-25
  • About author:WU Zhihui received his master's degree from Xidian University, China. He is the Deputy General Manager of Guangzhou Lianrong Information Technology Co. He has been responsible for project management and technical development in the fields of data security, privacy computing and blockchain technology for many years. He has led or participated in more than ten research projects, and published two papers and 11 invention patents. He received 2023 Blockchain Innovator of the Year Award.
    HONG Yuxuan received his BE degree in information security from Xidian University, China in 2021. He is currently pursuing his ME degree with College of Guangzhou Institute of Technology, Xidian University. His research interests include identity authentication and blockchain.
    ZHOU Enyuan is currently pursuing his PhD degree in Department of Computing in The Hong Kong Polytechnic University, China. He received his BE degree in information security from Northeastern University, China and MSc degree in cyberspace security (supervised by Prof. PEI Qingqi) from Xidian University, China. His current research interests include Blockchain, Database, and knowledge graph. He has published several papers in prestigious journals and conferences in data management field such as VLDB and IEEE TKDE.
    LIU Lei received his BEng degree in electronic information engineering from Zhengzhou University, China in 2010, and his MSc and PhD degrees in communication and information systems from Xidian University, China in 2013 and 2019, respectively. He is currently an associate professor with the Guangzhou Institute of Technology, Xidian University. His research interests include vehicular ad hoc networks, edge intelligence and distributed computing.
    PEI Qingqi (qqpei@mail.xidian.edu.cn) is a full professor and PhD supervisor of Xidian University, China. He serves as the director of the Blockchain Application and Evaluation Research Center of Xidian University and the executive director of the Shaanxi Key Laboratory of Blockchain and Secure Computing. His research interests focus on cognitive networks, data security, and blockchain. He has led or participated in more than 30 national, provincial and ministerial projects. He has published more than 100 journal or conference papers and obtained more than 60 patents (including five international PCT patents) and 40 registered software copyrights. He was awarded one second prize of national technology invention awards and three first prizes of provincial or ministerial scientific and technological awards.
  • Supported by:
    the National Key Research and Development Program of China(2021YFB2700600);the National Natural Science Foundation of China(62132013);the Key Research and Development Programs of Shaanxi(S2024-YF-YBGY-1540);the Basic Strengthening Plan Program(2023-JCJQ-JJ-0772);the Key-Area Research and Development Program of Guangdong Province(2021B0101400003);Hong Kong RGC Research Impact Fund(R5060-19);Areas of Excellence Scheme(AoE/E-601/22-R);General Research Fund(152203/20E)

Abstract:

Traditional methods of identity authentication often rely on centralized architectures, which poses risks of computational overload and single points of failure. We propose a protocol that offers a decentralized approach by distributing authentication services to edge authentication gateways and servers, facilitated by blockchain technology, thus aligning with the decentralized ethos of Web3 infrastructure. Additionally, we enhance device security against physical and cloning attacks by integrating physical unclonable functions with certificateless cryptography, bolstering the integrity of Internet of Thins (IoT) devices within the evolving landscape of the metaverse. To achieve dynamic anonymity and ensure privacy within Web3 environments, we employ fuzzy extractor technology, allowing for updates to pseudonymous identity identifiers while maintaining key consistency. The proposed protocol ensures continuous and secure identity authentication for IoT devices in practical applications, effectively addressing the pressing security concerns inherent in IoT network environments and contributing to the development of robust security infrastructure essential for the proliferation of IoT devices across diverse settings.

Key words: blockchain, certificateless cryptography, identity authentication, IoT