Terminal devices in the Internet of Things(IoT)environment need to identify and authenticate each other to ensure network security and data security,and authentication is the first line of defense for IoT security,and the existing traditional public key cryptosystem(PKI)is cumbersome and computationally intensive,which can not satisfy the resource-constrained,open,and distributed IoT environment well.In this paper,a blockchain-based two-way authentication scheme for IoT terminals was designed based on the SM9 identity cryptography algorithm,which could greatly satisfy the confidentiality and unforgeability based on the assumptions of the computational Diffie-Hellman hard problem,the q-Diffie-Hellman inverse problem,and the bilinear Diffie-Hellman hard problem,and was more in line with the practical application environment of the IoT.The scheme adopted the device identity as the public key,which simplified the key distribution management process.In addition,the blockchain,as a decentralized underlying storage database used to record information such as keys,certificates,signatures,etc.,could be used to carry out credible endorsement for the authentication process.Through performance and Proverif formalized security analysis,and comparing several current mainstream authentication methods,the scheme can meet the time,performance and security requirements in the IoT environment.
Internet of ThingsSM9identity authenticationblockchain
NETL
NSTL
维普
万方数据
