BP-AKAA: Blockchain-enforced Privacy-preserving Authentication and Key and Access Control for IIoT

【Author】 Liu, Suhui; Chen, Liquan; Yu, Hongtao; Gao, Shang; Fang, Huiyu

【Source】JOURNAL OF INFORMATION SECURITY AND APPLICATIONS

【影响因子】4.960

【Abstract】The Industrial Internet of Things (IIoT) links multiple subnets to accomplish more real-time, efficient, and high-class production. Authentication is an essential prerequisite for secure communication and data sharing between mutually untrusted subdomains.However, solving trust issues between subnets through third -party trusted servers inevitably introduces security and efficiency bottlenecks. In addition, the issue of not compromising the privacy of mutual authentication remains a challenge. Furthermore, key agreement and access control, as two follow-up steps of authentication, is non-negligible for achieving secure and efficient data sharing. Existing authentication works either require heavy computational overhead or lack necessary features for data sharing. Therefore, this paper proposed a blockchain-enforced cross-domain private-protected authentication and key agreement scheme supporting attribute-based access control, named BP-AKAA. To the best of our knowledge, this is the first scheme that simultaneously supports privacy authentication, key agreement, and access control. Non-interactive zero-knowledge proof technology is adopted to protect the identities of devices. In addition, with the assistance of distributed blockchain, the untrust issue of cross-domain authentication is solved.Performance analysis demonstrates that our scheme satisfies multiple functions, including cross-domain, privacy-preserving, and mutual authentication, and outperforms existing schemes in terms of key generation, authentication, and access control.

【Keywords】Blockchain; Authentication and key agreement; Non-interactive zero-knowledge proof; Industrial Internet of Things; Access control

【发表时间】2023 MAR

【收录时间】2023-03-26

【文献类型】

【主题类别】

--