A Survey on Zero-Knowledge Authentication for Internet of Things

Abstract

The Internet of Things (IoT) is ubiquitous in our lives. However, the inherent vulnerability of IoT smart devices can lead to the destruction of networks in untrustworthy environments. Therefore, authentication is a necessary tool to ensure the legitimacy of nodes and protect data security. Naturally, the authentication factors always include various sensitive users’ information, such as passwords, ID cards, even biological information, etc. How to prevent privacy leakage has always been a problem faced by the IoT. Zero-knowledge authentication is a crucial cryptographic technology that uses authenticates nodes on the networks without revealing identity or any other data entered by users. However, zero-knowledge proof (ZKP) requires more complex data exchange protocols and more data transmission compared to traditional cryptography technologies. To understand how zero-knowledge authentication works in IoT, we produce a survey on zero-knowledge authentication in privacy-preserving IoT in the paper. First, we overview the IoT architecture and privacy, including security challenges and open question in different IoT layers. Next, we overview zero-knowledge authentication and provide a comprehensive analysis of designing zero-knowledge authentication protocols in various IoT networks. We summarize the advantages of ZKP-based authentication in IoT. Finally, it summarizes the potential problems and future directions of ZKP in IoT.