DCAGS-IoT: Dynamic Cross-Domain Authentication Scheme Using Group Signature in IoT

Abstract

Cross-domain authentication requires that there is no trust gap between different trust domains that can cause cross-domain devices to exceed the security control scope of the original trust domain and further expose cross-domain authentication systems to security threats. In addition, as relying on the traditional cross-domain authentication means built by centralized institutions cannot meet the data security needs in a big data environment. Therefore, it is necessary to design a secure dynamic cross-domain authentication scheme. In this paper, we propose a dynamic cross-domain authentication scheme (DCAGS-IoT) in the Internet of Things environment using the group signature technology and the distributed system architecture of blockchain. Specifically aiming at the problem of increasing and revoking users in dynamic cross-domain authentication, a user update algorithm with the complexity of O (logN) was designed to manage users in the trust domain. Moreover, we used the characteristics that group signature users can sign on behalf of a group to protect the users’ privacy and track suspicious users. Since the size of the signature generated by the scheme is independent of the number of group members N and only depends on the security parameters λ, the efficiency of the protocol implementation is improved, and the security and availability of the authentication scheme are guaranteed.