Decentralized identity authentication and key management scheme

Abstract

SM9 is an identity-based cryptography and constitutes an important part of Chinese commercial cryptography system. It can avoid the complicated PKI system certificate management problems and provides new solution for IoT (Internet of Things) security applications. But SM9 needs the trusted third party KGC (Key Generator Center) to generate and manage the key for the user. So, key update is very troublesome. In order to solve the problem of SM9 key update, this paper proposes a decentralized identity authentication and key management scheme using block chain technology. In the scenario, the user only needs the IGC (Identity Generator Center) to generate its identifier and the key for the first time. Then, the user can automatically update the key. In the process, identifier remains the same as public key and only the private key and parameters update, so it is quite convenient for identity authentication. This paper redefines data structure of the transaction and each key update process is recorded in the chain blocks in the form of transaction. The block chain can guarantee the security and reliability of key update process since it can’t be tampered with. The research in this paper is quite valuable for the identity authentication and key management in decentralized IoT application scenarios.