Owing to the open Industrial Internet of Things (IIoT) environment, information interacting between devices and servers is transmitted over the public channel, which may lead to privacy breach of the device identity. Furthermore, communication entities are not fully trusted, and they may maliciously disclose the device identity information. Therefore, the anonymity of devices must be guaranteed. In addition, IIoT is resource-constrained, and complex algorithms are unsuitable for the IIoT system. Several researchers have attempted to design anonymous authentication schemes. The one-authentication-multiple-access approach allows devices to access server resources multiple times after a single authentication, and its authentication overhead is independent of the number of accesses. This can reduce the computational burden for devices that need to access the server frequently. However, existing anonymous authentication schemes do not support multiple accesses after one authentication, and still suffer from privacy issues and low efficiency for devices that need frequent access to the server. To address these issues, we propose a new anonymous authentication scheme that uses group signature technology to ensure device anonymity and uses Merkle hash tree technology to achieve multiple accesses after one authentication, thereby greatly reducing the authentication overhead of IIoT devices. Then, we validate the security of the scheme using the random oracle model and the BAN logic. Finally, compared with other related schemes, the experimental results show that our proposed scheme is more efficient and practical for resource-constrained IIoTs than other schemes.
Read full abstract