PQ-BCDA：一种基于后量子区块链的物联网跨域认证方案

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-08-21 DOI:10.1016/j.iot.2025.101737

Shuanggen Liu , Siyuan Rao , Xu An Wang , Kexin Tian , Yue Wang

{"title":"PQ-BCDA：一种基于后量子区块链的物联网跨域认证方案","authors":"Shuanggen Liu , Siyuan Rao , Xu An Wang , Kexin Tian , Yue Wang","doi":"10.1016/j.iot.2025.101737","DOIUrl":null,"url":null,"abstract":"<div><div>The growing deployment of Internet of Things (IoT) devices across heterogeneous trust domains raises critical concerns for secure and efficient cross-domain authentication, especially under the emerging threat of quantum computing. Existing approaches often rely on centralized authorities or classical cryptographic primitives, making them vulnerable to single points of failure and future cryptanalytic advances. To address these challenges, this paper proposes PQ-BCDA, a novel post-quantum cross-domain authentication scheme that combines the Extended Merkle Signature Scheme (XMSS) with a consortium blockchain framework. Our scheme introduces an automated signature lifecycle management mechanism via smart contracts, enabling decentralized trust management and secure authentication without relying on centralized anchors. We formalize a tailored security model based on established frameworks and provide a detailed proof in the random oracle model, ensuring session key secrecy, mutual authentication, and resistance to common attacks. Experimental evaluations on real hardware platforms, demonstrate that PQ-BCDA reduces computational and storage costs by 46% and 33%, respectively.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"33 ","pages":"Article 101737"},"PeriodicalIF":7.6000,"publicationDate":"2025-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"PQ-BCDA: A post-quantum blockchain based cross-domain authentication scheme for Internet of Things\",\"authors\":\"Shuanggen Liu , Siyuan Rao , Xu An Wang , Kexin Tian , Yue Wang\",\"doi\":\"10.1016/j.iot.2025.101737\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The growing deployment of Internet of Things (IoT) devices across heterogeneous trust domains raises critical concerns for secure and efficient cross-domain authentication, especially under the emerging threat of quantum computing. Existing approaches often rely on centralized authorities or classical cryptographic primitives, making them vulnerable to single points of failure and future cryptanalytic advances. To address these challenges, this paper proposes PQ-BCDA, a novel post-quantum cross-domain authentication scheme that combines the Extended Merkle Signature Scheme (XMSS) with a consortium blockchain framework. Our scheme introduces an automated signature lifecycle management mechanism via smart contracts, enabling decentralized trust management and secure authentication without relying on centralized anchors. We formalize a tailored security model based on established frameworks and provide a detailed proof in the random oracle model, ensuring session key secrecy, mutual authentication, and resistance to common attacks. Experimental evaluations on real hardware platforms, demonstrate that PQ-BCDA reduces computational and storage costs by 46% and 33%, respectively.</div></div>\",\"PeriodicalId\":29968,\"journal\":{\"name\":\"Internet of Things\",\"volume\":\"33 \",\"pages\":\"Article 101737\"},\"PeriodicalIF\":7.6000,\"publicationDate\":\"2025-08-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Internet of Things\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2542660525002513\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525002513","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）设备跨异构信任域的日益增长的部署引起了对安全高效的跨域认证的关键关注，特别是在量子计算的新兴威胁下。现有的方法通常依赖于集中的权威机构或经典的密码原语，这使得它们容易受到单点故障和未来密码分析进步的影响。为了解决这些挑战，本文提出了PQ-BCDA，一种将扩展默克尔签名方案（XMSS）与联盟区块链框架相结合的新型后量子跨域认证方案。我们的方案通过智能合约引入了自动签名生命周期管理机制，实现了去中心化信任管理和安全认证，而无需依赖中心化锚点。我们基于已建立的框架形式化了量身定制的安全模型，并在随机oracle模型中提供了详细的证明，确保会话密钥保密、相互认证和抵抗常见攻击。在实际硬件平台上的实验评估表明，PQ-BCDA分别降低了46%和33%的计算成本和存储成本。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

PQ-BCDA: A post-quantum blockchain based cross-domain authentication scheme for Internet of Things

The growing deployment of Internet of Things (IoT) devices across heterogeneous trust domains raises critical concerns for secure and efficient cross-domain authentication, especially under the emerging threat of quantum computing. Existing approaches often rely on centralized authorities or classical cryptographic primitives, making them vulnerable to single points of failure and future cryptanalytic advances. To address these challenges, this paper proposes PQ-BCDA, a novel post-quantum cross-domain authentication scheme that combines the Extended Merkle Signature Scheme (XMSS) with a consortium blockchain framework. Our scheme introduces an automated signature lifecycle management mechanism via smart contracts, enabling decentralized trust management and secure authentication without relying on centralized anchors. We formalize a tailored security model based on established frameworks and provide a detailed proof in the random oracle model, ensuring session key secrecy, mutual authentication, and resistance to common attacks. Experimental evaluations on real hardware platforms, demonstrate that PQ-BCDA reduces computational and storage costs by 46% and 33%, respectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.