A Blockchain-Based Cross-Domain Authentication Management System for IoT Devices

With the emergence of the resource and equipment sharing concept, many enterprises and organizations begin to implement cross-domain sharing of devices, especially in the field of the Internet of Things (IoT). However, there are many problems in the cross-domain usage process of devices, such as access control, authentication, and privacy protection. In this paper, we make the following contributions. First, we propose a blockchain-based cross-domain authentication management system for IoT devices. The sensitive device information is stored in a Merkle tree structure where only the Merkle root is uploaded to the smart contract. Second, a detailed security and performance analysis is given. We prove that our system is secure against several potential security threats and satisfies validity and liveness. Compared to existing schemes, our schemes realize decentralization, privacy, scalability, fast off-chain authentication, and low on-chain storage. Third, we implement the system on Ethereum with varying parameters known as domain number, concurrent authentication request number, and Merkle tree leaf number. Experimental results show that our solution supports the management of millions of devices in a domain and can process more than 10,000 concurrent cross-domain authentication requests, consuming only 5531 ms. Meanwhile, the gas costs are shown to be acceptable.