Identity Access Management via ECC Stateless Derived Key Based Hierarchical Blockchain for the Industrial Internet of Things

Recently, the adoption of the industrial Internet of things (IIoT) has optimized many industrial sectors and promoted industry “smartization.” Smart factories and smart industries connect the real and virtual worlds through cyber-physical systems (CPS). However, these linkages will increase the cyber security danger surface to new levels, putting millions of dollars’ worth of assets at risk if communications in big network systems like IIoT settings are left unsecured. To solve these problems, the fundamental method is security, such as authentication and confidentiality, and it should require the encryption key. However, it is challenging the security performance with the limited performance of the sensor. Blockchain-based identity management is emerging for lightweight, integrity and persistence. However, the key generation and management issues of blockchain face the same security performance issues. First, through blockchain smart contracts and hierarchical deterministic (HD) wallets, hierarchical key derivation efficiently distributes and manages keys by line and group in the IIoT environment. Second, the pairing verification value based on an elliptic curve single point called Root Signature performs efficient public key certificate registration and verification and improves the key storage space. Third, the identity log recorded through the blockchain is the global transparency of the key lifecycle, providing system reliability from various security attacks. Keyless Signature Infrastructure (KSI) is adopted to perform efficiently via hash-based scheme (hash calendar, hash tree etc.). We analyze our framework compared to hash-based state commitment methods. Accordingly, our method achieves a calculation efficiency of O(n log N) and a storage space saving of 60% compared to the existing schemes.