Conditional privacy-preserving message authentication scheme for cross-domain Industrial Internet of Things

Industrial Internet of Things (IIoT) is a key technology for building intelligent manufacturing, optimizing industrial device management, and improving productivity. Currently, an increasing number of cross-domain interaction scenarios exist in which different industries cooperate in production. The communication of industrial devices across various domains poses additional security and privacy issues. However, most current cross-domain authentication schemes require a trusted third-party centralized authentication, which reduces system flexibility and becomes the system bottleneck in multi-domain production environments with a large number of devices. In this paper, we propose a distributed cross-domain message authentication scheme with conditional privacy-preserving for the cross-domain communication scenario in IIoT, where multiple manufacturers jointly deploy devices for collaborative production. The private key generator in each domain is only responsible for offline registration and traceability, and a set of edge gateways realize distributed authentication and token distribution to devices through secret sharing technology. In addition, we use batch authentication technology to reduce authentication latency. Security analysis indicates that the scheme satisfies the security and privacy requirements of cross-domain authentication in IIoT. Experimental analysis shows that our scheme is more computationally efficient and has lower communication costs than related schemes.