Abstract: Traditional methods of identity authentication often rely on centralized architectures, which pose risks of computational overload and single points of failure. We propose a protocol that offers a decentralized approach by distributing authentication services to edge authentication gateways and servers, facilitated by blockchain technology, thus aligning with the decentralized ethos of Web3 infrastructure. Additionally, we enhance device security against physical and cloning attacks by integrating physical unclonable functions with certificateless cryptography, bolstering the integrity of IoT devices within the evolving landscape of the metaverse. To achieve dynamic anonymity and ensure privacy within Web3 environments, we employ fuzzy extractor technology, allowing for updates to pseudonymous identity identifiers while maintaining key consistency. The proposed protocol ensures continuous and secure identity authentication for IoT devices in practical applications, effectively addressing the pressing security concerns inherent in IoT network environments and contributing to the development of robust security infrastructure essential for the proliferation of IoT devices across diverse settings.
Keywords: Blockchain; certificateless cryptography; identity authentication; IoT