工程科学与技术2025,Vol.57Issue(3):1-10,10.DOI:10.12454/j.jsuese.202400954
分布式无证书网络身份系统的关键技术研究构想和成果展望
Research Framework and Anticipated Results of Key Technologies for Distributed Certificate-less Network Identity Systems
摘要
Abstract
Significance Due to the continuous evolution and deepening of the Internet of everything,the scale of digital businesses such as the industrial In-ternet,energy Internet,and vehicular Internet continues to expand,as various software and hardware devices and systems become increasingly in-telligent and complex.Traditional centralized identity authentication methods face increasingly prominent performance and security threats,while there remains a significant lack of technologies and platforms suitable for certificate-less distributed network identity authentication.In this con-text,this research focuses on the key technologies of certificate-less distributed network identity authentication to address issues such as secure and efficient key system management,hardware-accelerated authentication for massive access,and parallel optimization of smart contract execution,effectively responding to the severe challenges in network identity authentication.The research outcomes hold considerable importance and value for scientific research,technological development,and industrial promotion and application in the field of network identity authentication within certificate-less distributed environments.They not only improve the security and efficiency of digital identities but also provide robust support for the high-quality and secure development of the national digital economy,underpinning major strategic implementations in cyberspace security and governance.Future reliance on a comprehensive platform for large-scale IoT identity authentication based on domestic chips,targeting enterprises and institutions across industries,enables the promotion and application of platform products and distributed identity authentication services,di-rectly and indirectly supporting annual transaction volumes of tens of billions in various internet businesses. Progress This research adopted a comprehensive technical route of authentication architecture design,efficient key management,access process acceleration,parallel execution of smart contracts,and demonstration application,and systematically studied the key technologies of certificate-less distributed network identity authentication.The study focused on three fundamental scientific challenges in certificate-less distributed network identity authentication:secure and efficient key system management,hardware-accelerated authentication for large-scale access,and parallel opti-mization of smart contract execution.It explored five key research directions:high-performance certificate-less network identity authentication technologies and architectures,certificate-less distributed key management,hardware-enhanced high-parallel distributed terminal access,multi-level parallelized smart contract virtual machines,and large-scale distributed IoT identity authentication applications and validation.The study aimed to achieve breakthroughs in ten critical technologies,including high-performance distributed identity marking and consensus mechanisms,certificate-less identity authentication protocol families and network architectures,smart contract-based automated certificate-less key manage-ment,attack-resistant distributed key generation,distribution,and revocation,intrinsically secure high-performance hardware layer construction,integrated hardware acceleration for secure cross-domain access of heterogeneous terminals,smart contract parallel co-processing architectures,optimized scheduling for smart contract virtual machines,lightweight certificate-less public key identification frameworks,and IoT identity man-agement based on national cryptographic standards.In addition,the research developed five core systems and tools:a comprehensive digital iden-tity management system,a full-lifecycle key management system,a hardware-enhanced high-performance concurrent terminal access system,a smart contract co-processor system based on domestic chips,and a large-scale distributed digital identity system evaluation and testing tool.Target-ing network identity authentication scenarios in certificate-less distributed environments for industrial applications such as the energy IoT and ve-hicular IoT,the study aimed to establish a large-scale distributed IoT identity authentication platform that integrated national cryptographic stan-dards and IoT identity authentication mechanisms to ensure trusted device identities,secure access,and robust security management.The project made significant progress across five key research areas.In high-performance certificate-less network identity authentication technology and archi-tecture,a distributed certificate-less authentication framework,a lightweight attack-resistant consensus mechanism,and a cross-domain hierarchi-cal authentication model were designed.In certificate-less distributed key management,smart contract-based key management schemes and multi-party attack-resistant key agreement protocols were developed,achieving breakthroughs in distributed key generation and anonymous secure data transmission.In hardware-enhanced high-parallel distributed terminal access,optimized acceleration schemes for IoT nodes and secure integration of heterogeneous terminals were designed,achieving authentication hash computing speeds of up to 200 Gbit/s and IoT authentication traffic han-dling of up to 100 Gbit/s.In multi-level parallel smart contract virtual machines,a co-processing architecture was developed,overcoming chal-lenges in vector instruction set design and memory management,which led to the implementation of a smart contract co-processor on domestic chips.Lastly,in large-scale distributed IoT identity authentication applications and validation,a lightweight public key identification model based on national cryptographic standards was designed,achieving breakthroughs in GBA protocol integration and AI-driven certificate-less authentica-tion,with evaluation tools developed to simulate IoT networks with at least 300 nodes. Conclusions and Prospects This research aims to address challenges such as the design of authentication architectures,efficient key management,acceleration of access processes,and parallel execution of contracts,ensuring functionalities such as data allocation on demand and anonymous identity verification,while guaranteeing user privacy,security,and supporting dynamic collaborative computing for massive terminals.This proj-ect provides theoretical models and technical methods for digital identity authentication that are suitable for large-scale IoT identity authentication by constructing a high-performance hardware layer and developing multi-level smart contract virtual machines.The research introduces four key innovations:a distributed certificate-less identity authentication framework,a resilient and attack-resistant distributed key management system,hardware-enhanced integrated acceleration for large-scale heterogeneous terminal authentication,and a multi-level parallel smart contract virtual machine co-processing technology optimized for domestic hardware acceleration.The research not only helps mitigate risks associated with cen-tralized management but also supports the development of the national digital economy,serving identity authentication needs in various sectors such as industry,energy,and vehicular networks,promoting the construction of a community of shared future in cyberspace.关键词
网络空间安全/区块链/无证书/密钥管理/硬件增强/并行处理/身份认证Key words
cyberspace security/blockchain/certificate-less/key management/hardware enhancement/parallel processing/identity authentication分类
计算机与自动化引用本文复制引用
张小松,曹晟,陆天波,杨坤,桂勋,谢国涛,牛伟纳..分布式无证书网络身份系统的关键技术研究构想和成果展望[J].工程科学与技术,2025,57(3):1-10,10.基金项目
国家重点研发计划项目(2023YFB3105900) (2023YFB3105900)
深圳市杰出人才培养经费资助项目 ()
四川省科技计划项目(2023ZHJY0006) (2023ZHJY0006)
