An Efficient and Trusted Authentication Scheme for Devices Supply Chain Based on Transitive Signature and Merkle Tree
摘要
The Industrial Internet of Things (IIoT) faces significant security challenges due to device heterogeneity, manufacturer diversity, and large-scale deployments, which expose supply chains to potential attacks. To mitigate these risks, a robust device authentication system is essential for ensuring trustworthy traceability of device origins. However, existing blockchain-based IoT supply chain schemes suffer from low authentication efficiency and high on-chain storage burden. This paper proposes an efficient and trustworthy device supply chain authentication scheme based on transitive signatures and Merkle trees. The scheme introduces two key contributions: (1) Transitive signatures are employed to mode the binary transfer relationships of devices, which reduces the number of required signature verifications during supply chain authentication and enables efficient validation of critical component origins and transfer records. (2) Merkle trees are adopted to aggregate device transfer data, with only the root hash stored on-chain. This approach significantly reduces storage demands and facilitates batch verification of sequential device transfers. Security analysis demonstrates that the proposed scheme ensures secure supply chain authentication, trusted traceability, and sequential transfer validation. A prototype system was implemented and evaluated on the Hyperledger Fabric blockchain platform. Experimental results confirm that the scheme substantially reduces on-chain storage burden while improving device transfer and verification efficiency.