Open Access


A CPK-Based Identity Authentication Scheme for IoT

Mingming Zhang1, Jiaming Mao1,*, Yuanyuan Ma2, Liangjie Xu3, Chuanjun Wang1, Ran Zhao1, Zhihao Li3, Lu Chen4, Wenbing Zhao5
1 State Grid Jiangsu Electric Power Co., Ltd. Information & Telecommunication Branch, Nanjing, 210008, China
2 State Grid Key Laboratory of Information & Network Security, Institute of Information and Communication, Global Energy Interconnection Research Institute, Nanjing, 210003, China
3 Anhui Jiyuan Software Co. Ltd, SGITG, Hefei, 230088, China
4 Engineering Research Center of Post Big Data Technology and Application of Jiangsu Province, Research and Development Center of Post Industry Technology of the State Posts Bureau (Internet of Things Technology), Engineering Research Center of Broadband Wireless Communication Technology of the Ministry of Education, Nanjing University of Posts and Telecommunications, Nanjing, 210003, China
5 Department of Electrical Engineering and Computer Science, Cleveland State University, Cleveland, 44115, USA
* Corresponding Author: Jiaming Mao. Email:

Computer Systems Science and Engineering 2022, 40(3), 1217-1231.

Received 06 February 2021; Accepted 09 April 2021; Issue published 24 September 2021


As the power Internet of Things (IoT) enters the security construction stage, the massive use of perception layer devices urgently requires an identity authentication scheme that considers both security and practicality. The existing public key infrastructure (PKI)-based security authentication scheme is currently difficult to apply in many terminals in IoT. Its key distribution and management costs are high, which hinders the development of power IoT security construction. Combined Public Key (CPK) technology uses a small number of seeds to generate unlimited public keys. It is very suitable for identity authentication in the power Internet of Things. In this paper, we propose a novel identity authentication scheme for power IoT. The scheme combines the physical unclonable function (PUF) with improved CPK technology to achieve mutual identity authentication between power IoT terminals and servers. The proposed scheme does not require third-party authentication and improves the security of identity authentication for power IoT. Moreover, the scheme reduces the resource consumption of power IoT devices. The improved CPK algorithm solves the key collision problem, and the third party only needs to save the private key and the public key matrix. Experimental results show that the amount of storage resources occupied in our scheme is small. The proposed scheme is more suitable for the power IoT.


Power Internet of Things; terminal equipment; identity authentication; CPK; PUF

Cite This Article

M. Zhang, J. Mao, Y. Ma, L. Xu, C. Wang et al., "A cpk-based identity authentication scheme for iot," Computer Systems Science and Engineering, vol. 40, no.3, pp. 1217–1231, 2022.

This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 840


  • 470


  • 0


Share Link

WeChat scan