Tongxin xuebao (May 2025)
SM2 asynchronous remote key generation based account recovery protocol in industrial Internet
Abstract
The openness network environment of the industrial Internet may lead to security risks such as identity forgery and data leakage, making it crucial to achieve effective authentication and ensure account security. However, existing industrial Internet authentication protocols mostly focus on the authentication phase and often overlooking the issue of account recovery in cases of lost authenticators. Moreover, there are explicit national requirements for autonomy and control in cryptographic applications. Therefore, an account recovery protocol based on SM2 asynchronous remote key generation (ARKG) was proposed. Firstly, the SM2 blind key encapsulation mechanism and fuzzy extractor were used to design the ARKG algorithms, which bound the private key to the user’s biometric features and enhances the security of derived private keys. Based on this ARKG construction, an industrial Internet account recovery protocol was proposed, achieving mutual authentication between the user and the server in the recovery phase and effectively addressing the issue of lost backup authenticators. Security analysis and experimental results demonstrate that the proposed protocol meets the high security and usability requirements of the industrial Internet.
