Reliable identity management and authentication are prerequisites for secure information communication. Traditional centralized schemes rely on the Certificate Authority (CA), and their cross-domain authentication is complex, posing a risk of centralized data leakage. The advancement of blockchain technology has disrupted the traditional model, leading to the emergence of Self-Sovereign Identity (SSI) management and authentication schemes. However, the widespread adoption of SSI still faces some challenges, such as key loss and the inefficiency of MerkleTree verification. Therefore, we propose an improved distributed identity management and cross-domain authentication scheme for the Internet of Things (IoT). In this scheme, a key creation and recovery mechanism is first proposed to prevent identity unavailability caused by key loss. Then, a double one-way accumulator algorithm is designed to improve identity authentication and enhance the authentication efficiency. Our scheme has passed formal and informal security analyses, and has robust performance.

中文翻译：

---

适用于物联网的分布式身份管理和跨域身份验证方案


可靠的身份管理和身份验证是安全信息通信的前提条件。传统的中心化方案依赖于 CA，其跨域认证复杂，存在数据集中泄露的风险。区块链技术的进步打破了传统模式，导致了自我主权身份 （SSI） 管理和身份验证方案的出现。然而，SSI 的广泛采用仍然面临一些挑战，例如密钥丢失和 MerkleTree 验证效率低下。因此，我们为物联网 （IoT） 提出了一种改进的分布式身份管理和跨域身份验证方案。在该方案中，首先提出了一种密钥创建和恢复机制，以防止密钥丢失导致身份不可用。然后，设计双单向累加器算法，改进身份认证，提高认证效率;我们的方案已通过正式和非正式的安全分析，并具有强大的性能。