Decentralized identifiers based IoT data trusted collection (2025)

With the increasing popularity of Internet of Things (IoT) devices and the continuous expansion of related applications, these devices are transitioning from single-party deployment to multi-party usage. For instance, in the fields of smart healthcare, smart homes, and smart cities¹, substantial amounts of data are collected, analyzed, and processed to develop intelligent management systems for diverse users. Given the sensitive nature of IoT data-such as commercial secrets and personal privacy^2,3-the security of data during access authorization, transmission, and storage has become a critical concern in IoT security^4,5.

Many IoT applications often exhibit characteristics such as low power consumption, cost-effectiveness, and high data retention capacity⁶, which introduce new challenges to IoT security, particularly in network security, where various transmission threats such as eavesdropping, tampering, and deception are prevalent^7,8.

Early solutions for IoT data collection focused on enhancing efficiency and energy optimization^3,9. N. Chandnani et al.¹⁰ and A. Vodyaho et al.¹¹ proposed cluster-based solutions, while F. Bonomi et al.¹² adopted the fog computing model introduced by Cisco. In light of significant security concerns, H. Tao et al.¹³ proposed hardware-based solutions for data acquisition security. Additionally, the security of data transmission has also been extensively studied^14,15,16. As the application of big data increases, S. Chen et al.³ have discussed methods for securely storing and offline processing large volumes of IoT data. Successive solutions have been proposed, including secure data storage and sharing based on cloud architecture^1,4,17,18 and blockchain technology^{19,20,21,22,23}.

Key issues in trusted IoT data collection include data access authorization, transmission security, and storage security, alongside the balance between security, performance, and efficiency. Leveraging trusted models such as Certificate Authorities (CA) and blockchain, various solutions have been developed to address authorization management, as well as transmission and storage encryption challenges. The emergence of blockchain and smart contracts has notably mitigated the third-party trust problem. However, the high resource consumption and low efficiency associated with blockchain limit its applicability in IoT. Decentralized Identifiers (DIDs) are published on blockchains, and typically, applications only query DID documents from blockchains, significantly enhancing efficiency.

Our contributions

To address the above challenges, this paper proposes a DID-based IoT data collection scheme, called TrID, with the following main contributions:

• The primary contribution of this paper is the proposal of a novel IoT data collection framework based on Decentralized Identifiers (DIDs), called TrID. TrID leverages DIDs as a decentralized trust infrastructure to address critical challenges in IoT data collection, including secure data access authorization, transmission, and storage. By leveraging the DID infrastructure, the framework ensures a decentralized and efficient approach, eliminating the reliance on centralized Certificate Authorities (CAs) or resource-intensive blockchain-based solutions. TrID provides a scalable, secure, and efficient solution for IoT applications in environments such as smart cities, smart healthcare, and smart transportation.

• To implement the TrID, the paper introduces four key protocols: a mutual authentication protocol for secure identity verification, a data access authorization protocol that uses verifiable credentials (VCs) to manage user access rights, a data access authentication protocol that employs verifiable presentations (VPs) for data access validation, and a data trusted storage protocol to ensure secure encryption and storage of IoT data. Together, these protocols establish a complete chain of trust, enabling secure and efficient IoT data collection while mitigating common security threats like data interception, replay attacks, forgery, and man-in-the-middle attacks. This work significantly advances the state of IoT security by providing a blockchain-independent solution that enhances both efficiency and security.

Organization structure

This paper is organized as follows. Section 1 presents the related work. Section 2 introduces system models, trust models, and threat models. Section 3 proposes the details of our solution. Section 4 analyzes the security of the system in. Section 5 discusses the results of simulation experiments. Section 6 presents the conclusion of this paper.

Numerous studies on secure Internet of Things (IoT) data collection utilize frameworks based on fog computing, cloud computing, or blockchain. For instance, A. Dimitrievski et al.²⁴ proposed a TLS-based end-to-end security and access control solution built on a fog computing architecture. However, this solution requires all data to be filtered and processed at the gateway, which can compromise the end-to-end secure transmission path and potentially lead to data leakage. J. Srinivas et al.¹ and W. Wang et al.¹⁸ employed cloud collection and storage of IoT data, treating the cloud provider as a trusted third party. Nevertheless, cloud service providers possess extensive access privileges to user data, rendering them not entirely trustworthy. H.-A. Pham et al.²⁵ proposed a solution for data encryption and decryption via smart contracts, while B. Bera et al.²⁰ introduced the BSD2C-IoD framework for data access control based on blockchain. M. Elkhodr et al.²² suggested a blockchain and smart contract-based architecture for the secure collection, preservation, and access of patient medical data. Nonetheless, blockchain technology suffers from performance issues such as low efficiency and long response times^19,26. Yang et al.³⁷ proposed a Secure and Traceable Multikey Image Retrieval (STMIR) scheme for cloud-assisted IoT. STMIR improves retrieval accuracy using convolutional neural networks (CNN) and privacy-preserving Mahalanobis distance comparison. It allows multiple keys for secure image retrieval and uses encrypted image watermarking to trace malicious users. However, STMIR introduces computational overhead, which may limit its use in lightweight IoT systems.

Regarding authorized access to collected data, H. Tao et al.¹³ enhanced security by encrypting collected data using FPGA hardware. However, this solution necessitates additional hardware, increasing both the cost and power consumption of the collection device. K. Mahmood et al.⁴ utilized the unique physical characteristics of devices to propose a method based on Physically Unclonable Functions (PUFs), addressing the trust issue in IoT node collection by leveraging physical attributes.

For secure data transmission, R. J. Hwang et al.¹⁴ proposed a secure data collection solution using smart cards, which addresses authentication security and secure key updates. However, this approach struggles to meet the demands of large-scale key replacement and presents challenges in smart card management. W. Li et al.⁸ presented the RealAlert scheme, which evaluates trustworthiness based on the historical context of both communication parties. This scheme can dynamically adjust access strategies, overcoming the limitations of physical smart card replacement. However, it requires the construction of contextual information for secure access, which can be challenging in resource-constrained scenarios characterized by limited computing power and energy availability. G. Xu et al.¹⁵ introduced a lightweight transmission and access control scheme, namely Lightweight Secure IoT (LS-IoT) and Lightweight Access Control (LAC). This scheme ensures secure data transmission through encryption at the collection end and reduces system load by leveraging edge servers. However, it does not address end-to-end secure transmission issues. C. Pu et al.¹⁶ established a secure transmission channel through a mutual authentication mechanism and employed smart contracts to address data sharing issues. Nonetheless, this solution suffers from performance drawbacks due to its reliance on blockchain.

Considering the security of data storage and sharing, E. Luo et al.¹⁷ proposed a distributed storage solution that disperses user privacy data across multiple cloud servers, ensuring that no single service provider can access the entire dataset. F. Rezaeibagha et al.²⁷ introduced a centralized storage method utilizing digitally signed certificates issued by a trusted third party to ensure data storage security, which introduces the third-party trust problem. R. Fan et al.¹⁹ further incorporated blockchain technology to address trust issues with third parties, achieving credible data storage. H. A. Pham et al.²⁵ addressed the challenges of shared storage data by introducing smart contracts. However, these solutions suffer from low efficiency due to the use of asymmetric encryption for data encryption and decryption. H. Saidi et al.²⁸ approached data security sharing through authorized access control, validating user identities’ legitimacy using smart contracts. Nevertheless, this method still encounters challenges regarding access efficiency. Miao et al.²⁹ proposed an efficient Privacy-Preserving Spatial Range Query (PSRQ) scheme to protect location privacy in outsourced spatial data. They combined Geohash and Bloom filter techniques to improve query efficiency while reducing computational cost. An enhanced version, PSRQ+, added a Confused Bloom Filter (CBF) to strengthen security. These schemes improve performance and security but may face challenges in dynamic IoT environments

Additionally, research on IoT data security based on Decentralized Identifiers (DIDs) has been conducted. D. Yoon et al.³⁰ focused on personal data ownership based on DIDs, allowing users to collect personal data in their own data storage provided by the system. Kang Y et al.³¹ proposed an access control scheme for securely storing medical research information using DIDs. B. Kim et al.³² combined DIDs with the Attribute-Based Access Control (ABAC) model for fine-grained access control in vehicular networks. E. Tcydenova et al.³³ introduced DID-based access control for IoT devices. However, these works primarily focus on access authorization and do not explore secure transmission and storage aspects in depth.

To address the limitations of the aforementioned research solutions, this article proposes a secure data collection scheme based on DIDs - TrID. TrID presents a trust model utilizing DIDs and discusses the details of mutual authentication, data access authorization, and secure data storage, offering corresponding solutions.

System model

This article examines the security of collection, transmission, and storage processes in Internet of Things (IoT) data collection and proposes a solution based on Decentralized Identifiers (DIDs). Consequently, the system architecture illustrated in Fig. 1 comprises three layers: the Collecting Layer, the Transmitting Layer, and the User Layer. In complex scenarios such as smart cities, smart healthcare, and smart transportation, we define two types of users: device owners, who operate the IoT devices, and data users, who collect the IoT data. Both the DID Infrastructure and Storage Infrastructure are accessible at all levels.

• Collecting Layer: This layer consists of various IoT devices, each equipped with a DID digital identity. The digital identity information is embedded in the hardware during manufacturing and is immutable. These IoT devices are responsible for data collection. A data user sends its Verifiable Presentation (VP) to a specified IoT device through an encrypted channel.

• Transmitting Layer: This layer is responsible for data aggregation and forwarding. The article adopts end-to-end encryption for data transmission, ensuring data security across various scenarios, such as Wi-Fi and ADHOC networks.

• User Layer: This layer encompasses different types of device owners and data users.

• DID Infrastructure: This infrastructure provides storage and querying of DID document information. It may be implemented using blockchain or distributed ledger technology, adhering to relevant W3C standards³⁵.

• Storage Infrastructure: This infrastructure provides computing facilities for IoT storage, including databases and cloud services. The article will discuss the mechanisms for establishing secure channels for storage but will not delve into specific operational details.

Trust model

The trust model discussed in this article is illustrated in Fig. 2. Decentralized Identifiers (DIDs) utilize blockchain as the foundational trust infrastructure to ensure security^5,26. Users generate verifiable credentials, such as Verifiable Claims (VCs) and Verifiable Presentations (VPs), based on a trusted DID. Applications can then verify access authority using the VP. Through the integration of blockchain, DIDs, VCs, and VPs, a trust chain can be established.

Before further discussion, the following assumptions are made in this article:

1. (1)

   The private key and other sensitive information held by an IoT device are protected by hardware and cannot be read or tampered with.

2. (2)

   The DID owner of an IoT device has been previously bound..

3. (3)

   Manufacturers, device owners, and data users are assumed to be well-intentioned and will not engage in malicious activities.

4. (4)

   IoT devices, transmission devices, storage devices, and data users may be compromised.

5. (5)

   Any communication link is susceptible to eavesdropping and tampering.

Threat model

By establishing a trust link based on the aforementioned trust model, it is essential to monitor Decentralized Identifier (DID) private keys, user credentials, and communication/storage keys, as vulnerabilities in these areas can lead to trust link failures due to various attacks. In the context of protecting collected data, we primarily discuss four types of security threats, illustrated in Fig. 3:

1. (1)

   Data Interception: Attackers attempt to obtain protected data by intercepting data messages transmitted or stored on disks.

2. (2)

   Replay attack: The attacker launches an attack by replaying intercepted data to deceive the targeted party into disclosing protected data, such as credentials and keys.

3. (3)

   Forgery attack: The attacker initiates an attack by forging identities, collecting data, and employing other tactics to mislead the targeted party into revealing protected data, such as credentials and keys.

4. (4)

   Man-in-the-middle attack: The attacker acts as a relay node between communicating parties through deception or other methods to gain access to protected data.

Design goals

The primary objective of our design is to secure IoT data against attacks through a Decentralized Identifier (DID)-based data security collection scheme. Our specific goals are as follows:

1. (1)

   To ensure end-to-end security for the collection, transmission, and storage of IoT data.

2. (2)

   To enable trusted authorization and data access.

3. (3)

   To maintain system functionality independent of blockchain reliance.

Operational mechanism

As depicted in Fig.4, the operational mechanism of IoT data collection and storage consists of four stages: DID initialization, data subscription, data access authentication, and data transmission and storage.

DID initialization

In the DID initialization phase, all entities generate their own DID identity information and publish their DID documents to the DID infrastructure. Specifically, manufacturers embed the DID information into the IoT device’s ROM to ensure security.

We define the set \(E = \{e_1, e_2, \dots , e_m\}\) as all system entities, where \(E_{did}\) represents the subset of entities with DID identities, such that \(E_{did} \subseteq E\). For example, as shown in Fig.5, \(E = \{\text {device owner, data user, cloud storage, } IoT_1, IoT_2, \dots ,\) \(IoT_n\}\), while \(E_{did} = \{\text {device owner, data user, } IoT_1, IoT_2, \dots , IoT_n\}\) (excluding cloud storage).

After publishing the DID document, each entity \(e_i \in E_{did}\) locally stores its DID identity, public key, private key, and DID document information, denoted as \((DID_i, Pk_i, Sk_i, DOC_i)\). The DID document publicly discloses \((DID_i, Pk_i, DOC_i)\).

Data subscription

During the data subscription stage, data users request data from device owners. Data users provide their DID information, target IoT nodes, and the required data fields. Device owners verify the identities of the data users (details in Section3.3) and issue verifiable credentials (VCs) containing information about accessible devices and data fields (details in Section3.4).

Data access authentication

In this stage, data users create verifiable presentations (VPs) using the VCs issued by device owners and submit the VPs to the target IoT devices. IoT devices validate the received VPs and, upon successful verification, transmit the requested data to the specified users (details in Section3.5).

Transmission and storage

The DID infrastructure functions as a decentralized public key infrastructure (DPKI), enabling secure communication channels³⁴. For users storing data in third-party storage systems, we propose a secure storage method. All data is encrypted for each subscriber, with details provided in Section3.6.

Mutual authentication

This section introduces the DID-based mutual authentication process, using data subscription authorization as an example. Let \(U = \{u_1, u_2, \dots , u_h\} \subseteq E_{did}\) denote the set of data users and \(O = \{o_1, o_2, \dots , o_k\} \subseteq E_{did}\) denote the set of device owners. The process for data subscription between any \(u_i \in U\) and \(o_j \in O\) is shown in Fig.6.

1. (1)

   The data user \(u_i\) retrieves the DID document of the device owner \(o_j\).

2. (2)

   \(u_i\) encrypts its DID (\(DID_i\)), a random number (randA), and a sequence number (SN) using \(o_j\)’s public key (\(Pk_j\)), then sends the encrypted result \(E_1\) to \(o_j\).

3. (3)

   \(o_j\) retrieves \(u_i\)’s DID document.

4. (4)

   \(o_j\) decrypts \(E_1\) using its private key (\(Sk_j\)) to obtain \(\{DID_i, randA, SN\}\).

5. (5)

   \(o_j\) encrypts a new random number (randB), randA, and \(SN+1\) using \(u_i\)’s public key (\(Pk_i\)), then sends the encrypted result \(E_2\) to \(u_i\).

6. (6)

   \(u_i\) decrypts \(E_2\) using its private key (\(Sk_i\)) to retrieve \(\{randA, randB, SN+1\}\) and verifies randA to confirm \(o_j\)’s identity.

7. (7)

   \(u_i\) encrypts \(\{randB, SN+2\}\) using \(o_j\)’s public key (\(Pk_j\)) and sends the encrypted result \(E_3\) to \(o_j\).

8. (8)

   \(o_j\) decrypts \(E_3\) using its private key (\(Sk_j\)) to verify randB and \(SN+2\), thereby confirming \(u_i\)’s identity. Mutual authentication is now complete.

Data access authorization

Assuming the data user \(u_i\) subscribes to the collected data from k devices and h fields owned by the device owner \(o_j\), where the devices are denoted as \(\{IoT_1, IoT_2, \cdots , IoT_k\}\) and the fields as \(\{s_1, s_2, \cdots , s_h\}\). After the mutual authentication process between \(u_i\) and \(o_j\) is completed, the process for \(u_i\) to apply for and obtain authorization credentials from \(o_j\) is illustrated in Fig.7.

1. (1)

   The data user \(u_i\) sends the requested subscription field list \(\{s_1, s_2, \cdots , s_h\}\) and the IoT device list \(\{IoT_1, IoT_2, \cdots , IoT_k\}\) to the device owner \(o_j\).

2. (2)

   \(o_j\) computes the hash \(H_s\) of the field list \(\{s_1, s_2, \cdots , s_h\}\), incorporating a random number rands for obfuscation:

   $$\begin{aligned} H_s = H(s_1, s_2, \cdots , s_h, rands). \end{aligned}$$

3. (3)

   For each subscribed device, \(o_j\) calculates its hash using its DID, public key, and a random number. This results in a list of device hashes:

   $$\begin{aligned} \{ H_{d_1}, H_{d_2}, \cdots , H_{d_k} \}, \end{aligned}$$

   where \(H_{d_i} = H(IoT_i, Pk_{IoT_i}, rand_i), (i\in [1,k])\).

4. (4)

   \(o_j\) computes the hash \(H_{u_i}\) for the data user \(u_i\) using \(u_i\)’s DID, public key, and a random number:

   $$\begin{aligned} H_{u_i} = H(DID_i, Pk_i, randu). \end{aligned}$$

5. (5)

   Using the hashes \(H_s\), \(\{H_{d_1}, H_{d_2}, \cdots , H_{d_k}\}\), and \(H_{u_i}\), \(o_j\) calculates the overall hash \(H_{vc}\):

   $$\begin{aligned} H_{vc} = H(H_s, H_{d_1}, H_{d_2}, \cdots , H_{d_k}, H_{u_i}). \end{aligned}$$

6. (6)

   \(o_j\) encapsulates the verifiable credential (VC) as follows:

   $$\begin{aligned} VC_i = \{&\{s_1, s_2, \cdots , s_h, rands\}, \\&\{IoT_1, Pk_{iot_1}, rand_1\}, \cdots , \{IoT_k, Pk_{iot_k}, rand_k\}, \\&DID_i, Pk_j, randu, SN, H_s, H_{d_1}, H_{d_2}, \cdots , H_{d_k}, H_{u_i}, \\&Encrypt(H_{vc}, Sk_j) \}, \end{aligned}$$

   where \(Encrypt(H_{vc}, Sk_j)\) is the digital signature for verifying data integrity, and SN is a sequence number to prevent replay attacks.

7. (7)

   \(o_j\) encrypts \(VC_i\) using \(u_i\)’s public key \(Pk_i\) and sends it to \(u_i\).

8. (8)

   \(u_i\) decrypts the received \(VC_i\) using its private key \(Sk_i\) and stores it securely.

Data access authentication

Once the data user \(u_i\) has obtained the verifiable credential \(VC_i\), they can generate a verifiable presentation (VP) for each IoT device. Assume \(u_i\) wants to request data from the device \(IoT_x\). The device \(IoT_x\) will verify the credential issued by its controller \(o_j\). The authentication process is shown in Fig.8.

1. (1)

   \(u_i\) extracts the relevant authentication information for the target device \(IoT_x\) from \(VC_i\) and encapsulates it into a verifiable presentation \(VP_i\). \(VP_i\) includes:

   • Subscription fields: \(\{s_1, s_2, \cdots , s_h\}\).

   • IoT device information: \(\{IoT_x, Pk_{iot_x}, rand_x\}\).

   • User information: \(\{DID_i, Pk_i, randu\}\).

   • Hashes: \(\{H_{d_1}, H_{d_2}, \cdots , H_{d_k}\}\).

   • A random number randA and the digital signature \(Encrypt(H_{vc}, Sk_j)\).

   \(u_i\) encrypts \(VP_i\) and sends it to \(IoT_x\).

2. (2)

   \(IoT_x\) decrypts \(VP_i\) using its private key \(Sk_{iot_x}\) to retrieve the information.

3. (3)

   \(IoT_x\) computes the hash of the subscribed fields:

   $$\begin{aligned} H_s' = H(s_1, s_2, \cdots , s_h, rands). \end{aligned}$$

4. (4)

   \(IoT_x\) computes the device hash:

   $$\begin{aligned} H_{dx}' = H(IoT_x, Pk_{iot_x}, rand_x). \end{aligned}$$

5. (5)

   \(IoT_x\) computes the data user hash:

   $$\begin{aligned} H_{u_i}' = H(DID_i, Pk_i, randu). \end{aligned}$$

6. (6)

   Using \(H_s'\), \(H_{dx}'\), and \(H_{u_i}'\), \(IoT_x\) calculates the overall hash:

   $$\begin{aligned} H_{vc}' = H(H_s', H_{d_1}, \cdots , H_{dx}', \cdots , H_{d_k}, H_{u_i}'). \end{aligned}$$

7. (7)

   \(IoT_x\) verifies the digital signature \(Encrypt(H_{vc}, Sk_j)\) using \(o_j\)’s public key \(Pk_j\). If \(H_{vc}'\) matches the decrypted value, \(u_i\) is authorized to access \(IoT_x\)’s data.

8. (8)

   \(IoT_x\) encrypts a confirmation, including randA and \(SN+1\), using \(u_i\)’s public key \(Pk_i\), and sends it to \(u_i\).

9. (9)

   \(u_i\) decrypts the message using its private key \(Sk_i\) and verifies randA and \(SN+1\), confirming \(IoT_x\)’s authenticity.

In this process, since the credential issued by \(o_j\) encapsulates the DID information of both the device \(IoT_x\) and the data user \(u_i\), there is no need to retrieve DID information from the blockchain. According to the W3C standard³⁵, a DID can declare one or more controllers. In this paper, for any \(IoT_j \in \{IoT_1, IoT_2, \cdots , IoT_k\}\), its controller \(o_j \in O\) is declared in the “controller” and “publicKey” fields of the DID document. Therefore, the credential issued by \(o_j\) is verifiable using \(Pk_j\) in its DID document.

Data trusted storage

When the data user \(u_i\) submits the collection authorization to the device \(IoT_x\), they can specify where the collected data should be stored, such as the cloud storage \(S_l\). To ensure the security of stored data, \(IoT_x\) encrypts the data using a secure data encryption key, as illustrated in Fig.9.

The process for secure data storage is as follows:

1. (1)

   The IoT device \(IoT_x\) generates a data encryption key \(K_i\) for encrypting the collected data.

2. (2)

   \(IoT_x\) encrypts the encryption key \(K_i\) into a message M using the public key \(Pk_i\) of the data user \(u_i\), ensuring that only \(u_i\) can decrypt M.

3. (3)

   \(IoT_x\) sends the encrypted message M to the storage device \(S_l\).

4. (4)

   Upon receiving M, \(S_l\) stores it as the first part of the data associated with \(u_i\).

5. (5)

   \(IoT_x\) encrypts all collected data into ciphertext C using the encryption key \(K_i\).

6. (6)

   \(IoT_x\) sends the encrypted data C to \(S_l\).

7. (7)

   After receiving C, \(S_l\) stores it as the second part of the data for \(u_i\).

   See Also

   IoT Connectivity Technologies - Benefits, Use Cases, Challenges

8. (8)

   When \(u_i\) wishes to access the data, they retrieve both M and C from the cloud storage \(S_l\).

9. (9)

   \(u_i\) decrypts M using their private key \(Sk_i\) to recover the data encryption key \(K_i\).

10. (10)

    \(u_i\) uses the key \(K_i\) to decrypt C, restoring the original data D.

In this process, all transmitted data is encrypted, ensuring that neither the transmission channel nor the storage party (e.g., \(S_l\)) can access the plaintext data. Only the data user \(u_i\) can decrypt M with their private key \(Sk_i\), recover the encryption key \(K_i\), and ultimately restore the encrypted data C to its original form.

The security solution proposed in this paper leverages Decentralized Identifiers (DIDs) as the root of trust and incrementally builds a secure trust chain through verifiable credentials. This approach effectively mitigates several security threats identified in Section 2.3.

Data interception

The main sensitive components involved in data interception include user private keys, user credentials, communication/storage secret keys, and collected data. To prevent unauthorized access, the DID private key of each IoT device is embedded in tamper-resistant hardware during the initialization phase (as discussed in Section 3.2), ensuring it cannot be externally read. Additionally, as described in Sections 3.4 and 3.5, the processes of authorization credential issuance and authentication credential interaction rely on asymmetric cryptography to encrypt and protect data credentials. This ensures that attackers cannot access plaintext data in the collection layer, transmission layer, or user layer. Furthermore, a secure communication channel is established based on the trust model outlined in Section 2.2, ensuring that all collected data is encrypted and safeguarded against interception.

Replay attack

Replay attacks occur when attackers intercept and reuse network negotiation messages to trick the target node into unauthorized responses, potentially stealing user credentials, communication keys, or other sensitive information. To counter this, the proposed solution incorporates serial numbers and random numbers into each interaction between nodes. Each interaction increments the serial number, enabling the system to validate its freshness. By verifying the validity of the serial number, replay attacks can be effectively mitigated.

Forgery attack

Forgery attacks involve malicious attempts to modify communication or stored data to impersonate a legitimate entity. The proposed solution employs encryption methods in all processes, including authentication, credential issuance, verification, and communication. Any unauthorized modification of communication or storage data would result in decryption failures. Consequently, attackers are unable to forge credentials, user identities, or collected data.

Man-in-the-middle attack

In a man-in-the-middle (MITM) attack, the attacker impersonates a legitimate party to intercept and manipulate communications between two entities. The proposed solution uses DIDs for identity verification, requiring mutual authentication between the communicating parties. Since the attacker lacks the private key of either party, they cannot successfully impersonate a legitimate user or decrypt the communication data. This prevents attackers from launching MITM attacks.

Based on the proposal in Section 3 and the security analysis in Section 4, this section evaluates the performance of the proposed scheme through simulations of secure authentication, data encryption, and decryption processes.

The experimental environment for this study includes the Ubuntu 22.04 operating system, an AMD Ryzen 5 5500U 2.1GHz processor, 8GB of memory, and Python version 3.10.12 for simulation. Chain queries are performed using the DID Resolver provided by the Decentralized Identity Foundation (DIF) to retrieve on-chain information³⁶. In our experiment, we use ECDSA, AES and SHA256 to implement the digital signature, symmetric encryption and hash function required by the scheme, respectively.

Mutual authentication performance

In terms of mutual authentication, the adoption of DIDs ensures that identity information is uploaded to the blockchain during the initialization phase. This allows trusted verification of user identity and credentials without requiring interaction with the blockchain during authentication.

The simulation scenario is illustrated in Fig.10, where a single data user \(u_i\) performs mutual authentication with \(k = \{1, 10, 20, 30, 40, 50\}\) nodes. The time overhead for both on-chain and off-chain authentication schemes is compared. The results show that the off-chain scheme requires approximately 10% of the authentication time overhead compared to the on-chain scheme, demonstrating significant performance improvements.

Data storage and decryption performance

As described in Section 3.6, data collection in IoT environments is a long-term process where different nodes store different data keys. This process inevitably generates a large number of encrypted data blocks. To simulate this, we used data blocks of varying sizes to represent data collected by multiple nodes, with the total collected data size set to 10MB. The time overhead for \(u_i\) to read and decrypt the data was then calculated.

The results, shown in Fig. 11, indicate that as the size of the data blocks increases, the decryption time overhead decreases. However, as the size of the storage blocks increases, the time required to fill a complete collection file also increases significantly. Therefore, a balance must be struck between minimizing decryption time overhead and reducing storage accumulation time overhead.

This paper introduces a DID-based trusted data collection scheme for IoT devices. By leveraging the trustworthiness of Decentralized Identifier (DID) identities and the verifiability of credentials, the scheme mitigates major network security threats, including data interception, replay attacks, forgery attacks, and man-in-the-middle attacks. A notable advantage of the proposed scheme is its ability to perform identity authentication and authorization independently of the blockchain after the initial identity registration. This feature significantly improves the efficiency of data collection compared to traditional blockchain-based solutions.

Nevertheless, the proposed solution presents a security challenge during user credential updates. Specifically, the verifying party must remain online throughout the update process, which could expose the system to new vulnerabilities. This issue will be a primary focus of future work. Moreover, the current security analysis is qualitative, leaving room for improvement through formal security proofs. Future research will aim to employ rigorous mathematical models and formal verification tools, such as the Universal Composability (UC) framework³⁸ and ProVerif³⁹, to validate the system’s robustness against identified threats. Efforts will also concentrate on securely updating user credentials while minimizing potential vulnerabilities. These enhancements will reinforce the security guarantees and practical applicability of the proposed framework.

Authors and Affiliations

1. School of Cyber Science and Technology, University of Science and Technology of China, Hefei, Anhui, China

   Baitao Zhang

2. School of Cyberspace Security (School of Cryptography), Hainan University, Haikou, Hainan, China

   Rui Shi

3. Department of Cryptography Science and Technology, Beijing Electronics Science and Technology Institute, Beijing, China

   Xiaolin Li

4. Internet Monitoring Engineering Center, Chengdu University of Technology, Chengdu, Sichuan, China

   Mengjiao Zhang

Contributions

Baitao Zhang and Rui Shi proposed the frst draft. Baitao Zhang, Xiaolin Li, and Rui Shi wrote the literature section. The security analysis section is handled by Baitao Zhang and Mengjiao Zhang. Xiaolin Li and Rui Shi complete the performance analysis section. Baitao Zhang, Rui Shi, Xiaolin Li and Mengjiao Zhang approve the final draft.

Corresponding author

Correspondence to Rui Shi.

Competing interests

The authors declare no competing interests.

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Open Access This article is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License, which permits any non-commercial use, sharing, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if you modified the licensed material. You do not have permission under this licence to share adapted material derived from this article or parts of it. The images or other third party material in this article are included in the article’s Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by-nc-nd/4.0/.

Reprints and permissions