Abstract: With the development of information technology, the Internet of everything has become the mainstream development direction in the field of science and technology.With the increasing number of device nodes in the Internet of things (IoT), the security certification of the IoT has become increasingly prominent.In recent years, information security problems of the IoT occur frequently, and a large number of miniature devices of the IoT lack network authentication mechanism. Electronic authentication and key management services based on the traditional PKI mechanism require complex digital certificate management mechanism and consume a large amount of computing and network resources. Therefore, they are not suitable for IoT application scenarios.Compared with the traditional authentication scheme, the implicit certificate scheme is more suitable for the IoT devices with limited memory and computing resources in terms of memory consumption and computation.In this paper, we analyze the limitations of PKI technology in the IoT, study the implicit certificate mechanism suitable for the IoT and the implicit certificate mechanism based on the SM2 algorithm.Finally, we discuss some challenges and suggestions of PKI technology in the IoT.

Key words: IoT, PKI, implicit certificate, SM2 algorithm, identification

摘要： 随着信息技术的发展,万物互联成为当今科技领域的主流发展方向.在物联网设备节点日益增加的同时,物联网的安全认证问题变得日益突出.近几年,物联网的信息安全问题频出,大量的微型物联网设备缺乏网络认证机制.基于传统PKI机制的电子认证和密钥管理服务，需要复杂的数字证书管理机制，消耗大量的计算和网络资源，难以适用于物联网应用场景.相较于传统的认证方案,对于物联网设备而言,隐式证书方案在内存占用和计算量上更符合内存和计算资源受限的物联网应用环境.分析了物联网场景下PKI技术的局限性；研究了适合物联网应用的隐私证书机制以及基于商密SM2算法的隐式证书机制；讨论物联网中PKI技术的一些挑战和建议.

关键词: 物联网, 公钥基础设施, 隐式证书, SM2算法, 身份鉴别