Abstract: As resourceconstrained terminal devices such as fault indicators and smart meters are increasingly deployed in power distribution networks, the security requirements for identity authentication systems have also intensified. However, existing regulations remain inadequate, and traditional public key infrastructure (PKI) technologies are difficult to apply directly due to its heavy burden. To address this issue, this paper proposes a lightweight implicit certificate scheme, improving the elliptic curve QuVanstone (ECQV) implicit certificate algorithm tailored for resourceconstrained environments. The scheme incorporates certificate field optimization and the concise binary object representation (CBOR) encoding, significantly reducing the storage and computational overhead for devices while enhancing system security. Through several simulation analyses under the computer platform, comparing the ECQV implicit certificate scheme before improvement with the traditional X.509 authentication scheme, the results show that the performance of this scheme is more superior. Through experimental verification, the proposed scheme is able to meet the multiple needs of authentication of resourceconstrained devices in the power distribution network, such as storage, computing, energy consumption, and so on.

Key words: distribution networks, resourceconstrained devices, identity authentication, implicit certificate, lightweight

摘要： 随着配电网中故障指示器、智能电表等资源受限终端设备的广泛应用，系统对于身份认证的安全需求不断增加，而相关规定并不完善，传统的公钥基础设施(public key infrastructure, PKI)技术由于负担过重，难以直接应用.针对这一问题，设计了一种轻量级隐式证书方案，对适用于资源受限场景的ECQV(elliptic curve QuVanstone)隐式证书算法进行改进，并结合证书字段裁剪与简明二进制对象表示(concise binary object representation, CBOR)编码的方式，显著降低了设备的存储和计算负担，同时提高了系统的安全性.通过计算机平台下的多次仿真分析，对比改进前的ECQV隐式证书方案与传统X.509认证方案，结果显示该方案性能更加优越.通过实验验证，该方案能够满足配电网中存储、计算、能耗等资源受限设备对于身份认证的多种需求.

关键词: 配电网, 资源受限设备, 身份认证, 隐式证书, 轻量级