Advanced wireless technology in Internet of Things (IoT) devices is increasing and facing various security threats. The authentication of IoT devices is the first line of defense for the wireless network. Especially in a Wi-Fi network, the existing authentication methods mainly use a password or digital certificate, these methods are inconvenient to manage due to certificate issuance or prone to be attacked because passwords are easily cracked. In this paper, we propose a location-aware authentication scheme using smart contracts to ensure that IoT devices can securely perform Wi-Fi network authentication. The scheme adopts the concept of secondary authentication and consists of two phases: the registration phase, which is mainly designed to complete the generation of the public and private keys, and to link the device information with its related device information; the authentication phase, which is mainly designed to determine whether the requesting device is within a legal location range. We use the smart contract to ensure the credibility and irreparability of the authentication process. Analysis of the attack model and the attacks at different stages proves that this certification scheme is assured, and the simulation results show that the overhead introduced by this scheme is acceptable, this scheme can provide greater security for the Wi-Fi authentication of IoT devices.
Keywords: authentication; blockchain; channel state information; smart contracts.