A Blockchain-based Digital Identity Authentication Scheme

The current Internet only has the ability to transmit data end-to-end accurately and efficiently,but it is unable to determine the identity of the sender and the identity of the recipient.Identity authentication is a mutual requirement.The user's identity authentication for the service provider can be realized through public key infrastructure(PKI)and Hyper Text Transfer Protocol over Secure Socket Layer(HTTPS).However,the authentication of the user identity by the server is not uniform and perfect.Based on the in-depth study of the existing implementation methods of Internet digital identity authentication schemes at home and abroad,we divide the existing identity authentication schemes into three categories,and they are considered to have limits on privacy,security,abuse of server's power and so on.Therefore,we designs and implements a new user identity authentication scheme.Combined theory with practice and based on the research of blockchain technology,this paper proposes and implements a new asynchronous Byzantine fault-tolerant algorithm.Based on the algorithm,this paper designed and implemented a consortium blockchain and a decentralized digital identity authentication system for Internet users.In the system implemented in this paper,the user only needs to register the digital identity once,and the identity authentication can be realized on all the servers running the system,that is,the “universality” of the digital identity is realized.It won't affect the security and privacy of the user's digital identity even if the digital identity of the user is exposed.In addition,the right to obtain the user's digital identity will not blocked by the third-party certification server,and the service provider's right to authenticate the user's identity will not be blocked by the third-party certification server,that is,the problem of “third-party certification server power abuse” is avoided.The main innovations are as follows:(1)Design and implement a self-controlled,universal,safe use's digital identity(DID).It can be exposed on the blockchain without affecting the privacy and security of the user identity authentication data,which has the ability to resist some of the unique attacks in the decentralized system.(2)A new asynchronous Byzantine fault-tolerant algorithm dsBFT suitable for identity authentication system is designed and implemented.dsBFT have a larger throughput and lower latency than the existing blockchain consensus algorithm when the network has robustness.And the system can achieve asynchronous Byzantine fault tolerance by reducing throughput and increasing latency when the number of malicious nodes in the system is less than one-third of the total number of nodes in the system.(3)Based on DID and dsBFT,a consortium blockchain is designed and implemented.Based on the blockchain,a decentralized user identity authentication system is designed and implemented.The performance tests of the system under asynchronous network were completed by deploying the system to five cloud servers in five cities in of China.It is proved that the consensus algorithm proposed and used in this scheme can indeed work under real asynchronous network,which also proves the system is functional.