Research On Distributed Identity Authentication Technology Based On Blockchain

With the rapid expansion of computer network scale,users in cyberspace interact with information services entities,abbreviated as ISEs more frequently,which makes some potential threats such as difficult to confirm identity or illegal to access to resources increasingly prominent.As one of the research hotspots in the field of cyberspace security,traditional centralized identity authentication technology has been unable to meet access requirements through complex environments.Therefore,under the premise of security,efficient decentralized identity authentication schemes perform important research value and application prospects.Blockchain,as a distributed system for establishing trust,especially the alliance chain architecture based on consensus,fully satisfies the requirements for identity authentication under the conditions of multi-party cooperation in cyberspace.Therefore,in order to solve the limitations of the centralized identity authentication technology,this thesis conducts researches on the distributed identity authentication problem,and proposes two innovative identity authentication schemes combined with the blockchain technology,the specific contents are as follows.First,this thesis designs a collaborative identity authentication scheme and protocol based on the alliance chain.Aiming at key leakage caused by one-step authentication method based on a trusted third party,a collaborative identity authentication scheme via request?identity consensus? authentication was proposed on the basis of blockchain.Considering that most blockchain-based identity authentication technologies are carried out with public key infrastructure(PKI)architecture,which exists certificate management difficulties caused by the excessive number of nodes in the blockchain system,this thesis draws on identity-based cryptography(IBC)to manage the nodes of the alliance chain system.Finally,a collaborative identity authentication protocol based on alliance chain is designed,the security of the protocol is proved and analyzed,the advantages of the protocol performance are discussed through experimental comparison.Second,in order to solve the inherent problem that identity in the IBC system is difficult to revoke immediately,this thesis improves a security mediator-based identity signature scheme.This solution adds a mediator server,which divides the private key of the entity to the mediator for storage,and verifies its identity when the entity requests a full signature,thereby controlling the user's access to achieve the purpose of revoking the identity of the entity.Finally,it is proved by security analysis and performance analysis,the results show the feasibility of the signature scheme was demonstrated.Third,this thesis proposes a cross-domain authentication scheme and protocol by means of identity-based cryptography and the blockchain.Aiming at the cross-domain authentication requirements of users and ISEs in a heterogeneous network environment,this thesis designs a blockchain certificate to implement cross IBC domains authentication using distributed architecture of blockchain,and proposes a cross-domain authentication scheme between IBC trust domains.Next,this thesis designs a cross-IBC trust domains authentication protocol.Under the premise of ensuring that the authentication structure in the IBC domain is unchanged,the cross-domain authentication is realized through the alliance chain architecture.Finally,the game theory mechanism is used to prove the protocol security and performance analysis.Comparing computational complexity and communication overhead with other solutions,the experiment verifies the proposed protocol can meet the cross-domain authentication requirements between users and ISEs in a large-scale environment.