| The secure and trusted authentication system is an important prerequisite for the development of cyberspace security.Self-sovereign identity authentication protocols,which enable users to truly control identity data,are important development direction in the field of identity authentication and have gained the attention of scholars.However,current selfsovereign authentication protocols not only do not support fine-grained control of identity information authorization,but also do not consider the privacy protection of identity information.Therefore,in this paper,we first propose a policy-controlled signature scheme with privacy protection,and then propose a secure and decentralized self-sovereign authentication protocol with privacy protection.In this thesis,the main works are as follows:(1)Apply linear secret sharing scheme as access structure,while improving the dualsystem encryption policy hiding method based on 3 primes composite order double linear groups is used to hide the attribute value into the attribute name that may expose the privacy data.And then propose a policy-controlled signature with privacy protection,which not only has privacy-preserving policy,but also supports fine-grained signature verification.Based on CDH assumption and security model,it is proved that the scheme is unforgeability.Finally,through the performance analysis,and the results show that the proposed scheme is efficient in the signature verification.(2)Formalize and define the concept of self-sovereign identity by mathematical model,and self-sovereign identity management is classified into traditional centralized and decentralized types.Then,DID is used as a global identifier to register,authenticate and revoke for users in decentralized domains based on consortium blockchain.The verifiable claims are encapsulated using policy-controlled signatures with privacy protection to achieve user access control for identity registration in the centralized domain.Finally,a secure and decentralized self-sovereign identity authentication protocol with privacy protection is proposed.Compare and analyze the attributes of the proposed protocol,which mainly include security,authenticity,privacy and controllability.First,the authentication and privacy of the proposed protocol are analyzed by using the application PI algorithm and Proverif tool;Then,the attribute requirements are compared with other self-sovereign protocols.The results show that the proposed protocol not only satisfies fine-grained permission control and privacy protection,but also supports controllability,security and portability.(3)Develop a self-sovereign medical identity authentication system based on secure and decentralized self-sovereign identity authentication protocol with privacy protection on Fabric platform,which contains blockchain network module,storage module and authentication module.Finally,the authentication system is tested and analyzed. |
PDF Full Text Request