Research On Distributed Threshold Authentication Scheme Based On Blockchain

In the open Internet era,ensuring reliable and effective digital identity authentication is the first line of defense to ensure information security.At present,the digital signature mechanism based on asymmetric encryption theory is an effective and widely used way to realize digital identity authentication.The reliability of the digital signature depends on a legal digital certificate,which needs to be issued by a trusted third-party organization,namely,Certificate Authority(CA)to ensure the legality of the user's public key.However,as the core organization in the public key infrastructure(PKI)system,once the Certificate Authority is attacked,a single point of failure caused by its inherent centralization attribute may lead to the collapse of the entire PKI system.Therefore,in order to solve the problem of single point of failure,it is of great significance to study a decentralized identity authentication mechanism.This paper proposes a distributed threshold authentication scheme based on blockchain.In the scheme,the user's private key is distributed into several different sub-keys based on the threshold secret sharing theory.Besides,the relationship of the key distribution is stored in the blockchain,which can be openly queried.Finally,it is effective to realize identity authentication by verifying the encrytion relation between the user's public key and the sub-key siganatues corresponding to the relationship of the key distribution.The authentication phase of the proposed scheme requires collaborative verification of multi-node signatures,while the reliability of the signature verification depends on the correctness of the key distribution relationship.And the decentralized blockchain network ensures that the distribution relationship is open and non-tamperable,not requiring a trusted centralized organization.So it can be effective to eliminate the danger of single point of failure.In order to verify the rationality of the proposed authentication scheme,this paper demonstrates the security of the authentication scheme from the aspects of anti-replay attack,anti-collusion attack,unforgeability and traceability.And we analyze and compare our scheme with other threshold signature schemes in the security and computational overhead.Compared with some existing threshold signature schemes,the threshold authentication scheme in this paper requires less computational overhead;and compared with some improvement schemes of PKI system based on blockchain,the proposed scheme does not require cumbersome certificate operations and is more convenient to manage.In addition,according to the proposed identity authentication scheme,we design a identity authentication system based on the Qt framework and the Ethereum platform,and we test the system function.The test results verify the validity of the certification scheme.