| Digital identity is a passport in the Internet.Users need to ensure that their identity information privacy is securely protected,and they need to build a good trust relationship with the authenticator.However,the existing traditional identity authentication method adopts centralized management,which is prone to the problem of single point of failure.In addition,user personal information is stored in different organizational structures,which makes it difficult to share information.This causes users to repeatedly submit the same information for authentication to obtain service provider resources,resulting in low efficiency.Moreover,users will have an account in each different organization on the Internet,and a large number of accounts make it difficult for users to manage and reduce the user's sense of network experience.Blockchain technology has the characteristics of decentralization,openness and transparency,and tamper resistance.People have begun to study its broader application scenarios and combine it with existing application scenarios to find more excellent solutions.This article mainly relies on blockchain technology to address the defects of the current traditional identity authentication system,such as centralized management of identity information,single point of failure,difficulty in sharing information,difficulty in unified management of multiple identities,and privacy leakage.Independent and controllable identity authentication schemes that do not rely on third parties,so as to protect the privacy of user identity information.This paper mainly completed the following work:(1)Aiming at the authentication scenario where the service provider needs to know the user's detailed identity information,a blockchain-based privacy "semi-leaking" authentication scheme is proposed.The solution uses the blockchain system to allow users to register a unified account and submit identity information.Through the attribute-based encryption algorithm,the user sets the ciphertext access strategy by himself,encrypts the identity information and stores it in the IPFS(Interplanetary File System,Interplanetary File System,Interplanetary File System).File system),IPFS returns the ciphertext storage address and uploads the user's related information on the chain.During the authentication process,only the service provider that meets the attribute set of the user's ciphertext access strategy can unlock the identity ciphertext information for authentication.This solution enables users to autonomously control their identity information,and realizes identity information sharing while protecting user identity privacy.(2)Aiming at the authentication scenario where the service provider only needs to know the authentication result and does not need to know the user's detailed identity information,a blockchain-based privacy and non-disclosure authentication scheme is proposed.The solution uses the blockchain system to allow users to register a unified identity account.Through the zero-knowledge proof technology,a zero-knowledge proof of identity information is generated,and the zero-knowledge proof is stored in IPFS.IPFS returns the storage address of the zeroknowledge proof of identity,the system uploads the user's relevant information to the chain.During the authentication process,the service provider verifies the zero-knowledge proof,and the service will be provided after the verification is passed.This solution realizes that there is no leakage of user information,which greatly protects the privacy of the user's identity. |
PDF Full Text Request