| With the rapid development of Internet technology,the trend of digitalization has intensified,and the number of intelligent applications has increased.At the same time,the demand for identity authentication of network users has also increased.However,at present,the user’s identity information is mainly managed in a centralized manner by the service provider,and the identity information is distributed across different service provider databases.The user does not have complete control over the identity and needs to repeatedly register and authenticate in the process of accessing resources.The decentralization and tamper-proof traits of blockchain can be applied in identity management to solve the problems of centralized identity management.Therefore,this paper designs and implements a distributed identity management scheme based on blockchain.This scheme utilizes the decentralization and tamper-proof characteristics of blockchain to solve the problems of duplicate authentication and registration in current authentication solutions.The main work of this paper is as follows:(1)Propose a blockchain-based certificateless public-key encryption algorithm.Following the national encryption algorithm standard SM2,this paper improves the certificateless encryption mechanism,designs and implements a certificateless encryption algorithm based on blockchain.The algorithm does not rely on bilinear pairing and uses elliptic curve,which can effectively reduce the computational cost.The certificateless public key cryptography scheme proposed in this paper solves the problem of certificate management and key escrow.Random Oracle Model-based security analysis proves that the proposed scheme is provably secure against existential forgery on adaptive chosen message attacks.In addition,leveraging the immutability and traceability of blockchain,the proposed certificateless encryption algorithm can resist Type-1 and Type-2 adversaries in the certificateless domain.Finally,compared with the existing certificateless encryption algorithm,the proposed algorithm improves the computational performance by at least 11%.(2)Design a distributed identity authentication mechanism.Based on smart contracts,this paper applies the advantages of blockchain technology to the identity management scheme,making the identity credentials portable.The identity authentication mechanism is based on the Decentralized Identifiers(DID)standard.Users have unique identifiers that do not rely on any central organization,ensuring the permanent validity and immutability of identities.At the same time,the paper designs smart contracts for identity registration,verifiable credential issuance,and credential claim query.The immutability of identity data is achieved by storing identity credential claims on the blockchain.Finally,a formal security proof of the protocol for the identity authentication mechanism is performed.(3)Implement a distributed identity management system based on a consortium blockchain.Based on the above research,this paper designs and implements a distributed identity management system based on consortium blockchain,which includes three roles: data provider,data owner,and service provider.These roles can interact with each other through smart contracts to realize digital identity registration and recovery,verifiable credential issuance,and verification.The system provides convenient and reliable identity verification and management functions,which can better meet the needs of users.Finally,this paper tests and analyzes the function,performance,and security of the system,and the result proves that the system meets the design goals. |
