Research On Cross-domain Identity Authentication On Blockchain

The rapid development of Internet technology promotes the wider application of information services in various fields,which brings a lot of convenience to information-based life.In order to improve the quality and efficiency of information services and improve the effective utilization of resources,information service resource sharing has become a trend.In order to ensure the security of resource sharing and allow users to obtain more resources.Cross-domain identity authentication has also become an important research direction.However,more and more common cross-domain authentication mechanism at present often adopts a centralized management method and relies on a trusted third party.However,this authentication method relies too much on third parties.It often has security problems such as single point of failure,personal information leakage,and information destruction,and this method cannot allow users to monitor the records of identity authentication.Due to its natural decentralization advantages,blockchain provides the possibility to solve the problems mentioned above.Blockchain technology has the characteristics of decentralization,openness,transparency,traceability,and tamper resistance.It can effectively build a decentralized cross-domain authentication model and realize a supervised,safe and reliable identity authentication.Relying on blockchain technology and cryptographic algorithms,this paper proposes three solutions for the shortcomings of the current cross-domain identity authentication system,such as single point of failure,cumbersome cross-domain authentication process,centralized management of user identity information,and opaque authentication process.For cross-domain authentication schemes in different scenarios,this paper mainly focuses on the following tasks:(1)When sharing educational information service resources,users may face cross-domain authentication.An identity authentication scheme based on blockchain technology and certificateless signature is proposed.The scheme uses blockchain technology to build a decentralized identity authentication model.Two types of blockchains,intra-domain blockchain and cross-domain blockchain,are designed to handle identity authentication in trust domains and cross-domain authentication between different trust domains respectively.The problem of domain identity authentication improves the processing efficiency of authentication nodes and reduces the computing cost of users.This scheme also uses a certificateless public key cryptosystem to allow users to generate their own public and private key,solving the key escrow problem.Hash algorithm is used to achieve traceability of malicious users.(2)For information service resource sharing,there is cross-domain access between trust domains under different cryptosystems.This paper studies the cross-domain authentication between users and information service entities based on PKI-based domains and domains based on certificateless public key cryptosystems,and designs a blockchain-based cross-domain identity authentication between heterogeneous domains.This solution uses the blockchain network to build a distributed identity authentication model,and the certificateless partial blind signature algorithm to ensure users’ identity security.Secure identity authentication of service entities;by improving the X.509 digital certificate.A blockchain digital certificate is designed to facilitate users in the trust domain based on the certificateless public key cryptosystem to access information service entities in the PKI domain.Finally,the feasibility of the scheme is proved by SVO logic.(3)In order to solve the problem of cross-domain identity authentication between users and information service entities in heterogeneous environments based on different cryptosystems,a blockchain-based complete cross-domain identity authentication and key agreement scheme is proposed.A cross-domain blockchain mechanism is constructed,which allows users to access information service entities of different cryptosystems.When the information service entity registers and accesses the cross-domain system,it will submit the encryption and decryption algorithm to blockchain,so that the visitor can use the blockchain network to access different trust domains.After the authentication is passed,the session key for the communication between the two parties will be negotiated.Finally,the random oracle model is used to prove the mutual authentication of the two authentication parties and the security of the session key agreement.The performance of the scheme is analyzed,which shows the feasibility of the scheme.