Abstract:Existing information service entities (ISE) in various domains (PKI domain and IBC domain) interact more frequent.To solve the obstacle to the development of services caused by unsafe and inefficient cross-domain authentication,a novel blockchain-based cross-domain authentication scheme is proposed.A blockchain domain agent server is set in IBC to participate in SM9 key generation and build up the consortium blockchain model along with the blockchain certificate server (PKI).Based on the high credible model with the advantages of blockchain technology,a cross-domain authentication protocol and re-authentication protocol are proposed,and are proved by SOV logic.Compared with the related schemes,our scheme reduces the computation and communication on user side and simplifies the heavy authentication process.Therefore,the scheme has good practicability in domain authentication.
马晓婷, 马文平, 刘小雪. 基于区块链技术的跨域认证方案[J]. 电子学报, 2018, 46(11): 2571-2579.
MA Xiao-ting, MA Wen-ping, LIU Xiao-xue. A Cross Domain Authentication Scheme Based on Blockchain Technology. Acta Electronica Sinica, 2018, 46(11): 2571-2579.
[1] R Housley,W Ford,et al.IETF RFC2459.Internet X.509 public key infrastructure:certificate and CRL profile[S].Jan.1999.
[2] A Shamir.Identity-based cryptosystems and signature schemes[J].Advances in cryptology (Santa Barbara,Calif),1984,21(2):47-53.
[3] G Lopze Millan,M Gil Perze,et al.PKI-based trust management in inter-domain scenarios[J].Computers and Security,2010,29:278-290.
[4] 张文芳,汪小敏,等.基于椭圆曲线密码体制的高效虚拟企业跨域认证方案[J].电子学报,2014,42(6):1095-1120. Zhang W F,Wang X M,et al.An efficient inter-enterprise authentication scheme for VE based on the elliptic curve cryptosystem[J].Acta Electronica Sinica,2014,42(6):1095-1102.(in Chinese)
[5] 路晓明,冯登国.一种基于身份的多信任域网格认证模型[J].电子学报,2006,34(4):579-582. Lu Xiao-ming,Feng Deng-guo.An identity-based authentication model for multi-domain grids[J].Acta Electronica Sinica,2006,34(4):579-582.(in Chinese)
[6] 杨斌,陈国庆,孙永红.一种新的基于身份的多信任域认证模型研究[J].计算机安全,2010,8:15-18. Yang B,Chen G Q,Sun Y H.Research on a new identity-based authentication model for multi-domains[J].Computer Security,2010,8:15-18.(in Chinese)
[7] 杨斌.IBC和PKI组合应用研究[D].郑州:解放军信息工程大学,2009. Yang B.Research on the combination of identity-based cryptographic techniques and public key infrastructure[D].Zhengzhou:PLA Information Engineering University,2009.(in Chinese)
[8] Yuan C,Zhang W F,et al.EIMAKP:Heterogeneous cross-domain authenticated key agreement protocols in the EIM system[J].Arabian Journal for Science and Engineering,2017,42(8):3275-3287.
[9] 蔡维德,郁莲,等.基于区块链的应用系统开发方法研究[J].软件学报,2017,28(6):1474-1487. Tsai W T,Yu L,et al.Blockchain application development techniques[J].Journal of Software,2017,28(6):1474-1487.(in Chinese)
[10] L Axon.Privacy-awareness in blockchain-based PKI[J].Oxford University Research Archive,2015.
[11] K Lewison,F Corella.Backing rich credentials with a blockchain PKI[R].Tech Rep,2016.
[12] 周致成,李立新,李作辉.基于区块链技术的高效跨域认证方案[J].计算机应用,2018,38(2):316-320. Zhou Z C,Li L X,Li Z H.Efficient cross domain authentication scheme based on blockchain technology[J].Journal of Computer Applications,2018,38(2):316-320.(in Chinese)
[13] 袁峰.SM9标识密码算法综述[J].信息安全研究,2016,2(11):1008-1027. Yuan F.Overview on SM9 identity-based cryptographic algorithm[J].Information Security Research,2016,2(11):1008-1027.(in Chinese).
[14] Kosba A,Miller A,et al.Hawk:the blockchain model of cryptography and privacy-preserving smart contracts[A].IEEE Symposium on Security and Privacy (SP)[C].2016,San Jose,CA,USA:IEEE Press,2016.839-858.
[15] 袁勇,王飞跃.区块链技术发展现状与展望.自动化学报[J].2016,42(4):481-494. Yuan Y,Wang F Y,Blockchain:The state of the art and future trends[J].Acta Automatica Sinica,2016,42(4):481-494.(in Chinese)
[16] 王远敏.基于SVO逻辑的多方不可否认协议的形式化分析与研究[D].贵州大学,2009. Wang Y M.The application study on formalism of multi-party non-repudiation protocols on SOV logic[D].Guizhou University,2009.(in Chinese)
[17] 田有亮,彭长根,马建峰等.安全协议的博弈论机制[J].计算机研究与发展,2014,51(2):344-352 Tian Y L,Peng C G,Ma J F,et al.Game-Theoretic Mechanism for Cryptographic Protocol[J].Journal of Computer Research and Development 2014,51(2):344-352.(in Chinese)
[18] H Kilinc,T Yanik.A survey of SIP authentication and key agreement schemes[J].Communications Surveys\& Tutorials,IEEE,2014,16(2),1005-1023.