| 基于区块链技术的跨域认证方案 |
| |
| 引用本文: | 马晓婷,马文平,刘小雪.基于区块链技术的跨域认证方案[J].电子学报,2018,46(11):2571-2579. |
| |
| 作者姓名: | 马晓婷 马文平 刘小雪 |
| |
| 作者单位: | 西安电子科技大学综合业务网国家重点实验室, 陕西西安 710071 |
| |
| 摘 要: | 针对现有交互频繁的信息服务信任域(PKI域和IBC域)之间不能实现信息服务实体(ISE)安全高效的跨域认证的问题,提出一种基于区块链的跨异构域认证方案.在IBC域设置区块链域代理服务器参与SM9(国产标识密码)算法中密钥生成,并与PKI域区块链证书服务器等构成联盟链模型,利用区块链技术去中心化信任、数据不易篡改等优点保证模型内第三方服务器的可信性.基于此设计了跨域认证协议与重认证协议,并进行SOV逻辑证明.分析表明,与目前相关方案相比,协议在满足安全需求的前提下,降低了用户终端的计算量、通信量和存储负担,简化了重认证过程,实现域间安全通信,在信息服务跨异构域身份认证过程中具有良好的实用性.
|
| 关 键 词: | 跨域认证 区块链 SM9算法 信息服务 |
| 收稿时间: | 2018-01-29 |
A Cross Domain Authentication Scheme Based on Blockchain Technology |
| |
| MA Xiao-ting,MA Wen-ping,LIU Xiao-xue.A Cross Domain Authentication Scheme Based on Blockchain Technology[J].Acta Electronica Sinica,2018,46(11):2571-2579. |
| |
| Authors: | MA Xiao-ting MA Wen-ping LIU Xiao-xue |
| |
| Institution: | State Key Laboratory of Integrated Services Networks, Xidian University, Xi'an, Shaanxi 710071, China |
| |
| Abstract: | Existing information service entities (ISE) in various domains (PKI domain and IBC domain) interact more frequent.To solve the obstacle to the development of services caused by unsafe and inefficient cross-domain authentication,a novel blockchain-based cross-domain authentication scheme is proposed.A blockchain domain agent server is set in IBC to participate in SM9 key generation and build up the consortium blockchain model along with the blockchain certificate server (PKI).Based on the high credible model with the advantages of blockchain technology,a cross-domain authentication protocol and re-authentication protocol are proposed,and are proved by SOV logic.Compared with the related schemes,our scheme reduces the computation and communication on user side and simplifies the heavy authentication process.Therefore,the scheme has good practicability in domain authentication. |
| |
| Keywords: | across domains authenticated blockchain SM9 information services |
|
| 点击此处可从《电子学报》浏览原始摘要信息 |
| 点击此处可从《电子学报》下载免费的PDF全文 |
