Skip to main content
SpringerLink
Log in

An Open Identity Authentication Scheme Based on Blockchain

  • Conference paper
  • First Online:
Algorithms and Architectures for Parallel Processing (ICA3PP 2019)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 11944))

Abstract

With the development of Public Key Infrastructure (PKI), there implements lots of identity management systems in enterprises, hospitals, government departments, etc. These systems based on PKI are typically centralized systems. Each of them has their own certificate authority (CA) as trust anchor and is designed according their own understanding, thus formalizing lots of trust domains isolated from each other and there is no unified business standards with regard to trust delivery of an identity system to another, which caused a lot of inconveniences to users who have cross-domain requirements, for example, repeatedly register same physical identity in different domains, hard to prove the validity of an attestation issued by a domain to another. Present PKI systems choose solutions such as Trust list, Bridge CA or Cross-authentication of CAs to break trust isolation, but practice shows that they all have obvious defects under existing PKI structure. We propose an open identity authentication structure based on blockchain and design 3 protocols including: Physical identity registration protocol, virtual identity binding protocol and Attribution attestation protocol. The tests and security analysis show that the scheme has better practice value compared to traditional ones.

Supported by National Key Research and Development Program of China (2017YFB0802300) and (2017YFB0802304). Science and technology projects in Sichuan Province (2017GZDZX0002) and Sichuan Science and Technology Program No. 2018JY0370.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ITU-T: NGN Identity Management Framework. http://www.itu.int/rec/T-REC-Y.2720-200901-I. Accessed 4 July 2018

  2. Allen, C.: The Path to Self-Sovereign Identity. http://www.coindesk.com/path-self-sovereign-identity/. Accessed 4 July 2018

  3. UK Government: Identity Proofing and Verification of an Individual. https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/370033/GPG_45_. Accessed 4 July 2018

  4. Guel, M.D.: A framework for choosing your next generation authentication/authorization system. Information Security Technical Report 7.1, pp. 63–78 (2002). https://doi.org/10.1016/S1363-4127(02)00107-3

  5. Adams, C., Lioyd, S.: Understanding PKI: Concepts, Standards and Deployment Considerations, 2nd edn. Addison Wesley Professional, Reading (2002)

    Google Scholar 

  6. Myers, M., Ankney, R., Malpani, A., et al.: X.509 Internet Public Key Infrastructure: Online Certificate Status Protocols. EITFRFC 2560. PKIX Working Group (1999)

    Google Scholar 

  7. Weimerskirch, A., Thonet, G.: A distributed light-weight authentication model for ad-hoc networks. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 341–354. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45861-1_26

    Chapter  Google Scholar 

  8. Ma, M., Meinel, C.: A proposal for trust model: independent trust intermediary service (ITIS). In: Proceedings of the ICWI 2002, pp. 785–790 (2002)

    Google Scholar 

  9. Thompson, M.R., Olson, D., Cowles, R., et al.: CA-Based trust model for grid authentication and identity delegation. In: Proceedings of the GGF7 (2003)

    Google Scholar 

  10. Comodo: PKI-Public Key Infrastructure - What is it?. https://www.comodo.com/resources/small-business/digital-certificates1.php. Accessed 4 July 2018

  11. Peng, B., Liu, J., Gong, Z., et al.: Cross-domain Trust Model Based on Bridge CA. Ship Electronic Engineering (2017)

    Google Scholar 

  12. Leiba, B.: OAuth web authorization protocol. IEEE Internet Comput. 16(1), 74–77 (2012)

    Article  Google Scholar 

  13. FIDO Alliance: The FIDO Alliance specification. http://fidoalliance.org. Accessed 4 July 2018

  14. Lindemann, R., Baghdasaryan, D., Tiffany, E., et al.: FIDO UAF Protocol Specification v1.0: FIDO Alliance Proposed Standard. https://fidoalliance.org/spces/fido-uaf-v1.0-ps-20141208/fido-uaf-protocol-v1.0-ps-20141208.html. Accessed 4 July 2018

  15. Lindemann, R., Baghdasaryan, D., Tiffany, E., et al.: FIDO UAF Protocol Specification v1.0: FIDO Alliance Proposed Standard. https://en.bitcoin.it/wiki/Block. Accessed 4 July 2018

  16. Kexin, H.: Research on FIDO UAF Authentication Protocols Security. University of Science and Technology of China (2016)

    Google Scholar 

  17. Satoshi, N.: Bitcoin: A Peer-to-Peer Electronic Cash System (2009). http://bitcoin.org/bitcoin.pdf. Accessed 4 July 2018

  18. Baars, D.: Towards Self-Sovereign Identity using Blockchain Technology. http://essay.utwente.nl/71274/1/Baars_MA_BMS.pdf. Accessed 4 July 2018

  19. Antonopoulos, A.M.: Mastering Bitcoin: Unlocking Digital Crypto-Currencies. O’Reilly Media Inc, Sebastopol (2014)

    Google Scholar 

  20. Bergan, T., Anderson, O., Devietti, J., et al.: CryptoNote v 2.0. http://xueshu.baidu.com/s?wd=paperuri. Accessed 4 July 2018

  21. Haber, S., Kaliski, B., Stornetta, S.: How do Digital Time-stamps Support Digital Signatures. http://www.x5.net/faqs/crypto/q108. html. Accessed 4 July 2018

  22. Hyperledger: Project Charter. www.hyperledger.org/about/charter. Accessed 4 July 2018

  23. Canetti, R., Shahaf, D., Vald, M.: Universally Composable Authentication and Key-Exchange with Global PKI. http://xueshu.baidu.com/s?wd=Universally+composable+authentication+and+key-exchange+with+global+PKI. Accessed 4 July 2018

  24. Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-46035-7_22

    Chapter  Google Scholar 

  25. Canetti, R.: Universally composable signature, certification, and authentication. In: CSFW, p. 219. IEEE Computer society (2004)

    Google Scholar 

  26. Maurer, U., Tackmann, B., Coretti, S.: Key exchange with unilateral authentication: composable security definition and modular protocol design. IACR Cryptology ePrint Archive 2013, 555 (2013)

    Google Scholar 

  27. Kohlweiss, M., Maurer, U., Onete, C., Tackmann, B., Venturi, D.: (De-)Constructing TLS. IACR Cryptology ePrint Archive 2014, 20 (2014)

    Google Scholar 

  28. Weinberg, J.T.: Biometric identity. Soc. Sci. Electron. Publ. 59(1), 30–32 (2016)

    Google Scholar 

  29. Ding, W., Ping, W.: Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans. Dependable Secure Comput. PP(99), 1 (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. No. 30 Inst, China Electronics Technology Group Corporation, Chengdu, 610041, Sichuan, China

    Yuxiang Chen, Guishan Dong, Yao Hao, Zhaolei Zhang & Haiyang Peng

  2. Science and Technology on Communication Security Lab, Chengdu, 610041, Sichuan, China

    Yuxiang Chen & Yao Hao

  3. School of Software, University of Technology Sydney, Sydney, Australia

    Shui Yu

Authors
  1. Yuxiang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guishan Dong
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yao Hao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Zhaolei Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Haiyang Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Shui Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yuxiang Chen .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Software Engineering, Swinburne University of Technology, Hawthorn, Melbourne, VIC, Australia

    Sheng Wen

  2. School of Computer Science, The University of Sydney, Camperdown, NSW, Australia

    Albert Zomaya

  3. Department of Computer Science, St. Francis Xavier University, Antigonish, NS, Canada

    Laurence T. Yang

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chen, Y., Dong, G., Hao, Y., Zhang, Z., Peng, H., Yu, S. (2020). An Open Identity Authentication Scheme Based on Blockchain. In: Wen, S., Zomaya, A., Yang, L. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2019. Lecture Notes in Computer Science(), vol 11944. Springer, Cham. https://doi.org/10.1007/978-3-030-38991-8_28

Download citation

Publish with us

Policies and ethics

Search

Navigation