Abstract
Centralized systems based on the trusted third-party are widely used in identity authentication. However, there is a single point of failure inherent in the centralized systems. As a natural decentralized architecture, blockchain can bring the advantages of decentralization, trustworthiness and immutability to the identity authentication systems. The existing blockchain-based identity authentication systems can solve the problem of single point of failure, but there are still problems such as certificate management. In this paper, we propose an identity authentication scheme based on blockchain and certificateless public key cryptography. The scheme implements a decentralized database by deploying smart contracts in the Ethereum blockchain, and uses the certificateless public key signature algorithm during the authentication process. Compared with other blockchain-based identity authentication systems, our scheme not only prevents the single point of failure, but also avoids the deficiency of certificate management, and resists impersonation attacks and man-in-the-middle attacks. The security analysis and performance analysis show the security and stability of our scheme.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-40061-5_29
Axon, L.: Privacy-awareness in blockchain-based PKI. Technical Report (2015)
Bellare, M.: New proofs for NMAC and HMAC: security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_36
Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the Internet of Things. IEEE Access 4, 2292–2303 (2016)
Dunphy, P., Petitcolas, F.A.: A first look at identity management schemes on the blockchain. IEEE Secur. Privacy 16(4), 20–29 (2018)
Fromknecht, C., Velicanu, D., Yakoubov, S.: CertCoin: a NameCoin based decentralized authentication system 6.857 class project. Unpublished class project (2014)
Hammi, M.T., Hammi, B., Bellot, P., Serhrouchni, A.: Bubbles of Trust: a decentralized blockchain-based authentication system for IoT. Comput. Secur. 78, 126–142 (2018)
Hota, M., Panigrahi, L., Jena, D.: Digital signature based on EC-DLP. Siddhant - J. Decis. Making 10(1), 6–13 (2010)
Kõlvart, M., Poola, M., Rull, A.: Smart contracts. In: Kerikmäe, T., Rull, A. (eds.) The Future of Law and eTechnologies, pp. 133–147. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-26896-5_7
Liu, A., Du, X., Wang, N., Li, S.: Research progress of blockchain technology and its application in information security. J. Softw. 29(7), 2092–2115 (2018)
Lu, J., Cao, X., Yang, P.: Two-factor identity authentication model based on blockchain and face recognition. J. Appl. Sci. 37(2), 164–178 (2019)
Matsumoto, S., Reischuk, R.M.: IKP: Turning a PKI around with decentralized automated incentives. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 410–426. IEEE (2017)
Muftic, S.: Blockchain identity management system based on public identities ledger, 25 April 2017. (US Patent 9,635,000)
Nowak, M.A., May, R.M.: Evolutionary games and spatial chaos. Nature 359(6398), 826 (1992)
Raju, S., Boddepalli, S., Gampa, S., Yan, Q., Deogun, J.S.: Identity management using blockchain for cognitive cellular networks. In: 2017 IEEE International Conference on Communications (ICC), pp. 1–6. IEEE (2017)
Sullivan, C., Burger, E.: E-residency and blockchain. Comput. Law Secur. Rev. 33(4), 470–481 (2017)
Wang, Z., Han, Z., Liu, J., Zhang, D.W., Chang, L.: ID authentication scheme based on PTPM and certificateless public key cryptography in cloud environment. J. Softw. 27(6), 1523–1537 (2016)
Zhang, F.T., Sun, Y.X., Zhang, L., Geng, M., Li, S.: Research on certificateless public key cryptography. J. Softw. 22(6), 1316–1332 (2011)
Acknowledgments
This work is supported by the National Nature Science Foundation of China (NSFC) under grant 61572026, 61672195, Open Foundation of State Key Laboratory of Cryptology (No: MMKFKT201617).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ao, W., Fu, S., Zhang, C., Xu, M. (2020). A Secure Certificateless Identity Authentication Scheme Based on Blockchain. In: Han, W., Zhu, L., Yan, F. (eds) Trusted Computing and Information Security. CTCIS 2019. Communications in Computer and Information Science, vol 1149. Springer, Singapore. https://doi.org/10.1007/978-981-15-3418-8_16
Download citation
DOI: https://doi.org/10.1007/978-981-15-3418-8_16
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-3417-1
Online ISBN: 978-981-15-3418-8
eBook Packages: Computer ScienceComputer Science (R0)
