Traditional identity authentication solutions mostly rely on a trusted central entity, so they cannot handle single points of failure well. In addition, most of these traditional schemes need to store a large amount of identity authentication or public key information, which makes the schemes difficult to expand and use in distributed situations. In addition, the user prefers to protect the privacy of their information during the identity verification process. Due to the open and decentralized nature of the blockchain, the existing identity verification schemes are difficult to apply well in the blockchain. To solve this problem, in this article, we propose a privacy protection identity authentication scheme based on the blockchain. The user independently generates multiple-identity information, and these identities can be used to apply for an identity certificate. Authorities use the ECDSA signature algorithm and the RSA encryption algorithm to complete the distribution of the identity certificate based on the identity information and complete the registration of identity authentication through the smart contract on the blockchain. On the one hand, it can realize the protection of real identity information; on the other hand, it can avoid the storage overhead caused by the need to store a large number of certificates or key pairs. Due to the use of the blockchain, there is no single point of failure in the authentication process, and it can be applied to distributed scenarios. The security and performance analysis show that the proposed scheme can meet security requirements and is feasible.
Nowadays, in the Internet of Things (IoT) environment, a massive quantity of devices and sensors can feel each other through the internet to share and process data [
In this scenario, the patient’s medical data are an important information resource containing a large amount of sensitive information, which can be in the form of signals, text, voice data, images, etc. This information needs to be effectively protected. However, since medical systems are vulnerable to cyberattacks, sharing sensitive patient information in an IoT environment may cause a series of serious security and privacy issues. For example, if the third party who obtains the information does not use the data as agreed, but instead sells or uses other forms of data abuse; this will pose a severe challenge to the privacy and safety of patients. In order to ensure that patients’ data are not used by unauthorized people in the smart medical environment, an effective identity management solution must be used. Firstly, the amount of data generated by sensors in real-time medical treatment is very large, and the data formats are heterogeneous. Therefore, for terminals with limited processing capabilities, it is not feasible to encrypt data before transmitting the data. Secondly, since terminals often have limited storage capacity, it is not feasible to use existing identity management and verification methods that require storing a large number of key pairs. In addition, most of the existing solutions rely on a trusted third party to implement identity management and authentication, which not only leads to the potential danger of a single point of failure but also makes users lose control of their own identity information.
Recently, as a decentralized technology, blockchain [
In this paper, we propose a blockchain-based identity authentication scheme, which can realize anonymous user identity authentication and identity management without a lot of storage space. The main contributions of this paper can be summarized as follows: We propose a blockchain-based identity authentication scheme. By introducing the blockchain, users will generate their own identities and generate publicly verifiable information for those identities. Users store public information on the blockchain, thus solving the problem of relying on third parties to manage identity information. Users do not need to maintain a database of publicly verified information and can realize identity authentication by querying the blockchain, which saves the time delay of waiting for block confirmation. Therefore, during the identity authentication process, there is no need to rely on a trusted third party, and there is no need for users to store the identity information of other users. The identity authentication scheme we proposed can support privacy preservation, including communication privacy protection and user identity privacy protection. By using the ECDSA signature scheme, the verifiability and unforgeability of the identity verification process are ensured. The communication process is encrypted by the RSA encryption algorithm to ensure the security of communication. In addition, the user can generate multiple identities, and the corresponding public information is not related, so the user’s identity privacy can be effectively protected. Our analysis and comparison proved that the proposed identity authentication scheme meets the security requirements, and the feasibility of the scheme was proved through simulation experiments.
Traditional identity management solutions often rely on a centralized trusted third party [
In order to solve the centralization problem, some studies have proposed federated identity management [
Recently, some researchers have introduced blockchain technology into identity authentication [
It can be seen that the existing blockchain-based identity authentication schemes can be divided into two categories according to their application scenarios: multidomain and single domain. Among the multidomain authentication schemes, the existing schemes are difficult to solve the cross-domain system compatibility issues and the privacy security issues between different domains. In the single-domain authentication scheme, most of the information used for authentication is stored in the blockchain in plaintext messages. However, in the process of identity management and authentication, the openness and immutability of the blockchain will inevitably bring security risks and difficulties in changing identity information.
In this section, we illustrate background knowledge used in this paper, including the definition of discrete logarithm and its security assumptions, chameleon hash algorithm, and description of the verifiable claim.
Blockchain [
Elliptic Curve Digital Signature Algorithm (ECDSA) [
The signing process is as follows: Choose an elliptic curve Select the private key Generate a random integer Take the original data Calculate As the signature value,
The verification process is as follows. After receiving the message Calculation: Verify the equation: If the equation holds, accept the signature; otherwise, the signature is invalid
RSA encryption algorithm [
The specific description of the RSA algorithm is as follows: Choose two different large prime numbers Choose a large integer The determined solution key The integers Encrypt the plaintext Decrypt ciphertext
As shown in Figure User: the user realizes its own identity control and management by generating its own identity identification ( Authority: the authority is an entity that distributes certificates to users (Steps ① and ②), such as governments or medical management agencies. The certificate distributed to users contains the signature of the authorities and can be verified by other users. It is worth pointing out that although the authority distributes certificates to users, the authority does not participate in the verification process in the process of performing identity authentication (Step ④). Blockchain: It is a consortium blockchain maintained by miners for publishing users’
System model.
In this section, we first give the overview of our proposed privacy-preserving identity authentication scheme. In the following, we provide a detailed description of our scheme, which mainly consists of three phases: initialization, registration, and authentication.
In the privacy-preserving identity authentication scheme, the user independently generates their identity information (
Next, we divided the proposed system into three phases which are described in detail, namely, initialization phase, registration phase, and authentication phase. The overall process of authentication is shown in Figure
The process of authentication.
The initialization phase can be divided into two parts. One part is the authorities and the blockchain network initialization. The other part is the user initialization. Initially, the users and the authorities initialize the system, and the system constructs a permissioned blockchain network, where users (DO and DU) are the participant and the miners are the maintainer of the blockchain. The users write transactions in order to provide identity authentication function. The miners verify the transactions in order to provide valid information for identity authentication. Specifically, the users and the authorities establish a consortium blockchain, and the miners who maintain the blockchain network rely on a practical Byzantine fault tolerance (PBFT) consensus mechanism. They execute the following operations to initialize a series of system parameters: For two large primes The identity of the authority is marked as The identity of the user is marked as The users write a smart contract (SC) in order to provide the registration function, in which public and private key pairs are The public parameters can be represented as
The user Upon receiving the user’s message, Upon receiving Upon receiving the message from
After a user’s User Upon receiving the message from
In this section, we first compare the proposed scheme with four other representative authentication schemes in terms of authentication, privacy preservation, scalability, and centralized trusted authority. Then, we introduce the security requirements and give the corresponding analysis.
The security requirements mainly include integrity, availability, scalability, nonrepudiation, identity authentication, and communication security. In addition, we compared the solution with the existing blockchain-based solutions in a comprehensive function. The comparison results are shown in Table Identity anonymity: identity anonymity means that other users cannot obtain the user’s true information through the user’s access request. In the proposed scheme, the user completes the identity registration by generating the identity information Authentication: authentication means that two users need to be identified before they interact. The authentication scheme proposed in this paper is the identity information generated by the user independently, and the registration of the identity and the disclosure of the effective proof are completed by the blockchain network, that is, the effective proof is stored in the blockchain network. The authenticating party can identify the authenticated party by accessing the blockchain and realize identity authentication. Integrity: the security requirements for integrity mainly include two aspects: data integrity and message integrity. Data integrity means that unauthorized users and devices cannot access and modify the data. Message integrity means that the message sent by the user and the device cannot be tampered with illegally during the interaction. The authentication process of this scheme is realized with the help of the blockchain. The core of the verification is that the user transmits the valid identity certificate to the blockchain network and stores it in the form of a transaction. In the blockchain network, every transaction will be verified by miners, so the integrity of the message can be guaranteed. In the proposed scheme, the user’s data are stored on the blockchain network. Once the verified data are stored, it will be difficult to be tampered with, so the data integrity can be effectively guaranteed. Nonrepudiation: nonrepudiation means that users and devices cannot reject the operations they have implemented and the messages they send. Since the scheme is carried out through the blockchain, all operations are stored in the blockchain in the form of transaction records, and all access requests and transactions are signed; therefore, the scheme is undeniable. Scalability: scalability is one of the important security requirements of blockchain identity authentication. Due to the time delay characteristics of the blockchain, if users frequently complete identity authentication through transactions, it will consume a lot of resources and time. In the scheme designed in this paper, users only need to complete the corresponding proof data on the blockchain during the registration phase. In the identity authentication phase, there is no need to wait for block confirmation, and there is only a need to search the data on the blockchain to complete the identity authentication. For scalability requirements, this solution can be well adapted. Privacy preservation: privacy protection mainly refers to the privacy and security of the user data and identity in the storage process. In the schemes in [ Communication security: communication security refers to the security of the user’s communication data during the identity authentication process. In the scheme proposed in [ Cross-blockchain: cross-blockchain authentication refers to whether a hybrid blockchain combining a private blockchain and a public blockchain is used in the process of implementing the authentication scheme. For different blockchains, each individual blockchain network is a relatively independent network. The block structure and the deployment of the consensus mechanism may be different, data information is difficult to interconnect and synchronize, and there is a problem of information islands. This makes it difficult to collaborate between different blockchain networks and greatly limits the development of blockchain applications. Therefore, avoiding the use of hybrid blockchains to complete identity verification and avoiding cross-domain identity verification are also issues that need to be considered. Different from the cross-blockchain identity authentication scheme designed in scheme [ Block confirmation: block confirmation refers to whether it is necessary to wait for a transaction during the identity authentication process. In the scheme proposed in [
Security features’ comparison.
Features | [ | [ | [ | [ | [ | Our |
---|---|---|---|---|---|---|
Identity anonymity | ||||||
Authentication | ||||||
Nonrepudiation | ||||||
Privacy preservation | ||||||
Scalability | — | — | ||||
Decentralized | — | — | ||||
Cross-blockchain | — | — | ||||
Blockchain confirmation | — | — |
In this section, we conduct experiments to evaluate the effectiveness and feasibility of our scheme. We employ the related cryptographic operations in the C/C++ OPENSSL library [
Parameter definitions.
Symbol | Description | Size |
---|---|---|
Bit length of an element in | 512 | |
Bit length of an identity | 256 | |
Bit length of a timestamp | 32 | |
Bit length of a random number | 256 | |
Bit length of a hash function | 256 | |
Bit length of a signature | 1024 | |
Bit length of a proof | 1024 |
The complex calculations and large-capacity storage required in the authentication process are placed on the blockchain. In order to realize user identity authentication based on the blockchain, a valid and public identity proof is stored on the blockchain. In this part, we mainly analyze the performance of the registration process and the identity authentication process. Since there are few existing blockchain-based identity authentication schemes, starting from the core idea of the scheme, the feasibility of the scheme is analyzed by analyzing the calculation cost, the communication cost, and the storage cost of each process in the scheme.
In the registration phase, the user first sends a request message to the authority. After receiving the proof returned by the authority, the user sends a registration transaction to the blockchain network. From the user’s point of view, it is necessary to execute the signature generation algorithm twice, the verification algorithm once, and the encryption algorithm once. Besides, the user needs to store the proof returned by
In the identity authentication phase, the user
In order to show the performance of the solution more intuitively, the communication cost and the calculation cost at different phases are shown in Figures
Communication cost.
Calculation cost.
In this article, an identity authentication scheme based on blockchain-based privacy protection is proposed. The user generates identity information independently and completes the registration of identity certification through the blockchain. On the one hand, it can realize the protection of real identity information; on the other hand, it can avoid the storage overhead caused by the need to store a large number of certificates or key pairs. Due to the use of blockchain, there is no single point of failure in the authentication process, and it can be applied to distributed scenarios. Finally, the security analysis and performance evaluation demonstrate that the proposed scheme can meet the security requirements and is feasible.
The parameter data used to support the findings of this study are included within the article.
The authors declare that they have no conflicts of interest.
This research was supported by the National Key R&D Program of China (Grant no. 2017YFB1400700), the National Natural Science Foundation of China (Grant no. 62072487), the Natural Science Foundation of Beijing (Grant no. M21036), and the National Statistical Science Foundation of China (Grant no. 2020LD01).