A Novel Blockchain Identity Authentication Scheme Implemented in Fog Computing

In a fog computing environment, lots of devices need to be authenticated in order to keep the platform being secured. To solve this problem, we turn to blockchain techniques. Unlike the identification cryptographic scheme based on elliptic curves, the proposed 2-adic ring identity authentication scheme inherits the high verification efficiency and high key distribution of sequence ciphers of 2-adic ring theory, and this algorithm adds identity hiding function and trading node supervision function by design. The main designed application scenario of this solution is applicable to the consortium blockchain, and the master nodes are mutually trusting cooperative relations. The node transaction verification and block generation consensus algorithm designed in this solution can be implemented in a set of algorithms, which has higher verification efficiency and easier to be deployed than other solutions. This scheme can be widely used in the fog computing environment.


Introduction
Security is very important in each network. The fog computing, which extends the function of cloud computing, has attracted lots of attention [1]. The main idea is pushing the centralized function to decentralized function. There are many varieties, such as edge computing and cloudlet [2][3][4]. The decentralized network means that there needs to be an identity authentication scheme to keep the environments being secured. The blockchain has built a new trusted largescale assistance method based on the information Internet to solve the trust problem of the development of the digital economy. As a new technology, blockchain technology has the characteristics required by various application scenarios such as transparency and credibility, tamper resistance, traceability, and decentralization. Applications have been extended from the financial field to supply chain management, government services, energy copyright storage, Internet of Things [5], fog computing, and other fields. In a narrow sense, a blockchain is a type of chained data that combines data blocks in a chronological order in a sequential manner and uses cryptography to ensure a tamper-proof and unforgeable distributed ledger. Broadly speaking, blockchain technology uses blockchain data structure blocks to verify and store data, uses distributed node consensus algorithms to generate and update data, and uses cryptography to ensure the security of data transmission and access. A smart contract composed of script code turns into and operates a new distributed infrastructure and computing paradigm for data. Unlike the traditional centralized structure, the blockchain mechanism does not rely on a specific central node to process and store data, so information leakage caused by malicious centers or other reasons can be avoided. In the actual application scenarios of blockchain, hash functions and digital signature algorithms are widely used in blockchain to verify the correctness of blocks and transactions. The traditional PKI mechanism does not conform to the "decentralized" characteristics of the blockchain because the weight of the trusted center is too large, so certificateless encryption and signature schemes are mostly used in blockchain technology.
There are actually two functions in the blockchain that need to be appropriately adapted to the practical application. One is how to increase the supervision function in the decentralized architecture, and the other is how to ensure the privacy of user information under supervision. In 2012, Yu et al. [6] proposed a certificateless signature scheme that can be proved safe under the standard model. However, this scheme requires more than 5 bilinear pairing operations, and the calculation efficiency is low. In the same year, Gong and Li [7] proposed a certificateless password mechanism based on elliptic curves, but the resistance to participating node attacks was weak. In 2013, Miers and others [8] proposed an anonymous blockchain digital currency scheme based on Bitcoin. This scheme uses zero-knowledge proof cryptography technology to ensure the transaction by hiding the user address and cutting off the contact between the two parties. The nonrelevance of the system can achieve the untraceable effect, but the scheme needs to maintain the currency revocation list at the node to ensure the uniqueness of the transaction, which affects the efficiency of the transaction to a certain extent. In 2016, Shen and Adam proposed ringbased signatures. In 2016, Shen and Adam [9] proposed a ring-based signature secret transaction scheme. This scheme randomly selects irrelevant addresses and performs ring signatures together with the transaction initiator to achieve the purpose of confusing the identity of the transaction user. However, both the scheme and the zero-coin scheme have the problem of poor traceability due to the cutoff of the transaction association, which is difficult to be applied in actual scenarios, and the amount of single transaction information is too large. The anonymity of the scheme depends on the number of addresses participating in the ring signature. To reduce the amount of transaction information and reduce the number of addresses, you will also face the risk of deanonymization. The combination of blockchain and identification password can solve part of the problem of blockchain decentralization supervision. SM9 is an identification password, and there are a large number of blockchain identification password systems designed based on SM9 at home and abroad. Taking the consortium blockchain in the blockchain as the application environment, performing exponential operation and bilinear pairing operation can be the consortium blockchain. The application provides effective security and privacy protection support.
In this paper, we introduce an identification cryptographic scheme suitable for consortium blockchain based on the 2-adic ring algorithm. The 2-adic ring [10] is a finite ring that can correspond to any bit string in a finite field. When designing with this theoretical basis, it can inherit the recognition and verification efficiency of binary sequence ciphers in computer communication and can solve a large number of node verification of key distribution issues. Part of the security of passwords is based on the 2-adic ring theory. For an attacker, you need to be familiar with the 2adic ring theory to recognize the algorithm and increase the difficulty of supply.
This article is mainly composed of the following parts. The second part introduces the basic preliminaries; this part introduces the blockchain and consortium blockchain and the identification password and introduces the basic knowledge of the 2-adic ring to facilitate the reader to understand the subsequent security proof; the third part describes the design of the main cryptographic scheme in this article, the blockchain identification authentication scheme based on the 2-adic ring algorithm, and introduces the node composition and transaction implementation process of the scheme in the consortium blockchain; the fourth part proves and analyzes the security of the scheme attack resistance and finally summarizes the applicable scenarios of the program and suggestions for improvement.

Preliminary Knowledge
2.1. Blockchain and Consortium Blockchain. Blockchain technology is built on the Internet. Using P2P, distributed storage, and distributed key ideas, a chronological sequence of data blocks is combined into a specific data structure in a chain. The chain structure of the blockchain uses cryptographic signatures to ensure that the chain connection of the data cannot be tampered with or forged. It can store a full amount of light time-series fingerprint data. The blockchain can be used as a data record database. The database is shared by network nodes. When nodes update data, they submit data records. Through the consensus mechanism, the data consistency between nodes is ensured. After the consistency is determined, the records like blockchain will never be changed or deleted.
The blockchain will also have different architectures due to different deployment environment models, such as public chain/consortium chain/private chain and side chain/crosschain. The encryption scheme in this article is mainly implemented in the consortium chain. In the consortium chain, the validity of the blockchain and the validity of the transaction are determined by a predetermined group of validators. This verification group forms a consortium chain. The consortium chain has the verification nodes and data changes initiated by the group of validators. The shared participating nodes are composed together.

Identification Password Algorithm.
The identification cryptosystem means that the signer holds an identification and a corresponding private key. The private key is generated by the Key Generation Center (KGC) through the combination of the private key and the signer's identification. The signer uses his own private key to generate a digital signature on the data, and the verifier uses the signer's logo to generate his public key to verify the validity/authenticity/integrity and legal identity of the signature. SM9 logo ciphers generally involve the calculation of bilinear pairs on finite fields/elliptic curves/elliptic curves. The 2-adic ring algorithm logo ciphers designed in this paper involve knowledge of finite field 2-adic rings.
Identification password verification steps are as follows: (i) Create a polynomial identification cryptographic algorithm to produce public and private keys (ii) Set up a management node and establish an interactive protocol with the user. Executing this protocol can generate the private key and member certificate of the management node and use the private key of the group member of the group administrator 2 Wireless Communications and Mobile Computing (iii) Using an identification password signature algorithm, after entering a message and a member private key, the signature of the message is output (iv) Verify the original message/message signature/ public key (v) Confirm the legality of the signature 2.3. 2-Adic Integer and Arithmetic Crosscorrelation. Let binary strictly periodic sequence s = sð0Þ, sð1Þ, sð2Þ, sð3Þ, ⋯, have the least period T, sðt + TÞ = sðtÞ. A 2-adic integer is a formal power series ϖ = ∑ ∞ t=0 sðtÞ•2 t , with sðtÞ ∈ f0, 1g. The set Z 2 of the 2-adic integers forms a ring under the operations of addition and multiplication with carry [11], the string 000 ⋯ as merely, and the string 100 ⋯ as 1, and define 1 + 2 + 2 2 ••• = −1, the infinite string 111 ⋯ is a base 2 expansion of a negative integer -1.
Specifically, the addition of Z 2 integers is given by Similarly, there are multiplications of Z 2 integers [11]. Let q = 1 + q 1 2 + q 2 2 3 + •••+q r 2 r be an odd integer, then the negative integer −q is associated to the product −q = 1 + 2 + 2 2 + 2 3 In Z 2 , the formal power series −q has a unique (multiplicative) inverse Thus, the ring Z 2 contains every rational number h/q provided q is odd.
Proposition 1 (see [11]). There is a one-to-one correspondence between rational numbers ϖ = h/q (where q is an odd number) and eventually periodic binary sequences s, which associates to each rational number ϖ and the bit sequence s = sð0Þ, sð1Þ, sð2Þ••• of its 2-adic expansion. The sequence s is strictly periodic if and only if ϖ ≤ 0 and jϖj ≤ 1.
In this correspondence, we use the operations in Z 2 to introduce the arithmetic crosscorrelation.
Definition 2 (see [11]). Let s 1 and s 2 be two strictly binary periodic sequences with period T, and let 0 ≤ τ < T and s τ 2 be the τ shift of s 2 . Denote ϖ 1 and ϖ τ 2 as the 2-adic integers corresponding to the sequences s 1 and s τ 2 . Then, the corresponding sequence s 3 of ϖ 1 − ϖ τ 2 is strictly periodic or eventually periodic, and its period divides T. The shift arithmetic crosscorrelation C a s 1 ,s 2 ðτÞ of s 1 and s 2 is the number of zeros minus the number of ones in one period of length T of s 3 .

Identity Authentication Scheme Based on 2-Adic Ring AC Algorithm
This paper proposes an information authentication scheme suitable for consortium blockchain technology. By broadcasting transaction information encrypted by user identity information in transaction information, multi-KGC signature calculation is performed to hide user identity and transaction continuity.
3.1. Node Composition. The nodes in this scheme are divided into a primary node and a secondary node. The primary node is responsible for initializing the parameters of the AC algorithm and KGC signature used in the blockchain, executing the consensus algorithm for generating new blocks in the blockchain, participating in the continuous generation of blocks, and managing the joining of secondary nodes and distribution of related key. There can be multiple KGCs in a system, and new KGCs can only be added after they are approved by other KGCs. Each KGC has its own specific ID number and at a fixed time interval randomly generates an ID-based ID based on an algorithm P i , P i = HðID i khid, NÞ. The secondary node holds its own signature key pair, and the secondary node is the user who signs the KGC. Conduct transactions between secondary nodes to complete the peer-to-peer transaction information transfer process. After the KGC negotiates the transaction, it will be broadcasted to the entire network, and the new block will write the transaction, which will be confirmed and effective by each KGC master node.

Transaction Process.
The network transaction process is as follows.
3.2.1. Signature Generation. The secondary node A has to conduct transactions with the secondary node B, and the transaction task is n AB . The secondary nodes A and B broadcast to the primary node KGC, and the secondary nodes A and B generate verification keys e A = HðID A , n AB Þ and e B = HðID B , n AB Þ according to their unique ID numbers IDA and IDB. Secondary node A retains e A and secondary node B retains e B . The main node KGC has its own characteristic ID number and generates an identification number identifier P i during the time period of transaction n AB , P i = HðID i k hid, NÞ. The contract can generate a large prime number P based on the identification P 1 , P 2 , •••,P i ,•••,P N , and send ðFðP i , k A Þ, FðP i , k B ÞÞ to each KGC, FðP, k A Þ to the secondary node A, and FðP, k B Þ to the secondary node B. The primary node KGC holds ðFðP i , k A Þ, FðP i , k B Þ, n AB Þ, 3 Wireless Communications and Mobile Computing the secondary node A holds ðFðP, k A Þ, e A Þ, and the secondary node B holds ðFðP, k B Þ, e B Þ.

Signature Verification. The secondary nodes A and B
conduct transactions, the secondary node A generates a key sequence S A = SðFðP, k A Þ, e A , n AB Þ based on ðFðP, k A Þ, e A Þ, the secondary node B generates a key sequence S B = SðFðP, k B Þ, e B , n AB Þ based on ðFðP, k B Þ, e B Þ, and the secondary nodes A and B send S A and S B to each other. The secondary node verifies the legality of the other party, and the formula is CðS A , S B Þ = 0 then the identity is legal. If CðS A , S B Þ ≠ 0, it means that the secondary nodes A and B have not obtained the identification key issued by KGC and are not in the transaction, or the transaction has expired.
Compared with the verification algorithm of the identification standard, considering that there can be multiple KGC functional requirements in the consortium blockchain, the main KGC functions of the multi-KGC mode in this paper are allocated to the master node. The master node jointly participates in parameter maintenance and key generation, which meets the requirements of partial decentralization of the consortium blockchain. After verifying the identity and transaction legitimacy of the secondary nodes A and B, they are sent S A , S B , n AB to KGC. Each KGC is calculated according to the competition and broadcasted to the main node KGC of the entire network. Each KGC writes a block after verification and broadcasts the secondary to the entire network. The transactions of nodes A and B are successfully included in the blockchain, and each KGC stores transaction information. Each KGC calculates ðe A , e B Þ according to the competition of S A , S B , n AB and broadcasts it to the main node KGC of the whole network. Each KGC writes the block after verification and broadcasts the transactions of the secondary nodes A and B to the whole network, storing transaction information.
In a blockchain transaction, when a node interacts with information, it needs to check the other party's information. KGC can find the key to which user A belongs according to the user information IDA it holds and check whether it is revoked and changed to determine the time of the transaction and legality. When revoking the secondary node, record the "obsolete" mark in the ID number of the member information to be revoked. Second, when the system parameters need to be updated, KGC can regenerate the system parameters and update the user information while retaining the system coefficients that were used.

Blockchain Generation and
Verification. This paper proposes an authentication scheme based on the 2-adic ring algorithm, which is mainly applicable to the design architecture of the consortium blockchain. The main node KGC is responsible for the generation of the blockchain. Since the designed scenario is a cooperative relationship of KGC for mutual trust, the consensus algorithm for block generation designed by this scheme does not have strong block generation rewards and competition. We use semicompetitive and semirandom blockchain accounting right allocation to complete block generation. Since the various KGCs do not trust and cooperate with each other, we rule out malicious forks of the blockchain.
When the secondary nodes A and B initiate the transaction n AB , the number n * AB to which the last associated transaction information belongs and the hash value Hðn * AB Þ to which A belongs to in the last associated transaction need to be added. The master node KGC needs to publish whether transaction n AB is the last related transaction of n * AB and confirm whether the transaction between nodes A and B is legal. The block record information Hðn AB Þ = Hðe A , e B , n AB Hðn AB Þ Þ of n AB is generated after the transaction.
The new block needs to record the number and hash value of the previous block to ensure the continuity of the block. Each node needs to confirm the legality of generating the identity of the master node when receiving the heart block, and after the latest block is associated, the transaction information verification process is performed.

Specific Process.
Based on the ID number of the secondary node in this solution, the identification authentication key e can be generated, which can protect the privacy information of the secondary node, and can be designed to add the identification information of KGC to the ID when generating e, so that KGC can be authorized under certain conditions and it can identify the identity of secondary nodes and realize the supervision of individuals and transactions. In actual scenarios, it can be used for Internet transactions based on citizen ID numbers. Each KGC can include a supervisory unit that issues citizen ID numbers. Internet applications that require identification, banks, governments, communication companies, schools, and other departments, need to confirm their identities and business handling and transactions.
The specific process is as follows (Figure 1): (i) The secondary nodes A and B initiate the creation of transaction n AB , and the secondary nodes A and B each verify the legitimacy of n AB . According to the last associated transaction n * AB , both parties send a transaction request n AB to the primary node, KGC, after authentication by both parties  [12]. For each integer n, p is satisfied ðp > 7, 4/p − 1Þ on the Galois ring Z/ðp e Þ. There is a maximum period sequence a = faðtÞg t≥0 , αðtÞϵGRðp e , nÞ sequence a = faðtÞg t≥0 maximum period is p e−1 ðp n−1 − 1Þ. Ring Z/ðp e Þ maximum sequence a = faðtÞg t≥0 composition of the sequence set is defined as A p e ,n . The sequence s = fsðtÞg t≥0 generated by a = faðtÞg t≥0 is defined by the following: The sequences generated by the largest periodic sequence of integers n in the Z/ðp e Þ form a binary periodic sequence set. The largest periodic sequences make up the set Sðp e 1 , nÞ and period is 2•p e−1 ðp n − 1Þ/ðp − 1Þ. Any two sequences s 1 , s 2 in set Sðp e 1 , n 1 Þ, Sðp e 1 , n 2 Þ ðe 1 ≠ e 2 , n 1 ≠ n 2 Þ satisfy C s 1 s 2 a = 0 [12]. The key point of the 2-adic ring AC algorithm proves is the arithmetic correlation property of sequence S, it has been proven readers may refer to [12].

Unforgeability Analysis.
Identification signature e A of the secondary node A: because the IDA number is generated based on identity e A , if the attacker forges identity e A ′ and forges the verification sequence password S A ′ , it is necessary to verify whether it is legal. Because the attacker cannot get FðP, k A Þ, so this scheme can resist identity forgery.
Forged identity signature on KGC attack on master node P A ′ : due to the overall design of the scheme, each KGC does not participate in the transaction, but only serves as transaction authentication and block generation, and the generation of block accounting rights is semirandom and does not rely too much on computing power and rights. Therefore, the attacker attacks KGC to obtain its own possibility of accounting rights. During the attack, there is no valuable information interaction between the malicious primary node and the malicious secondary node.

Wireless Communications and Mobile Computing
Therefore, as long as there is any credible KGC, this scheme can resist forged malicious attacks.

Forward and Backward
Security. When the system parameters of the identification password scheme need to be updated, KGC needs to renegotiate a new random number, determine a new identification signature based on its ID number, and issue new transaction keys to participating nodes. The previous system parameters should still be retained, and the node can verify the signature before the update based on the parameters in effect at the time. As for the system parameters, since the random numbers are randomly selected, there is no connection between the two before and after the update, and the attacker cannot forge the key before the update based on the key at the current stage. If the attacker holds the key before the update, he cannot join the participating nodes to forge the signature at the current stage.

Solution Efficiency and Safety
Analysis. This solution is based on the 2-adic arithmetic correlation algorithm design. The legality verification key between nodes is a binary sequence string, which inherits the efficiency of sequence verification in communication. And each KGC competes to generate blocks with a simple polynomial time complexity, so the overall design scheme has higher verification block efficiency. In order to illustrate the operational efficiency and safety of this solution, this article lists several typical solutions for comparison (Table 1); T E represents exponential calculation time, T M represents the dot multiplication operation time of the elements in the ring, and T B represents the homomorphic mapping operation time. Performance comparison and analysis table is available.

Conclusion
This article turns to the basic design ideas of the identification password and the functions of the main nodes of the consortium blockchain as the entry point. Using 2-adic ring theory and arithmetic related algorithms, a new identification password authentication scheme applied in consortium blockchain is designed to serve the fog computing devices. Under the premise that the master node trusts each other, the scheme designs the master node to bear the relevant functions of KGC and bear the responsibility of block generation and accounting. Through security proof and efficiency analysis, this scheme has signatures that cannot be forged, transaction node anonymity, and forward security. Because the scheme is designed to be in a trusted environment, transaction authentication and consensus protocols can be implemented with a set of algorithm schemes, so the computational efficiency is greatly improved compared to classic identification passwords such as SM9. This solution can realize the identity verification between nodes in terms of computing time and security and protect the privacy of the nodes, which meets the functional requirements of consortium blockchain multicentralization and protection of node identity information. How to generate blocks between master nodes with competitive interests will be the next step of research work.

Data Availability
The mathematical formula data used to support the findings of this study are included within the article.