In a fog computing environment, lots of devices need to be authenticated in order to keep the platform being secured. To solve this problem, we turn to blockchain techniques. Unlike the identification cryptographic scheme based on elliptic curves, the proposed 2-adic ring identity authentication scheme inherits the high verification efficiency and high key distribution of sequence ciphers of 2-adic ring theory, and this algorithm adds identity hiding function and trading node supervision function by design. The main designed application scenario of this solution is applicable to the consortium blockchain, and the master nodes are mutually trusting cooperative relations. The node transaction verification and block generation consensus algorithm designed in this solution can be implemented in a set of algorithms, which has higher verification efficiency and easier to be deployed than other solutions. This scheme can be widely used in the fog computing environment.

Security is very important in each network. The fog computing, which extends the function of cloud computing, has attracted lots of attention [

There are actually two functions in the blockchain that need to be appropriately adapted to the practical application. One is how to increase the supervision function in the decentralized architecture, and the other is how to ensure the privacy of user information under supervision. In 2012, Yu et al. [

In this paper, we introduce an identification cryptographic scheme suitable for consortium blockchain based on the 2-adic ring algorithm. The 2-adic ring [

This article is mainly composed of the following parts. The second part introduces the basic preliminaries; this part introduces the blockchain and consortium blockchain and the identification password and introduces the basic knowledge of the 2-adic ring to facilitate the reader to understand the subsequent security proof; the third part describes the design of the main cryptographic scheme in this article, the blockchain identification authentication scheme based on the 2-adic ring algorithm, and introduces the node composition and transaction implementation process of the scheme in the consortium blockchain; the fourth part proves and analyzes the security of the scheme attack resistance and finally summarizes the applicable scenarios of the program and suggestions for improvement.

Blockchain technology is built on the Internet. Using P2P, distributed storage, and distributed key ideas, a chronological sequence of data blocks is combined into a specific data structure in a chain. The chain structure of the blockchain uses cryptographic signatures to ensure that the chain connection of the data cannot be tampered with or forged. It can store a full amount of light time-series fingerprint data. The blockchain can be used as a data record database. The database is shared by network nodes. When nodes update data, they submit data records. Through the consensus mechanism, the data consistency between nodes is ensured. After the consistency is determined, the records like blockchain will never be changed or deleted.

The blockchain will also have different architectures due to different deployment environment models, such as public chain/consortium chain/private chain and side chain/crosschain. The encryption scheme in this article is mainly implemented in the consortium chain. In the consortium chain, the validity of the blockchain and the validity of the transaction are determined by a predetermined group of validators. This verification group forms a consortium chain. The consortium chain has the verification nodes and data changes initiated by the group of validators. The shared participating nodes are composed together.

The identification cryptosystem means that the signer holds an identification and a corresponding private key. The private key is generated by the Key Generation Center (KGC) through the combination of the private key and the signer’s identification. The signer uses his own private key to generate a digital signature on the data, and the verifier uses the signer’s logo to generate his public key to verify the validity/authenticity/integrity and legal identity of the signature. SM9 logo ciphers generally involve the calculation of bilinear pairs on finite fields/elliptic curves/elliptic curves. The 2-adic ring algorithm logo ciphers designed in this paper involve knowledge of finite field 2-adic rings.

Identification password verification steps are as follows:

Create a polynomial identification cryptographic algorithm to produce public and private keys

Set up a management node and establish an interactive protocol with the user. Executing this protocol can generate the private key and member certificate of the management node and use the private key of the group member of the group administrator

Using an identification password signature algorithm, after entering a message and a member private key, the signature of the message is output

Verify the original message/message signature/public key

Confirm the legality of the signature

Let binary strictly periodic sequence

Specifically, the addition of

Similarly, there are multiplications of

Let

In

Thus, the ring

There is a one-to-one correspondence between rational numbers

In this correspondence, we use the operations in

Let

This paper proposes an information authentication scheme suitable for consortium blockchain technology. By broadcasting transaction information encrypted by user identity information in transaction information, multi-KGC signature calculation is performed to hide user identity and transaction continuity.

The nodes in this scheme are divided into a primary node and a secondary node. The primary node is responsible for initializing the parameters of the AC algorithm and KGC signature used in the blockchain, executing the consensus algorithm for generating new blocks in the blockchain, participating in the continuous generation of blocks, and managing the joining of secondary nodes and distribution of related key. There can be multiple KGCs in a system, and new KGCs can only be added after they are approved by other KGCs. Each KGC has its own specific ID number and at a fixed time interval randomly generates an ID-based ID based on an algorithm

Secondary nodes

The network transaction process is as follows.

The secondary node

The secondary nodes

Compared with the verification algorithm of the identification standard, considering that there can be multiple KGC functional requirements in the consortium blockchain, the main KGC functions of the multi-KGC mode in this paper are allocated to the master node. The master node jointly participates in parameter maintenance and key generation, which meets the requirements of partial decentralization of the consortium blockchain. After verifying the identity and transaction legitimacy of the secondary nodes

In a blockchain transaction, when a node interacts with information, it needs to check the other party’s information. KGC can find the key to which user

This paper proposes an authentication scheme based on the 2-adic ring algorithm, which is mainly applicable to the design architecture of the consortium blockchain. The main node KGC is responsible for the generation of the blockchain. Since the designed scenario is a cooperative relationship of KGC for mutual trust, the consensus algorithm for block generation designed by this scheme does not have strong block generation rewards and competition. We use semicompetitive and semirandom blockchain accounting right allocation to complete block generation. Since the various KGCs do not trust and cooperate with each other, we rule out malicious forks of the blockchain.

When the secondary nodes

The new block needs to record the number and hash value of the previous block to ensure the continuity of the block. Each node needs to confirm the legality of generating the identity of the master node when receiving the heart block, and after the latest block is associated, the transaction information verification process is performed.

Based on the ID number of the secondary node in this solution, the identification authentication key

The specific process is as follows (Figure

The secondary nodes

After receiving the transaction request

The secondary nodes

Secondary nodes

After each KGC receives

The flowchart of 2-adic ring AC algorithm.

We introduce the nature of the

For each integer

The sequences generated by the largest periodic sequence of integers

The key point of the 2-adic ring AC algorithm proves is the arithmetic correlation property of sequence S, it has been proven readers may refer to [

Identification signature

Forged identity signature on KGC attack on master node

When the system parameters of the identification password scheme need to be updated, KGC needs to renegotiate a new random number, determine a new identification signature based on its ID number, and issue new transaction keys to participating nodes. The previous system parameters should still be retained, and the node can verify the signature before the update based on the parameters in effect at the time. As for the system parameters, since the random numbers are randomly selected, there is no connection between the two before and after the update, and the attacker cannot forge the key before the update based on the key at the current stage. If the attacker holds the key before the update, he cannot join the participating nodes to forge the signature at the current stage.

This solution is based on the 2-adic arithmetic correlation algorithm design. The legality verification key between nodes is a binary sequence string, which inherits the efficiency of sequence verification in communication. And each KGC competes to generate blocks with a simple polynomial time complexity, so the overall design scheme has higher verification block efficiency. In order to illustrate the operational efficiency and safety of this solution, this article lists several typical solutions for comparison (Table

Scheme efficiency and safety comparison.

Program | Signature efficiency | Verification efficiency | Forgery attack | Transaction information |
---|---|---|---|---|

SM9 | Satisfy | 25 KB | ||

CPKC [ | Satisfy | 15 KB | ||

CSS [ | Satisfy | 20 KB | ||

2-Adic ring arithmetic authentication scheme | Satisfy | 5 KB-10 KB |

This article turns to the basic design ideas of the identification password and the functions of the main nodes of the consortium blockchain as the entry point. Using 2-adic ring theory and arithmetic related algorithms, a new identification password authentication scheme applied in consortium blockchain is designed to serve the fog computing devices. Under the premise that the master node trusts each other, the scheme designs the master node to bear the relevant functions of KGC and bear the responsibility of block generation and accounting. Through security proof and efficiency analysis, this scheme has signatures that cannot be forged, transaction node anonymity, and forward security. Because the scheme is designed to be in a trusted environment, transaction authentication and consensus protocols can be implemented with a set of algorithm schemes, so the computational efficiency is greatly improved compared to classic identification passwords such as SM9. This solution can realize the identity verification between nodes in terms of computing time and security and protect the privacy of the nodes, which meets the functional requirements of consortium blockchain multicentralization and protection of node identity information. How to generate blocks between master nodes with competitive interests will be the next step of research work.

The mathematical formula data used to support the findings of this study are included within the article.

The authors declare that they have no conflicts of interest.