CN112583596B - Complete cross-domain identity authentication method based on block chain technology - Google Patents
Complete cross-domain identity authentication method based on block chain technology Download PDFInfo
- Publication number
- CN112583596B CN112583596B CN202010511018.3A CN202010511018A CN112583596B CN 112583596 B CN112583596 B CN 112583596B CN 202010511018 A CN202010511018 A CN 202010511018A CN 112583596 B CN112583596 B CN 112583596B
- Authority
- CN
- China
- Prior art keywords
- domain
- authentication
- information
- user
- authentication server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a block chain technology-based complete cross-domain identity authentication method, which comprises the following steps: (1) and a system initialization stage: the process mainly realizes the processes of initialization of public and private keys of a domain entity, establishment of a block chain network, deployment of chain codes, domain information storage and the like; (2) and the intra-domain authentication stage: the stage mainly realizes the application, verification, updating and revocation of the user identity; (3) and a cross-domain authentication stage: the interaction between the user to be authenticated and the authentication server, and between the authentication server and the block chain is adopted, so that the complete cross-domain authentication of the user is safely realized at the stage; the step (1) and the step (2) can be executed only once. The invention improves the authentication efficiency, ensures the authentication safety and realizes the complete cross-domain entity identity authentication.
Description
Technical Field
The invention relates to the field of cross-domain identity authentication, in particular to a complete cross-domain identity authentication method based on a block chain technology.
Background
Block chaining techniques: the block chain technology combines a series of computer technologies and cryptography technologies such as distributed storage, point-to-point communication, a consensus mechanism and an encryption algorithm, and the like, and realizes a highly trusted node network without participation of a third party. The block chains can be divided into three categories according to whether the network has a node admission mechanism and whether the main bodies having control authority are centralized: public, private, and federation chains. As a representative of a federation chain-the superbugt is a Linux foundation-initiated blockchain technology project that is dedicated to developing cross-industry commercial blockchain platform technology. The super account book combines three functional categories of member management, block chain technology and intelligent contracts, and is suitable for the consensus range among organizations.
Intelligent contract: an intelligent contract is an automated, self-validating and self-executing contract computer protocol that allows for the execution of predetermined logic without intervention by a third party. The widely used term "smart contract" is referred to as "chain code" in the super ledger. Similar to the intelligent contracts in the etherhouses, the chain codes in the super account book also have self-execution logic, but compared with the chain codes in the super account book, the chain codes in the super account book have more functions and are realized by integrating a large number of cryptographic algorithms, so that the chain codes are more friendly to users in the process of program development.
Digital signature: digital signatures are a technique that can determine the authenticity of information sources and ensure data integrity. A typical digital signature scheme mainly comprises the following three algorithms: 1) key generation algorithm- (pk, sk) ← sigλ): and transmitting a security parameter lambda to generate a public key pk and a private key sk. The public key is used for verifying the signature, and the private key is used for generating the signature; 2) signature algorithm- σ ← sig.sign (sk; m): using a private key sk of a signer to generate a signature sigma of the signer for the message m; 3) signature verification algorithm-sig.verify (pk; m, σ): using the public key pk of the signer, it is verified whether σ is the signature of the message m. If the verification is successful, the verification returns '1', otherwise, the verification returns '0'.
The hash algorithm: a cryptographic hash algorithm is a method for mapping an input message of any length to a short message digest of a fixed length, and is mainly applied in scenarios of ensuring data integrity, unidirectional data encryption, digital signature, and the like. The hashing algorithm has two basic characteristics: 1) unidirectional: for any given x, hash (x) is relatively easy to calculate. Given y, finding x that satisfies y hash (x) is computationally infeasible; 2) impact resistance: given the Hash algorithm Hash (), two different messages x are to be found1≠x2Hash value Hash (x)1)=Hash(x2) Is computationally infeasible.
Existing cross-domain authentication protocols can be broadly divided into three categories: a cross-domain authentication protocol Based on a conventional PKI, a cross-domain authentication protocol Based on an IBE (Identity-Based Encryption) technology, and a cross-domain authentication protocol Based on a block chain technology. The cross-domain authentication protocol based on the traditional PKI can be well compatible with the existing PKI topological structure, but has the problem of certificate management, so that the cross-domain process additionally increases the problems of certificate management, transfer overhead and the like. The cross-domain authentication protocol based on the IBE technology well solves the problems of complicated certificate management and the like caused by the traditional PKI authentication protocol, but increases authentication calculation and communication overhead to a certain extent. In addition to the above problems, most authentication protocols cannot achieve entity identity authentication across domains completely because of the premise assumption of the same cryptology system for different domains. The existing cross-domain authentication protocol based on the block chain technology can greatly reduce the authentication calculation overhead of the protocol while solving the problem of certificate management, improve the authentication efficiency to a certain extent, but cannot realize the complete cross-domain entity identity authentication.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a complete cross-domain identity authentication method based on a block chain technology, which is realized based on a super ledger of an alliance chain, and realizes complete cross-domain entity identity authentication on the premise of ensuring the security of an authentication process and improving the cross-domain authentication efficiency.
In order to solve the technical problems, the invention adopts the technical scheme that:
a full cross-domain identity authentication method based on a block chain technology comprises the following steps:
a) system initialization
(i) Domain entity public and private key initialization
All entities in the domain A and the domain B comprise corresponding domain proxy servers and all users in the domain, and respective public and private keys are initialized according to a domain cryptography system;
(ii) building block chain network and deploying chain codes
The step is authentication server AS in domain A and domain BAAnd ASBEstablishing a block chain network; after permission, authentication servers AS in domain A and domain BAAnd ASBAdding the link code into a block chain network, and deploying the previously defined link code; the chain code includes three functions;
the function processes the domain information storage request sent by the domain authentication server, and stores the public key hash value of the domain authentication serverSignature algorithm Sign of domain in which the key is locatedXHash with Hash algorithmXAs a value, a key value pairStoring the form of (1) into a blockchain network;
the function processes the user identity information storage request sent by the domain authentication server and stores the public key hash value of the userAs a key, the public key hash value of the domain authentication server in which it is locatedAnd status state as a value, key value pairStoring the form of (1) into a blockchain network;
(iii) domain information storage
Authentication server AS in domain A and domain BAAnd ASBSending a domain information storage request to a blockchain network BCStoring the signature and hash algorithm information of each domain into a block chain network;
b) intra-domain authentication
The method comprises the operations of application, verification, updating and revocation of user identity;
(i) application for
After system initialization, users in domain A and domain BAuthentication server AS towards home domainXSending a registration application information request domain identity authentication;
(ii) authentication
Domain authentication server AS for X domainXWithin receiving domain usersAfter the sent registration application information, the user is requested to doAnd authenticates the userStoring the identity information of the mobile terminal into the blockchain network;
(iii) updating
User' sWhen updating identity information, the AS server needs to be authenticated to the local domainXSubmitting the identity updating application information and requesting the domain authentication server ASXUpdating the identity information of the related user; after passing the verification, the domain authentication server ASXUser identity information in the block chain account book is updated;
(iv) revocation
At the userBefore leaving the local domain, the authentication server AS of the local domain needs to be provided withXSubmitting user identity revocation information to revoke the identity information of the user on the block chain account book;
c) cross-domain authentication
(ii)I.e. the authentication server AS in domain BBResponding to users in domain AThe sent access request information generates a random number N by using a random number generation algorithm and sends the random number N to the user in the domain AReturn message { N };
(iii)i.e. users in domain aAuthentication server AS in receiving Domain BBAfter the returned message, the random number N is signed and generated by using the own private signature keyThen to the authentication server ASBSending messagesWherein the content of the first and second substances,andrespectively correspond to usersThe private key and the public key of (c),is a Domain A authentication Server ASAThe public key of (2);
(iv)namely domain B authentication Server ASBReceiving a user in Domain AAfter the returned message, the transaction information is started to be sent to the blockchain networkWherein Verify is a predefined function in the blockchain network chain code;
(v)BC→ASBi.e. receiving authentication server AS from domain B, { VerRes }, i.e. receiving authentication server AS from domain BBAfter the transaction information has occurred, the blockchain BC starts to execute the function defined in advance in the chain codeAnd after the execution is finished, the domain B authentication server sends a chain code verification result { VerRes };
Domain-B authentication server ASBVerification authentication result information { VerRes }: if the returned information is authentication success information, the authentication is successfully completed, otherwise, the authentication fails.
Further, the function call process at the (v) point in the step (3) is specifically as follows:
step 1) obtaining domain A signature algorithm and hash algorithm information { SignA,HashA}
According to a store in advance in the blockchain networkThe key-value pair information, according to the domain A authentication server AS in the return messageAPublic key hash information ofThe chain code is used as a key value to inquire the account book; if the inquiry is wrong, the authentication is directly interrupted, and the domain B is authenticated by the AS serverBReturning error information that VerRes 'the user in the session N declares that the domain where the user is located is wrong'; if the inquiry is successful, continuing the following authentication process;
To return a signature in a messagePublic keyRandom number N and signature algorithm Sign of user's place returned from last stepAThe chain code verifies the correctness of the signature as a parameter; if the verification fails, the authentication is directly interrupted, and the AS server is authenticated to the domain BBReturning error information of VerRes that the user in the conversation N declares that the public key has errors; if the verification is successful, continuing the following authentication process;
step 3) verifying the user identity information
According to a store in advance in the blockchain networkKey value pair information to return the user's public key in a messageAnd the domain Hash algorithm Hash returned in the step 1)AThe chain code verifies the correctness of the user identity information as a parameter;
the query information is null: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information of VerRes 'users in the session N do not exist';
in querying informationAuthentication server AS with Domain BBComing fromInconsistency: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information that VerRes 'the user in the session N declares that the domain where the user is located is wrong';
state in the query message is false: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information of VerRes 'the user identity in the session N is unavailable';
and (4) query success: authenticating a Server AS to Domain BBReturning success information of VerRes 'user verification success in session N'.
Compared with the prior art, the invention has the beneficial effects that: the full cross-domain authentication between the entities is realized efficiently and safely. By introducing the block chain as a trusted third party, the entity identity authentication across the domains is completely realized while the calculation burden of the authentication server is reduced and the authentication security is ensured.
Drawings
Fig. 1 is a flowchart of a full cross-domain authentication method based on a block chain technique implemented in the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and specific embodiments. Table 1 is a description of the relevant protocol symbols.
Table 1 description of related protocol symbols
System initialization
The method mainly comprises three parts of domain entity public and private key initialization, block chain network establishment, chain code deployment and domain information storage.
(i) Domain entity public and private key initialization
All entities in the domain A and the domain B comprise corresponding domain proxy servers and all users in the domain, and respective public and private keys are initialized according to a domain cryptography system.
(ii) Building block chain network and deploying chain codes
The step is authentication server AS in domain A and domain BAAnd ASBA blockchain network is established. After permission, authentication servers AS in domain A and domain BAAnd ASBThe method is added into a block chain network, and a chain code defined in advance is deployed. The specific information of the chain code function is as follows:
·the function mainly processes the domain information storage request sent by the domain authentication server and stores the public key hash value of the domain authentication serverAs a key, the signature Sign of the domain in which it is locatedXHash with Hash algorithmXAs a value with a key value pairIs stored in the blockchain network.
·The function mainly processes the user identity information storage request sent by the domain authentication server and stores the public key hash value of the userAs a key, the public key hash value of the domain authentication server in which it is locatedAnd status state as a value with key value pairsIs stored in the blockchain network.
·The function mainly processes a user authentication request sent by the domain authentication server.
(iii) Domain information storage
Authentication server AS in domain A and domain BAAnd ASBSending a domain information storage request to a blockchain network BCAnd storing the signature and the hash algorithm information of each domain into the block chain network.
Intra-domain authentication
In order to manage the user identity in the domain with finer granularity, similar to the life cycle process of the traditional CA certificate, the user identity in the cross-domain authentication method of the invention also relates to the operations of application, verification, updating and revocation.
(i) Application for
After system initialization, users in domain A and domain BAuthentication server AS towards home domainXAnd sending registration application information to request the intra-domain identity authentication.
(ii) Authentication
Domain authentication server AS for X domainXWithin receiving domain usersAfter the sent registration application information, the user is requested to doAnd authenticates the userIs stored in the blockchain network.
(iii) Updating
User' sWhen updating identity information, the AS server needs to be authenticated to the local domainXSubmitting the identity updating application information and requesting the domain authentication server ASXAnd updating the related user identity information. After passing the verification, the domain authentication server ASXThe user identity information in the blockchain ledger is updated.
(iv) Revocation
At the userBefore leaving the local domain, the authentication server AS of the local domain needs to be provided withXAnd submitting user identity revocation information to revoke the identity information of the user on the block chain book.
(III) Cross-Domain authentication
As shown in fig. 1, cross-domain authentication in practical sense mainly includes the following steps:
Authentication server AS in Domain BBResponding to users in domain AThe sent access request information generates a random number N by using a random number generation algorithm and sends the random number N to the user in the domain AReturn message N.
Users in domain aAuthentication server AS in receiving Domain BBAfter the returned message, the random number N is signed by using the own private signature key and sent to the authentication server ASBSending messagesWherein the content of the first and second substances,andrespectively correspond to usersThe private key and the public key of (c),is a Domain A authentication Server ASAThe public key of (2).
Domain-B authentication server ASBReceiving a user in Domain AAfter the returned message, the transaction information is started to be sent to the blockchain networkWherein Verify is a predefined function of the blockchain network code.
(v)BC→ASB:{VerRes}
Receiving authentication Server AS from Domain BBAfter the transaction information has occurred, the blockchain BC starts to execute the function defined in advance in the chain codeThe specific process is as follows:
(1) obtaining Domain A signature Algorithm and Hash Algorithm information SignA,HashA}
According to a store in advance in the blockchain networkThe key-value pair information, according to the domain A authentication server AS in the return messageAPublic key hash information ofAnd the chain code takes the chain code as a key value to inquire the account book. If the inquiry is wrong, the domain does not exist, the authentication is directly interrupted, and the AS server is authenticated to the domain BBAnd returning error information of VerRes 'the user in the session N declares that the domain where the user is located is wrong'. If the query is successful, the following authentication process continues.
To return a signature in a messagePublic keyRandom number N and signature algorithm Sign of user's place returned from last stepAThe chain code verifies the correctness of the signature as a parameter. If the verification fails, the stated public key of the user is wrong, the authentication is directly interrupted, and the domain B is authenticated by the AS serverBAn error message is returned for VerRes "users in session N claim the public key is wrong". If the verification is successful, the following authentication process continues.
(3) Verifying user identity information
According to a store in advance in the blockchain networkKey value pair information to return the user's public key in a messageAnd the domain Hash algorithm Hash returned in the step (1)AThe chain code verifies the correctness of the user identity information as a parameter.
Query information is null: the user does not exist in each domain, the authentication is directly interrupted, and the AS server is authenticated to the domain BBReturn an error message of VerRes "user not present in session N".
In the query informationAuthentication server AS with Domain BBComing fromInconsistency: the user declares that the domain where the user is located is wrong, the authentication is directly interrupted, and the AS server is authenticated to the domain BBAnd returning error information of VerRes 'the user in the session N declares that the domain where the user is located is wrong'.
State in query information is false: although the user is really a legal user in the domain, the identity of the user is already revoked and can not be used continuously, the authentication is directly interrupted, and the AS server is authenticated to the domain BBReturning an error message of VerRes 'user identity in session N is unavailable'.
Query success: the purport information of the user is consistent with the block chain storage information, the user identity is successfully verified, and the domain B is authenticated by the AS serverBReturning success information of VerRes 'user verification success in session N'.
Domain-B authentication server ASBVerification authentication result information { VerRes }: if the returned information is authentication success information, the authentication is successfully completed, otherwise, the authentication fails.
Claims (2)
1. A full cross-domain identity authentication method based on a block chain technology is characterized by comprising the following steps:
(1) system initialization
(i) Domain entity public and private key initialization
All entities in the domain A and the domain B comprise corresponding domain proxy servers and all users in the domain, and respective public and private keys are initialized according to a domain cryptography system;
(ii) building block chain network and deploying chain codes
The step is authentication server AS in domain A and domain BAAnd ASBEstablishing a block chain network; after permission, authentication servers AS in domain A and domain BAAnd ASBAdding the link code into a block chain network, and deploying the previously defined link code; the chain code includes three functions;
the function processes the domain information storage request sent by the domain authentication server, and stores the public key hash value of the domain authentication serverAs a key, the signature Sign of the domain in which it is locatedXHash with Hash algorithmXAs a value with a key value pairStoring the form of (1) into a blockchain network;
the function processes the user identity information storage request sent by the domain authentication server and stores the public key hash value of the userAs a key, the public key hash value of the domain authentication server in which it is locatedAnd status state as a value with key value pairsStoring the form of (1) into a blockchain network;
(iii) domain information storage
Authentication server AS in domain A and domain BAAnd ASBSending a domain information storage request to a blockchain network BCStoring the signature and hash information of each domain into a block chain network;
(2) intra-domain authentication
The method comprises the operations of application, verification, updating and revocation of user identity;
(i) application for
After system initialization, users in domain A and domain BAuthentication server AS towards home domainXSending a registration application information request domain identity authentication;
(ii) authentication
Domain authentication server AS for X domainXWithin receiving domain usersAfter the sent registration application information, the user is requested to doAnd authenticates the userStoring the identity information of the mobile terminal into the blockchain network;
(iii) updating
User' sWhen updating identity information, the AS server needs to be authenticated to the local domainXSubmitting the identity updating application information and requesting the domain authentication server ASXUpdating the identity information of the related user; after passing the verification, the domain authentication server ASXUser identity information in the block chain account book is updated;
(iv) revocation
At the userBefore leaving the local domain, the authentication server AS of the local domain needs to be provided withXSubmitting user identity revocation information to revoke the identity information of the user on the block chain account book;
(3) cross-domain authentication
(ii)I.e. the authentication server AS in domain BBResponding to users in domain AThe sent access request information generates a random number N by using a random number generation algorithm and sends the random number N to the user in the domain AReturn message { N };
(iii)i.e. users in domain aAuthentication server AS in receiving Domain BBAfter the returned message, the random number N is signed by using the own private signature key and sent to the authentication server ASBSending messagesWherein the content of the first and second substances,andrespectively correspond to usersThe private key and the public key of (c),is a Domain A authentication Server ASAThe public key of (2);
(iv)ASB→BC:namely domain B authentication Server ASBReceiving a user in Domain AAfter the returned message, the transaction information is started to be sent to the blockchain networkWherein Verify is a predefined function in the blockchain network chain code;
(v)BC→ASB{ Ver Res }, i.e. received from the domain B authentication server ASBAfter the transaction information has occurred, the blockchain BC starts to execute the function defined in advance in the chain codeAnd after the execution is finished, the domain B authentication server sends a chain code verification result { Ver Res };
Domain-B authentication server ASBVerification authentication result information { Ver Res }: if the returned information is authentication success information, the authentication is successfully completed, otherwise, the authentication fails.
2. The method according to claim 1, wherein the function call procedure at the (v) th point in the step (3) is specifically as follows:
step 1) obtaining domain A signature algorithm and hash algorithm information { SignA,HashA}
According to a store in advance in the blockchain networkThe key-value pair information, according to the domain A authentication server AS in the return messageAPublic key hash information ofThe chain code is used as a key value to inquire the account book; if the inquiry is wrong, the authentication is directly interrupted, and the domain B is authenticated by the AS serverBReturning error information of Ver Res that the user in the conversation N declares that the domain where the user is located is wrong; if the inquiry is successful, continuing the following authentication process;
To return a signature in a messagePublic keyRandom number N and signature algorithm Sign of user's place returned from last stepAThe chain code verifies the correctness of the signature as a parameter; if the verification fails, the authentication is directly interrupted, and the AS server is authenticated to the domain BBReturning error information of Ver Res 'the user in the conversation N declares that the public key has errors'; if the verification is successful, continuing the following authentication process;
step 3) verifying the user identity information
According to a store in advance in the blockchain networkKey value pair information to return the user's public key in a messageAnd the domain Hash algorithm Hash returned in the step 1)AThe chain code verifies the correctness of the user identity information as a parameter;
the query information is null: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information of Ver Res 'users in the conversation N do not exist';
in querying informationAuthentication server AS with Domain BBComing fromInconsistency: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information of Ver Res that the user in the conversation N declares that the domain where the user is located is wrong;
state in the query message is false: directly interrupting the authentication and authenticating the AS server to the domain BBReturning error information of Ver Res 'the user identity in the conversation N is unavailable';
and (4) query success: authenticating a Server AS to Domain BBReturning success information of Ver Res 'user verification success in session N'.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010511018.3A CN112583596B (en) | 2020-06-08 | 2020-06-08 | Complete cross-domain identity authentication method based on block chain technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010511018.3A CN112583596B (en) | 2020-06-08 | 2020-06-08 | Complete cross-domain identity authentication method based on block chain technology |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112583596A CN112583596A (en) | 2021-03-30 |
CN112583596B true CN112583596B (en) | 2021-09-28 |
Family
ID=75119368
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010511018.3A Active CN112583596B (en) | 2020-06-08 | 2020-06-08 | Complete cross-domain identity authentication method based on block chain technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112583596B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113194469B (en) * | 2021-04-28 | 2022-05-13 | 四川师范大学 | 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain |
CN113162949A (en) * | 2021-05-13 | 2021-07-23 | 北京工业大学 | Cross-domain identity authentication scheme of industrial Internet of things equipment based on block chain |
CN113259381A (en) * | 2021-06-15 | 2021-08-13 | 南京邮电大学 | Intelligent medical cross-domain authentication method based on combination of block chain and IBC |
CN113507458B (en) * | 2021-06-28 | 2023-01-31 | 电子科技大学 | Cross-domain identity authentication method based on block chain |
CN113343213A (en) * | 2021-07-01 | 2021-09-03 | 北京邮电大学 | Multi-CA cross-domain authentication method based on block chain in distributed autonomous network |
CN113676447A (en) * | 2021-07-12 | 2021-11-19 | 海南大学 | Block chain-based scientific and technological service platform cross-domain identity authentication scheme |
CN113824563B (en) * | 2021-09-07 | 2023-03-28 | 电子科技大学 | Cross-domain identity authentication method based on block chain certificate |
CN114024749B (en) * | 2021-11-05 | 2022-11-29 | 西北工业大学 | Industrial equipment logic cross-domain access authentication method based on inter-domain cooperation of central nodes |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109194610A (en) * | 2018-07-24 | 2019-01-11 | 北京交通大学 | Vehicle-mounted mist data lightweight anonymous access authentication method based on block chain auxiliary |
CN110061851A (en) * | 2019-04-28 | 2019-07-26 | 广州大学 | A kind of across trust domain authentication method and system of decentralization |
CN110958229A (en) * | 2019-11-20 | 2020-04-03 | 南京理工大学 | Credible identity authentication method based on block chain |
CN110995718A (en) * | 2019-12-09 | 2020-04-10 | 广东电网有限责任公司 | Power terminal cross-domain authentication mechanism based on block chain |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103780618B (en) * | 2014-01-22 | 2016-11-09 | 西南交通大学 | A kind of based on across the isomery territory authentication accessing mandate bill and session cipher negotiating method |
CN108810073B (en) * | 2018-04-05 | 2021-05-04 | 西安电子科技大学 | Block chain-based Internet of things multi-domain access control system and method |
BR112019008000B1 (en) * | 2018-11-16 | 2022-03-15 | Advanced New Technologies Co., Ltd | Computer-implemented method for authenticating a domain name, computer-implemented method, non-transient computer-readable medium, and system for implementing a method |
CN109743172B (en) * | 2018-12-06 | 2021-10-15 | 国网山东省电力公司电力科学研究院 | Cross-domain network authentication method based on alliance block chain V2G and information data processing terminal |
-
2020
- 2020-06-08 CN CN202010511018.3A patent/CN112583596B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109194610A (en) * | 2018-07-24 | 2019-01-11 | 北京交通大学 | Vehicle-mounted mist data lightweight anonymous access authentication method based on block chain auxiliary |
CN110061851A (en) * | 2019-04-28 | 2019-07-26 | 广州大学 | A kind of across trust domain authentication method and system of decentralization |
CN110958229A (en) * | 2019-11-20 | 2020-04-03 | 南京理工大学 | Credible identity authentication method based on block chain |
CN110995718A (en) * | 2019-12-09 | 2020-04-10 | 广东电网有限责任公司 | Power terminal cross-domain authentication mechanism based on block chain |
Also Published As
Publication number | Publication date |
---|---|
CN112583596A (en) | 2021-03-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112583596B (en) | Complete cross-domain identity authentication method based on block chain technology | |
CN112039872B (en) | Cross-domain anonymous authentication method and system based on block chain | |
JP7109569B2 (en) | Digital certificate verification method and its device, computer equipment and computer program | |
US10742426B2 (en) | Public key infrastructure and method of distribution | |
CN113301022B (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
CN111294352A (en) | Data security authentication method between cloud and edge node | |
CN110959163A (en) | Computer-implemented system and method for enabling secure storage of large blockchains on multiple storage nodes | |
CN110930153B (en) | Block chain privacy data management method and system based on hidden third party account | |
US11228450B2 (en) | Method and apparatus for performing multi-party secure computing based-on issuing certificate | |
CN111815321A (en) | Transaction proposal processing method, device, system, storage medium and electronic device | |
CN113824563A (en) | Cross-domain identity authentication method based on block chain certificate | |
CN115378604A (en) | Identity authentication method of edge computing terminal equipment based on credit value mechanism | |
Bellare et al. | Deterring certificate subversion: efficient double-authentication-preventing signatures | |
KR20220006097A (en) | Method and device for public key management using blockchain | |
CN114125773A (en) | Vehicle networking identity management system and management method based on block chain and identification password | |
Pang et al. | Efficient and secure certificateless signature scheme in the standard model | |
CN114297678A (en) | Operation method, device, equipment and storage medium of union chain system | |
CN112039837B (en) | Electronic evidence preservation method based on block chain and secret sharing | |
Liu et al. | A blockchain-based cross-domain authentication management system for IoT devices | |
Liou et al. | T-auth: A novel authentication mechanism for the IoT based on smart contracts and PUFs | |
Yang et al. | Blockchain-based conditional privacy-preserving authentication protocol with implicit certificates for vehicular edge computing | |
CN116389111A (en) | Identity authentication mode of alliance chain under strong authority control mode based on identification | |
CN115841330A (en) | Block chain cross-domain identity management and control system and method | |
CN114374700B (en) | Trusted identity management method supporting wide area collaboration based on master-slave multiple chains | |
Li et al. | Cross-Domain Authentication Scheme for IoT Devices Based on BlockChain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |