Professional Documents
Culture Documents
Gu 2020 An Efficient Blockchain Based Cross
Gu 2020 An Efficient Blockchain Based Cross
Abstract—The existing cross-domain authentication mech- which cannot be requested in a single independent trust
anisms are established based on well-known Public Key domain, so coss-domain authentication problems arise[2].
Infrastructure (PKI) systems, where digital certificates issued When performing cross-domain authentication, a user
by Certificate Authority(CA) serve to authenticate the identity commonly obtain other users’ certificate through a complex
of entities. The complex authentication path, accompanied by certification path, which constitutes multiple certificate
multiple signatures and verifications, causes low authentication transmissions, digital signature and decryption.
efficiency. In addition, resulting from an "update gap" Correspondingly, frequent coss-domain access will lead to
between Certificate Revocation List(CRL) and Online increased network delay and decreased throughput.
Certificate Status Protocol(OCSP) mechanism, the revoked
certificates will be exposed to DDoS attacks. For addressing
CA
aforementioned two challenges, an efficient blockchain-based Entity
Domain B
authentication and secure certificate revocation scheme is
proposed. Based on the non-tamperability and traceability of
the blockchain, the signature module of X.509 digital
certificate is replaced by the certificate hash value which serves Entity
as the trust certificate between domains. Furthermore, a
consensus algorithm is adopted for random number hash Internet
broadcasting to improve efficiency. Theoretical analysis shows
Domain A Domain C
the proposed scheme has the security characteristics of non-
repudiation, anonymity and anti DDoS attack. The
experimental results demonstrate the proposed scheme has the
advantage over existing cross-domain authentication and Entity CA CA
certificate revocation scheme at communication and computing Entity
cost and security respectively.
Entity
Keywords-blockchain; consensus algorithm; cross-domain Entity
1777
The digital certificate is signed with the CA’s private A. System Architecture
key. Therefore, when user B uses the CA’s public key to The root CA of each domain joins the blockchain
read the certificate content, it also verifies that the digital network as a node. Under the given consensus algorithm, the
certificate is indeed from the CA and is reliable. efficient coss-domain authentication and the secure
When communicating across domains, a complex revocation of digital certificate in multi domain are realized
authentication process usually occurs. Suppose A has the through the blockchain transaction. The system architecture
digital certificate issued by CA named X1, and B has the is shown in Figure 2. “Entity” is the entity in each domain,
digital certificate issued by CA named X2, then A must including users, resources, services, etc. AS is the
obtain the public key of X2 to verify the digital certificate of authentication server of each domain, which is responsible
B, which requires that two CAs can exchange their public for checking the digital certificate submitted by the user
keys safely. The specific process is as follows. requesting communication.
Domain C Domain D
AS CA
Procedure of cross-domain authentication CA AS
Entity
= [ || || ] (4) Entity
Entity AS
Entity
is X1’s public key. AS
1778
Consensus Algorithm Procedure of cross-domain authentication
Parameters: 1. → : the user in the domain A requests to
y N is the number of miners; access the authentication server in the domain B.
y is miner, 1 ≤ ≤ ; 2. → The authentication server of domain B sends
y means the mining difficulty, 0 < ≤ 1. a random number of N to as the certificate for the
Process: next information transfer.
1. At the beginning of consensus period, each miner { , ( , )}
3. ⎯⎯⎯⎯⎯⎯⎯⎯⎯⎯⎯ : signs the received N with
generates a random number locally.
the private key and sends it to B with its own
2. The miner calculates and broadcasts the hash certificate.
value ( ) of the generated random number , H is 4. ( , ( , )): A checks whether the certificate
the SHA256 hash function; is within the validity period. If not, the
3. According to the difficulty coefficient , when a authentication fails. Otherwise, the signature
miner collects [ ] broadcasted hash values information is verified based on the public key of
{ ( ), ( ), … , ( [ ] )}, the miner broadcasts its in the certificate, and N is correctly recovered. The
own random number ; hash value of the certificate is calculated for the next
4. When a miner collects [ ] broadcasted random verification.
number { , , … , [ ] } , calculates = 5. AS B Hash(
Hash ( Cert A )
H
Cert
Certificates
tif : Query whether the
True / False
∑[ ] [ ]; hash value of the certificate stored in the blockchain
5. Miner is responsible for creating the next block ledger contains the hash value of ’s certificate. If it
containing the current transaction information. exists, proceed to the next step, otherwise the
authentication fails.
The hash value of the certificate issued by the CA is 6. AS B Hash(
sh( Cert )
Hash(
Ls : Check whether the CRL con-
CRL
CRLs A
True / False
included in the blockchain as a credential trusted by each tains the hash value of 's certificate. If the
domain. When coss-domain communication is carried out, certificate has not been revoked, proceed to the next
the AS of each domain will query the CA hash value in the step, otherwise the authentication fails.
blockchain ledger. When a certificate needs to be revoked, ( , )
7. ⎯⎯⎯⎯⎯⎯⎯⎯ : After the verification in the fifth
the certificate hash value in the Certificate Revocation List
will be included in the blockchain as the information shared and sixth steps, completes the authentication of
among the domains in time. At the same time, the in domain A and allows it to access domain B.
Certificate Revocation List will be stored in an open sends a random number encrypted by its
directory server accessible to each domain for the domain private key to as the certificate for to
authentication server to query the status of the certificate communicate with other entities in B domain.
( , )
through OCSP. 8. ⎯⎯⎯⎯⎯⎯⎯⎯ : sends a message encrypted
C. Cross-domain Authentication Protocol by the 's private key, and can verify the
message with the 's public key, it means that
Assume that user in the domain A requests to access has been successfully authenticated by and can
the user in the domain B, and the flow chart of the establish communication with it.
authentication process is shown in Figure 3.
The details of each step are as follows:
1. U A o AS B
2. U A m
N
AS B
3. U A
{Cert A , E ( PRA , N )}
o AS B
4. D PU A , E PRA , N
Hash ( Cert A )
H
Hash(
5. AS B True / False
Certtif
Certificates
Hash
H sh ( Cert A )
ash
6. AS B True / False
CRL
CRLs
Ls
E PRAS B , N 2
7. U A m AS B
1779
CA NodeCRL CRLs Server Client
1. Hash Cert
Hash Cert
2. CA o NodeCRL
The cross-domain authentication process of the domain B Based on blockchain transaction, the above certificate
to the domain A user is given above. Similarly, the coss- revocation protocol realizes the secure revocation of digital
domain authentication of the B domain user by the certificate through the common maintenance of CRL in
domain A only requires the domain A’s authentication server multiple domains, efficient consensus algorithm and support
and to repeat the above process. of OCSP query.
D. Certificate Revocation IV. ANALYSIS OF SCHEMA
When the certificate is in the validity period, the CA will
revoke the certificate in advance in the following cases [16], A. Security Analysis
and record the certificate in the certificate revocation list:
y The user's private key is considered insecure; y Non-repudiation
y The certificate has been abandoned or not issued No matter cross-domain authentication or certificate
according to the rules of CA; revocation, the scheme takes the hash value of digital
certificate as the trust certificate between domains, and
y The certificate is considered insecure.
compares the hash value of digital certificate provided by
Certificate revocation must ensure that certificate
users with the hash value of certificate recorded in
revocation list can be shared among multiple domains in
blockchain Ledger as the only judgment basis for
time, and provide a fast query method at the same time. The
authentication and revocation list query. The inherent
certificate revocation flow chart is shown in Figure 4. The
properties of hash function ensure the non-repudiation of the
details of each step are as follows:
scheme:
Process of certificate revocation
1) Collision-resistance: In the actual number range, for
1. The CA detects that a certificate needs to be revoked in
the same hash function ℎ ℎ(), two different digital
advance and calculates the hash value of the
certificate. certificates x1 and x2 have different hash values
2. The CA sends the hash value of the revocation cert- ℎ ℎ( ) and ℎ ℎ( ).
ificate to the designated node that receives 2) One-way property: Digital certificate x cannot be
the revocation information transaction. derived from its hash value ℎ ℎ( ).
3. According to the aforementioned consensus algorithm, In addition, the blockchain is inherently undeniable. The
miner m is responsible for the generation of transaction hash values recorded in the blockchain ledger are all credible
blocks, that is, the certificate of revocation is to be and undeniable. The above properties ensure that the scheme
recorded in the blockchain ledger jointly maintained has non-repudiation.
by each domain. y Anti DDoS attack
4. The revoked certificate record is added to the Unlike the centralized system, the blockchain-based
certificate revocation list maintained jointly for each scheme proposed in this paper naturally has features such as
domain to query. point-to-point and multiple redundancy. Even if one node
5. The public directory server of each domain downloads fails, other nodes will not be affected, and there is no single
the certificate revocation list to the local for the point of failure.
authentication server of each domain to query. The scheme in reference [12] uses decentralized
6. The client queries the status of the certificate through consensus mechanism and introduces key sharing scheme to
OCSP. realize certificate revocation. In the scheme of reference
1780
[12], it must be assumed that at least half of the miners can communication cost of 2 ( − 1) . PBFT completes a
be trusted to ensure safety. The scheme in this paper has a consensus with communication cost of 2 ( − 1) +
higher security, because the final miner node responsible for ( − 1), where p is the probability of view switching and
generating a new block is jointly determined by the random is the difficulty coefficient of mining, 0 < ≤ 1, 0 < ≤
numbers and hash values generated by all miners, so the 1. The communication cost ratio of the two schemes is I, ∈
selection of miners is completely random. Each node [ , ], as shown in Figure 5.
maintains a local transaction pool and completely randomly
selects rules. Though the miner who is responsible for Referring to the value range of p and , the value of I is
generating the block refuses to write a transaction into the always larger than 1, which indicates the scheme in this
block and only one miner is trusted, the trusted miner must paper has lower communication cost.
be able to obtain the right to generate the block for a certain y Analysis of computing cost
time. Therefore, the system security can be guaranteed References [5] and [11] respectively proposed two
finally. typical improved cross-domain authentication schemes, the
latter is also based on the using blockchain technology to
y Anonymity implement cross-domain authentication scheme. In order to
In this scheme, the block chain ledger and CRL server compare the efficiency of the scheme in this paper with that
store not the digital certificate entity but the hash value of the in [5] and [11], the computing cost in the same cross-
digital certificate, so it does not contain the specific domain scenario is calculatedas shown in Table II.
information of the entity. Because the hash function is
unidirectional, the original certificate entity content can not TABLE II. COMPARISON OF COMPUTING COST OF COSS-DOMAIN
AUTH-ENTICATION
be recovered according to the hash value of the digital
certificate, which will not lead to privacy leaks. Therefore, Encryption Signature Hash caculation
Scheme
this scheme has good anonymity and privacy[17]. times times times
1781
revocation protocols are proposed. While satisfying the curve cryptosystem,” Tien Tzu Hsueh Pao/Acta Electron. Sin., vol. 42,
efficiency, the scheme has good security, non-repudiation, no. 6, pp. 1095–1102, 2014, doi: 10.3969/j.issn.0372-
2112.2014.06.010.
anonymity, and resistance to DDos attacks. Compared with
[6] Z. Jie, Z. Qi-Kun, G. Yong, Y. Yifeng, and T. Yu-An, “Inter-domain
the PBFT algorithm, the consensus algorithm in this paper alliance authentication protocol based on blind signature,” Int. J.
has lower communication cost. Through comparison and Secur. its Appl., vol. 9, no. 12, 2015, doi: 10.14257/ijsia.2015.9.12.19.
analysis with t existing solutions, the proposed scheme has [7] S. Kim, “Effective certificate revocation scheme based on weighted
higher security and effectiveness. voting game approach,” IET Inf. Secur., vol. 10, no. 4, 2016, doi:
The scheme proposed in this article is mainly focused on 10.1049/iet-ifs.2015.0047.
the scenario of cross-domain access on the web side. In the [8] A. A. Chariton, E. Degkleri, P. Papadopoulos, P. Ilia, and E. P.
future, we should consider how to improve the solution to Markatos, “DCSP: Performant certificate revocationa DNS-based
approach,” 2016, doi: 10.1145/2905760.2905767.
make it applicable in more network scenarios. In addition,
the implementation of the scheme needs to build a [9] J. Abou Jaoude and R. George Saade, “Blockchain applications -
Usage in different domains,” IEEE Access, vol. 7, 2019, doi:
blockchain network based on the proposed consensus 10.1109/ACCESS.2019.2902501.
algorithm. Future work will combine it with the existing [10] C. Fromknecht, D. Velicanu, and S. Yakoubov, “CertCoin: A
blockchain network and use smart contracts for development NameCoin Based Decentralized Authentication System 6.857 Class
to improve the convenience of development and maintenance. Project,” pp. 1–19, 2014.
[11] W. Wang, N. Hu, and X. Liu, “BlockCAM: A blockchain-based
ACKNOWLEDGMENT cross-domain authentication model,” 2018, doi:
10.1109/DSC.2018.00143.
This research is supported in part by the National key
[12] A. Zhang and X. Ma, “Decentralized Digital Certificate Revocation
research and development program of China, Joint research System Based on Blockchain,” in Journal of Physics: Conference
of IoT security system and key technologies based on Series, 2018, vol. 1069, no. 1, doi: 10.1088/1742-
quantum key (2020YFE0200600). 6596/1069/1/012125.
[13] Wattenhofer R. The Science of the Blockchain. Charleston, USA:
REFERENCES CreateSpace Independent Publishing Platform, 2016.
[1] L. Harn and J. Ren, “Generalized digital certificate for user [14] T. T. A. Dinh, J. Wang, G. Chen, R. Liu, B. C. Ooi, and K. L. Tan,
authentication and key establishment for secure communications,” “BLOCKBENCH: A framework for analyzing private blockchains,”
IEEE Trans. Wirel. Commun., vol. 10, no. 7, 2011, doi: in Proceedings of the ACM SIGMOD International Conference on
10.1109/TWC.2011.042211.101913. Management of Data, 2017, vol. Part F127746, doi:
[2] L. Zhang, H. Y. Ning, Y. Y. Du, Y. X. Cui, and Y. Yang, “Research 10.1145/3035918.3064033.
on the cross domain identity authentication in federated environment,” [15] Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, “An Overview of
2017, doi: 10.1109/CISP-BMEI.2016.7853040. Blockchain Technology: Architecture, Consensus, and Future Trends,”
[3] J. Chen, S. Yao, Q. Yuan, K. He, S. Ji, and R. Du, “CertChain: Public 2017, doi: 10.1109/BigDataCongress.2017.85.
and Efficient Certificate Audit Based on Blockchain for TLS [16] N. Malik, P. Nanda, A. Arora, X. He, and D. Puthal, “Blockchain
Connections,” in Proceedings - IEEE INFOCOM, 2018, vol. 2018- Based Secured Identity Authentication and Expeditious Revocation
April, doi: 10.1109/INFOCOM.2018.8486344. Framework for Vehicular Networks,” 2018, doi:
[4] Y. Liu et al., “An end-to-end measurement of certificate revocation in 10.1109/TrustCom/BigDataSE.2018.00099.
the Web’s PKI,” in Proceedings of the ACM SIGCOMM Internet [17] D. Puthal, N. Malik, S. P. Mohanty, E. Kougianos, and C. Yang, “The
Measurement Conference, IMC, 2015, vol. 2015-October, doi: Blockchain as a Decentralized Security Framework [Future
10.1145/2815675.2815685. Directions],” IEEE Consum. Electron. Mag., vol. 7, no. 2, 2018, doi:
[5] W. F. Zhang, X. M. Wang, W. Guo, and D. K. He, “An efficient 10.1109/MCE.2017.2776459.
inter-enterprise authentication scheme for VE based on the elliptic
1782