计算机科学 ›› 2023, Vol. 50 ›› Issue (5): 329-347.doi: 10.11896/jsjkx.220400169

• 信息安全 • 上一篇    下一篇

基于区块链技术的身份认证研究综述

张淑娥, 田成伟, 李保罡   

  1. 华北电力大学电子与通信工程系 河北 保定 071003
    河北省电力物联网技术重点实验室 河北 保定 071003
  • 收稿日期:2022-04-17 修回日期:2022-09-03 出版日期:2023-05-15 发布日期:2023-05-06
  • 通讯作者: 李保罡(baogangli@ncepu.edu.cn)
  • 作者简介:(zhangshue@ncepu.edu.cn)
  • 基金资助:
    国家自然科学基金(61971190);河北省自然科学基金(F2022502020);中央高校基本科研业务费专项资金(2019MS089);河北省高等学校科学技术研究重点项目(ZD2021406);河北省省级科技计划(SZX2020034)

Review of Identity Authentication Research Based on Blockchain Technology

ZHANG Shue, TIAN Chengwei, LI Baogang   

  1. Department of Electronic and Communication Engineering,North China Electric Power University,Baoding,Hebei 071003,China
    Hebei Key Laboratory of Power Internet of Things Technology,Baoding,Hebei 071003,China
  • Received:2022-04-17 Revised:2022-09-03 Online:2023-05-15 Published:2023-05-06
  • About author:ZHANG Shue,born in 1964,master,associate professor.Her main research interests include data security and microwave technology and application.
    LI Baogang,born in 1980,Ph.D,professor.His main research interests include wireless communication,blockchain,industrial Internet of Things,energy Internet and big data analysis.
  • Supported by:
    National Natural Science Foundation of China(61971190),Natural Science Foundation of Hebei Province,China(F2022502020),Fundamental Research Funds for the Central Universities(2019MS089),Technology Research in Colleges and Universities of Hebei Province(ZD2021406) and S&T Program of Hebei(SZX2020034).

摘要: 区块链技术由中本聪于2008年的白皮书中提出。作为点对点网络中的一种去中心化和分布式公共账本技术,区块链应用链接块结构来验证和存储数据,用可信共识机制来同步数据变化,为身份认证的实现提供了一种可信的技术方案。与传统集中式认证方式相比,基于区块链技术的身份认证可以在保护数据真实可靠、节点隐私安全的同时实现数据共享。文中概述了基于区块链技术的身份认证研究现状及进展。首先,从区块链的技术架构、分类以及共识算法系统地介绍了区块链的一些基本理论;然后重点介绍了口令认证技术、生物识别技术、PKI技术以及其结合区块链应用的身份认证目前的研究现状;接着从物联网、车联网、智能电网、金融、医疗等应用方面介绍了基于区块链的身份认证技术的研究进展;最后分析了区块链身份认证技术目前存在的问题,并展望了未来的发展趋势。

关键词: 区块链, 身份认证, 隐私安全, 数据保护, 访问控制

Abstract: Blockchain technology was proposed by Nakamoto in his 2008 white paper.As a decentralized and distributed public ledger technology in point-to-point networks,blockchain verifies and stores data by applying link block structure,and synchro-nizes data changes by applying trusted consensus mechanism,providing a trusted technical solution for the realization of identity authentication.Compared with traditional centralized authentication,identity authentication based on blockchain technology can realize data sharing while protecting the authenticity and reliability of data and the privacy and security of nodes.This paper summarizes the status and progress of identity authentication based on blockchain technology.Firstly,it systematically introduces some basic theories of blockchain from the technical architecture,classification and consensus algorithm of blockchain.Next,it focuses on password authentication technology,biometric technology,PKI technology and the current research status of identity authentication combined with blockchain application.Then it introduces the research progress of identity authentication technology based on blockchain from the application fields of Internet of things,Internet of vehicles,smart grid,finance,medical treatment and so on.Finally,it analyzes the current problems of blockchain identity authentication technology,and puts forward the future development trend.

Key words: Blockchain, Identity authentication, Security of privacy, Data protection, Access control

中图分类号: 

  • TP309
[1]HUSSAIN M,MEHMOOD A,KHAN S,et al.Authentication techniques and methodologies used in wireless body area networks[J].Journal of Systems Architecture,2019,101(5):1-28.
[2]NAKAMOTO S.Bitcoin:A peer to peer electronic cash system[EB/OL].https://bitcoin.org/bitcoin.pdf.
[3]WENG J,WENG J,ZHANG J,et al.DeepChain:Auditable and Privacy-Preserving Deep Learning with Blockchain-based Incentive[J].IEEE Transactions on Dependable and Secure Computing,2020,18(5):2438-2455.
[4]MAKHDOOM I,ABOLHASAN M,ABBAS H,et al.Block-chain's adoption in IoT:The challenges,and a way forward[J].Journal of Network and Computer Applications,2019,125(2):251-279.
[5]LIU Y,HE D,OBAIDAT M S,et al.Blockchain-based identity management systems:A review[J].Journal of Network and Computer Applications,2020,166(15):245-255.
[6]LI Q,SHU Z X,YU X,et al.Authentication Mechanism inBlockchain Systems[J].Journal of Command and Control,2019,5(1):1-17.
[7]YANG L.The blockchain:State-of-the-art and research challen-ges[J].Journal of Industrial Information Integration,2019,15(4):80-90.
[8]LAMPORT L,SHOSTAK R,PEASE M.The Byzantine Gene-rals Problem[J].ACM Transactions on Programming Languages and Systems,1982,4:382-401.
[9]DURRANI A.Research and Applied Perspective to Blockchain Technology:A Comprehensive Survey[J].Applied Sciences,2021,11(14):245-258.
[10]CHRISTIDIS K,DEVETSIKIOTIS M.Blockchains and SmartContracts for the Internet of Things[J].IEEE Access,2016,4:2292-2303.
[11]LAMPORT L.LAMPORT,Password Authentication with Insecure Communication[J].Communications of the ACM,1981,24(11):770-772.
[12]SHANKAR T N,RAKESH P,BHARGAWA R T,et al.Providing Security to Land Record with the computation of Iris,Blockchain,and One Time Password[C]//Proceedings of the 2021 International Conference on Computing,Communication,and Intelligent Systems(ICCCIS).Greater Noida,India,2021:226-231.
[13]KANG J,RONG Y,HUANG X,et al.Enabling Localized Peer-to-Peer Electricity Trading Among Plug-in Hybrid Electric Vehicles Using Consortium Blockchains[J].IEEE Transactions on Industrial Informatics,2017,15(5):840-852.
[14]ZHANG M,WANG L,YANG J.A Blockchain-Based Authentication Method with One-Time Password[C]//Proceedings of the 2019 IEEE 38th International Performance Computing and Communications Conference(IPCCC).London,UK,2019:1-9.
[15]BUCCAFURRI F,ANGELIS V D,NARDONE R.SecuringMQTT by Blockchain-Based OTP Authentication[J].Sensors,2020,20(7):261-269.
[16]JAYAN A P,BALASUBRAMANI A,KAIKOTTIL A,et al.An enhanced scheme for authentication using OTP and QR code for MQTT protocol[J].International Journal of Recent Technology and Engineering,Blue Eyes Intelligence Engineering and Sciences Publication,2019,7:70-75.
[17]ERDEM E,SANDKKAYA M T.OTPaaS-One Time Password as a Service[J].IEEE Transactions on Information Forensics and Security,2019,14(3):743-756.
[18]EL-BOOZ S A,ATTIYA G,EL-FISHAWY N.A secure cloud storage system combining time-based one-time password and automatic blocker protocol[J].EURASIP Journal on Information Security,2016,37(1):1-13.
[19]LAI C,DING Y.A Secure Blockchain-Based Group MobilityManagement Scheme in VANETs[C]//Proceedings of the 2019 IEEE/CIC International Conference on Communications in China(ICCC).Changchun,China,2019:340-345.
[20]ZHANG Z,XIAO Y,MA Z,et al.6G Wireless Networks:Vision,Requirements,Architecture,and Key Technologies[J].IEEE Vehicular Technology Magazine,2019,14(3):28-41.
[21]ZHANG R,XUE R,LIU L.Security and privacy on blockchain[J].ACM Computing Surveys,2020,52(3):1-34.
[22]LIN I C,LIAO T C.A Survey of Blockchain Security Issues and Challenges[J].International Journal of Network Security,2017,19(5):653-659.
[23]WANG C,CHEN S,CHEN S,et al.Trust Management for Reliable Cross-Platform Cooperation Based on Blockchain[C]//2021 IEEE International Conference on Web Services (ICWS).Chicago:IEEE,2021:629-634.
[24]LI X,JIANG P,CHEN T,et al.A Survey on the Security of Blockchain Systems[J].Future Generation Computer Systems,2018,16(8):258-268.
[25]MOHANTA B K,PAN S S,JENA D.An Overview of Smart Contract and Use Cases in Blockchain Technology[C]//Proceedings of the 2018 9th International Conference on Computing,Communication and Networking Technologies(ICCCNT).Bengaluru,India,2018:1-4.
[26]BLACK P,LAYTON R.Be Careful Who You Trust:Issues with the Public Key Infrastructure[C]//Proceedings of the 2014 Fifth Cybercrime and Trustworthy Computing Conference.Auckland,New Zealand,2015:12-21.
[27]SHPHEI K,YOSHIAKI S,MASAMI M,et al.Cross-Certification Towards Distributed Authentication Infrastructure:A Case of Hyperledger Fabric[J].IEEE Access,2020,8:135742-135757.
[28]YAN J,HANG X,YANG B,et al.Blockchain Based PKI and Certificates Management in Mobile Networks[C]//Proceedings of the 2020 IEEE 19th International Conference on Trust,Security and Privacy in Computing and Communications(Trust-Com).Guangzhou,China,2020:1764-1770.
[29]YAKUBOV A,SHBAIR W,WALLBOM A,et al.A Block-chain-Based PKI Management Framework[C]//2018 IEEE/IFIP Network Operations and Management Symposium.Taipei:IEEE,2018:1-6.
[30]SHEN H,ZHOU J,CAO Z,et al.Blockchain-Based Lightweight Certificate Authority for Efficient Privacy-Preserving Location-Based Service in Vehicular Social Networks[J].IEEE Internet of Things Journal,2020,7(7):6610-6622.
[31]BECKWITH E,THAMILARASU G.BA-TLS:Blockchain Authentication for Transport Layer Security in Internet of Things[C]//2020 7th International Conference on Internet of Things:Systems,Management and Security(IOTSMS).2020:268-275.
[32]SAHA S,CHATTARAJ D,BERA B,et al.Consortium blockchain-enabled access control mechanism in edge computing based generic Internet of Things environment[J].Transactions on Emerging Telecommunications Technologies,2021,32(6):1-34.
[33]WANG Z,LIN J,CAI Q,et al.Blockchain-based CertificateTransparency and Revocation Transparency[J].IEEE Transactions on Dependable and Secure Computing,2020,19(1):681-697.
[34]ZHAO G,DI B,HE H.A novel decentralized cross-domain identity authentication protocol based on blockchain[J].Transactions on Emerging Telecommunications Technologies,2022,33(1):4377-4393.
[35]BAO S,LEI A,CRUICKSHANK H,et al.A Pseudonym Certi-ficate Management Scheme Based on Blockchain for Internet of Vehicles[C]//2019 IEEE International Conference on Dependable,Autonomic and Secure Computing,International Confe-rence on Pervasive Intelligence and Computing,International Confe-rence on Cloud and Big Data Computing,International Conference on Cyber Science and Technology Congress(DASC/PiCom/CBDCom/CyberSciTech).Fukuoka:IEEE,2019:28-35.
[36]SIMPLICIO M A,COMINETTI E L,PATIL H K,et al.ACPC:Efficient revocation of pseudonym certificates using activation codes[J].Ad hoc networks,2019,7(90):1-14.
[37]CHO E,PERERA M.Efficient Certificate Management in Block-chain based Internet of Vehicles[C]//2020 20th IEEE/ACM International Symposium on Cluster,Cloud and Internet Computing(CCGRID).Melbourne,VIC,Australia:IEEE,2020:794-797.
[38]MATSUMOTO S,REISCHUK R.IKP:Turning a PKI Around with Decentralized Automated Incentives[C]//2017 IEEE Symposium on Security and Privacy(SP).San Jose:IEEE,2017:410-426.
[39]LEIDING B,CAP C H,MUNDT T,et al.Authcoin:Validation and Authentication in Decentralized Networks[J].Cryptography and Security,2016,5:121-134.
[40]WON J,SINGLA A,BERTINO E,et al.Decentralized PublicKey Infrastructure for Internet-of-Things[C]//2018 IEEE Mi-litary Communications Conference(MILCOM).Los Angeles:IEEE,2018:907-913.
[41]SINGLA A,BERTINO E.Blockchain-Based PKI Solutions for IoT[C]//2018 IEEE 4th International Conference on Collaboration and Internet Computing(CIC).Philadelphia:IEEE,2018:9-15.
[42]QIN B,HUANG J K,WANG Q,et al.Cecoin:A decentralized PKI mitigating MitM attacks[J].Future Generation Computer Systems,2020,107:805-815.
[43]HUANG Y X,WANG Y W,CHEN W X,et al.PKI cross-domain authentication model based on alliance chain[J].Computer Engineering and Design,2021,42(11):3043-3051.
[44]CHIU W Y,MENG W,JENSEN C D.Chain PKI-TowardsEthash-based Decentralized PKI with Privacy Enhancement[C]//Proceedings of the 2021 IEEE Conference on Dependable and Secure Computing(DSC).Aizuwakamatsu,Fukushima,Japan,2021:1-8.
[45]SARKAR A,SINGH B K.A review on performance,security and various biometric template protection schemes for biometric authentication systems[J].Multimedia Tools and Applications,2020,79(3):27721-27776.
[46]TOUTARA F,SPATHOULAS G.A distributed biometric au-thentication scheme based on blockchain[C]//Proceedings of the 2020 IEEE International Conference on Blockchain(Blockchain).Rhodes,Greece,2020:470-475.
[47]LEE Y K,JEONG J.Securing biometric authentication systemusing blockchain[J].ICT Express,2021,7(3):322-326.
[48]ZHOU Z,LI L X,GUO S,et al.Biometric and password two-factor cross domain authentication scheme based on blockchain technology[J].Journal of Computer Applications,2018,38(6):1620-1627.
[49]XU,Y,MENG,Y,ZHU H.An Efficient Double-Offloading Biometric Authentication Scheme Based on Blockchain for Cross Domain Environment[J].Wireless Personal Communications,2022,125:599-618.
[50]BAO D,YOU L.Two-factor identity authentication schemebased on blockchain and fuzzy extractor[J].Soft Computing,2021,27:1091-1103.
[51]KUMAR M,PRASAD M,RAJU U.BMIAE:Blockchain-basedMulti-instance Iris Authentication using Additive ElGamal Homomorphic Encryption[J].IET Biometrics,2020,9(4):165-177.
[52]DORRI A,KANHERE S S,JURDAK R,et al.Blockchain for IoT Security and Privacy:The Case Study of a Smart Home[C]//Proceedings of the 2017 IEEE International Conference on Pervasive Computing and Communications Workshops(PerCom Workshops).Kona,HI,USA,2017:618-623.
[53]OUADDAH A,ELKALAM A A,OUAHMAN A A.FairAc-cess:a new Blockchain-based access control framework for the Internet of Things[J].Security and Communication Networks,2016,9(18):5943-5964.
[54]SHARMA R,CHAKRABORTY S.BlockAPP:Using Block-chain for Authentication and Privacy Preservation in IoV[C]//Proceedings of the 2018 IEEE Globecom Workshops(GC Wkshps).Abu Dhabi,United Arab Emirates,2018:1-6.
[55]LI L,LIU J,CHENG L,et al.Creditcoin:a privacy-preservingblockchain-based incentive announcement network for communications of smart vehicles[J].IEEE Transactions on Intelligent Transportation Systems,2018,19(7):2204-2220.
[56]LUO B,LI X,WENG J,et al.Blockchain enabled trust-based location privacy protection scheme in VANET[J].IEEE Transactions on Vehicular Technology,2020,69(2):2034-2048.
[57]LIU X,HUANG H,XIAO F,et al.A Blockchain-Based Trust Management With Conditional Privacy-Preserving Announcement Scheme for VANETs[J].IEEE Internet of Things Journal,2020,7(5):4101-4112.
[58]LU Z,WANG Q,QU G,et al.A Blockchain-Based Privacy-Preserving Authentication Scheme for VANETs[J].Very Large Scale Integration(VLSI) Systems,2019,27(2):2792-2801.
[59]MA Z,ZHANG J,GUO Y,et al.An Efficient Decentralized Key Management Mechanism for VANET with Blockchain[J].Vehicular Technology,2020,69(6):5836-5849.
[60]LU Z,LIU W,WANG Q,et al.A Privacy-Preserving TrustModel Based on Blockchain for VANETs[J].IEEE Access,2018,6:45655-45664.
[61]CHENG L,LIU J,XU G,et al.SCTSC:A Semicentralized Traffic Signal Control Mode With Attribute-Based Blockchain in IoVs[J].IEEE Transactions on Computational Social Systems,2019,6(6):1373-1385.
[62]SINGH M,KIM S.Branch Based Blockchain Technology in Intelligent Vehicle[J].Computer Networks,2018,145(9):219-231.
[63]YANG Y T,CHOU L D,TSENG C W,et al.Blockchain-based traffic event validation and trust verification for vanets[J].IEEE Access,2019,7:30868-30877.
[64]TRIPATHI G,ABDUL A M,SATHIYANARAYANAN M.The Role of Blockchain in Internet of Vehicles(IoV):Issues,Challenges and Opportunities[C]//Proceedings of the 2019 International Conference on contemporary Computing and Informatics(IC3I).Singapore,2019:26-31.
[65]LI Y,GUO J W,DU L P,et al.Research on mobile terminalidentity authentication scheme based on combined symmetric key algorithm[J].Network Security Technology & Application,2016,1:94-95.
[66]MA X,ZHAO F G.Mobile terminal multi source biometric real-time identity authentication system for mobile Intemet[J].Video Engineering,2017,41(11):162-166.
[67]FAN Y,XU J,GAO Y.Research and Implementation of eID-based Identity Authentication System[J].Netinfo Security,2015,3:48-53.
[68]CHEN Z,GAO D,WANG D,et al.Quantum Key Based OptimalData Protection Model for Power Business[J].Automation of Electric Power System,2018,42(11):113-121.
[69]DONG G,CHEN Y,LI H,et al.Cross-domain AuthenticationCredibility based on Blockchain in Heterogeneous Environment[J].Communications Technology,2019,52(6):1450-1460.
[70]MA X,MA W,LIU X.A Cross Domain Authentication Scheme Based on Blockchain Technology[J].Acta Electronica Sinica,2018,46(11):2571-2579.
[71]DONG G S,CHEN Y X,LI H W,et al.Cross-domain Authentication Credibility based on Blockchain in Heterogeneous Environment[J].Communications Technology,2019,52(6):1450-1460.
[72]GUO Y,MA W,LI X.Cross-domain authentication schemebased on tmst for server entity Systems[J].Engineering and Electronics,2019,41(2):438-443.
[73]WANG X,GAO F,ZHANG J,et al.Cross-domain Authentication Mechanism for Power Terminals Based on Blockchain and Credibility Evaluation[C]//Proceedings of the 2020 5th International Conference on Computer and Communication Systems(ICCCS).Shanghai,China,2020:936-940.
[74]XIE Y R,MA W P,LUO W.New Cross-domain AuthenticationModel for Information Servers Entity[J].Computer Science,2018,45(9):177-182.
[75]HUANG H,CHEN X.Power Mobile Terminal Identity Au-thentication Mechanism Based on Blockchain[C]//Proceedings of the 2020 International Wireless Communications and Mobile Computing(IWCMC).Limassol,Cyprus,2020:195-198.
[76]OMAR A,MUSTAFA A,CLUTTERBUCK,et al.The state of play of blockchain technology in the financial services sector:A systematic literature review[J].International Journal of Information Management,2020,54:1-19.
[77]ASHARAF S,ADARSH S.Decentralized Computing usingBlockchain Technologies and Smart Contracts[C]//Pennsylvania.USA:IGI Globa,2017.
[78]ABEYRATNE S A,MONFARED R.Blockchain Ready Manufac-turing Supply Chain Using Distributed Ledger[J].International Journal of Research in Engineering and Technology,2016,5(9):1-10.
[79]TIAN F.An agri-food supply chain traceability system for Chinabased on RFID & blockchain technology[C]//Proceedings of the 2016 13th International Conference on Service Systems and Service Management(ICSSSM).Kunming,China,2016:1-6.
[80]LU Q H,XU X W.Adaptable Blockchain-Based Systems:712-72 A Case Study for Product Traceability[J].IEEE Software,2017,34(6):21-27.
[81]AL-MEGREN S,ALSALAMAH S,ALTOAIMY,et al.Blockchain Use Cases in Digital Sectors:A Review of the Literature[C]//Proceedings of the 2018 IEEE International Conference on Internet of Things(iThings) and IEEE Green Computing and Communications(GreenCom) and IEEE Cyber,Physical and Social Computing(CPSCom) and IEEE Smart Data(SmartData).Halifax,NS,Canada,2018:1417-1424.
[82]MCGHIN T,CHOO K,LIU C Z,et al.Blockchain in healthcare applications:Research challenges and opportunities[J].Journal of Network and Computer Applications,2019,135:62-75.
[83]JAVED I T,ALHARBI F,BELLAJ B,et al.Health-ID:ABlockchain-Based Decentralized Identity Management for Remote Healthcare[J].Healthcare,2021,9(6):712-724.
[84]WANG W,WANG L,ZHANG P,et al.A privacy protection scheme for telemedicine diagnosis based on double blockchain[J].Journal of Information Security and Applications,2021,61(2):2214-2126.
[85]MAMUN Q,RANA M.A robust authentication model usingmulti-channel communication for eHealth systems to enhance privacy and security[C]//Proceedings of the 2017 8th IEEE Annual Information Technology,Electronics and Mobile Communication Conference(IEMCON).Vancouver,BC,Canada,2017:255-260.
[86]KUMAR P,KUMARI S,SHARMA V,et al.A Certificateless Aggregate Signature Scheme for Healthcare Wireless Sensor Network[J].Sustainable Computing:Informatics and Systems,2017,18(6):80-89.
[87]SHARMA N,BHATT R.Privacy Preservation in WSN forHealthcare Application[J].Procedia Computer Science,2018,132:1243-1252.
[88]RAY I,ALANGOT B,NAIR S,et al.Using Attribute-Based Access Control for Remote Healthcare Monitoring[C]//Proceedings of the 2017 Fourth International Conference on Software Defined Systems(SDS).Valencia,Spain,2017:137-142
[89]SHRESTHA N M,ALSADOON A,PRASAD P,et al.En-hanced e-health framework for security and privacy in healthcare system[C]//Proceedings of the 2016 Sixth International Conference on Digital Information Processing and Communications(ICDIPC).Beirut,Lebanon,2016:75-79.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!