Certificateless Identity Management and Authentication Scheme Based on Blockchain Technology

Abstract

AbstractIdentity management and authentication in cyberspace is crucial for all forms of remote communication. The traditional authentication technology has great security risks due to its central third-party structure, such as single point of failure, malicious server attacks and so on. The emergence of blockchain technology provides a new way of thinking to solve this problem. This paper focuses on the identity management and authentication scheme based on blockchain technology. Using the decentralized, open and transparent characteristics of blockchain to make up for the shortcomings of traditional identity management and authentication mechanisms. In this paper, we analyze the BIDaaS [1] identity management and authentication scheme proposed by Jong-Hyouk and point out the obvious shortcomings of the scheme, such as suffer impersonating attack simply, virtual identities are not unique. We combine the specificity of biological characteristics to implement a unique virtual identity on the chain and improve the off-chain identity authentication process using a certificateless scheme to build a reasonable and secure identity management and authentication scheme, which realizes two-way authentication and session key agreement. The analysis shows that the scheme has a high level of safety.