摘要
借助区块链的权威性和公开性,基于区块链的去中心化公钥基础设施实现了分布式无中心的公钥证书认证方案。现有工作普遍集中在系统架构的实现上,对去中心化公钥证书的认证策略及效率问题却讨论较少。目前的研究大多使用链上遍历的方法查询公钥证书进行认证,效率较低。因此,本文提出了一种基于背书签名方案的链下证书获取和验证方案提升证书认证的效率。尽管该方案设计完全基于经典密码计算,但是并不需要对协议参与方的计算能力作任何限制性假设,适用范围广且具有计算安全性,对信道窃听免疫。最后,通过实验对比验证了该方法相对于传统方案的可行性和时效性。
Decentralized public key infrastructure is able to implement decentralized public key authentication based on the authoritativeness and publicity of the blockchain and provides a more secure and flexible certificate management scheme,which has attracted extensive attention of researchers.The existing achievements generally focus on the implementation of system architecture,but there is less discussion on the authentication strategy and efficiency of decentralized public key certificate.Many researches chose to traverse the entire blockchain to look up for a specific ID-PK pair and then verify whether the public key belongs to someone who claims it.However,this method is obviously inefficient.Therefore,this paper proposes an off-chain certificate acquisition and verification scheme based on endorsement signature to improve the efficiency of certificate authentication.Although the scheme is completely based on classical cryptographic computing,it does not need to make any restrictive assumptions about the computing power of the protocol participants,and has unconditional security and immunity to channel eavesdropping.Experiments verify the feasibility and timeliness of this method.
作者
石佳
曾学文
韩锐
SHI Jia;ZENG Xuewen;HAN Rui(National Network New Media Engineering Research Center Institute of Acoustics,Chinese Academy of Sciences,Beijing,100190,China;University of Chinese Academy of Sciences,Beijing,100049,China)
出处
《网络新媒体技术》
2023年第1期18-27,共10页
Network New Media Technology
基金
中国科学院先导专项课题:SEANET技术标准化研究与系统研制(编号:XDC02070100)
中国科学院声学研究所前沿基础项目课题(编号:QYJC201902)。
关键词
区块链
去中心化
公钥认证
信息中心网络
门限算法
blockchain
decentralized
public key authentication
Information-Centric Networking(ICN)
(t
n)-threshold