Abstract
The rapid development of network technology has brought new challenges to data security. As the first gateway of a certain mobile internet system, access authentication is an essential step that guarantees the internal security of the network. However, there are some problems in traditional cryptosystem-based authentication mechanisms, such as certificate management problem and centralized key escrow problem. Centralized storage of user information is restricted by the server, the security of the server is not within the user’s control, the stability of the server cannot be guaranteed, and personal privacy on the server may be leaked. In this paper, we focus on the private key escrow problem caused by the Private Key Generator (PKG) in Identity-Based Cryptosystems (IBC) mechanism and propose a Blockchain-assisted user public-private key generation scheme (BAKG) which introduces the blockchain to improve the robustness and reliability of key management. In BAKG, the user’s private key is determined by itself through combining the partial private keys from different PKGs, which prevents the risk of private key exposure caused by a single PKG. Meanwhile, based on the theory of the Combined Public Key (CPK) algorithm, we have designed a feasible blockchain-based key generation logic and developed a prototype authentication system based on the above concept. We further analyze the security of BAKG and the analytical results show that BAKG can meet various security requirements. In addition, according to the performance evaluation results, BAKG has good performance in both read/write consensus and different key length calculations, which means it has good potential for lightweight authentication applications.
This research was supported by the project under contract No. 2019-JCJQ-ZD-182-00-02.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Yao, S., Guan, J., Wu, Y., Xu, K., Xu, M.: Toward secure and lightweight access authentication in SAGINs. IEEE Wirel. Commun. 27(6), 75–81 (2020)
Anada, H.: Decentralized multi-authority anonymous authentication for global identities with non-interactive proofs. J. Internet Serv. Inf. Secur. (JISIS) 10(4), 23–37 (2020)
Duong, D.H., Susilo, W., Trinh, V.C.: Wildcarded identity-based encryption with constant-size ciphertext and secret key. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 11(2), 74–86 (2020)
Loh, J.-C., Heng, S.-H., Tan, S.-Y., Kurosawa, K.: On the invisibility and anonymity of undeniable signature schemes. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 11(1), 18–34 (2020)
Pöhn, D., Hommel, W.: Universal identity and access management framework for future ecosystems. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. (JoWUA) 12(1), 64–84 (2021)
Ribalta, C.N., Lombard-Platet, M., Salinesi, C., Lafourcade, P.: Blockchain mirage or silver bullet? A requirements-driven comparative analysis of business and developers’ perceptions in the accountancy domain. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 12(1), 85–110 (2021)
Lee, Y., Son, B., Park, S., Lee, J., Jang, H.: A survey on security and privacy in blockchain-based central bank digital currencies. J. Internet Serv. Inf. Secur. (JISIS) 11(3), 16–29 (2021)
Alizadeh, M., Andersson, K., Schelen, O.: A survey of secure internet of things in relation to blockchain. J. Internet Serv. Inf. Secur. (JISIS) 10(3), 47–75 (2020)
König, L., Unger, S., Kieseberg, P., Tjoa, S.: The risks of the blockchain a review on current vulnerabilities and attacks. J. Internet Serv. Inf. Secur. (JISIS) 10(3), 110–127 (2020)
Hui, H., et al.: Survey on blockchain for internet of things. J. Internet Serv. Inf. Secur. (JISIS) 9(2), 1–30 (2019)
Guan, J., Wu, Y., Yao, S., Zhang, T., Su, X., Li, C.: BSLA: blockchain-assisted secure and lightweight authentication for SGIN. Comput. Commun. 176, 46–55 (2021). https://www.sciencedirect.com/science/article/pii/S0140366421001997
Kohnfelder, L.M.: Towards a practical public-key cryptosystem. Ph.D. dissertation, Massachusetts Institute of Technology (1978)
Dierks, T., Rescorla, E.: The transport layer security (TLS) protocol version 1.2 (2008)
Clark, J., Van Oorschot, P.C.: SoK: SSL and HTTPS: revisiting past challenges and evaluating certificate trust model enhancements. In: 2013 IEEE Symposium on Security and Privacy, pp. 511–525. IEEE (2013)
Laurie, B.: Certificate transparency. Commun. ACM 57(10), 40–46 (2014)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36178-2_34
Ryu, G., Lee, K., Park, S., Lee, D.H.: Unbounded hierarchical identity-based encryption with efficient revocation. In: Kim, H., Choi, D. (eds.) WISA 2015. LNCS, vol. 9503, pp. 122–133. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31875-2_11
Fida, M.-R., Ali, M., Adnan, A., Arsalaan, A.S.: Region-based security architecture for DTN. In: 2011 Eighth International Conference on Information Technology: New Generations, pp. 387–392. IEEE (2011)
Guo, L., Wang, J., Yau, W.-C.: Efficient hierarchical identity-based encryption system for internet of things infrastructure. Symmetry 11(7), 913 (2019)
Bellare, M., Goldwasser, S.: Verifiable partial key escrow. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, CCS 1997, pp. 78–91. Association for Computing Machinery, New York (1997). https://doi.org/10.1145/266420.266439
Nan, X., Chen, Z.: A Profile to Network Security Techniques. National Defense Industry Press, Beijing (2003)
Sakai, R., Kasahara, M., et al.: ID based cryptosystems with pairing on elliptic curve. IACR Cryptology ePrint Archive, vol. 2003, p. 54 (2003)
Yu, M., Huang, X., Jiang, L., Liang, R.: Combined public key cryptosystem based on conic curves over the ring Zn. In: 2008 International Conference on Computer Science and Software Engineering, vol. 3, pp. 631–634. IEEE (2008)
Shi, Y., Qiu, S., Liu, J., Ma, T.: Novel efficient lattice-based IBE schemes with CPK for fog computing. Math. Biosci. Eng.: MBE 17(6), 8105–8122 (2020)
Zhang, Q., Yuan, J., Guo, G., Gan, Y., Zhang, J.: An authentication key establish protocol for WSNs based on combined key. Wirel. Pers. Commun. 99(1), 95–110 (2018)
Matsumoto, S., Reischuk, R.M.: IKP: turning a PKI around with decentralized automated incentives. In: IEEE Symposium on Security and Privacy (SP), pp. 410–426 (2017)
Wang, W., Hu, N., Liu, X.: BlockCAM: a blockchain-based cross-domain authentication model. In: 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), pp. 896–901. IEEE (2018)
Zhou, B., Li, H., Xu, L.: An authentication scheme using identity-based encryption & blockchain. In: 2018 IEEE Symposium on Computers and Communications (ISCC), pp. 00 556–00 561. IEEE (2018)
Cui, Z., et al.: A hybrid blockchain-based identity authentication scheme for multi-WSN. IEEE Trans. Serv. Comput. 13(2), 241–251 (2020)
Zhao, G., Di, B., He, H.: Design and implementation of the digital education transaction subject two-factor identity authentication system based on blockchain. In: 2020 22nd International Conference on Advanced Communication Technology (ICACT), pp. 176–180. IEEE (2020)
Huang, H., Chen, X.: Power mobile terminal identity authentication mechanism based on blockchain. In: International Wireless Communications and Mobile Computing (IWCMC), pp. 195–198. IEEE (2020)
F. open source working group. FISCO BCOS documentation (2020). https://fisco-bcos.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zhang, T., Lan, Z., Gao, X., Guan, J. (2022). The Design and Implementation of Blockchain-Assisted User Public-Private Key Generation Method. In: You, I., Kim, H., Youn, TY., Palmieri, F., Kotenko, I. (eds) Mobile Internet Security. MobiSec 2021. Communications in Computer and Information Science, vol 1544. Springer, Singapore. https://doi.org/10.1007/978-981-16-9576-6_10
Download citation
DOI: https://doi.org/10.1007/978-981-16-9576-6_10
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-9575-9
Online ISBN: 978-981-16-9576-6
eBook Packages: Computer ScienceComputer Science (R0)