XAuth: Efficient Privacy-Preserving Cross-Domain Authentication

【Author】 Chen, Jing; Zhan, Zeyi; He, Kun; Du, Ruiying; Wang, Donghui; Liu, Fei

【Source】IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING

【影响因子】6.791

【Abstract】It is well known that each Public Key Infrastructure (PKI) system forms a closed security domain and only recognizes certificates in its own domain (such as medical systems, financial systems, and 5G networks). When users need to access services in other domains, their identities often cannot be recognized or PKI systems require extremely complex operations to authenticate the users' identities. This is the cross-domain authentication problem. The distributed consensus feature of blockchain provides a technical approach to solve this problem. However, there are some unresolved problems in existing blockchain-based schemes. On one hand, due to the low throughput of blockchain systems, the response speed may be insufferable when the number of cross-domain authentication requirements becomes enormous. On the other hand, these schemes insufficiently consider the privacy risk in the cross-domain scenario. In this article, we propose an efficient privacy-preserving cross-domain authentication scheme called XAuth that is integrated naturally with the existing PKI and Certificate Transparency (CT) systems. Specifically, we design a lightweight correctness verification protocol based on Multiple Merkle Hash Tree for rapid response. To protect users' privacy, we present an anonymous authentication protocol for cross-domain authentication. The security analysis and experimental results demonstrate that XAuth is secure and efficient.

【Keywords】Authentication; Security; Blockchain; Privacy; Public key; Protocols; Computer architecture; Cross-domain authentication; public key infrastructure; blockchain; privacy-preserving

【发表时间】2022 44805

【收录时间】2022-09-15

【文献类型】实验仿真

【主题类别】

区块链技术-核心技术-加密算法