计算机工程与应用 ›› 2024, Vol. 60 ›› Issue (1): 57-73.DOI: 10.3778/j.issn.1002-8331.2302-0189
李馥娟,马卓,王群
出版日期:
2024-01-01
发布日期:
2024-01-01
LI Fujuan, MA Zhuo, WANG Qun
Online:
2024-01-01
Published:
2024-01-01
摘要: 区块链技术是一项集P2P网络、共识机制、密码学、博弈论、经济学等众多技术与理论于一体的应用创新,以其去中心化这一特质冲击着传统系统中心化机制带来的种种约束,通过共识机制在一个无需第三方信任机构的开放网络环境中实现交易的可信性、可溯源、防篡改等功能,其所形成的新型计算范式和信任机制有助于推动管理模式的转变。同时,区块链技术具有的账本公开和多方共识机制,为以交易为最小数据单元的区块链系统身份管理提出了挑战。梳理区块链系统身份管理技术的重要研究成果,为系统掌握区块链身份标识和认证方式、加强不同应用场景中的信息发现和价值挖掘提供借鉴。在讨论传统系统与区块链系统身份管理特征,并明确区块链身份管理主要内容的基础上,阐释UTXO模型和账户模型的特点,深入分析基于公钥转换、数字证书和去中心化数字身份3类区块链系统身份标识机制,以及匿名认证、实名认证和可控匿名认证3类区块链认证方式,最后对区块链身份管理技术的未来发展进行展望。
李馥娟, 马卓, 王群. 区块链系统身份管理机制研究综述[J]. 计算机工程与应用, 2024, 60(1): 57-73.
LI Fujuan, MA Zhuo, WANG Qun. Survey on Identity Management in Blockchain Systems[J]. Computer Engineering and Applications, 2024, 60(1): 57-73.
[1] DAI W. B-money[EB/OL]. [2023-01-03]. www.weidai.com/bmoney.txt. [2] NAKAMOTO S. Bitcoin: a peer-to-peer electronic cash system[EB/OL]. [2023-01-10]. https://bitcoin.org/bitcoin.pdf. [3] 王群, 李馥娟, 王振力, 等. 区块链原理及关键技术[J]. 计算机科学与探索, 2020, 14(10): 1621-1643. WANG Q, LI F J, WANG Z L, et al. Principle and core technology of blockchain[J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(10): 1621-1643. [4] W3C. First public working draft: decentralized identifiers (DIDS) V1.0[EB/OL]. (2019-11-07)[2022-11-13]. https://www.w3.org/blog/news/archives/8032. [5] 姚前, 张大伟. 区块链系统中身份管理技术研究综述[J]. 软件学报, 2021, 32(7): 2260-2286. YAO Q, ZHANG D W. Survey on identity management in blockchain[J]. Journal of Software, 2021, 32(7): 2260-2286. [6] 宋靖文, 张大伟, 韩旭, 等. 区块链中可监管的身份隐私保护方案[J]. 软件学报, 2023, 34(7): 3292-3312. ? SONG J W, ZHANG D W, HAN X, et al. Supervised identity privacy protection scheme in blockchain[J]. Journal of Software, 2023, 34(7): 3292-3312. ?. [7] 佘维, 霍丽娟, 刘炜, 等. 一种可隐藏敏感文档和发送者身份的区块链隐蔽通信模型[J]. 电子学报, 2022, 50(4): 1002-1013. SHE W, HUO L J, LIU W, et al. A blockchain-based covert communication model for hiding sensitive documents and sender identity[J]. Acta Electronica Sinica, 2022, 50(4): 1002-1013. [8] GENKIN D, PAPADOPOULOS D, PAPAMANTHOU C. Privacy in decentralized cryptocurrencies[J]. Communications of the ACM, 2018, 61(6): 78-88. [9] DUNPHY P, PETITCOLAS F. A First look at identity management schemes on the blockchain[J]. arXiv:1801.0329, 2018. [10] BUCCAFURRI F, LAX G, RUSSO A, et al. Integrating digi-tal identity and blockchain[C]//Confederated International Conferences: CoopIS, C&TC, and ODBASE 2018, Valletta, Malta, October 22-26, 2018. Berlin, Heidelberg: Springer, 2018: 568-585. [11] 王群, 李馥娟, 倪雪莉, 等. 区块链共识算法及应用研究[J]. 计算机科学与探索, 2022, 16(6): 1214-1242. WANG Q, LI F J, NI X L, et al. Survey on blockchain consensus algorithms and application[J]. Journal of Frontiers of Computer Science and Technology, 2022, 16(6): 1214-1242. [12] CRISTINA P S, SERGI D S, GUILLERMO N A G, et al. Another coin bites the dust: an analysis of dust in UTXO-based cryptocurrencies[J]. Royal Society Open Science, 2019, 6(1): 1-26. [13] TIKHOMIROV S. Ethereum: state of knowledge and research perspectives[C]//International Symposium on Foundations and Practice of Security, Nancy, France, October 23-25, 2017. Berlin, Heidelberg: Springer, 2017: 206-221. [14] NIST (National Institute of Standards and Technology). Merkle tree[EB/OL]. (2019-02-19)[2023-03-18]. https://xlinux.nist.gov/dads/HTML/MerkleTree.html. [15] SATO S, BANNO R, FURUSE J, et al. Verification of a Merkle patricia tree library using F*[J]. arXiv:2106.04826, 2021. [16] BEN-SASSON E, CHIESA A, GARMAN C, et al. Zerocash: decentralized anonymous payments from bitcoin[EB/OL]. (2014-05-18)[2022-12-26]. https://eprint.iacr.org/2014/349.pdf. [17] ALONSO K M, JOANCOMARTI J H. Monero: privacy in the blockchain[EB/OL]. [2022-12-26]. https://eprint.iacr.org/2018/535.pdf. [18] STELLA E O. WaykiChain: a high technological and innovative platform for cryptocurrency and football lovers[EB/OL]. (2022-01-16)[2022-12-26]. https://emperorokpanku.medium.com/8-6ee1ba26808e. [19] ANDROULAKI E, BARGER A, BORTNIKOV V, et al. Hyperledger fabric: a distributed operating system for permissioned blockchains[J]. arXiv:1801.10228, 2018. [20] EL-YAFI R. Corda: the open source blockchain for business[EB/OL]. [2022-12-28]. https://medium.com/corda. [21] LAM J. BigBang core[EB/OL]. (2019-12-16)[2022-12-28]. https://medium.com/bigbangcore/bigbangcore-8d8a625794e8. [22] SERGI D S, CRISTINA P S, GUILLERMO N A, et al. Analysis of the Bitcoin UTXO set[C]//International Conference on Financial Cryptography and Data Security, Nieuwpoort, Cura?ao, February 26-March 2, 2018. Berlin, Heidelberg: Springer, 2018: 78-91. [23] HALIM N S A, RAHMAN M A, AZAD S, et al. Blockchain security hole: issues and solutions[C]//Proceedings of the 2nd International Conference of Reliable Information and Communication Technology (IRICT 2017), Johor Bahru, Malaysia, April 23-24, 2017. Berlin, Heidelberg: Springer, 2017: 739-746. [24] ERMILOV D, PANOV M, YANOVICH Y. Automatic bitcoin address clustering[C]//2017 16th IEEE International Conference on Machine Learning and Applications (ICMLA), Cancun, Mexico, Dec 18-21, 2017. Piscataway: IEEE, 2017: 461-466. [25] BONNEAU J, NARAYANAN A, MILLER A, et al. Mixcoin: anonymity for bitcoin with accountable mixes[C]//International Conference on Financial Cryptography and Data Security, Christ Church, Barbados, March 3-7, 2014. Heidelberg: Springer, 2014: 486-504. [26] eosio. What is EOS?[EB/OL]. [2023-03-16]. https://eos.io/eos-public-blockchain/. [27] Wisdom. Wisdom chain developer reference[EB/OL]. [2023-03-16]. https://docs.wisdchain.com/#/. [28] cita. What is CITA[EB/OL]. [2023-03-18]. https://github.com/citahub/cita. [29] RAJU P, PONNAPALLI S, KAMINSKY E, et al. mLSM: making authenticated storage faster in ethereum[C]//Proceedings of the 10th USENIX Conference on Hot Topics in Storage and File Systems (HotStorage’18), Boston, MA, USA, July 9-10, 2018. Berkeley: USENIX Association, 2018: 1-10. [30] XU M C, XU G J, XU H Y, et al. A decentralized lightweight authentication protocol under blockchain[J]. Concurrency and Computation: Practice and Experience, 2023, 35(6): 1-17. [31] WiKi. Deterministic wallet[EB/OL]. [2023-01-13]. https://en.bitcoin.it/wiki/Deterministic_wallet#Type_2_hierarchical_ deterministic_wallet. [32] WiKi. BIP 0032[EB/OL]. [2023-01-16]. https://en.bitcoin.it/wiki/BIP_0032. [33] PERLMAN R. An overview of PKI trust models[J]. IEEE Network, 1999, 13(6): 38-43. [34] WANG R, HE J, LI Q, et al. A privacy-aware PKI system based on permissioned blockchains[C]//2018 IEEE International Conference on Software Engineering and Service Science (ICSESS), Beijing, Chain, Nov 23-25, 2018: 928-931. [35] W3C. Decentralized identifiers (DIDs) v1.0[EB/OL]. (2019-11-07)[2022-11-13]. https://www.w3.org/TR/2019/WD-did-core-20191107/. [36] DIF. Decentralized identity FAQ[EB/OL]. [2023-01-10]. https://identity.foundation/faq/. [37] MUHLE A, GRUNER A, GAYVORONSKAYA, et al. A survey on essential components of a self-sovereign identity[J]. Computer Science Review, 2018, 30(11): 80-86. [38] Eruopean Commission. Verifiable presentation[EB/OL]. [2022-01-23]. https://ec.europa.eu/digital-building-blocks/wikis/display/EBSIDOC/Verifiable+Presentation. [39] BANGERTER E, BARZAN S, KRENN S, et al. Bringing zero-knowledge proofs of knowledge to practice[EB/OL]. [2022-01-23]. https://eprint.iacr.org/2009/211.pdf. [40] Microsoft. Decentralized identity[EB/OL]. [2023-01-10]. https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2DjfY. [41] LUNDKVIST C, HECK R, TORSTENSSON J, et al. UPort: a platform for self-sovereign identity[EB/OL]. [2023-01-11]. https://blockchainlab.com/pdf/uPort_whitepaper_DRAFT 20161020.pdf. [42] LI Z J. A verifiable credentials system with privacy-preserving based on blockchain[J]. Journal of Information Security, 2022, 13(2): 43-65. [43] WeBank. WeIdentity[EB/OL]. [2023-01-13]. https://github.com/WeBankBlockchain/Weidentity. [44] BSN. FISCO BCOS, the most popular permissioned framework in Chinese mainland[EB/OL]. (2021-04-19)[2023-01-29]. https://medium.com/use-case-library/fisco-bcos-the-most-popular-permissioned-framework-in-chinese-mainland-da8baae96266. [45] 王晨旭, 程加成, 桑新欣, 等. 区块链数据隐私保护: 研究现状与展望[J]. 计算机研究与发展, 2021, 58(10): 2099-2119. WANG C X, CHENG J C, SANG X X, et al. Data privacy-preserving for blockchain: state of the art and trends[J]. Journal of Computer Research and development, 2021, 58(10): 2099-2119. [46] YANG Y. Multi-issuer attribute-based anonymous credential with traceability and revocation[J]. Computer and Information Science, 2022, 15(2): 1-68. [47] JAIN K, JAIN J, BORADE J L. A survey on man in the middle attack[J]. International Journal for Science Technology and Engineering, 2016, 2(9): 277-280. [48] 林璟锵, 荆继武, 张琼露, 等. PKI技术的近年研究综述[J]. 密码学报, 2015, 2(6): 487-496. LIN J Q, JING J W, ZHANG Q L, et al. Recent advances in PKI technologies[J]. Journal of Cryptologic Research, 2015, 2(6): 487-496. [49] AXON L. GOLDSMITH M. PB-PKI: a privacy-aware blockchain-based PKI[C]//Proceedings of the 14th International Joint Conference on e-Business and Telecommunications ICETE, Madrid, Spain, 2017: 311-318. [50] KUBILAY M Y, KIRAZ M S, MANTAR H A. CertLedger: a new PKI model with certificate transparency based on blockchain[J]. arXiv:1806.03914, 2018. [51] WATANABE H, FUJIMURA S, NAKADAIRA A, et al. Blockchain contract: securing a blockchain applied to smart contracts[C]//2016 IEEE International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA, January 07-11, 2016. Piscataway: IEEE, 2016: 467-468. [52] FROMKNECHT C, VELICANU D, YAKOUBOV S. CertCoin: a NameCoin based decentralized authentication system 6.857 class project[EB/OL]. (2014-05-14)[2023-05-29]. https://courses.csail.mit.edu/6.857/2014/files/19-fromknecht-velicann-yakoubov-certcoin.pdf. [53] MOHANTA B K, PANDA S S, JENA D. An overview of smart contract and use cases in blockchain technology[C]//2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), Bengaluru, India, 2018. Piscataway: IEEE, 2018: 1-4. [54] YAKUBOV A, SHBAIR W M, WALLBOM A, et al. A blockchain-based PKI management framework[C]//2018 IEEE/IFIP Network Operations and Management Symposium, Taipei, China, 2018. Piscataway: IEEE, 2018: 1-6. [55] ZHANG M, WANG L, YANG J. A blockchain-based authentication method with one-time password[C]//2019 IEEE 38th International Performance Computing and Communications Conference (IPCCC), London, UK, October 29-31, 2019. Piscataway: IEEE, 2019: 1-9. [56] LAMPORT L. Password authentication with insecure communication[J]. Communications of the ACM, 1981, 24(11): 770-772. [57] M’RAIHI D, BELLARE M, HOORNAERT F, et al. HOTP: an HMAC-based one-time password algorithm[EB/OL]. (2005-12-01)[2023-06-01]. https://www.rfc-editor.org/rfc/pdfrfc/rfc4226.txt.pdf. [58] M’RAIHI D, MACHANI S, PEI M, et al. TOTP: time-based one-time password algorithm[EB/OL]. (2011-05-11)[2023-06-01]. https://www.rfc-editor.org/pdfrfc/rfc6238.txt.pdf. [59] HOMOLIAK I, BREITENBACHER D, HUJNAK O, et al. SmartOTPs: an air-gapped 2-factor authentication for smart-contract wallets[C]//Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, New York, NY, USA, October 21-23, 2020. New York: ACM Press, 2020: 145-162. [60] PARK C S. One-time password based on hash chain without shared secret and re-registration[J]. Computers & Security, 2018(75): 138-146. [61] ERDEM E, SANDIKKAYA M T. OTPaaS-one time password as a service[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(3): 743-756. [62] CATALFAMO A, RUGGERI A, CELESTI A, et al. A microservices and blockchain based one time password (MBB-OTP) protocol for security-enhanced authentication[C]//2021 IEEE Symposium on Computers and Communications (ISCC), Athens, Greece, September 05-08, 2021. Piscataway: IEEE, 2021: 1-6. [63] 微众银行. FISCO BCOS 技术文档[EB/OL]. [2023-01-16]. https://fisco-bcos-doc.readthedocs.io/zh_CN/latest/. WeBank.FISCO BCOS technical document[EB/OL]. [2023-01-16]. https://fisco-bcos-doc.readthedocs.io/zh_CN/latest/. [64] Hyperledger Fabric. Membership service providers (MSP)[2022-12-29]. https://hyperledger-fabric.readthedocs.io/en/release-1.1/msp.html. [65] DIX I. Implementation of a reputation system for CA trust management[EB/OL]. (2016-08-04)[2023-01-16]. https://download.hrz.tu-darmstadt.de/media/FB20/Dekanat/Publikationen/CDC/Isabella_Dix.bachelor.pdf. [66] LAURIE B, MESSERI E, STRADLING R. RFC 9162: certificate transparency version 2.0[S]. 2021. [67] LOZUPONE V. Analyze encryption and public key infrastructure (PKI)[J]. International Journal of Information Management, 2018, 38(1): 42-44. [68] SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Proceedings of CRYPTO’84. Berlin, Heidelberg: Springer, 1985: 47-53. [69] AI-RIYAMI S S, PATERSON K G. Certificateless public key cryptography[C]//9th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, China, November 30-December 4, 2003. Berlin, Heidelberg: Springer, 2003: 452-473. [70] 李芳, 李卓然, 赵赫. 区块链跨链技术进展研究[J]. 软件学报, 2019, 30(6): 1649-1660. LI F, LI Z R, ZHAO H. Research on the progress in cross-chain technology of blockchains[J]. Journal of Software, 2019, 30(6): 1649-1660. [71] ZHANG H, CHEN X, LAN X, et al. BTCAS: a blockchain-based thoroughly cross-domain authentication scheme[J]. Journal of Information Security and Applications, 2020, 55: 1-10. [72] 王姝爽, 马兆丰, 刘嘉微, 等. 区块链跨链安全接入与身份认证方案研究与实现[J]. 信息网络安全, 2022, 22(6): 61-72. WANG S S, MA Z F, LIU J W, et al. Research and implementation of cross chain security access and identity authentication scheme of blockchain[J]. Netinfo Security, 2022, 22(6): 61-72. [73] Internet Engineering Task Force (IETF). Problems with the public key infrastructure (PKI) for the world wide web(draft-iab-web-pki-problems-01.txt)[EB/OL]. (2016-08-24)[2023-01-16]. https://datatracker.ietf.org/doc/html/draft-iab-web-pki-problems-01#section-3.2.1. [74] KULYNYCH B, ISAAKIDIS M, TRONCOSO C, et al. ClaimChain: decentralized public key infrastructure[J]. arXiv:1707.06279v1, 2018. [75] HUANG Y. Decentralized public key infrastructure (DPKI): what is it and why does it matter?[EB/OL]. (2019-05-14)[2023-02-13]. https://medium.com/hackernoon/decentralized-public-key-infrastructure-dpki-what-is-it-and-why-does-it-matter-babee9d88579. [76] VAUDENAY S. The security of DSA and ECDSA bypassing the standard elliptic curve certification scheme[EB/OL]. [2023-02-03]. https://link.springer.com/content/pdf/10.1007/3-540-36288-6_23.pdf. [77] Network Working Group. Threshold signatures in elliptic curves[EB/OL]. (2020-09-10)[2023-02-10]. https://datatracker.ietf.org/doc/html/draft-hallambaker-threshold-sigs-01. [78] Internet Research Task Force (IRTF). Edwards-curve digital signature algorithm (EdDSA)(rfc 8032)[EB/OL]. (2017-01-01)[2023-02-13]. https://datatracker.ietf.org/doc/rfc8032/. [79] 陈思吉, 翟社平, 汪一景. 一种基于环签名的区块链隐私保护算法[J]. 西安电子科技大学学报, 2020, 47(5): 86-93. CHEN S J, ZHAI S P, WANG Y J. Blockchain privacy protection algorithm based on ring signaure[J]. Journal of Xidian University, 2020, 47(5): 86-93. [80] 周炜, 王超, 徐剑, 等. 基于区块链的隐私保护去中心化联邦学习模型[J]. 计算机研究与发展, 2022, 59(11): 2423-2436. ZHOU W, WANG C, XU J, et al. Privacy-preserving and decentralized federated learning model based on the blockchain[J]. Journal of Computer Research and Development, 2022, 59(11): 2423-2436. |
[1] | 李光柱, 李雷孝, 高昊昱. 跨链技术发展与应用研究进展[J]. 计算机工程与应用, 2024, 60(2): 32-45. |
[2] | 张铭泉, 杨甜, 朵春红. 改进PBFT算法的配电物联网接入认证方法[J]. 计算机工程与应用, 2024, 60(2): 279-287. |
[3] | 王春东, 郭茹月. 基于逻辑回归与区块链的车联网信任管理方案[J]. 计算机工程与应用, 2024, 60(1): 281-288. |
[4] | 张天祥, 李雷孝, 刘东江, 高昊昱. 区块链激励机制在车联网领域的应用研究综述[J]. 计算机工程与应用, 2023, 59(9): 59-74. |
[5] | 翟社平, 童彤, 白喜芳. 基于区块链的属性代理重加密数据共享方案[J]. 计算机工程与应用, 2023, 59(8): 270-279. |
[6] | 卫孜钻, 王鑫, 于丹, 马垚, 陈永乐. 面向POW共识的日蚀攻击动态防御机制[J]. 计算机工程与应用, 2023, 59(8): 280-287. |
[7] | 王晓光, 殷萌. 区块链平台下航运供应链的两阶段定价研究[J]. 计算机工程与应用, 2023, 59(7): 319-327. |
[8] | 姜承扬, 庞俊, 贾大宇, 于明鹤, 信俊昌, 刘晨. 结合社区发现和局部恢复码的区块链扩容研究[J]. 计算机工程与应用, 2023, 59(5): 297-304. |
[9] | 李向阳, 刘扬, 闫志全, 刘鑫磊, 曹浩浩, 王耀启. 基于区块链的知识产权交易平台研究与实现[J]. 计算机工程与应用, 2023, 59(3): 308-316. |
[10] | 韦可欣, 李雷孝, 高昊昱, 熊啸. 区块链访问控制技术在车联网中的应用研究综述与展望[J]. 计算机工程与应用, 2023, 59(24): 26-45. |
[11] | 张晓东, 陈韬伟, 余益民. 基于CPABE的分布式数据访问控制与共享方案[J]. 计算机工程与应用, 2023, 59(23): 254-262. |
[12] | 刘昕, 王海文, 孙志坚, 杨大伟, 庞铭江. 重大舆情事件的双层区块链溯源方法研究[J]. 计算机工程与应用, 2023, 59(23): 263-272. |
[13] | 王茜, 朱俊伟, 张晓东. 链上链下数据协同下的政务材料共享设计实现[J]. 计算机工程与应用, 2023, 59(20): 333-342. |
[14] | 杨长春, 章阳, 陈友荣, 缪克雷, 任条娟, 王章权. 面向恶意节点攻击的车联网节点共识算法[J]. 计算机工程与应用, 2023, 59(19): 229-236. |
[15] | 宋传罡, 李雷孝, 高昊昱. 区块链系统性能优化关键方法综述[J]. 计算机工程与应用, 2023, 59(16): 16-30. |
阅读次数 | ||||||
全文 |
|
|||||
摘要 |
|
|||||