Skip to main content
SpringerLink
Log in

Blockchain-based mutual authentication protocol without CA

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Nowadays, most of the federation chain identity authentication adopts the certificate authentication of CA (Certification Authority) under PKI (Public Key Infrastructure) system, but the authentication of CA is one-way authentication, and users cannot evaluate the trustworthiness of CA, and its centralized structure is prone to the single point of failure, which will bring great security risks. To address this problem, we propose an efficient and reliable two-way authentication scheme to achieve membership authentication of the federated chain through elliptic curves and bilinear pairs. Membership authentication is performed directly by the federated chain supervisor through smart contracts, and then key negotiation is conducted among members, and the shared key determined after key negotiation generates a hash digest through a hash function as the unique transaction address of the federated chain members. This scheme can effectively solve the problems of CA one-way authentication and the easy failure of centralized CA. Through experimental and theoretical analysis, the scheme is able to resist multiple attacks and performs better in terms of overhead compared with the same type of protocol. We also design a scheme using Lagrangian interpolation to cope with the necessary key recovery and key update.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Data availability

The data that support the findings of this study are available from the corresponding author upon reasonable request.

References

  1. Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash system. Decentralized Business Review p 21260

  2. Wood G et al (2014) Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014):1–32

    Google Scholar 

  3. Androulaki E, Barger A, Bortnikov V, et al (2018) Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference, pp 1–15

  4. Perlman R (1999) An overview of pki trust models. IEEE Netw 13(6):38–43

    Article  Google Scholar 

  5. Adkins H (2011) An update on attempted man-in-the-middle attacks

  6. Ducklin P (2013) The turktrust ssl certificate fiasco-what really happened, and what happens next. SOPHOS 8

  7. Constantin L (2012) Trustwave admits issuing man-in-the-middle digital certificate; mozilla debates punishment. Comput World

  8. Keizer G (2011) Solo iranian hacker takes credit for comodo certificate attack. Comput World

  9. 31-MAR-2011 U (2011) Comodo detected and thwarted an intrusion on 26-mar-2011. https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html

  10. Prins JR (2011) Diginotar certificate authority breach - operation blacktulip. https://tweakimg.net/files/upload/Operation+Black+Tulip+v1.0.pdf

  11. O’Brien D, Sleevi R, Whalley A (2017) Chrome plan to distrust symantec certificates. https://security.googleblog.com/2017/09/chromes-plan-to-distrust-symantec.html

  12. Kakei S, Shiraishi Y, Mohri M et al (2020) Cross-certification towards distributed authentication infrastructure: a case of hyperledger fabric. IEEE Access 8(135):742–757

    Google Scholar 

  13. Sermpinis T, Vlahavas G, Karasavvas K et al (2021) Detract: a decentralized, transparent, immutable and open pki certificate framework. Int J Inf Secur 20(4):553–570

    Article  Google Scholar 

  14. Zhao B, Xiao Y, Huang Y et al (2017) A private user data protection mechanism in trustzone architecture based on identity authentication. Tsinghua Sci Technol 22(2):218–225

    Article  Google Scholar 

  15. Blanchet B, Smyth B, Cheval V et al (2018) Proverif 2.00: automatic cryptographic protocol verifier, user manual and tutorial. Version From pp 5–16

  16. Wan C, Zhang J (2016) Identity-based key management for wireless sensor networks using lagrange interpolation. Secur Commun Netw 9(16):3713–3723

    Article  Google Scholar 

  17. Namasudra S, Deka GC, Johri P et al (2021) The revolution of blockchain: State-of-the-art and research challenges. Arch Comput Methods Eng 28(3):1497–1515. https://doi.org/10.1007/s11831-020-09426-0

    Article  Google Scholar 

  18. Sharma P, Moparthi NR, Namasudra S et al (2021) Blockchain-based iot architecture to secure healthcare system using identity-based encryption. Expert Syst. https://doi.org/10.1111/EXSY

    Article  Google Scholar 

  19. Kumar R, Tripathi R (2021) Towards design and implementation of security and privacy framework for internet of medical things (iomt) by leveraging blockchain and ipfs technology. J Supercomput 77(8):7916–7955

    Article  Google Scholar 

  20. Namasudra S, Sharma P, Crespo RG et al (2022) Blockchain-based medical certificate generation and verification for iot-based healthcare systems. IEEE Consum Electron Mag. https://doi.org/10.1109/MCE.2021.3140048

    Article  Google Scholar 

  21. Kumar R, Tripathi R, Marchang N et al (2021) A secured distributed detection system based on ipfs and blockchain for industrial image and video data security. J Parallel Distrib Comput 152:128–143

    Article  Google Scholar 

  22. Kumar A, Abhishek K, Shah K et al (2021) A novel elliptic curve cryptography-based system for smart grid communication. Int J Web Grid Serv 17(4):321–342

    Article  Google Scholar 

  23. Kumar P, Kumar R, Srivastava G et al (2021) Ppsf: a privacy-preserving and secure framework using blockchain-based machine-learning for iot-driven smart cities. IEEE Trans Netw Sci Eng 8(3):2326–2341

    Article  Google Scholar 

  24. Chen Y, Martínez JF, Castillejo P et al (2019) A bilinear map pairing based authentication scheme for smart grid communications: pauth. IEEE Access 7(226):33–43. https://doi.org/10.1109/access.2019.2898376

    Article  Google Scholar 

  25. Wu TY, Lee YQ, Chen CM et al (2021) An enhanced pairing-based authentication scheme for smart grid communications. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-020-02740-2

    Article  Google Scholar 

  26. Lee NY, Wu CN, Wang CC (2008) Authenticated multiple key exchange protocols based on elliptic curves and bilinear pairings. Comput Electr Eng 34(1):12–20. https://doi.org/10.1016/j.compeleceng.2006.11.005

    Article  MATH  Google Scholar 

  27. Hölbl M, Welzer T, Brumen B (2010) Two proposed identity-based three-party authenticated key agreement protocols from pairings. Comput Secur 29(2):244–252. https://doi.org/10.1016/j.cose.2009.08.006

    Article  MATH  Google Scholar 

  28. Zhao D, Peng H, Li S, et al (2013) An efficient dynamic id based remote user authentication scheme using self-certified public keys for multi-server environment. arXiv preprint arXiv:1305.6350

  29. Xu Y, Zhang C, Wang G et al (2020) A blockchain-enabled deduplicatable data auditing mechanism for network storage services. IEEE Trans Emerg Top Comput 9(3):1421–1432. https://doi.org/10.1109/tetc.2020.3005610

    Article  Google Scholar 

  30. Zhao Q, Chen S, Liu Z et al (2020) Blockchain-based privacy-preserving remote data integrity checking scheme for iot information systems. Inf Process Manag 57(6):102–355. https://doi.org/10.1016/j.ipm.2020.102355

    Article  Google Scholar 

  31. Ye N, Zhu Y, Rc Wang et al (2014) An efficient authentication and access control scheme for perception layer of internet of things. Appl Math Inf Sci. https://doi.org/10.12785/amis/080416

    Article  Google Scholar 

  32. Wang W, Huang H, Zhang L et al (2020) Secure and efficient mutual authentication protocol for smart grid under blockchain. Peer-to-Peer Netw Appl 14(5):2681–2693. https://doi.org/10.1007/s12083-020-01020-2

    Article  Google Scholar 

  33. Castiglione A, De Santis A, Masucci B (2016) Key indistinguishability versus strong key indistinguishability for hierarchical key assignment schemes. IEEE Trans Dependable Secure Comput 13(4):451–460. https://doi.org/10.1109/TDSC.2015.2413415

    Article  Google Scholar 

  34. Xu G, Dong J, Ma C (2020) A certificateless encryption scheme based on blockchain. Peer-to-Peer Netw Appl 14(5):2952–2960. https://doi.org/10.1007/s12083-021-01147-w

    Article  Google Scholar 

  35. LaMacchia B, Lauter K, Mityagin A (2007) Stronger security of authenticated key exchange. In: International conference on provable security, Springer, pp 1–16

  36. Sureshkumar V, Amin R, Anitha R (2017) An enhanced bilinear pairing based authenticated key agreement protocol for multiserver environment. Int J Commun Syst 30(17):e3358.1-e3358.16. https://doi.org/10.1002/dac.3358

    Article  Google Scholar 

  37. Ruhul A, Islam SK, Pandi V et al (2017) A robust and efficient bilinear pairing based mutual authentication and session key verification over insecure communication. Multimed Tools Appl 77(9):11041–11066. https://doi.org/10.1007/s11042-017-4996-z

    Article  Google Scholar 

  38. Fatemeh AS, Shaghayegh BC (2022) A cloud-based mobile payment system using identity-based signature providing key revocation. J Supercomput 78:2503–2527. https://doi.org/10.1007/s11227-021-03830-4

    Article  Google Scholar 

  39. Doreswamy MK, Hooshmand IG (2020) Feature selection approach using ensemble learning for network anomaly detection. CAAI Trans Intell Technol 5(4):283–293. https://doi.org/10.1049/trit.2020.0073

    Article  Google Scholar 

  40. Namasudra S (2020) Fast and secure data accessing by using dna computing for the cloud environment. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2020.3046471

    Article  Google Scholar 

  41. Ndichu S, Kim S, Ozawa S (2020) Deobfuscation, unpacking, and decoding of obfuscated malicious javascript for machine learning models detection performance improvement. CAAI Trans Intell Technol 5(3):184–192

    Article  Google Scholar 

  42. Alguliyev RM, Aliguliyev RM, Sukhostat LV (2020) Efficient algorithm for big data clustering on single machine. CAAI Trans Intell Technol 5(1):9–14

    Article  Google Scholar 

  43. Kumar R, Tripathi R (2021) Dbtp2sf: a deep blockchain-based trustworthy privacy-preserving secured framework in industrial internet of things systems. Trans Emerg Telecommun Technol 32(4):e4222

    Google Scholar 

  44. Kumar P, Kumar R, Gupta GP et al (2021) A distributed framework for detecting ddos attacks in smart contract-based blockchain-iot systems by leveraging fog computing. Trans Emerg Telecommun Technol 32(6):e4112

    Google Scholar 

  45. Kumar R, Kumar P, Tripathi R et al (2021) Sp2f: a secured privacy-preserving framework for smart agricultural unmanned aerial vehicles. Comput Netw 187(107):819

    Google Scholar 

  46. Kumar R, Tripathi R (2021) Scalable and secure access control policy for healthcare system using blockchain and enhanced bell-lapadula model. J Ambient Intell Humaniz Comput 12(2):2321–2338

    Article  Google Scholar 

  47. Kumar R, Marchang N, Tripathi R (2021) Smdsb: Efficient off-chain storage model for data sharing in blockchain environment. Machine Learning and Information Processing. Springer, Singapore, pp 225–240

    Chapter  Google Scholar 

Download references

Acknowledgements

This study was supported by 1.2020 Key Project of Natural Science Research in Anhui Universities(KJ2020A0106).2.2020 Quality Project of Anhui Province(2020kfkc 185).

Author information

Authors and Affiliations

  1. School of Information and Computer Science, Anhui Agricultural University, Hefei, China

    Yue Li, Mingcheng Xu & Gaojian Xu

Authors
  1. Yue Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mingcheng Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gaojian Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Gaojian Xu.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, Y., Xu, M. & Xu, G. Blockchain-based mutual authentication protocol without CA. J Supercomput 78, 17261–17283 (2022). https://doi.org/10.1007/s11227-022-04558-5

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-022-04558-5

Keywords

Search

Navigation