网络与信息安全学报 (Aug 2020)
PKI cross-domain authentication scheme based on advanced PBFT algorithm
Abstract
In order to solve the efficiency problem of the existing public key infrastructure cross-domain authentication scheme, a cross-domain authentication model based on the consortium blockchain which has the advantages of distributed and difficult to be tamperd with was proposed. On the one hand, the dynamic join and exit function was added to the practical Byzantine fault tolerant (PBFT) algorithm, the primary node election mode was improved, and the three-stage broadcast was reduced to two-stage broadcast for the reducation of communication overhead. On the other hand, the cross-domain authentication system architecture based on consortium chain was designed, the blockchain certificate format and the cross-domain authentication protocol were presented, the security and efficiency were analyzed. The results shows that in term of security, the proposed model has security attributes such as resisting distributed attacks. In terms of performance, the proposed model has advantages in both computational overhead and communication overhead when it was compared with the existing cross-domain authentication schemes.
Keywords
