Zhao Yun, Cui Chao, Wang Haoling, Liu Tao, Jiang Hefang
{"title":"基于区块链的去中心化身份与密码认证系统","authors":"Zhao Yun, Cui Chao, Wang Haoling, Liu Tao, Jiang Hefang","doi":"10.1109/ICPICS55264.2022.9873634","DOIUrl":null,"url":null,"abstract":"The most widely used user authentication method on the Internet is abstract password authentication, That is to say, the user and his name - password to each server established, and then use it to authenticate. Although they are widely used because of their simple operation and high experience, the security of authentication provided by them is not high, and the server operator is positioned as a trusted party who can fully control the user’s identity. To solve this problem, many identity recognition systems adopt the concepts of public key encryption and decentralization,but the requirement that users generate and manage public and private key pairs, and that users often do not have such expertise, has become a key factor in the failure of PKI for many end users. To sum up, this paper proposes a decentralized identity and password authentication system (DIA) based on block chain as an identity and authentication framework. Users can register their own user name password pairs and use them as general credentials. The system provides a global name space, meaningful user names, and the ability to resist user name conflict attacks. User’s identity to any server can be applied to authenticate a user, to the server without having to disclose any information relating to the password,, so it is impossible to carry out offline dictionary attack on the password.","PeriodicalId":257180,"journal":{"name":"2022 IEEE 4th International Conference on Power, Intelligent Computing and Systems (ICPICS)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Decentralized Identity and Password Authentication System based on Block Chain\",\"authors\":\"Zhao Yun, Cui Chao, Wang Haoling, Liu Tao, Jiang Hefang\",\"doi\":\"10.1109/ICPICS55264.2022.9873634\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The most widely used user authentication method on the Internet is abstract password authentication, That is to say, the user and his name - password to each server established, and then use it to authenticate. Although they are widely used because of their simple operation and high experience, the security of authentication provided by them is not high, and the server operator is positioned as a trusted party who can fully control the user’s identity. To solve this problem, many identity recognition systems adopt the concepts of public key encryption and decentralization,but the requirement that users generate and manage public and private key pairs, and that users often do not have such expertise, has become a key factor in the failure of PKI for many end users. To sum up, this paper proposes a decentralized identity and password authentication system (DIA) based on block chain as an identity and authentication framework. Users can register their own user name password pairs and use them as general credentials. The system provides a global name space, meaningful user names, and the ability to resist user name conflict attacks. User’s identity to any server can be applied to authenticate a user, to the server without having to disclose any information relating to the password,, so it is impossible to carry out offline dictionary attack on the password.\",\"PeriodicalId\":257180,\"journal\":{\"name\":\"2022 IEEE 4th International Conference on Power, Intelligent Computing and Systems (ICPICS)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-07-29\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 4th International Conference on Power, Intelligent Computing and Systems (ICPICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICPICS55264.2022.9873634\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 4th International Conference on Power, Intelligent Computing and Systems (ICPICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICPICS55264.2022.9873634","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Decentralized Identity and Password Authentication System based on Block Chain
The most widely used user authentication method on the Internet is abstract password authentication, That is to say, the user and his name - password to each server established, and then use it to authenticate. Although they are widely used because of their simple operation and high experience, the security of authentication provided by them is not high, and the server operator is positioned as a trusted party who can fully control the user’s identity. To solve this problem, many identity recognition systems adopt the concepts of public key encryption and decentralization,but the requirement that users generate and manage public and private key pairs, and that users often do not have such expertise, has become a key factor in the failure of PKI for many end users. To sum up, this paper proposes a decentralized identity and password authentication system (DIA) based on block chain as an identity and authentication framework. Users can register their own user name password pairs and use them as general credentials. The system provides a global name space, meaningful user names, and the ability to resist user name conflict attacks. User’s identity to any server can be applied to authenticate a user, to the server without having to disclose any information relating to the password,, so it is impossible to carry out offline dictionary attack on the password.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
