区块链的核心特征就是去中心化和非实名化,因此区块链技术很适合应用于身份认证的场景.首先,阐述了身份认证和区块链的发展历史和原理;其次,指出了传统身份认证机制中由于中心化存储而存在的安全性问题,并针对问题提出了基于区块链和人脸识别的双因子身份认证模型,对模型的参与方和组件进行了定义及描述,详细介绍了该模型涉及的各操作的具体流程;最后,通过模拟攻击与抵抗分析证明了模型的安全性,通过效率及存储分析证明了模型的可用性.
Blockchain's core features are “decentralized” and “non-real-name,” so blockchain technology is well suited for authentication scenarios. Firstly, this paper expounds the history and principle of identity authentication and blockchain development. Secondly, it points out the security problems of traditional identity authentication mechanism due to centralized storage. On this basis, it also put forward two-factor identity authentication model based on blockchain and face recognition, defnes and describes the participants and components of the model, details the specifc processes of each operation involved in the model. Finally, the security of the model is proved by simulating attack and resistance analysis, and the availability of the model is proved by efciency and storage analysis.
[1] O'Gorman L. Comparing passwords, tokens, and biometrics for user authentication[C]//Proceedings of the IEEE, 2003:2019-2020.
[2] Marwick A E. Scandal or sex crime? Gendered privacy and the celebrity nude photo leaks[J]. Ethics and Information Technology, 2017:177-191.
[3] Jain A, Hong L, Pankanti S. Biometric identifcation[J]. Communications of the ACM, 2000, 43(2):90-98.
[4] Zheng Z, Xie S, Dai H N, Chen X, Wang H. Blockchain challenges and opportunities:a survey[J]. International Journal of Web and Grid Services, 2018, 14:352-375.
[5] Degui Z, Geng Y. Content distribution mechanism in mobile P2P network[J]. Journal of Networks, 2014, 9(5):1229.
[6] Zyskind G, Nathan O, Pentland A. Decentralizing privacy:using blockchain to protect personal data[C]//Security and Privacy Workshops. IEEE, 2015:180-184.
[7] Zheng Z, Xie S, Dai H, Chen X, Wang H. An overview of blockchain technology:architecture, consensus, and future trends[C]//International Congress on Big Data (BigData Congress). IEEE, 2017:557-564.
[8] Hankerson D, Vanstone S, Menezes A. Guide to elliptic curve cryptography[M]. New York:Springer Professional Computing, 2004.
[9] Gilbert H, Handschuh H. Security analysis of SHA-256 and sisters[C]//International Workshop on Selected Areas in Cryptography. Berlin, Heidelberg:Springer, 2003:175-193.
[10] Dobbertin H, Bosselaers A, Preneel B. RIPEMD-160:a strengthened version of RIPEMD[C]//International Workshop on Fast Software Encryption. Berlin, Heidelberg:Springer, 1996:71-82.
[11] Cachin C. Architecture of the hyperledger blockchain fabric[C]//Workshop on Distributed Cryptocurrencies and Consensus Ledgers. 2016:310.
[12] Dunphy P, Petitcolas F. A frst look at identity management schemes on the blockchain[C]//IEEE Security & Privacy, 2018, 16:20-29.
[13] Parkhi O M, Vedaldi A, Zisserman A. Deep face recognition[C]//British Machin Vision Conference, 2015, 1(3):6.
[14] Lamdan Y, Wolfson H J. Geometric hashing:a general and efcient model-based recognition scheme[C]//Second International Conference on Computer Vision, 1988:238-249.
[15] Zhang, J, Yong Y, Martin L.Face recognition:eigenface, elastic matching, and neural nets[C]//Proceedings of the IEEE, 1997, 85(9):1423-1435.
[16] Joachims T. Making large-scale SVM learning practical, advances in kernel methods:support vector learning[M]. Cambridge:MIT Press, 1999.
[17] Taigman Y, Yang M, Ranzato M, Wolf L. Deepface:closing the gap to human-level performance in face verifcation[C]//Conference on Computer Vision and Pattern Recognition. IEEE, 2014:1701-1708.
[18] Ouyang W, Wang X, Zeng X, Qiu S, Luo P, Tian Y, Li H, Yang S, Wang Z, Loy C C, T X. Deepid-net:deformable deep convolutional neural networks for object detection[C]//Conference on Computer Vision and Pattern Recognition. IEEE, 2015:2403-2412.
[19] Schroff F, Kalenichenko D, Philbin J. Facenet:a unifed embedding for face recognition and clustering[C]//Conference on Computer Vision and Pattern Recognition. IEEE, 2015:815-823.
[20] Liu W, Wen Y, Yu Z, Li M, Raj B, Song L. Sphereface:deep hypersphere embedding for face recognition[C]//Conference on Computer Vision and Pattern Recognition (CVPR). IEEE, 2017:212-220.
[21] Halfond W G, Jeremy V, Alessandro O. A classifcation of SQL-injection attacks and countermeasures[C]//International Symposium on Secure Software Engineering. IEEE, 2006, 1:13-15.
[22] He K, Zhang X, Ren S, Sun J. Deep residual learning for image recognition.[C]//Conference on Computer Vision and Pattern Recognition. IEEE, 2017:770-778.
[23] Yi D, Lei Z, Liao S, Li S Z. Learning face representation from scratch[J]. Computer Science, 2014:abs/1411.7923.
[24] Jia Y, Shelhamer E, Donahue J, Karayev S, Long J, Girshick R. Caffe:convolutional architecture for fast feature embedding[C]//International Conference on Multimedia. ACM, 2014:675-678.
[25] Zhang K, Zhang Z, Li Z, Qiao Y. Joint face detection and alignment using multitask cascaded convolutional networks[J]. IEEE Signal Processing Letters, 2016, 23(10):1499-1503.
[26] Szydlo M. Merkle tree traversal in log space and time[C]//Eurocrypt, 2004, 3027:541-554.
[27] Biham E, Shamir A. Differential cryptanalysis of the data encryption standard[M]. Springer Science & Business Media, 2012.
