Cross-domain identity authentication scheme based on blockchain and PKI system

In vehicular ad hoc networks (VANET), the cross-domain identity authentication of users is very important for the development of VANET due to the large cross-domain mobility of vehicle users. The Public Key Infrastructure (PKI) system is often used to solve the identity authentication and security trust problems faced by VANET. However, the PKI system has challenges such as too centralized Authority of Certification Authority (CA), frequent cross-domain access to certificate interactions and high authentication volume, leading to high certificate management costs, complex cross-domain authentication paths, easy privacy leakage, and overburdened networks. To address these problems, this paper proposes a lightweight blockchain-based PKI identity management and authentication architecture that uses smart contracts to reduce the heavy burden caused by CAs directly managing the life cycle of digital certificates. On this basis, a trust chain based on smart contracts is designed to replace the traditional CA trust chain to meet the general cross-domain requirements, to effectively avoid the communication pressure caused by a mass of certificate transmissions. For the cross-domain scenario with higher privacy and security requirements the identity attribute authentication service is provided directly while protecting privacy by using the Merkle tree to anchor identity attribute data on and off the blockchain chain. Finally, the proposed scheme was comprehensively analyzed in terms of cost, time consumption and security. (c) 2022 The Author(s). Published by Elsevier B.V. on behalf of Shandong University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).