去中心化的身份标识与认证方案

doi:10.12677/airr.2026.151022

期刊菜单

去中心化的身份标识与认证方案
Decentralized Identity Identification and Authentication Scheme

DOI: 10.12677/airr.2026.151022, PDF,
作者: 庞晖, 孟坤, 王启源：北京信息科技大学计算机学院，北京
关键词: 物理不可克隆函数；椭圆曲线；身份标识；身份认证；去中心化；Physical Unclonable Function； Elliptic Curve； Identity Identification； Authentication； Decentralization

摘要: 传统身份认证中私钥重复使用及中心化密钥管理带来一定的安全隐患。本文引入物理不可克隆函数(Physical Unclonable Functions, PUF)技术，代替传统公钥基础设施(PKI)分发密钥，通过利用PUF的高度随机性和唯一性，实现同一用户在不同系统或应用场景中动态生成独立且唯一的私钥，避免了私钥重复使用导致的撞库攻击风险以及私钥静态存储带来的内存泄漏攻击风险。该方法不仅增强了身份认证过程的安全性和隐私保护，还提升了多场景身份隔离能力，为构建去中心化、可信赖的身份认证体系提供了新的技术路径。安全分析表明，该方案能有效抵御撞库、身份伪造、内存泄漏等攻击，适用于隐私保护要求高的身份认证场景。实验结果表明，在具体的应用场景中验证了方案的可行性和有效性。

Abstract: In traditional authentication systems, the reuse of private keys and centralized key management introduce certain security risks. This paper introduces Physical Unclonable Function (PUF) technology to replace the traditional Public Key Infrastructure (PKI) for key distribution. By leveraging the high randomness and uniqueness of PUFs, the method enables the dynamic generation of independent and unique private keys for the same user across different systems or application scenarios, thereby preventing credential-stuffing attacks caused by private-key reuse and memory-leakage attacks arising from static private-key storage. This approach not only enhances the security and privacy protection of the authentication process but also improves identity isolation across multiple scenarios, offering a new technical pathway for building decentralized and trustworthy authentication systems. Security analysis shows that the proposed scheme can effectively resist credential-stuffing, identity forgery, memory-leakage, and other attacks, making it suitable for authentication scenarios with high privacy-protection requirements. Experimental results demonstrate the feasibility and effectiveness of the scheme in specific application contexts.

文章引用：庞晖, 孟坤, 王启源. 去中心化的身份标识与认证方案[J]. 人工智能与机器人研究, 2026, 15(1): 222-231. https://doi.org/10.12677/airr.2026.151022

参考文献

[1]	Burrows, M., Abadi, M. and Needham, R. (1990) A Logic of Authentication. ACM Transactions on Computer Systems, 8, 18-36. [Google Scholar] [CrossRef]
[2]	Blue, J., Condell, J. and Lunney, T. (2018) A Review of Identity, Identification and Authentication. International Journal for Information Security Research, 8, 794-804. [Google Scholar] [CrossRef]
[3]	Kaushalya, J. and Sai, R.V. (2020) A Survey on Efficient and Secure Implementation of ECDSA against Fault Attack. International Journal of Emerging Trends in Engineering Research, 8, 2945-2954. [Google Scholar] [CrossRef]
[4]	Shaaban, M.A., Alsharkawy, A.S., AbouKreisha, M.T., et al. (2024) Efficient ECC-Based Authentication Scheme for Fog-Based IoT Environment. International journal of Computer Networks & Communications, 15, 55-71. [Google Scholar] [CrossRef]
[5]	Holthouse, R., Owens, S. and Bhunia, S. (2025) The 23andMe Data Breach: Analyzing Credential Stuffing Attacks, Security Vulnerabilities, and Mitigation Strategies. https://arxiv.org/pdf/2502.04303
[6]	Zhang, H. and Zhao, F. (2023) Cross-Domain Identity Authentication Scheme Based on Blockchain and PKI System. High-Confidence Computing, 3, Article 100096. [Google Scholar] [CrossRef]
[7]	Manasrah, A., Yaseen, Q., Al-Aqrabi, H. and Liu, L. (2025) Identity-Based Authentication in VANETs: A Review. IEEE Transactions on Intelligent Transportation Systems, 26, 4260-4282. [Google Scholar] [CrossRef]
[8]	Gebali, F. and Mamun, M. (2022) Review of Physically Unclonable Functions (PUFs): Structures, Models, and Algorithms. Frontiers in Sensors, 2, Article 751748. [Google Scholar] [CrossRef]
[9]	Suh, G.E. and Devadas, S. (2007) Physical Unclonable Functions for Device Authentication and Secret Key Generation. 2007 44th ACM/IEEE Design Automation Conference, San Diego, 4-8 June 2007, 9-14.
[10]	Rullo, A., Felicetti, C., Vatalaro, M., De Rose, R., Lanuzza, M., Crupi, F., et al. (2025) PUF-Based Authentication-Oriented Architecture for Identification Tags. IEEE Transactions on Dependable and Secure Computing, 22, 66-83. [Google Scholar] [CrossRef]
[11]	Moriyama, D., Matsuo, S. and Yung, M. (2013) PUF-Based RFID Authentication Secure and Private under Memory Leakage. https://eprint.iacr.org/2013/712
[12]	Ba, M.H.N., Bennett, J., Gallagher, M., et al. (2021) A Case Study of Credential Stuffing Attack: Canva Data Breach. 2021 International Conference on Computational Science and Computational Intelligence (CSCI), Las Vegas, 15-17 December 2021, 735-740. [Google Scholar] [CrossRef]
[13]	Roy, P., Kumar, R. and Morshed, M.N. (2024) AAF-SCM: An Authenticated Framework for Supply Chain Management. 2024 International Conference on Intelligent Systems and Advanced Applications (ICISAA), Pune, 25-26 October 2024, 1-4. [Google Scholar] [CrossRef]
[14]	Alhasan, A.Q.A., Rohani, M.F. and Abu-Ali, M.S. (2024) Ultra-Lightweight Mutual Authentication Protocol to Prevent Replay Attacks for Low-Cost RFID Tags. IEEE Access, 12, 50925-50934. [Google Scholar] [CrossRef]
[15]	Le, T.M.C., Pham, X.T. and Le, V.T. (2024) Advancing Security Protocol Verification: A Comparative Study of Scyther, Tamarin. Journal of Technical Education Science, 19, 43-53. [Google Scholar] [CrossRef]

为你推荐

友情链接