In 2023, Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], developed a lightweight blockchain-based authentication and public key infrastructure (PKI) identity management system which emphasizes on reducing the need of traditional certificate authorities (CA) with the use of trust chain-based smart contract. Accordingly, this scheme Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], has claimed to simplify the authentication system by not only ensuring the privacy protection of the involved entities but also providing a solution for those entities’ identity-related issues. However, in this paper, we have cryptanalysis the scheme Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], and found out that it is susceptible to several security threats such as—identity spoofing attack, IPFS manipulation attack, and timestamp manipulation attack.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cryptanalysis of “Cross-Domain Identity Authentication Scheme Based on Blockchain and PKI System”

  • Shivani Saini,
  • Sangram Ray,
  • Priyanka Das,
  • Mou Dasgupta,
  • Mahesh Chandra Govil

摘要

In 2023, Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], developed a lightweight blockchain-based authentication and public key infrastructure (PKI) identity management system which emphasizes on reducing the need of traditional certificate authorities (CA) with the use of trust chain-based smart contract. Accordingly, this scheme Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], has claimed to simplify the authentication system by not only ensuring the privacy protection of the involved entities but also providing a solution for those entities’ identity-related issues. However, in this paper, we have cryptanalysis the scheme Zhang and Zhao in High-Confid Comput 3(1):100096, 2023 [1], and found out that it is susceptible to several security threats such as—identity spoofing attack, IPFS manipulation attack, and timestamp manipulation attack.