| As a protection carrier for sensitive information,Web authentication protocol involves banking,online shopping,employee intranet,cloud storage and other fields.The web authentication protocol plays a crucial role in protecting user privacy by completing user identity verification,system parameter settings,and key distribution.Nowadays,with the increasing demand for online identity authentication,web authentication protocols such as OAuthn,Open ID,SAML,FIDO,and Web Authn have been widely used.Among them,Open ID and Web Authn are currently the most popular web authentication protocols,but they have different designs and uses.Open ID is an online identity authentication system that supports single sign on.Currently,some existing Open ID protocols still have many shortcomings in effectively protecting user privacy,such as identity providers being able to understand the dependent party information of user login through each use.Web Authn is an API used to access public key credentials,allowing users to authenticate using biometric based methods,achieving password free login.Some existing Web Authn protocols still have some shortcomings in effectively protecting user privacy,such as attackers being able to intercept temporary associated keys of proxy users through public channels.Aiming at the above problems,this paper proposes two signature schemes,and based on proposed blind signature scheme,further designs Open ID protocol based on SM9 blind signature and Web Authn protocol based on SM2 blind signature,which effectively solves the security problem of the protocol in privacy protection.The main contributions of this paper are as follows:(1)The design idea of Open ID protocol based on SM9 blind signature is proposed,and the website identifier of Open ID dependent party is blinded.The protocol first designs an identity-based blind signature scheme based on the SM9 signature algorithm,and proves that the security of the scheme depends on the SM9 signature scheme;Then,based on the above blind signature scheme,an Open ID protocol is designed;Finally,the efficiency and security of the proposed Open ID protocol are demonstrated through simulation experiments and theoretical analysis.(2)The design idea of Web Authn protocol based on SM2 blind signature is proposed,and the temporary associated key of proxy user is blinded.The protocol first designs a blind signature scheme based on the SM2 signature algorithm,and proves that the security of the scheme depends on the SM2 signature scheme;Then,based on the above blind signature scheme,two Web Authn protocols with different delegation modes are designed;Finally,the security of the Web Authn protocol is proved through experiments,and the performance analysis and comparison experiments of the two proposed protocols are carried out.(3)Based on the formal tools Scyther and Pro Verif,the security of the protocol is analyzed,the formal modeling of the protocol in this paper is completed,and the analysis of the result graph shows that the protocol meets the security requirements. |
PDF Full Text Request