| 摘 要: 本文提出了一种基于区块链的电子认证系统(CA/PKI)。该系统数据持久化及访问依赖于区块链的去中心 化特性,相对于单点部署PKI系统具有更高的可靠性,且运维难度低于集群部署;同时系统继承了区块链不可篡改、不 可伪造的特性,可以对数字证书的签发、验证、吊销关键环节实现数据存证,方便各方交换数据,并保证全程留痕。上述 特性使得该系统可以便捷的实现私有部署,成本低、安全性高,在企业级应用、电子商务等领域具有潜在的应用价值。 |
| 关键词: 区块链;电子认证服务;证书基础设施 |
|
中图分类号: TP311
文献标识码: A
|
|
| Design and Implementation of Electronic Authentication System based on Blockchain |
|
ZHOU Wei
|
( Beijing University of Technology, Beijing 100022, China )
w.zhou@ieee.org
|
| Abstract: This paper proposes a digital authentication system (CA/PKI, Certificate Authority/Public Key Infrastructure) based on blockchain. The data persistence of this system depends on decentralized characteristics of blockchain. It is more reliable than single-point deployment of PKI system, and the operation and maintenance is easier than that of the cluster deployment. This system inherits the characteristics of blockchain that cannot be compromised. This solution can issue, verify, and revoke key certificates to realize data storage certificates, facilitate the exchange of data, and ensure that traces are kept throughout the process. The above features make the system easy to implement private deployment, taking into account the cost and security, and it is highly expected to be available in enterprises and e-commerce areas. |
| Keywords: blockchain; Certificate Authority; Public Key Infrastructure |
