摘要
当前,我国二代居民身份证的读取设备获取渠道多样,价格低廉,很容易被不法分子利用以获取公民的身份隐私信息,并实施诈骗、违规办理信用卡等犯罪行为。此外,一些需要对公民进行实名制验证的单位大都采取基于中心的认证方式,并且以明文方式大量地存储用户实名信息,存在隐私泄露的风险。SM2算法相较于传统认证方案中使用的RSA算法和国际标准的ECC算法具有安全性更高、存储空间更小、签名速度更快的特点,可以应用在当今广泛使用的智能手机等移动终端上。区块链技术具有去中心化、难篡改的特点,可以解决基于中心的认证方式中存在的单点失败和多认证授权机构(CA)信任难的问题。针对用户隐私泄露问题,文章基于SM2算法和区块链技术,并结合二维码、面部识别等技术,对传统身份认证服务系统进行了改进,提出了一种移动端的安全电子身份证系统,详细设计了基于SM2算法和区块链的身份认证协议。
Currently,there are many accesses to gain the card readers of the second generation of resident identity cards,which are inexpensive and easy to be misused by the criminals to obtain citizens' identity privacy information so that they can use it to commit fraud,illegally open up credit cards and other crimes.Besides,when people are checking in the hotels or opening an account in the banks,these institutions which need to verify citizens' identity under real name mechanism mostly use the centralized authentication method and largely save their real name information in cleartext.Compared with the RSA algorithm and International criterion ECC algorithm that used in the traditional authentication,the SM2 algorithm has better security performance,less demand for storage space and higher speed of signing.So,it is appropriate to be applied in the smart phones and other popular mobile terminals.The blockchain technology has the feature of decentralition and it's difficult to be tampered.It can effectively solve the problems lay in centralized authentication,including the single point failure and difficulty in the trust issue in multiple CA structure.Therefore,to solve the privacy leakage problems in above scenarios,the paper modified the conventional certification system,proposed an identity authentication system which is based on SM2 algorithm and blockchain technology and combined two-dimensional code and facial recognition technologies,and finally designed an identity authentication agreement elaborately.
作者
胡卫
吴邱涵
刘胜利
付伟
HU Wei;WU Qiuhan;LIU Shengli;FU Wei(1.Department of Information Security,Naval University of Engineering,Wuhan Hubei 430033,China;2.Beijing Aerospace Control Center,Beijing 100094,China)
出处
《信息网络安全》
CSCD
北大核心
2018年第7期7-15,共9页
Netinfo Security
基金
国家自然科学基金[61672531]
海军工程大学自主立项项目[20161607]
关键词
SM2算法
区块链
身份认证
移动终端
SM2 algorithm
blockchain
identity authentication
mobile terminal
