This section analyzes the health and security of the proposed system.
health
This sub -section proves the authenticity of the proposed system.
Theory 1
(Approval) If the user’s public key is adopted correctly by CA, the certificate is not canceled, and the signatures submitted to Blockchain are created after the micro -algorithm provided in the section “Signature signature“. In addition, the smart nodes are published correctly by CA. Then the smart contract will always be successful.
guide
Suppose, to the contradiction, that although all pre -conditions are satisfied, the smart contract fails to return TRUE During approval.
The smart nodes perform four verification steps:
Checking the state of certificate:
$ thread[{Cert}] = {FALSE} \ End {alignment} $$
Since the testimony has not been canceled, (r_1 \) You must pass.
Certificate verification:
$ thread
Because the certificate is properly signed by CA and stores the correct contract \ (pk_ {ca} \)This verification is also true.
Check the ratification signing:
$$ \ Start {alignment} r_3 = {verify} (pk_u, pk_u \ parallel msg.sender, sig_a) = {true} \ end {alignment} $$
When the user uses a Blockchain account for approval, Msg.sender It matches the Blockchain account address.
$ thread
When the user begins to treat, the verification result is correct.
$$ \ Start {Alignment} and verification (pk_u, pk_u \ parallel msg.seender, sig_a) \\ = & Perfy (pk_u, pk_u \ parallel addr_u, sign_A) \\ = & exer \ end {alignment} $$
User \ ((pk_u \ vert {add_u}))) Use \ (sk_u \) As specified in the section “Signature signature“So this verification is true.
Check the response signature:
$ thread
the \ (n_C \) It was signed with the correct key and the message. Again, this check should pass.
The ratification succeeds only if:
$ thread
Under the assumption, all conditions are met. Therefore, the smart contract must return TRUE. This contradicts the assumption that the contract failed to return TRUE.
Thus, the smart nodes will always befriend the user under the specific conditions. \(\square\)
protection
This sub -section shows the system’s ability to verify identity, protect privacy, and not mobilize by analyzing security.
Theory 2
(Strong ratification) PPT discount \ matecal {a} \)and Assume that \ matecare {a} \) It fully controls the user’s Blockchain account. The possibility of this \ matecal {a} \) The flow of signatures is valid \ ((Sig_r, Sig_A) \) And it passes the authenticity of the smart contract, without knowing the key to the corresponding Eid card \ (sk_u \)and Almost.
guide
Strong approval indicates that even if you stole the user’s Blockchain account, the attacker cannot exploit the victim’s account to access the new PI devices, which may lead to illegal behavior that cannot be overcome. This paper explains the idea of proof as follows: Assume that \ matecal {a} \) It is a PPT discount that can successfully success \ ((Sig_r, Sig_A) \) Under the proposed authentication scheme without accessing the user’s user’s feast key.
This means that \ matecal {a} \) Capable of breaking the RSA signing scheme by generating Saleh’s signature. Thus, strong authentication safety is reduced to the security of RSA signature. The signature of RSA has been proven to be safe against counterfeiting in the European Union against forgery32. So, to deduct \ matecal {a} \)The probability of approval through the smart nodes should be small. \(\square\)
Theory 3
(User privacy) PPT discount \ matecal {a} \) Identity in the real world cannot be learned by eavesdropping on communication between a honest user and a PI, and interacting with Blockchain.
guide
The entry point lies in attacking the user’s privacy in the proposed system in the relationship between Blockchain \ (Addr_u \) And its owner. Although Blockchain usually claims that it is anonymous, most Blockchain structures do not provide a strong way to prevent Blockchain. As a result, the user’s address can inevitably be linked to its identity in the real world. For example, the transfer of encryption funds into a real friend is easily presented to each other.
In the proposed scheme, the user’s privacy requires that even if the audience is known even that the identity in the real world and the Blockchain address, the attacker cannot know which PI device occupies this user. Note that the user sends two distinct messages to the PI in the proposed system, which contains \ (Addr_u \) The Blockchain treatment is also fragmented \ (Addr_u \). Intuitively, privacy is broken if any of the two letters can be learned. To this end, assume this \ matecal {a} \) It is a PPT discount that can learn the normal text of any of two encoded messages, without knowing the password of the PI.
This means that \ matecal {a} \) Capable of breaking the encrypted message and restoring the normal text from the encrypted text without any knowledge of the secret key. It is easy to see this \ matecal {a} \) It can be used to break the semantic security to encrypt RSA. Consequently, the breaking of the user’s privacy of the proposed system is reduced to the fracture of semantic security to encrypt RSA. However, it has been proven that the RSA encryption is safe and semantic33. So, the opponent \ matecal {a} \) The user cannot learn the PI with an inadvertent probability. \(\square\)
Theory 4
If smart contracts are published correctly, PPT discount \ matecare {a} \) It cannot be authorized to access the PI by attacking Blockchain.
guide
The Blockchain layer access may try by modifying the Blockchain data: Blockchain data is preserved through the government’s contract using a multi -knot consensus mechanism. Theoretically, the discount can process data by controlling the majority of the Blockchain contract. This is practically not possible, as all contracts are run by the reliable government and institutional entities. So, \ matecare {a} \) It cannot be authorized to access the PI by changing smart nodes’ records. \(\square\)
Theory 5
(Not to re -reach) If the user successfully complements the approval and access to the PI, the user will not be able to disavow it after implementing this procedure.
guide
When the user completes the authentication, the smart nodes are stored as a result of the approval of Blockchain.
According to the theory 2Only the user who owns the Eid card can create a response signature ((sig_r)).
According to the theory 4Blockchain data cannot be modified. Therefore, the identity of the user in the real world is constantly the Blockchain account identity. The user cannot disavow his interaction with the system or access to the device, thus ensuring accountability and not packing. \(\square\)
