信息网络安全 ›› 2022, Vol. 22 ›› Issue (8): 72-80.doi: 10.3969/j.issn.1671-1122.2022.08.009

• 技术研究 • 上一篇    下一篇

基于MPT索引的高效链上PKI模型

黄保华1(), 赵伟宏1, 彭丽1, 谢统义2   

  1. 1.广西大学计算机与电子信息学院,南宁 530004
    2.广西教育学院,南宁 530023
  • 收稿日期:2022-04-11 出版日期:2022-08-10 发布日期:2022-09-15
  • 通讯作者: 黄保华 E-mail:bhhuang66@gxu.edu.cn
  • 作者简介:黄保华(1973—),男,贵州,副教授,博士,主要研究方向为信息安全。|赵伟宏(1996—),男,广西,硕士研究生,主要研究方向为信息安全|彭丽(1998—),女,湖南,硕士研究生,主要研究方向为信息安全|谢统义(1976—),男,广西,副教授,硕士,主要研究方向为信息安全
  • 基金资助:
    国家自然科学基金(61962005);国家重点研发计划(2018YFB1404404);广西高校中青年教师科研基础能力提升项目(2021KY1934)

Efficient Blockchain PKI Model Based on MPT Index

HUANG Baohua1(), ZHAO Weihong1, PENG Li1, XIE Tongyi2   

  1. 1. School of Computer and Electronic Information, Guangxi University, Nanning 530004, China
    2. Guangxi Institute of Education, Nanning 530023, China
  • Received:2022-04-11 Online:2022-08-10 Published:2022-09-15
  • Contact: HUANG Baohua E-mail:bhhuang66@gxu.edu.cn

摘要:

针对传统PKI存在的单点故障和CA操作不透明等问题,文章提出一种基于MPT索引的高效链上PKI模型。首先,将区块链作为证书库存储证书,将分布式CA节点作为区块链网络中的矿工节点处理证书请求,构建去中心化的PKI模型。同时,设计证书管理算法,通过在证书中记录证书操作类型,实现证书注册、更新和撤销功能。其次,在该模型的基础上,通过<证书ID,证书Hash>键值对为每个区块内存储的证书构建MPT索引,并设计基于MPT索引的证书查询算法,实现根据证书ID快速查询链上证书的功能,扩展了传统区块链的查询语义,提升了查询效率。对比分析和实验结果表明,该模型能够有效提升PKI的安全性,并拥有较高的证书查询效率。

关键词: 区块链, PKI, MPT

Abstract:

Aiming at the problems of single point of failure and opaque CA operation in traditional PKI, this paper proposes an efficient blockchain PKI model based on MPT index. Firstly, a decentralized PKI model is constructed by using blockchain as a certificate repository to store certificates and distributed CA nodes as miner nodes in blockchain network to process certificate requests. At the same time, a certificate management algorithm is designed to realize the functions of certificate registration, update and revocation by recording the certificate operation types in certificates. Secondly, on the basis of this model, a MPT index is built for the certificates stored in each block through < certificate ID, certificate Hash > key value pairs, and a certificate query algorithm based on the MPT index is designed, which realizes the function of quickly querying the certificates on the blockchain according to the certificate ID, expands the query semantics of the traditional blockchain, and improves the query efficiency. Comparative analysis and experimental results show that the model proposed in this paper can effectively improve the security of PKI, and has a high efficiency of certificate query.

Key words: blockchain, PKI, MPT

中图分类号: