关键词: 跨链, 身份管理, 分布式数字身份, 身份代理重加密, 密码累加器

Abstract: In view of the current problems of low authentication efficiency, insufficient security performance and poor scalability in cross-chain identity management, a cross-chain identity management scheme based on identity-based proxy re-encryption was proposed. Firstly, an identity chain was built based on Decentralized IDentifier (DID), which provides users with distributed digital identity as a cross-chain identity and verifiable credentials as access credentials to build an access control strategy based on credential information. Secondly, the relay chain combined the cryptographic accumulator to achieved user identity authentication. Finally, by combined identity-based proxy re-encryption (IBPRE) and signature algorithms, a cross-chain communication model based on identity proxy re-encryption was constructed. Experiment analysis and evaluation show that compared with RSA (Rivest-Shamir-Adleman) and Elliptic Curve Cryptosystem (ECC), the authentication time is reduced by 66.9% and 4.8% respectively. The relay chain and identity chain realize identity management, improve decentralization and scalability, build cross-chain communication models and access policies based on credential information, and ensure security in cross-chain identity management.

Key words: cross-chain, identity management, Decentralized IDentifier(DID), Identity-Based Proxy Re-Encryption(IBPRE), cryptographic accumulator