The traditional cross domain authentication schemes are few and complex. In order to solve the problems, a new biometric and password two-factor cross domain authentication scheme based on blockchain technology was proposed. Firstly, the fuzzy extraction technology was used to extract the random key of biometrics for participation authentication, and the problem of permanent unavailability caused by the biometric leakage was solved. Secondly, the untampered blockchain was used to store the public information of biometrics, and the threat of being vulnerable to active attacks for the fuzzy extraction technology was solved. Finally, based on the distributed storage function and consortium blockchain architecture of blockchain, the two-factor cross domain authentication of user in local and remote environment was realized. The results of security analysis and efficiency analysis show that, in terms of security, the proposed scheme has the security properties of anti-man-in-the-middle attack and anti-replay attack; in terms of efficiency and feasibility, the efficiency of the proposed scheme is moderate, users do not need to carry smart cards, and the expandability of system is strong.

To solve the efficiency problem of the existing Public Key Infrastructure (PKI) cross-domain authentication scheme, by using blockchain technology with the advantages of distributed multi-center, collective maintenance and not being easy to tamper, an effective cross-domain authentication scheme was proposed, including BlockChain Certificate Authority (BCCA) trust model and system architecture, blockchain certificate format and user cross-domain authentication protocol, as well as the security and efficiency. The results show that in terms of security, the scheme has security attributes such as mutual entity authentication; in terms of efficiency, compared with the existing cross-domain authentication scheme, by taking advantage of blockchain mechanism such as not being easy to tamper, and hash algorithm, the number of signature and verification of public key algorithm is reduced, which enhances the efficiency of cross-domain authentication.