In many real resource access scenarios, the parties who require to establish communication may be unable to effectively identify and verify some authentication messages of the other party due to the use of completely different cryptography settings, making it difficult to authenticate each other in such scenarios. We usually define the above-mentioned problem as “cross-domain authentication”. Although many research works have been devoted to solving the problem of entity authentication for cross-domain communication, the problem of “incomplete cross-domain” widely exists in existing works. Existing solutions based on some common underlying cryptography foundations greatly limit the application of such cross-domain authentication schemes. In order to solve the problem of “incomplete cross-domain”, this paper proposes a thoroughly cross-domain authentication scheme based on blockchain technology, which can be used by participants from different domains that adopt totally different settings. Our security analysis demonstrates that the scheme is provably secure in the standard model and the experimental results show the efficiency of our scheme.

在许多实际资源访问方案中，由于使用完全不同的加密设置，需要建立通信的各方可能无法有效地识别和验证另一方的某些身份验证消息，从而使在此类情况下彼此之间难以进行身份​​验证。我们通常将上述问题定义为“跨域身份验证”。尽管已经有许多研究工作致力于解决跨域通信的实体认证问题，但是在现有的工作中普遍存在“不完整的跨域”问题。基于一些常见的基础密码学基础的现有解决方案极大地限制了此类跨域身份验证方案的应用。为了解决“不完整的跨域”问题，本文提出了一种基于区块链技术的彻底的跨域认证方案，可供采用不同设置的不同领域的参与者使用。我们的安全性分析表明，该方案在标准模型中可证明是安全的，实验结果表明了该方案的有效性。