Currently, there are a large number of certificates need to be authenticated in 5G. However, most telecom operators are not ready enough for this. We present a certificate life-cycle management system based on blockchain PKI to solve the problem of identity authentication of base stations. We give a system model based on SM2 and commitment based on SM2. In the system, the certificate authority (CA) detects the service capability of 5G RAN, generates certificates, issues to users, and stores them on the blockchain. The CA can extract certificates from the blockchain. Besides, users in the system can verify the validity of certificates on the blockchain. What is more, they can know exactly whether a certificate is a new one or not according to the certificate pointer. We implemented a prototype, and analysis shows that the blockchain PKI eradicates the problem of single point failure and slow response. Besides, it has a good security, privacy protection, and highly efficient.
展开▼