The invention discloses a privacy protection identity authentication method supporting a thin client under a blockchain PKI (Public Key Infrastructure), and belongs to the technical field of information security. The method disclosed by the invention comprises the following steps of: system initialization, generation of an authentication request, generation of an inquiry request, an inquiry stage,a detection stage, a confirmation stage and session establishment. The method disclosed by the invention utilizes technologies of PIR (Private Information Retrieval) and the like, so that the methodsupports the thin client with limited storage capacity and calculation capacity in a blockchain to complete user identity authentication in the decentralized PKI, and meanwhile, the inquiry privacy ofthe thin client is protected. According to the invention, a blockchain-based PKI technology is used, so that problems of single point failure, difficulty in mutual trust among multiple CAs (Certificate Authorities) and the like of a conventional PKI; the PIR technology is utilized, so that an identity authentication function of the thin client under the decentralized PKI is achieved; the PIR technology is utilized, so that the data privacy in the inquiring process of the thin client is protected; and a random number is added in the authenticating process so as to prevent a man-in-the-middle attack and ensure that a message cannot be counterfeited or tampered in the authenticating process.