| Issue |
Security and Safety
Volume 3, 2024
|
|
|---|---|---|
| Article Number | 2024013 | |
| Number of page(s) | 23 | |
| Section | Digital Finance | |
| DOI | https://doi.org/10.1051/sands/2024013 | |
| Published online | 30 October 2024 | |
Research Article
Supervised and revocable decentralized identity privacy protection scheme
1
School of Electronics and Information Engineering, Tongji University, Shanghai, 201804, China
2
School of Computer and Information Technology, Beijing Jiaotong University, Beijing, 100044, China
3
Beijing Key Laboratory of Security and Privacy in Intelligent Transportation, Beijing Jiaotong University, Beijing, 100044, China
4
China Securities Information Technology Service Limited Company, Beijing, 100033, China
* Corresponding authors (email: xiaofengma@tongji.edu.cn)
Received:
19
August
2024
Revised:
23
September
2024
Accepted:
15
October
2024
Decentralized identity represents an innovative approach based on blockchain to achieve effective identity management. This method utilizes decentralized identifiers and verifiable credentials to enable trusted authentication, free circulation of identity information, and self-sovereign control over identity data functionalities. The current decentralized identity systems rely on entirely anonymous identifiers, lacking robust identity regulation. Furthermore, they face challenges such as identity attribute leakage during verifiable credential presentation and the issuers’ struggle to reliably revoke credentials. To address these issues, efficient and practical schemes have been designed based on BBS signature, zero-knowledge proof, dynamic accumulator, and blockchain technology: one for decentralized identifiers management and the other for verifiable credential privacy protection, both of which are supervised and revocable. The former ensures the privacy of subject identity while achieving regulatability and revocability of identity data by the regulator. The latter facilitates selective disclosure of anonymous credentials and reliable revocation. A security analysis shows that the proposed scheme meets anonymity, non-forgeability, regulatory reliability, and revocability reliability, and offers comprehensive and effective privacy protection measures. The experimental results demonstrate that the algorithms designed operate at a millisecond level, which satisfies the demands of blockchain identity management scenarios.
Key words: Blockchain / Decentralized identity / Privacy protection / Supervision / Anonymous credential / Zero-knowledge proof
Citation: He J, Ma X and Zhang D et al. Supervised and revocable decentralized identity privacy protection scheme. Security and Safety 2024; 3: 2024013. https://doi.org/10.1051/sands/2024013
© The Author(s) 2024. Published by EDP Sciences and China Science Publishing & Media Ltd.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.