Abstract
With the rapid development of blockchain applications, digital identity management systems have started being deployed on decentralized networks. However, the inherent transparency of blockchain technology poses a challenge to privacy-conscious applications. To address this challenge, we adopt a DDH-based oblivious transfer and trust execution environment (TEE) to hide users’ private attributes. Furthermore, we propose a concrete system that includes transferring users’ attributes from a legacy server for verifying and issuing on the blockchain. In verifying protocol, we apply TEE in confidential smart contracts that execute the verification logic privately. Users can control their data and freely compose their identities using verified attributes. We also leverage smart contracts to record the status of attributes to achieve batch revocation of identities. Security analysis and comparison demonstrate that our system achieves privacy protection and is more user-centric in revocation than existing blockchain-based identity systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
A digital identity refers to the information needed to activate an account, as well as any traces an individual leaves as a result of their activities.
References
Androulaki, E., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: EUROSYS 2018, pp. 1–15 (2018)
Baghery, K.: On the efficiency of privacy-preserving smart contract systems. In: Buchmann, J., Nitaj, A., Rachidi, T. (eds.) AFRICACRYPT 2019. LNCS, vol. 11627, pp. 118–136. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-23696-0_7
Brandenburger, M., Cachin, C., Kapitza, R., Sorniotti, A.: Blockchain and trusted computing: problems, pitfalls, and a solution for hyperledger fabric. CoRR abs/1805.08541 (2018). http://arxiv.org/abs/1805.08541
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: S &P 2018, pp. 315–334. IEEE (2018)
Decentralized identity foundation.https://identity.foundation/, Accessed 20 June 2022
Digital identity management. https://www.raulwalter.com/government/digital-identity-management/. Accessed 20 July 2022
Du, W., Atallah, M.J.: Secure multi-party computation problems and their applications: a review and open problems. In: NSPW 2001, pp. 13–22. ACM (2001)
Dunphy, P., Petitcolas, F.A.: A first look at identity management schemes on the blockchain. IEEE S &P 16(4), 20–29 (2018)
Efanov, D., Roschin, P.: The all-pervasiveness of the blockchain technology. Procedia Comput. Sci. 123, 116–121 (2018)
Ferdous, M.S., Chowdhury, F., Alassafi, M.O.: In search of self-sovereign identity leveraging blockchain technology. IEEE Access 7, 103059–103079 (2019)
Goldreich, O.: Secure multi-party computation. Manuscript. Preliminary version 78(110) (1998)
Jacobovitz, O.: Blockchain for identity management. Technical report, The Lynne and William Frankel Center for Computer Science Department of Computer Science, Ben-Gurion University, Beersheba, Israel (2016). https://www.cs.bgu.ac.il/frankel/TechnicalReports/2016/16-02.pdf
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: S &P 2016, pp. 839–858. IEEE (2016)
Laurent, M., Bouzefrane, S.: Digital Identity Management. Elsevier (2015)
Li, R., Wang, Q., Wang, Q., Galindo, D., Ryan, M.: SoK: TEE-assisted confidential smart contract. Proc. Priv. Enhancing Technol. 2022(3), 711–731 (2022)
Maram, D., et al.: CanDID: Can-Do decentralized identity with legacy compatibility, sybil-resistance, and accountability. In: S &P 2021, pp. 1348–1366. IEEE (2021)
Naik, N., Jenkins, P.: uPort open-source identity management system: an assessment of self-sovereign identity and user-centric data platform built on blockchain. In: ISSE 2020, pp. 1–7. IEEE (2020)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://www.bitcoin.org/bitcoin.pdf
Naor, M., Pinkas, B.: Oblivious transfer with adaptive queries. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 573–590. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_36
Rabin, M.O.: How to exchange secrets with oblivious transfer. IACR Cryptol. ePrint Arch. 187 (2005). https://eprint.iacr.org/2005/187
Reed, D., et al.: Decentralized identifiers (DIDs) v1.0. Technical report, W3C (2020). https://www.w3.org/TR/did-core/
Solomon, R., Almashaqbeh, G.: smartFHE: privacy-preserving smart contracts from fully homomorphic encryption. IACR Cryptol. ePrint Arch. 133 (2021). https://eprint.iacr.org/2021/133
Szalachowski, P.: Password-authenticated decentralized identities. IEEE Trans. Inf. Forensics Secur. 16, 4801–4810 (2021)
Voigt, P., Von dem Bussche, A.: The EU General Data Protection Regulation (GDPR). Springer, Cham (2017)
Wang, S., Yuan, Y., Wang, X., Li, J., Qin, R., Wang, F.Y.: An overview of smart contract: architecture, applications, and future trends. In: IV 2018, pp. 108–113. IEEE (2018)
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Yellow paper, Ethereum project (2014). https://files.gitter.im/ethereum/yellowpaper/VIyt/Paper.pdf
Yang, X., Li, W.: A zero-knowledge-proof-based digital identity management scheme in blockchain. Comput. Secur. 99, 102050 (2020)
Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: an authenticated data feed for smart contracts. In: CCS 2016, pp. 270–282 (2016)
Zhang, F., Maram, D., Malvai, H., Goldfeder, S., Juels, A.: DECO: liberating web data using decentralized oracles for TLS. In: CCS 2020, pp. 1919–1938 (2020)
Zyskind, G., Nathan, O., Pentland, A.: Enigma: decentralized computation platform with guaranteed privacy. CoRR abs/1506.03471 (2015). http://arxiv.org/abs/1506.03471
Acknowledgments
The authors thank the anonymous reviewers of ISPEC 2022 for their insightful suggestions on this work. This research is partially supported by the National Science and Technology Council, Taiwan (ROC), under grant numbers NSTC 109-2221-E-004-011-MY3, NSTC 110-2221-E-004-003-, NSTC 110-2622-8-004-001-, and NSTC 111-2218-E-004-001-MBK.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Lee, YH., Liu, ZY., Tso, R., Tseng, YF. (2022). Blockchain-Based Self-Sovereign Identity System with Attribute-Based Issuance. In: Su, C., Gritzalis, D., Piuri, V. (eds) Information Security Practice and Experience. ISPEC 2022. Lecture Notes in Computer Science, vol 13620. Springer, Cham. https://doi.org/10.1007/978-3-031-21280-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-21280-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-21279-6
Online ISBN: 978-3-031-21280-2
eBook Packages: Computer ScienceComputer Science (R0)