Supervised and revocable decentralized identity privacy protection scheme  

作　　者：Jing He Xiaofeng Ma Dawei Zhang Feng Peng 

机构地区：[1]School of Electronics and Information Engineering,Tongji University,Shanghai 201804,China [2]School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China [3]Beijing Key Laboratory of Security and Privacy in Intelligent Transportation,Beijing Jiaotong University,Beijing 100044,China [4]China Securities Information Technology Service Limited Company,Beijing 100033,China

出　　处：《Security and Safety》2024年第4期113-135,共23页一体化安全(英文)

基　　金：supported by the National Key Research and Development Program of China. Research on Reliable Regulatory Technology Based on Blockchain of Regional Equity Market (2021YFC3340600)

摘　　要：Decentralized identity represents an innovative approach based on blockchain to achieve efective identity management. This method utilizes decentralized identifiers and verifiable credentials to enable trusted authentication, free circulation of identity information, and self-sovereign control over identity data functionalities. The current decentralized identity systems rely on entirely anonymous identifiers, lacking robust identity regulation.Furthermore, they face challenges such as identity attribute leakage during verifiable credential presentation and the issuers' struggle to reliably revoke credentials. To address these issues, efficient and practical schemes have been designed based on BBS signature, zeroknowledge proof, dynamic accumulator, and blockchain technology: one for decentralized identifiers management and the other for verifiable credential privacy protection, both of which are supervised and revocable. The former ensures the privacy of subject identity while achieving regulatability and revocability of identity data by the regulator. The latter facilitates selective disclosure of anonymous credentials and reliable revocation. A security analysis shows that the proposed scheme meets anonymity, non-forgeability, regulatory reliability, and revocability reliability, and ofers comprehensive and efective privacy protection measures. The experimental results demonstrate that the algorithms designed operate at a millisecond level, which satisfies the demands of blockchain identity management scenarios.

关 键 词：Blockchain Decentralized identity Privacy protection SUPERVISION Anonymous credential Zero-knowledge proof 

分 类 号：TP311.13[自动化与计算机技术—计算机软件与理论] TP309[自动化与计算机技术—计算机科学与技术]