An official website of the United States government
Frequently, users on the web need to show that they are, for example, not a robot, old enough to access an age restricted video, or eligible to download an ebook from their local public library without being tracked. Anonymous credentials were developed to address these concerns. However, existing schemes do not handle the realities of deployment or the complexities of real-world identity. Instead, they implicitly make assumptions such as there being an issuing authority for anonymous credentials that, for real applications, requires the local department of motor vehicles to issue sophisticated cryptographic tokens to show users are over 18. In reality, there are multiple trust sources for a given identity attribute, their credentials have distinctively different formats, and many, if not all, issuers are unwilling to adopt new protocols.We present and build zk-creds, a protocol that uses general-purpose zero-knowledge proofs to 1) remove the need for credential issuers to hold signing keys: credentials can be issued to a bulletin board instantiated as a transparency log, Byzantine system, or even a blockchain; 2) convert existing identity documents into anonymous credentials without modifying documents or coordinating with their issuing authority; 3) allow for flexible, composable, and complex identity statements over multiple credentials. Concretely, identity assertions using zk-creds take less than 150ms in a real-world scenario of using a passport to anonymously access age-restricted videos.
more »
« less
GrAC: Graph-Based Anonymous Credentials from Identity Graphs on Blockchain
With the growing need for privacy and self-sovereign identity, traditional identity management relying on centralized data registries not only represents single points of failure but also lacks transparency and control over users’ identity information. With the built-in tamper-proofness and transparency, blockchain has been widely studied to accommodate the challenges in traditional identity management. Still, it usually comes with privacy concerns due to its public accessibility. Anonymous credentials take advantage of the recent progress in zero-knowledge proof, allowing the unlinkable presentation of only the necessary attributes for a service to guarantee anonymity. However, the existing anonymous credentials require a secondary issuer to verify and manage the anonymized credentials, which compromises the overall transparency and causes indirect management of the user’s identity. In this paper, we propose GrAC, a blockchain-based identity management system based on a novel identity graph, which allows users and identity providers to securely store and manage identity information on the blockchain without intermediate entities. GrAC also includes an anonymous authentication protocol suite based on zero-knowledge proof, allowing users to generate one-time anonymous credentials that selectively reveal minimal information to the service provider for authentication. The analysis and evaluations show that GrAC has a reasonable overhead and provides adequate anonymity protection while removing the need for intermediate issuers.
more »
« less
- Award ID(s):
- 2312973
- PAR ID:
- 10609425
- Publisher / Repository:
- IEEE
- Date Published:
- ISSN:
- 2834-9946
- ISBN:
- 979-8-3503-5159-0
- Page Range / eLocation ID:
- 113 to 122
- Format(s):
- Medium: X
- Location:
- Copenhagen, Denmark
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
In recent years, we have witnessed a rise in the popularity of net- worked hospitality services (NHSs), an online marketplace for short-term peer- to-peer accommodations. Such systems, however, raise significant privacy con- cerns, because service providers such as Airbnb and 9flats can easily collect the precise and personal information of millions of participating hosts and guests through their centralized online platforms. In this paper, we propose PrivateNH, a privacy-enhancing and practical solution that offers anonymity and accountabil- ity for NHS users without relying on any trusted third party. PrivateNH leverages the recent progress of Bitcoin techniques such as Colored Coins and CoinShuffle to generate and maintain anonymous credentials for NHS participants. The cre- dential holders (NHS hosts or guests) can then lease or rent short-term lodging and interact with the service provider in an anonymous and accountable man- ner. An anonymous and secure reputation system is also introduced to establish the trust between unfamiliar hosts and guests in a peer-to-peer fashion. The pro- posed scheme is compatible with the current Bitcoin blockchain system, and its effectiveness and feasibility in NHS scenario are also demonstrated by security analysis and performance evaluation.more » « less
-
The potential of blockchain technology is immense and is currently regarded as a new technological trend with a rapid growth rate. Blockchain platforms like Bitcoin are public, open, and permission-less. They are also decentralized, immutable, and append-only ledger; those ledgers can store any type of data and are shared among all the participants of the network. These platforms provide a high degree of anonymity for their users' identity and full transparency of the activities recorded on the ledger while simultaneously ensuring data security and tamper-resistance. All nodes on the network collectively work to validate the same set of data and to achieve group consensus. Blockchain platforms like Ethereum have the ability to develop smart contracts and embed business logic. This allows the use of blockchain beyond cryptocurrency as a business management solution. Besides the issues of scalability and the expensive nature of most blockchain systems, many attributes of traditional public blockchain are not desirable in a business or enterprise context such as anonymity, full transparency, and permissionless. Permissioned blockchain platforms like Hyperledger Fabric are designed and built with enterprise and business in mind, retaining the desirable qualities of blockchain for enterprise while replacing the qualities of blockchain that are undesirable for the enterprise. In this paper, we present a comprehensive review on the Hyperledger enterprise blockchain technologies.more » « less
-
Software repositories, used for wide-scale open software distribu- tion, are a significant vector for security attacks. Software signing provides authenticity, mitigating many such attacks. Developer- managed signing keys pose usability challenges, but certificate- based systems introduce privacy problems. This work, Speranza, uses certificates to verify software authenticity but still provides anonymity to signers using zero-knowledge identity co-commitments. In Speranza, a signer uses an automated certificate authority (CA) to create a private identity-bound signature and proof of authoriza- tion. Verifiers check that a signer was authorized to publish a pack- age without learning the signer’s identity. The package repository privately records each package’s authorized signers, but publishes only commitments to identities in a public map. Then, when issuing certificates, the CA issues the certificate to a distinct commitment to the same identity. The signer then creates a zero-knowledge proof that these are identity co-commitments. We implemented a proof-of-concept for Speranza. We find that costs to maintainers (signing) and end users (verifying) are small (sub-millisecond), even for a repository with millions of packages. Techniques inspired by recent key transparency systems reduce the bandwidth for serving authorization policies to 2 KiB. Server costs in this system are negligible. Our evaluation finds that Speranza is practical on the scale of the largest software repositories. We also emphasize practicality and deployability in this project. By building on existing technology and employing relatively sim- ple and well-established cryptographic techniques, Speranza can be deployed for wide-scale use with only a few hundred lines of code and minimal changes to existing infrastructure. Speranza is a practical way to bring privacy and authenticity together for more trustworthy open-source software.more » « less
-
Telephone users are receiving more and more unwanted calls including spam and scam calls because of the transfer-without-verification nature of global telephone networks, which allows anyone to call any other numbers. To avoid unwanted calls, telephone users often ignore or block all incoming calls from unknown numbers, resulting in the missing of legitimate calls from new callers. This paper takes an end-to-end perspective to present a solution to block unwanted calls while allowing users to define the policies of acceptable calls. The proposed solution involves a new infrastructure based on anonymous credentials, which enables anonymous caller authentication and policy definition. Our design decouples caller authentication and call session initiation and introduces a verification code to interface and bind the two processes. This design minimizes changes to telephone networks, reduces latency to call initiation, and eliminates the need for a call-time data channel. A prototype of the system is implemented to evaluate its feasibility.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/Blockchain62396.2024.00024
