Loading...
|
Please use this identifier to cite or link to this item:
https://nccur.lib.nccu.edu.tw/handle/140.119/144605
|
Title: | 區塊鏈網路中基於屬性之自主身份發行系統 Blockchain-based Self-sovereign Identity System with Attribute-based Issuance |
Authors: | 李亦修 Lee, Yi-Hsiu |
Contributors: | 左瑞麟 Tso, Raylin 李亦修 Lee, Yi-Hsiu |
Keywords: | 區塊鏈 去中心化身份 自主身份 批次撤銷 Blockchain Decentralized identity Self-sovereign Batch revocation |
Date: | 2022 |
Issue Date: | 2023-05-02 15:06:52 (UTC+8) |
Abstract: | 隨著近年來區塊鏈應用如雨後春筍般的大量發展,有許多人開始嘗試在去中心化的 網路上,如區塊鏈網路,部署數位身份的管理系統,然而,因為在區塊鏈中的資料具 有公開透明的特性,對於數位身份系統這類需要隱私保護的應用來說,存在著一些難 題需要克服。為了解決此問題,我們採用模糊傳輸(oblivious transfer)與可信執行環 境(trusted execution environment)來達成對使用者隱私的保護。此外,我們提出一個 系統,此系統能夠將使用者的身份屬性從現存的伺服器,轉移至區塊鏈網路上,並且 在智能合約中驗證屬性來源是否為可信任,根據驗證結果決定是否將使用者的屬性發 行於區塊鏈網路上,同時保護屬性的隱私。在此系統的屬性驗證協定中,我們將可信 執行環境使用在機密智能合約(confidential smart contract)中,藉此確保智能合約在執 行驗證的邏輯運算時的隱私。同時,在此系統中,使用者可以自由地控制他們自己的 屬性,也能將已驗證的屬性組成身份,來向服務提供商提交使用。此外,我們也採用 智能合約來記錄屬性的當前狀態,透過改變記錄在智能合約上的屬性當前狀態,來達 到批次撤銷身份的目的。我們也在此篇論文中提供本系統的安全性分析,以及與其他 基於區塊鏈的身份系統的比較分析,藉此說明我們的系統在隱私保護、以使用者為中 心的系統與撤銷機制上所具備的優勢。 With the rapid development of blockchain applications, digital identity management systems have started being deployed on decentralized networks. However, the inherent transparency of blockchain technology poses a challenge to privacy-conscious applications. To address this challenge, we adopt a DDH-based oblivious transfer and trust execution environment (TEE) to hide users’ private attributes. Furthermore, we propose a concrete system that includes transferring users’ attributes from a legacy server for verifying and issuing on the blockchain. In verifying protocol, we apply TEE in confidential smart contracts that execute the verification logic privately. Users can control their data and freely compose their identities using verified attributes. We also leverage smart contracts to record the status of attributes to achieve batch revocation of identities. Security analysis and comparison demonstrate that our system achieves privacy protection and is more user-centric in revocation than existing blockchain-based identity systems. |
Reference: | [AHS11]Gergely Alpár, Jaap-Henk Hoepman, and Johanneke Siljee. “The Identity Crisis. Security, Privacy and Usability Issues in Identity Management.” In: CoRR abs/1101.0427 (2011). arXiv: 1101.0427 (cit. p. 2).
[ABB+ 18]Elli Androulaki, Artem Barger, Vita Bortnikov, et al. “Hyperledger fabric: a distributed operating system for permissioned blockchains.” In: Proceedings of the Thirteenth EuroSys Conference, EuroSys 2018, Porto, Portugal, April 23-26, 2018. Ed. by Rui Oliveira, Pascal Felber, and Y. Charlie Hu. ACM, 2018, 30:1–30:15 (cit. p. 10).
[Bag19]Karim Baghery. “On the Efficiency of Privacy-Preserving Smart Contract Systems.” In: Progress in Cryptology - AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Rabat, Morocco, July 9-11, 2019, Proceedings. Ed. by Johannes Buchmann, Abderrahmane Nitaj, and Tajje-eddine Rachidi. Vol. 11627. Lecture Notes in Computer Science. Springer, 2019, pp. 118–136 (cit. p. 10).
[BCK+ 18]Marcus Brandenburger, Christian Cachin, Rüdiger Kapitza, and Alessandro Sorniotti. “Blockchain and Trusted Computing: Problems, Pitfalls, and a Solution for Hyperledger Fabric.” In: CoRR abs/1805.08541 (2018). arXiv: 1805.08541 (cit. p. 10).
[BAZ+ 20]Benedikt Bünz, Shashank Agrawal, Mahdi Zamani, and Dan Boneh. “Zether: Towards Privacy in a Smart Contract World.” In: Financial Cryptography and Data Security - 24th International Conference, FC 2020, Kota Kinabalu, Malaysia, February 10-14, 2020 Revised Selected Papers. Ed. by Joseph Bonneau and Nadia Heninger. Vol. 12059. Lecture Notes in Computer Science. Springer, 2020, pp. 423–443 (cit. p. 10).
[BBB+ 18]Benedikt Bünz, Jonathan Bootle, Dan Boneh, et al. “Bulletproofs: Short Proofs for Confidential Transactions and More.” In: 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings, 21-23 May 2018, San Francisco, California, USA. IEEE Computer Society, 2018, pp. 315–334 (cit. p. 10).
[DA01]Wenliang Du and Mikhail J. Atallah. “Secure multi-party computation problems and their applications: a review and open problems.” In: Proceedings of the New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, USA, September 10-13, 2001. Ed. by Victor Raskin, Steven J. Greenwald, Brenda Timmerman, and Darrell M. Kienzle. ACM, 2001, pp. 13–22 (cit. p. 3).
[DP18]Paul Dunphy and Fabien A. P. Petitcolas. “A First Look at Identity Management Schemes on the Blockchain.” In: IEEE Secur. Priv. 16.4 (2018), pp. 20–29 (cit. p. 2).
[ER17]Dmitry Efanov and Pavel Roschin. “The All-Pervasiveness of the Blockchain Technology.” In: 8th Annual International Conference on Biologically Inspired Cognitive Architectures, BICA 2017, August 1-6, 2017, Moscow, Russia. Ed. by Alexei V. Samsonovich and Valentin V. Klimov. Vol. 123. Procedia Computer Science. Elsevier, 2017, pp. 116–121 (cit. p. 2).
[FCA19]Md. Sadek Ferdous, Farida Chowdhury, and Madini O. Alassafi. “In Search of Self-Sovereign Identity Leveraging Blockchain Technology.” In: IEEE Access 7 (2019), pp. 103059–103079 (cit. p. 2).
[Fou]Decentralized Identity Foundation. Decentralized Identity Foundation. https : / / identity . foundation/. Accessed: 2022-06-20 (cit. p. 2).
[Gol98]Oded Goldreich. “Secure multi-party computation.” In: Manuscript. Preliminary version 78.110 (1998) (cit. p. 3).
[Jac16]Ori Jacobovitz. “Blockchain for identity management.” In: The Lynne and William Frankel Center for Computer Science Department of Computer Science. Ben-Gurion University, Beer Sheva 1 (2016), p. 9 (cit. p. 2).
[KMS+ 16]Ahmed E. Kosba, Andrew Miller, Elaine Shi, Zikai Wen, and Charalampos Papamanthou. “Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts.” In: IEEE Symposium on Security and Privacy, SP 2016, San Jose, CA, USA, May 22-26, 2016. IEEE Computer Society, 2016, pp. 839–858 (cit. p. 10).
[LB15]Maryline Laurent and Samia Bouzefrane. Digital identity management. Elsevier, 2015 (cit. p. 1).
[LLT+ 22]Yi-Hsiu Lee, Zi-Yuan Liu, Raylin Tso, and Yi-Fan Tseng. “Blockchain-Based Self-Sovereign Identity System with Attribute-Based Issuance.” In: Information Security Practice and Experience - 17th International Conference, ISPEC 2022, Taipei, Taiwan, November 23-25, 2022, Proceedings. Ed. by Chunhua Su, Dimitris Gritzalis, and Vincenzo Piuri. Vol. 13620. Lecture Notes in Computer Science. Springer, 2022, pp. 21–38 (cit. p. 4).
[LWW+ 22]Rujia Li, Qin Wang, Qi Wang, David Galindo, and Mark Ryan. “SoK: TEE-Assisted Confidential Smart Contract.” In: Proc. Priv. Enhancing Technol. 2022.3 (2022), pp. 711–731 (cit. p. 10).
[LLC22]RaulWalter LLC. Digital Identity Management. https://www.raulwalter.com/government/ digital-identity-management/. Accessed: 2022-07-20. 2022 (cit. p. 1).
[MMZ+ 21]Deepak Maram, Harjasleen Malvai, Fan Zhang, et al. “CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability.” In: 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24-27 May 2021. IEEE, 2021, pp. 1348–1366 (cit. p. 3).
[MPJ18]Bhabendu Kumar Mohanta, Soumyashree S. Panda, and Debasish Jena. “An Overview of Smart Contract and Use Cases in Blockchain Technology.” In: 9th International Conference on Computing, Communication and Networking Technologies, ICCCNT 2018, Bengaluru, India, July 10-12, 2018. IEEE, 2018, pp. 1–4 (cit. p. 9).
[NJ20]Nitin Naik and Paul Jenkins. “uPort Open-Source Identity Management System: An Assessment of Self-Sovereign Identity and User-Centric Data Platform Built on Blockchain.” In: IEEE International Symposium on Systems Engineering, ISSE 2020, Vienna, Austria, October 12 - November 12, 2020. IEEE, 2020, pp. 1–7 (cit. p. 2).
[Nak08]Satoshi Nakamoto. “Bitcoin: A peer-to-peer electronic cash system.” In: Decentralized Business Review (2008), p. 21260 (cit. pp. 2, 8).
[NP99]Moni Naor and Benny Pinkas. “Oblivious Transfer with Adaptive Queries.” In: Advances in Cryptology - CRYPTO ’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15-19, 1999, Proceedings. Ed. by Michael J. Wiener. Vol. 1666. Lecture Notes in Computer Science. Springer, 1999, pp. 573–590 (cit. p. 8).
[Rab05]Michael O. Rabin. “How To Exchange Secrets with Oblivious Transfer.” In: IACR Cryptol. ePrint Arch. (2005), p. 187 (cit. p. 7).
[RSL+ 20]Drummond Reed, Manu Sporny, Dave Longley, et al. “Decentralized identifiers (dids) v1. 0.” In: Draft Community Group Report (2020) (cit. p. 2).
[SBJ+ 14]Natsuhiko Sakimura, John Bradley, Mike Jones, Breno De Medeiros, and Chuck Mortimore. “Openid connect core 1.0.” In: The OpenID Foundation (2014), S3 (cit. p. 1).
[SA21]Ravital Solomon and Ghada Almashaqbeh. “smartFHE: Privacy-Preserving Smart Contracts from Fully Homomorphic Encryption.” In: IACR Cryptol. ePrint Arch. (2021), p. 133 (cit. p. 10).
[Sza21]Pawel Szalachowski. “Password-Authenticated Decentralized Identities.” In: IEEE Trans. Inf. Forensics Secur. 16 (2021), pp. 4801–4810 (cit. p. 10).
[VV17]Paul Voigt and Axel Von dem Bussche. “The eu general data protection regulation (gdpr).” In: A Practical Guide, 1st Ed., Cham: Springer International Publishing 10.3152676 (2017), pp. 10–5555 (cit. p. 2).
[WYW+ 18]Shuai Wang, Yong Yuan, Xiao Wang, et al. “An Overview of Smart Contract: Architecture, Applications, and Future Trends.” In: 2018 IEEE Intelligent Vehicles Symposium, IV 2018, Changshu, Suzhou, China, June 26-30, 2018. IEEE, 2018, pp. 108–113 (cit. p. 9).
[Woo+ 14]Gavin Wood et al. “Ethereum: A secure decentralised generalised transaction ledger.” In: Ethereum project yellow paper 151.2014 (2014), pp. 1–32 (cit. p. 9).
[YL20]Xiaohui Yang and Wenjie Li. “A zero-knowledge-proof-based digital identity management scheme in blockchain.” In: Comput. Secur. 99 (2020), p. 102050 (cit. p. 3).
[ZCC+ 16]Fan Zhang, Ethan Cecchetti, Kyle Croman, Ari Juels, and Elaine Shi. “Town Crier: An Authenticated Data Feed for Smart Contracts.” In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24-28, 2016. Ed. by Edgar R. Weippl, Stefan Katzenbeisser, Christopher Kruegel, Andrew C. Myers, and Shai Halevi. ACM, 2016, pp. 270–282 (cit. p. 3).
[ZMM+ 20]Fan Zhang, Deepak Maram, Harjasleen Malvai, Steven Goldfeder, and Ari Juels. “DECO: Liberating Web Data Using Decentralized Oracles for TLS.” In: CCS ’20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020. Ed. by Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna. ACM, 2020, pp. 1919–1938 (cit. p. 3).
[ZNP15]Guy Zyskind, Oz Nathan, and Alex Pentland. “Enigma: Decentralized Computation Platform with Guaranteed Privacy.” In: CoRR abs/1506.03471 (2015). arXiv: 1506.03471 (cit. p. 10). |
Description: | 碩士 國立政治大學 資訊科學系 109753123 |
Source URI: | http://thesis.lib.nccu.edu.tw/record/#G0109753123 |
Data Type: | thesis |
Appears in Collections: | [資訊科學系] 學位論文
|
Files in This Item:
File |
Description |
Size | Format | |
312301.pdf | | 740Kb | Adobe PDF2 | 128 | View/Open |
|
All items in 政大典藏 are protected by copyright, with all rights reserved.
|