Self-sovereign identity (SSI) is a new distributed method for identity management, commonly used to address the problem that users are lack of control over their identities. However, the excessive pursuit of self-sovereignty in the most existing SSI schemes hinders sanctions against attackers. To deal with the malicious behavior, a few SSI schemes introduce accountability mechanisms, but they sacrifice users’ privacy. In addition, the digital identities (static strings or updatable chains) in the existing SSI schemes are as inputs to a third-party executable program (mobile app, smart contract, etc.) to achieve identity reading, storing and proving, and users’ self-sovereignty are weakened. To solve the above problems, we present a new self-sovereign identity scheme to strike a balance between privacy and accountability and get rid of the dependence on the third-party program. In our scheme, one and only individual-specific executable code is generated as a digital avatar-i for each human to interact with others in cyberspace without a third-party program, in which the embedding of biometrics enhances uniqueness and user control over their identity. In addition, a joint accountability mechanism, which is based on the shamir (t, n) threshold algorithm and a consortium blockchain, is designed to restrict the power of each regulatory authority and protect users’ privacy. Finally, we analyze the security, SSI properties and conduct detailed experiments in terms of the cost of computation, storage, and blockchain gas. The analysis results indicate that our scheme resists the known attacks and fulfills all the six SSI properties. Compared with the state-of-the-art schemes, the extensive experiment results show that the cost is larger in server storage, blockchain storage, and blockchain gas, but is still low enough for practical situations.
<p>Users often purchase membership credentials with a fixed number of uses or limited duration from Internet service providers, we call them pay-per-use or time span of membership services. However, users’ access records, usage preferences, and habits are collected by network attackers or membership providers for creating users’ profiles, targeted advertising, and even for being sold maliciously. To deal with these problems, lots of anonymous authentication protocols are proposed to provide users with pseudonyms to conceal their real identities. Although these protocols effectively prevent network attackers from compromising users’ privacy, membership service providers can still gather users’ behavioral privacy via their member- ship credentials. Therefore, several scholars proposed k-times anonymous authentication protocols and self-blind credentials to enhance users’ privacy protection, but the k-times anonymous authentication protocols are only for pay-per-use membership services and the schemes of self-blind credentials are lack of regulating malicious users. To address these issues, this article proposes an anonymous authentication protocol for time span of membership (AATM) with self-blindness and accountability. Specifically, accountable self-blind credentials are constructed to ensure that users can create a brand new identity by them- selves for each membership access, which not only prevents a user from being linked by service providers but also supports conditional and impartial regulating. Security and performance analyses show that AATM is better than the state-of-the-art schemes in terms of security and privacy-preserving capabilities, and its computation cost also meets the practical application requirements. </p>
<p>Users often purchase membership credentials with a fixed number of uses or limited duration from Internet service providers, we call them pay-per-use or time span of membership services. However, users’ access records, usage preferences, and habits are collected by network attackers or membership providers for creating users’ profiles, targeted advertising, and even for being sold maliciously. To deal with these problems, lots of anonymous authentication protocols are proposed to provide users with pseudonyms to conceal their real identities. Although these protocols effectively prevent network attackers from compromising users’ privacy, membership service providers can still gather users’ behavioral privacy via their member- ship credentials. Therefore, several scholars proposed k-times anonymous authentication protocols and self-blind credentials to enhance users’ privacy protection, but the k-times anonymous authentication protocols are only for pay-per-use membership services and the schemes of self-blind credentials are lack of regulating malicious users. To address these issues, this article proposes an anonymous authentication protocol for time span of membership (AATM) with self-blindness and accountability. Specifically, accountable self-blind credentials are constructed to ensure that users can create a brand new identity by them- selves for each membership access, which not only prevents a user from being linked by service providers but also supports conditional and impartial regulating. Security and performance analyses show that AATM is better than the state-of-the-art schemes in terms of security and privacy-preserving capabilities, and its computation cost also meets the practical application requirements. </p>
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.