PrivIdEx: Privacy Preserving and Secure Exchange of Digital Identity Assets

Download

Download PDF Document
PDF

Author

H. Gunasinghe, A. Kundu, E. Bertino, H. Krawczyk, K. Singh, S. Chari, D. Su

Tech report number

CERIAS TR 2019-01

Entry type

conference

Abstract

User’s digital identity information has privacy and security requirements. Privacy requirements include confidentiality of the identity information itself, anonymity of those who verify and consume a user’s identity information and unlinkability of online transactions which involve a user’s identity. Security requirements include correctness, ownership assurance and prevention of counterfeits of a user’s identity information. Such privacy and security requirements, although conflict in nature, are critical for identity management systems enabling the exchange of users’ identity information between different parties during the execution of online transactions. Addressing all such requirements, without a centralized party managing the identity exchange transactions, raises several challenges. This paper presents a decentralized protocol for privacy preserving exchange of users’ identity information addressing such challenges. The proposed protocol leverages advances in blockchain and zero knowledge proof technologies, as the main building blocks. We provide prototype implementations of the main building blocks of the protocol and assess its performance and security.

Download

PDF

Date

2019 – 5 – 13

Key alpha

privacy, security, identity management, ZKSNARK, blockchain

Publication Date

2019-05-13

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.


Coming Up!

Our annual security symposium will take place on April 9th and 10th, 2019.
Purdue University, West Lafayette, IN

More Information