PrivIdEx: Privacy Preserving and Secure Exchange of Digital Identity Assets
H. Gunasinghe, A. Kundu, E. Bertino, H. Krawczyk, K. Singh, S. Chari, D. Su
Tech report number
CERIAS TR 2019-01
User’s digital identity information has privacy and security requirements.
Privacy requirements include confidentiality of the identity
information itself, anonymity of those who verify and consume
a user’s identity information and unlinkability of online transactions
which involve a user’s identity. Security requirements include
correctness, ownership assurance and prevention of counterfeits of a
user’s identity information. Such privacy and security requirements,
although conflict in nature, are critical for identity management
systems enabling the exchange of users’ identity information between
different parties during the execution of online transactions.
Addressing all such requirements, without a centralized party managing
the identity exchange transactions, raises several challenges.
This paper presents a decentralized protocol for privacy preserving
exchange of users’ identity information addressing such challenges.
The proposed protocol leverages advances in blockchain and zero
knowledge proof technologies, as the main building blocks. We
provide prototype implementations of the main building blocks of
the protocol and assess its performance and security.
privacy, security, identity management, ZKSNARK, blockchain