PrivIdEx: Privacy Preserving and Secure Exchange of Digital Identity Assets

Get BibTex-formatted data

Download

PDF

Author

H. Gunasinghe, A. Kundu, E. Bertino, H. Krawczyk, K. Singh, S. Chari, D. Su

Tech report number

CERIAS TR 2019-01

Entry type

conference

Abstract

User’s digital identity information has privacy and security requirements. Privacy requirements include confidentiality of the identity information itself, anonymity of those who verify and consume a user’s identity information and unlinkability of online transactions which involve a user’s identity. Security requirements include correctness, ownership assurance and prevention of counterfeits of a user’s identity information. Such privacy and security requirements, although conflict in nature, are critical for identity management systems enabling the exchange of users’ identity information between different parties during the execution of online transactions. Addressing all such requirements, without a centralized party managing the identity exchange transactions, raises several challenges. This paper presents a decentralized protocol for privacy preserving exchange of users’ identity information addressing such challenges. The proposed protocol leverages advances in blockchain and zero knowledge proof technologies, as the main building blocks. We provide prototype implementations of the main building blocks of the protocol and assess its performance and security.

Download

PDF

Date

2019 – 5 – 13

Key alpha

privacy, security, identity management, ZKSNARK, blockchain

Publication Date

2019-05-13

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Conference{ privacy, security, identity management, ZKSNARK, blockchain,
	title = "PrivIdEx: Privacy Preserving and Secure Exchange of Digital Identity Assets",
	author = "H. Gunasinghe, A. Kundu, E. Bertino, H. Krawczyk, K. Singh, S. Chari, D. Su",
	year = "2019",
	month = "5",
	day = "13",
	abstract = "User’s digital identity information has privacy and security requirements.
Privacy requirements include confidentiality of the identity
information itself, anonymity of those who verify and consume
a user’s identity information and unlinkability of online transactions
which involve a user’s identity. Security requirements include
correctness, ownership assurance and prevention of counterfeits of a
user’s identity information. Such privacy and security requirements,
although conflict in nature, are critical for identity management
systems enabling the exchange of users’ identity information between
different parties during the execution of online transactions.
Addressing all such requirements, without a centralized party managing
the identity exchange transactions, raises several challenges.
This paper presents a decentralized protocol for privacy preserving
exchange of users’ identity information addressing such challenges.
The proposed protocol leverages advances in blockchain and zero
knowledge proof technologies, as the main building blocks. We
provide prototype implementations of the main building blocks of
the protocol and assess its performance and security.",
}