KSII Transactions on Internet and Information Systems (TIIS)

  • 제18권8호
  • /
  • Pages.2417-2430
  • /
  • 2024
  • /
  • 1976-7277(pISSN)
  • /
  • 1976-7277(eISSN)
한국인터넷정보학회 (Korean Society for Internet Information)
권호 표지
DOI QR코드

DOI QR Code

Privacy-preserving credential smart contracts using Zokrates

  • Geunyoung Kim (Department of Computer Science, Chungnam National University) ;
  • Yunsik Ham (Department of Computer Science, Chungnam National University) ;
  • Jaecheol Ryou (Department of Computer Science, Chungnam National University)
  • 투고 : 2024.03.31
  • 심사 : 2024.06.03
  • 발행 : 2024.08.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

The need for secure user authentication in blockchain-based applications has been growing with the increased adoption of Decentralized Identity (DID) credentials in blockchain. Zokrates, a tool designed to protect user privacy within smart contracts, had a limitation in that it could not accept authenticated user information such as credentials, only allowing the use of manually inputted data. In this paper, we propose a smart contract system that securely validates DID credentials to overcome the limitations of traditional centralized authentication systems. This system ensures the safe identification of users within blockchain-based applications by authenticating their identities in a trusted manner within the blockchain. As the demand for user authentication in blockchain rises, this paper emphasizes the significance of a blockchain-based identity verification system that guarantees both privacy and security. Leveraging the Zero-Knowledge Proof method and utilizing the Zokrates tool, this innovative approach aims to provide solutions for the digital identity verification process, thereby expanding the scope of blockchain technology applications. Moreover, we also provide a CLI for each entity. We help anyone who wants to authenticate their identity using the tool to safely verify it on-chain.

키워드

과제정보

This work was supported by Institute of Information & communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (RS-2023-00229400, Development of user authentication and privacy preserving technology for a secure metaverse environment) and by research fund of Chungnam National University.

참고문헌

  1. S. Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System, 2008.
  2. V. Buterin et al., "Ethereum whitepaper," GitHub repository, 1, 22-23, 2014. [Online]. Available: https://static.peng37.com/ethereum_whitepaper_laptop_3.pdf
  3. ERC-20: Token Standard.[Online] Available: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md
  4. ERC-721: Non-Fungible Token Standard. [Online] Available: https://github.com/ethereum/ EIPs/blob/master/EIPS/eip-721.md
  5. The Financial Action Task Force (FATF), Virtual assets and virtual asset service providers, 2021. [Online]. Available: https://www.fatf-gafi.org/content/dam/fatf-gafi/guidance/Updated-Guidance-VA-VASP.pdf.coredownload.inline.pdf
  6. REED, Drummond, et al. Decentralized identifiers (dids) v1. 0. Draft Community Group Report, 2020. [Online]. Available: https://www.w3.org/TR/did-core/
  7. J. Eberhardt, S. Tal, "ZoKrates - Scalable Privacy-Preserving Off-Chain Computations," in Proc. of 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp.1084-1091, 2018.
  8. D. Khovratovich, J. Law, "Sovrin: digital identities in the blockchain era," Github Commit Jasonalaw, Oct. 2017. [Online]. Available: https://sovrin.org/wp-content/uploads/AnonCred-RWC.pdf
  9. M. Ramachandran et al., "Towards Complete Decentralised Verification of Data with Confidentiality: Different ways to connect Solid Pods and Blockchain," in Proc. of WWW '20: Companion Proceedings of the Web Conference 2020, pp.645-649, 2020.
  10. M. Casonato, Owning your data through Self-Sovereign Identity: agents implementation for Verifiable Credentials interaction, 2021. [Online]. Available: https://thesis.unipd.it/handle/20.500.12608/34924
  11. R. Mukta et al., "Blockchain-Based Verifiable Credential Sharing with Selective Disclosure," in Proc. of 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp.959-966, 2020.
  12. G. KIM, J. Ryou, "Digital Authentication System in Avatar Using DID and SBT," Mathematics, vol.11, no.20, 2023.
  13. Uport-Project, Jul. 2021. [online] Available: https://github.com/uport-project/specs.
  14. Jack Doresy, tbDEX: A Liquidity Protocol v0.1. [online] Available: https://www.coursehero.com/file/146641400/whitepaperpdf/
  15. D. Hopwood et al., Zcash Protocol Specification, GitHub: San Francisco, CA, USA, 2016, 4.220: 32. [Online]. Available: https://raw.githubusercontent.com/zcash/zips/master/protocol/protocol.pdf
  16. M. Abdalla et al., "From Identification to Signatures via the Fiat-Shamir Transform: Minimizing Assumptions for Security and Forward-Security," in Proc. of Advances in Cryptology - EUROCRYPT 2002: International Conference on the Theory and Applications of Cryptographic Techniques, 2002 Proceedings, pp.418-433, 2002.
  17. X. Yang, W. Li, "A zero-knowledge-proof-based digital identity management scheme in blockchain," Computers & Security, vol.99, 2020.
  18. D. Chaum, "Blind Signature System," in Proc. of Advances in Cryptology: Proceedings of Crypto 83, 1984.
  19. M. B. M. Kamel et al., "Attribute Verifier for Internet of Things," in Proc. of 2022 32nd International Telecommunication Networks and Applications Conference (ITNAC), pp.1-3, 2022.
  20. B. Parno et al., "Pinocchio: nearly practical verifiable computation," Communications of the ACM, vol.59, no.2, pp.103-112, 2016.
  21. S. Chatterjee et al., "On the Efficiency and Security of Pairing-Based Protocols in the Type 1 and Type 4 Settings," in Proc. of Arithmetic of Finite Fields, Third International Workshop, WAIFI 2010, vol.6087, pp.114-134, 2010.