Digital Identity Verification and Management System of Blockchain-Based Verifiable Certificate with the Privacy Protection of Identity and Behavior

Abstract

Due to the advantages in self-sovereignty identity management and scalability of blockchain, digital identity verification and management systems (DIVMS) of blockchain-based verifiable certificates (VC) are getting more and more attention. However, user privacy in the systems’ traditional architectures cannot be guaranteed. In this paper, the zero-knowledge succinct noninteractive arguments of knowledge (zkSNARKs) referred to as Groth16 are introduced in order to implement privacy protection of the user’s identity and behavior of DIVMS of blockchain-based VC. In the proposed architecture, the malleability attack of Groth16 is considered, and verifications of zero-knowledge proof (ZKP) and the digital signature of an identity provider (IDP) attached to VC and the status management of VC are implemented on the smart contracts of the blockchain to overcome single point failure. Furthermore, a prototype system is designed to verify the proposed architecture’s capability in privacy protection and to evaluate its performances in cost and throughput. Finally, the security of the proposed architecture is discussed, and its comparisons are conducted with those existing blockchain-based DIVMSs, especially those systems using Groth16 of zkSNARKs to improve the privacy of user. All results mentioned above have shown that the proposed system is efficient and safe, and it can improve the privacy of DIVMS of the blockchain based VC while avoiding single point failure.