Research On Anonymous Credentials For Distributed Self-sovereign Identity Managemen

Most of the existing identity management is the centralized architecture that has to validate,certify,and manage identity in a centralized approach by trusted authorities.Since the emergence of the blockchain model,the idea of decentralized identity management has gained widespread public attention because it can give control of identity back to the user,who then has the ability to control when,where and with whom they present and verify their identity information.A decentralized solution atop on blockchain will bypass the centralized architecture and address the single point of failure problem.To our knowledge,blockchain is an inherited pseudonym but it cannot achieve anonymity and auditability directly.The main works of this thesis are as follows:(1)We proposed a practical model of a decentralized anonymous credential system,DVAC(Designated-Verifier Anonymous Credential),atop on blockchain with anonymity and auditability.Apart from the advantages of traditional anonymous credentials,DVAC provides an audit solution to resolve fraud or other conflicts during system operation.We also introduce a secret sharing scheme into DVAC,which divides the master key into discrete sub-keys in the initialization stage,and restores the key in the decision-making stage such as audit,effectively avoiding the single point of failure.Further,the smooth projective hash function(SPHF)is regarded as a designated-verifier zero-knowledge proof system.Thus,DVAC achieves the designated verifiability without compromising the privacy of clients through SPHF.(2)We optimized the security,simplicity and soundness of DVAC based on the architecture of the incipient system.We propose a tag-based Waters signature scheme which is applied in the certificate issuance process and realized in the aggregable certificate presentation process.In the audit process,the scope of auditors is expanded,and signatures with flexible public key scheme are used to provide an anonymous audit for auditors to prevent users from cheating.Finally,we prove the security of DVAC and experimental tests are carried out,and the advantages and disadvantages of DVAC are compared and evaluated.