IEEE Access (Jan 2021)
VAIM: Verifiable Anonymous Identity Management for Human-Centric Security and Privacy in the Internet of Things
Abstract
The human internet of things (HIoT) is a promising trend that adopts a user-centered vision to improve life quality by interacting with heterogeneous physical and virtual entities and the internet. However, It refers to exchanging contextual data between collaborative entities that raise privacy concerns. Emerging blockchain technology allows a digital identity management system (IDM) to be deployed in it, which largely alleviates the problems caused by the centralized third party. Still, its inherent transparency and lack of privacy pose a considerable challenge to IDM. We propose verifiable anonymous identity management (VAIM) connecting privacy channels between users by constructing identity verification and access control provisioning via user-centric decisions and an anonymous identity management system. This work has the following contributions: (1) We establish a novel IDM system by analyzing the existing scheme. In this regard, we improve the traditional claim identity model in blockchain by implementing zero-knowledge proof (ZKP) algorithms to achieve identity unlinkability, essentially preventing the disclosure of attribute ownership. (2) We implement a system that includes blind ordered multi-signature (BOMS) protocol, which allows users to processes efficiently and trusts the verification of anonymous transactions. (3) Finally, specific ZKP-based algorithm (commonly used practical ZKP such as Camenisch and Lysyanskaya signature (CL-Signature) and zero-knowledge succinct non-interactive argument of knowledge (ZK-SANRKS)) implementation and various environment performance evaluation and security analysis show that our scheme achieves efficient privacy protection and a broader application scope compared with the prior model. To the best of our knowledge, existing zero-knowledge proof-based IDM has not developed or compared each scheme before.
Keywords