IEEE Access (Jan 2025)

Sybil-Resistant Self-Sovereign Identity Utilizing Attested Execution Secure Processors and Zero-Knowledge Membership Proofs

  • Koichi Moriyama,
  • Akira Otsuka

DOI
https://doi.org/10.1109/ACCESS.2025.3533877
Journal volume & issue
Vol. 13
pp. 17919 – 17944

Abstract

Read online

Increasing attention to digital identity and self-sovereign identity (SSI) is gaining momentum. SSI brings various benefits to natural persons, such as owning controls; conversely, digital identity systems in the real world require Sybil-resistance to comply with anti-money laundering (AML) and other needs. CanDID by Maram et al. proposed that decentralized digital identity systems may achieve Sybil-resistance and preserve privacy by utilizing multi-party computation (MPC), assuming a distributed committee of trusted nodes. Pass et al. proposed the formal abstraction of attested execution secure processors (AESPs) while equipping hardware-assisted security in mobile devices has become the norm. We first describe our proposal to utilize AESPs for building secure Sybil-resistant SSI systems, the architecture with a set of system protocols $\Pi ^{{\mathcal {G}}_{\mathtt {att}}}$ , which brings drastic flexibility and efficiency compared to existing systems. In addition, we propose a novel scheme that enables users (holders) to request verifiers to verify their credentials without AESPs, and it further achieves unlinkability among credentials created for public verification. Our scheme introduces a simplified format for computed claims and commitment-based anonymous identifiers. We also describe a technique to utilize zero-knowledge membership proofs, in particular, “One-Out-of-Many Proofs” $\Sigma $ -protocol by Groth and Kohlweiss, which can prove the existence of an expected credential without identifying it. Along with other techniques, such as utilizing the BBS+ signature scheme, we demonstrate how our scheme can achieve its goals with the extended anonymous and Sybil-resistant SSI system protocols $\Pi ^{{\mathcal {G}}_{\mathtt {att}}+}$ . Entitling unlinkability among derived credentials in the anonymous Sybil-resistant SSI results in proper privacy preservation.

Keywords