Abstract
Verifiable Credential (VC) is a new standard proposed by the W3C association to facilitate the expression and verification of third-party-verified credentials on the Internet, such as passports or diplomas. However, the current VC data model lacks an explicit revocation design that guarantees the secure operations of the system, which limits its application. In this paper, we specify the requirements for a tamper-evident and privacy-preserving revocation mechanism, based on which we compare existing solutions and propose our revocation mechanism that satisfies all the requirements. Our design combines a cryptographic accumulator and a role-based blockchain. With zero-knowledge proof, the verifier can operate off-chain computation of the revocation status while ensuring the correctness of revocation information published on the blockchain. Our analysis shows that the proposed revocation mechanism can prevent fraud using forged and revoked credentials and relieve privacy concerns caused by the correlation of digital data. Our proof-of-concept implementation demonstrates that our revocation mechanism adds only 42.86 ms overhead in the presentation and 31.36 ms overhead in the verification of verifiable credentials. We also provide scalability analysis, which illustrates that the throughput of our blockchain can meet real-world needs.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA) |
Place of Publication | Danvers |
Publisher | IEEE |
Pages | 266-273 |
Number of pages | 8 |
ISBN (Electronic) | 979-8-3503-3923-9 |
ISBN (Print) | 979-8-3503-3924-6 |
DOIs | |
Publication status | Published - 2023 |
Event | 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA) - Kuwait, Kuwait Duration: 24 Oct 2023 → 26 Oct 2023 Conference number: 5th |
Conference
Conference | 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA) |
---|---|
Country/Territory | Kuwait |
City | Kuwait |
Period | 24/10/23 → 26/10/23 |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Keywords
- verifiable credential
- revocation
- blockchain
- zero-knowledge proof
- privacy