Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism

Li Xu; Tianyu Li; Zekeriya Erkin

doi:10.1109/BCCA58897.2023.10338923

Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism

Cyber Security

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

Abstract

Verifiable Credential (VC) is a new standard proposed by the W3C association to facilitate the expression and verification of third-party-verified credentials on the Internet, such as passports or diplomas. However, the current VC data model lacks an explicit revocation design that guarantees the secure operations of the system, which limits its application. In this paper, we specify the requirements for a tamper-evident and privacy-preserving revocation mechanism, based on which we compare existing solutions and propose our revocation mechanism that satisfies all the requirements. Our design combines a cryptographic accumulator and a role-based blockchain. With zero-knowledge proof, the verifier can operate off-chain computation of the revocation status while ensuring the correctness of revocation information published on the blockchain. Our analysis shows that the proposed revocation mechanism can prevent fraud using forged and revoked credentials and relieve privacy concerns caused by the correlation of digital data. Our proof-of-concept implementation demonstrates that our revocation mechanism adds only 42.86 ms overhead in the presentation and 31.36 ms overhead in the verification of verifiable credentials. We also provide scalability analysis, which illustrates that the throughput of our blockchain can meet real-world needs.

Original language	English
Title of host publication	Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)
Place of Publication	Danvers
Publisher	IEEE
Pages	266-273
Number of pages	8
ISBN (Electronic)	979-8-3503-3923-9
ISBN (Print)	979-8-3503-3924-6
DOIs	https://doi.org/10.1109/BCCA58897.2023.10338923
Publication status	Published - 2023
Event	2023 Fifth International Conference on Blockchain Computing and Applications (BCCA) - Kuwait, Kuwait Duration: 24 Oct 2023 → 26 Oct 2023 Conference number: 5th

Conference

Conference	2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)
Country/Territory	Kuwait
City	Kuwait
Period	24/10/23 → 26/10/23

Bibliographical note

Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

verifiable credential
revocation
blockchain
zero-knowledge proof
privacy

Access to Document

10.1109/BCCA58897.2023.10338923

Cite this

@inproceedings{e154874424b04943aca94fc0b930eeb5,

title = "Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism",

abstract = "Verifiable Credential (VC) is a new standard proposed by the W3C association to facilitate the expression and verification of third-party-verified credentials on the Internet, such as passports or diplomas. However, the current VC data model lacks an explicit revocation design that guarantees the secure operations of the system, which limits its application. In this paper, we specify the requirements for a tamper-evident and privacy-preserving revocation mechanism, based on which we compare existing solutions and propose our revocation mechanism that satisfies all the requirements. Our design combines a cryptographic accumulator and a role-based blockchain. With zero-knowledge proof, the verifier can operate off-chain computation of the revocation status while ensuring the correctness of revocation information published on the blockchain. Our analysis shows that the proposed revocation mechanism can prevent fraud using forged and revoked credentials and relieve privacy concerns caused by the correlation of digital data. Our proof-of-concept implementation demonstrates that our revocation mechanism adds only 42.86 ms overhead in the presentation and 31.36 ms overhead in the verification of verifiable credentials. We also provide scalability analysis, which illustrates that the throughput of our blockchain can meet real-world needs.",

keywords = "verifiable credential, revocation, blockchain, zero-knowledge proof, privacy",

author = "Li Xu and Tianyu Li and Zekeriya Erkin",

note = "Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.; 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA) ; Conference date: 24-10-2023 Through 26-10-2023",

year = "2023",

doi = "10.1109/BCCA58897.2023.10338923",

language = "English",

isbn = "979-8-3503-3924-6",

pages = "266--273",

booktitle = "Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)",

publisher = "IEEE",

address = "United States",

}

Xu, L, Li, T & Erkin, Z 2023, Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism. in Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA). IEEE, Danvers, pp. 266-273, 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA), Kuwait, Kuwait, 24/10/23. https://doi.org/10.1109/BCCA58897.2023.10338923

Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism. / Xu, Li; Li, Tianyu ; Erkin, Zekeriya.
Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA). Danvers: IEEE, 2023. p. 266-273.

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism

AU - Xu, Li

AU - Li, Tianyu

AU - Erkin, Zekeriya

N1 - Conference code: 5th

PY - 2023

Y1 - 2023

N2 - Verifiable Credential (VC) is a new standard proposed by the W3C association to facilitate the expression and verification of third-party-verified credentials on the Internet, such as passports or diplomas. However, the current VC data model lacks an explicit revocation design that guarantees the secure operations of the system, which limits its application. In this paper, we specify the requirements for a tamper-evident and privacy-preserving revocation mechanism, based on which we compare existing solutions and propose our revocation mechanism that satisfies all the requirements. Our design combines a cryptographic accumulator and a role-based blockchain. With zero-knowledge proof, the verifier can operate off-chain computation of the revocation status while ensuring the correctness of revocation information published on the blockchain. Our analysis shows that the proposed revocation mechanism can prevent fraud using forged and revoked credentials and relieve privacy concerns caused by the correlation of digital data. Our proof-of-concept implementation demonstrates that our revocation mechanism adds only 42.86 ms overhead in the presentation and 31.36 ms overhead in the verification of verifiable credentials. We also provide scalability analysis, which illustrates that the throughput of our blockchain can meet real-world needs.

AB - Verifiable Credential (VC) is a new standard proposed by the W3C association to facilitate the expression and verification of third-party-verified credentials on the Internet, such as passports or diplomas. However, the current VC data model lacks an explicit revocation design that guarantees the secure operations of the system, which limits its application. In this paper, we specify the requirements for a tamper-evident and privacy-preserving revocation mechanism, based on which we compare existing solutions and propose our revocation mechanism that satisfies all the requirements. Our design combines a cryptographic accumulator and a role-based blockchain. With zero-knowledge proof, the verifier can operate off-chain computation of the revocation status while ensuring the correctness of revocation information published on the blockchain. Our analysis shows that the proposed revocation mechanism can prevent fraud using forged and revoked credentials and relieve privacy concerns caused by the correlation of digital data. Our proof-of-concept implementation demonstrates that our revocation mechanism adds only 42.86 ms overhead in the presentation and 31.36 ms overhead in the verification of verifiable credentials. We also provide scalability analysis, which illustrates that the throughput of our blockchain can meet real-world needs.

KW - verifiable credential

KW - revocation

KW - blockchain

KW - zero-knowledge proof

KW - privacy

UR - http://www.scopus.com/inward/record.url?scp=85181766700&partnerID=8YFLogxK

U2 - 10.1109/BCCA58897.2023.10338923

DO - 10.1109/BCCA58897.2023.10338923

M3 - Conference contribution

SN - 979-8-3503-3924-6

SP - 266

EP - 273

BT - Proceedings of the 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)

PB - IEEE

CY - Danvers

T2 - 2023 Fifth International Conference on Blockchain Computing and Applications (BCCA)

Y2 - 24 October 2023 through 26 October 2023

ER -

Verifiable Credentials with Privacy-Preserving Tamper-Evident Revocation Mechanism

Abstract

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Embargoed Document

Fingerprint

Cite this