FutureDID: A Fully Decentralized Identity System With Multi-Party Verification

Decentralized identity (DID) systems conforming to the World Wide Web Consortium (W3C) Decentralized Identifiers (DIDs) and Verifiable Credentials Data Model recommendations have recently attracted attention due to their better autonomy, interoperability, and openness design. However, those W3C reco...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on computers 2024-08, Vol.73 (8), p.2051-2065
Main Authors: Deng, Haotian, Liang, Jinwen, Zhang, Chuan, Liu, Ximeng, Zhu, Liehuang, Guo, Song
Format: Article
Language:English
Subjects:
Authentication
blockchain
Blockchains
chameleon hash function
Computers
Decentralized identity
distributed key generation
identity revocation
Privacy
Resistance
Security
W3C
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Decentralized identity (DID) systems conforming to the World Wide Web Consortium (W3C) Decentralized Identifiers (DIDs) and Verifiable Credentials Data Model recommendations have recently attracted attention due to their better autonomy, interoperability, and openness design. However, those W3C recommendations lack a design for addressing the single point of failure (SPOF) and identity revocation, which could seriously compromise the robustness and practicality of DID systems. To remedy these limitations, we propose FutureDID, a DID system that enables multiple parties to jointly issue credentials and efficiently revoke DID identities, providing a robust and practical DID system. FutureDID is designed with a multi-party credential issuing mechanism based on distributed key generation technology, which transforms trust from a single entity to distributed committees and facilitates authentication between issuers, making it more resistant to SPOF. Moreover, the underlying blockchain system is built on a chameleon hash function to ensure tamper-proof and enable efficient identity revocation. We have implemented a prototype system using FISCO BCOS and conducted extensive evaluations to demonstrate the effectiveness and practicality of our system. Our evaluations have shown that FutureDID provides a significant improvement in efficiency, achieving at least a 60 \times Ă— efficiency improvement in identity revocation compared to state-of-the-art systems.
ISSN:0018-9340
1557-9956
DOI:10.1109/TC.2024.3398509