BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials
Digital credentials represent crucial elements of digital identity on the Internet. Credentials should have specific properties that allow them to achieve privacy-preserving capabilities. One of these properties is selective disclosure, which allows users to disclose only the claims or attributes th...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10804156/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1846113856422674432 |
|---|---|
| author | Seila Becirovic Ramic Irfan Prazina Damir Pozderac Razija Turcinhodzic Mulahasanovic Sasa Mrdovic |
| author_facet | Seila Becirovic Ramic Irfan Prazina Damir Pozderac Razija Turcinhodzic Mulahasanovic Sasa Mrdovic |
| author_sort | Seila Becirovic Ramic |
| collection | DOAJ |
| description | Digital credentials represent crucial elements of digital identity on the Internet. Credentials should have specific properties that allow them to achieve privacy-preserving capabilities. One of these properties is selective disclosure, which allows users to disclose only the claims or attributes they must. This paper presents a novel approach to selective disclosure BLS-MT-ZKP that combines existing cryptographic primitives: Boneh-Lynn-Shacham (BLS) signatures, Merkle hash trees (MT) and zero-knowledge proof (ZKP) method called Bulletproofs. Combining these methods, we achieve selective disclosure of claims while conforming to selective disclosure requirements. New requirements are defined based on the definition of selective disclosure and privacy spectrum. Besides selective disclosure, specific use cases for equating digital credentials with paper credentials are achieved. The proposed approach was compared to the existing solutions, and its security, threat, performance and limitation analysis was done. For validation, a proof-of-concept was implemented, and the execution time was measured to demonstrate the practicality and efficiency of the approach. |
| format | Article |
| id | doaj-art-45ba0fcadace4cb48c92f3e5ff5c48c5 |
| institution | Kabale University |
| issn | 2169-3536 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-45ba0fcadace4cb48c92f3e5ff5c48c52024-12-21T00:00:49ZengIEEEIEEE Access2169-35362024-01-011219206219207810.1109/ACCESS.2024.351859710804156BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital CredentialsSeila Becirovic Ramic0https://orcid.org/0000-0001-7776-9350Irfan Prazina1https://orcid.org/0000-0002-4504-6737Damir Pozderac2https://orcid.org/0000-0002-3149-7238Razija Turcinhodzic Mulahasanovic3https://orcid.org/0000-0002-2653-9819Sasa Mrdovic4Faculty of Electrical Engineering, University of Sarajevo, Sarajevo, Bosnia and HerzegovinaFaculty of Electrical Engineering, University of Sarajevo, Sarajevo, Bosnia and HerzegovinaFaculty of Electrical Engineering, University of Sarajevo, Sarajevo, Bosnia and HerzegovinaFaculty of Electrical Engineering, University of Sarajevo, Sarajevo, Bosnia and HerzegovinaFaculty of Electrical Engineering, University of Sarajevo, Sarajevo, Bosnia and HerzegovinaDigital credentials represent crucial elements of digital identity on the Internet. Credentials should have specific properties that allow them to achieve privacy-preserving capabilities. One of these properties is selective disclosure, which allows users to disclose only the claims or attributes they must. This paper presents a novel approach to selective disclosure BLS-MT-ZKP that combines existing cryptographic primitives: Boneh-Lynn-Shacham (BLS) signatures, Merkle hash trees (MT) and zero-knowledge proof (ZKP) method called Bulletproofs. Combining these methods, we achieve selective disclosure of claims while conforming to selective disclosure requirements. New requirements are defined based on the definition of selective disclosure and privacy spectrum. Besides selective disclosure, specific use cases for equating digital credentials with paper credentials are achieved. The proposed approach was compared to the existing solutions, and its security, threat, performance and limitation analysis was done. For validation, a proof-of-concept was implemented, and the execution time was measured to demonstrate the practicality and efficiency of the approach.https://ieeexplore.ieee.org/document/10804156/BLS signaturesbulletproofsdigital credentialsMerkle hash treesselective disclosure |
| spellingShingle | Seila Becirovic Ramic Irfan Prazina Damir Pozderac Razija Turcinhodzic Mulahasanovic Sasa Mrdovic BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials IEEE Access BLS signatures bulletproofs digital credentials Merkle hash trees selective disclosure |
| title | BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials |
| title_full | BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials |
| title_fullStr | BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials |
| title_full_unstemmed | BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials |
| title_short | BLS-MT-ZKP: A Novel Approach to Selective Disclosure of Claims From Digital Credentials |
| title_sort | bls mt zkp a novel approach to selective disclosure of claims from digital credentials |
| topic | BLS signatures bulletproofs digital credentials Merkle hash trees selective disclosure |
| url | https://ieeexplore.ieee.org/document/10804156/ |
| work_keys_str_mv | AT seilabecirovicramic blsmtzkpanovelapproachtoselectivedisclosureofclaimsfromdigitalcredentials AT irfanprazina blsmtzkpanovelapproachtoselectivedisclosureofclaimsfromdigitalcredentials AT damirpozderac blsmtzkpanovelapproachtoselectivedisclosureofclaimsfromdigitalcredentials AT razijaturcinhodzicmulahasanovic blsmtzkpanovelapproachtoselectivedisclosureofclaimsfromdigitalcredentials AT sasamrdovic blsmtzkpanovelapproachtoselectivedisclosureofclaimsfromdigitalcredentials |