Research On Construction And Authentication Of Auditable Self-Sovereign Identity

Self-sovereign identity(SSI)is a new distributed method for identity management,aiming to address the problems of traditional identity management such as single point of failure,user data leakage and user identity theft.However,existing schemes mainly use static strings to represent users’ digital identities and rely on third-party executable programs to manage digital identities,which seriously weakens users’ control over their identities.Furthermore,although most schemes achieve anonymous authentication of users with decentralized identifiers and verifiable credentials,they do not design different authentication models in conjunction with specific business needs,and there is drawback of linkable user behavior.In addition,scholars’ overemphasis on user self-sovereignty has led to the emergence of regulatory deficiencies,audit difficulties,and regulatory inequities.Therefore,this paper provides an in-depth analysis of the above-mentioned issues and investigates the construction and authentication of auditable self-sovereign identity.The main research results are as follows:(1)In view of the static digital identity constructed by the existing self-sovereign identity management schemes that rely too much on third-party executable programs and the lack of accountability and unfair accountability,a joint regulatory self-sovereign identity generation(JRSSIG)mechanism is proposed to achieve complete control of the user’s identity and balance between privacy protection and fair accountability.First of all,a unique dynamic executable code is generated for each user as the digital identity entity,which is driven by the user himself for identity management.Secondly,based on shamir(t,n)threshold secret sharing algorithm and combined with consortium blockchain,this mechanism realizes joint participation of multiple parties to sanction violations to ensure fair and just accountability.Finally,compared with existing representative schemes,the security and performance analysis results show that the digital identity entity constructed by the JRSSIG mechanism can not only effectively resist sybil attack,identity impersonation,etc.,but also has six properties such as existence,ownership and permanence.In addition,the digital identity requires no more than 1ms of time overhead for both generation and accountability,and only 505 bytes and 94 bytes of storage space are required for the server and blockchain,which can meet practical application requirements.(2)Aiming at the existing self-sovereign identity management schemes that do not design different identity authentication modes in conjunction with business requirements and have problems such as linkable user behavior,lack of accountability and difficulty in auditing,an auditable hierarchical self-sovereign identity authentication(AHSSIA)protocol is proposed to protect user privacy and support trusted accountability.According to identity timeliness,the AHSSIA protocol divides digital identity into two levels: guest and member,and provides hierarchical authentication protocols based on W3 C decentralized identifier and verifiable credentials standards to meet different business authentication needs.Then,the AHSSIA protocol designs the decentralized identifier as a dynamic auditable authentication factor based on the Paillier homomorphic encryption algorithm,and dynamically constructs the forgettable verifiable credentials with the help of algorithms such as structure-preserving signatures,in order to balance trusted accountability and privacy protection.At last,the security and performance of the AHSSIA protocol are analyzed and compared,and the results show that,with lower authentication time overhead,our AHSSIA protocol not only provides strong security,but also reduces the regulatory time overhead within 1ms.Meanwhile,the blockchain Gas overhead for guest authentication is reduced by more than 40%,and does not significantly increase the Gas overhead for member authentication.