A conflict of privacy and transparency requirements can be observed in many service systems that rely on verifiable identity-related information of their users. Such information is often required by services, for example, for access control purposes or to meet know-your-customer (KYC) obligations that providers have under anti-money laundering and counter-terrorism financing regulation (AML/CTF). At the same time, identity-related information of service users is highly privacy-relevant and unwanted exposure must be prevented at all costs.
A promising technological approach to resolve the tension between privacy and transparency in the context of service-based credential management is the combination of transparency-enabling blockchain technology and privacy-enabling zero-knowledge proofs applied for verifiable off-chain computations.
Seizing on the potential of this combination, in this paper, we propose a novel credential on-chaining system that ensures blockchain-based transparency while preserving pseudonymity of credential holders. We present a general model compliant to verifiable credential recommendation of the W3C and demonstrate how it can be applied to solve existing problems that require computational identity-related attribute verification.
The evaluation of our zkSNARKs-based reference implementation with ZoKrates show that, compared to related approaches based on, e.g., CL-signatures, our approach provides significant performance advantages and more flexible proof mechanisms, underpinning our vision of increasingly decentralized, transparent, and trustworthy service systems.
Authors
Jonathan Heiss works as research associate at the Information Systems Engineering (ISE), TU Berlin. His research currently focuses on the application of ZKPs and comparable technologies in blockchain-based decentralized applications for data on-chaining, thereby, addressing trustworthiness, privacy, and scalability problems
Robert Muth is a research associate at the Distributed Security Infrastructures (DSI) group at TU Berlin, supervised by Prof. Florian Tschorsch. His research focuses on blockchain technologies and network security.
Frank Pallas is a senior researcher and lecturer (tenured) in the ISE research group. Frank’s research and teaching focus is on interdisciplinary aspects of cutting-edge information systems, integrating technological, legal and economic perspectives. Currently, his main focus lies on Privacy Engineering.
Stefan Tai is Full Professor and Head of Chair Information Systems Engineering (ISE) at TU Berlin, Germany. He has been an ICSOC contributor and PC member/Senior PC member since the inaugural ICSOC.
