SLVC-DIDA: Signature-less Verifiable Credential-based Issuer-hiding and Multi-party Authentication for Decentralized Identity

TL;DR

SLVC-DIDA tackles PKI-based VC issuance vulnerabilities by eliminating signing keys and introducing issuer-hiding in a decentralized setting. It combines a Merkle-tree on-chain VC registry with zero-knowledge proofs and ZKSD to certify issuance without revealing identity attributes or issuer identities, achieving unforgeability, issuance privacy, and verification privacy. The framework maintains public verifiability through Merkle roots while preserving user control over identity data. Empirical results demonstrate low verification latency (about $0.3$ s), compact proofs (on the order of $10^3$ bytes), and favorable on-chain gas profiles, indicating practicality for large-scale DID authentication in real-world blockchains.

Abstract

As an emerging paradigm in digital identity, Decentralized Identity (DID) appears advantages over traditional identity management methods in a variety of aspects, e.g., enhancing user-centric online services and ensuring complete user autonomy and control. Verifiable Credential (VC) techniques are used to facilitate decentralized DID-based access control across multiple entities. However, existing DID schemes generally rely on a distributed public key infrastructure that also causes challenges, such as context information deduction, key exposure, and issuer data leakage. To address the issues above, this paper proposes a issuer-hiding and privacy-preserving DID multi-party authentication model with a signature-less VC scheme, named SLVC-DIDA, for the first time. Our proposed scheme avoids the dependence on signing keys by employing hashing and issuer membership proofs, which supports universal zero-knowledge multi-party DID authentications, eliminating additional technical integrations. We adopt a novel zero-knowledge circuit to maintain the anonymity of the issuer set, thereby enabling public verification while safeguarding the privacy of identity attributes via a Merkle tree-based VC list. Furthermore, by eliminating reliance on a Public Key Infrastructure (PKI), SLVC-DIDA enables decentralized and self-sovereign DID authentication. Our experiments further evaluate the effectiveness and practicality of SLVC-DIDA.

Figures (8)

• Figure 1: The high level architecture of our SLVC-DIDA model.
• Figure 2: The workflow of DID authentication in SLVC-DIDA.
• Figure 3: ZKP circuit of statement $\mathcal{S}$. Circular nodes represent private inputs, while hexagonal nodes represent public inputs. Our CRH function, Merkle trees are realized by Poisedon hash in our SLVC-DIDA. Each arrow represents a group of wires.
• Figure 4: Performance evaluation of SLVC-DIDA with varying numbers of VCs ($N_{\mathtt{VC}}$). (a) Computation time costs for each algorithm, where $\mathsf{VerifyIss}(\cdot)$ and $\mathsf{VerifyVC}(\cdot)$ measure the verification times for $\boldsymbol{\pi}_{S}$ and $\boldsymbol{\pi}_{\mathtt{VC}}$, respectively; (b) Sizes of the proofs $\boldsymbol{\pi}_{\mathtt{VC}}$ and $\boldsymbol{\pi}_{S}$; (c) Sizes of the proving and verification keys.
• Figure 5: Performance evaluation of SLVC-DIDA with varying Merkle tree heights ($H_{\mathtt{MK}}$), including (a) time costs of each algorithm, (b) proof sizes and (c) key sizes.

Theorems & Definitions (9)

• Definition 6.1: Generation Oracle ($\mathcal{GO}$)
• Definition 6.2: Issuance Oracle ($\mathcal{IO}$)
• Definition 6.3: VC Generation Unforgeability
• Definition 6.4: VC Issuance Unforgeability
• Definition 6.5: VC Issuance Privacy
• Definition 6.6: Issuer Anonymity
• Definition 6.7: VC Verification Privacy
• Theorem 6.1
• proof