A Fair Model of Identity Information Exchange Leveraging Zero-Knowledge
Total Page:16
File Type:pdf, Size:1020Kb
A Fair model of identity information exchange Leveraging Zero-Knowledge 1st Mohsen Rahnamaei 3rd Siavash Khorsandi Department of Computer Science and Engineering Department of Computer Science and Engineering Amirkabir University of Technology Amirkabir University of Technology Tehran, Iran Tehran, Iran [email protected] [email protected] 2nd Saeid Tousi Saeidi 4th Mehdi Shajari Department of Computer Science and Engineering Department of Computer Science and Engineering Amirkabir University of Technology Amirkabir University of Technology Tehran, Iran Tehran , Iran [email protected] [email protected] Abstract—Many companies use identity information for dif- In the present study, a model has been implemented by em- ferent goals. There are a lot of market places for identity ploying these algorithms. In this model, the selling of identity information. These markets have some practical issues such as information is managed by using the peers as intermediaries privacy, mutual trust and fairing exchange. The management of identity information is one of the most important applications for in the Ethereum blockchain [5]. blockchain, for which researchers have proposed a large number Our contribution is a blockchain-based model that helps an of models. In the present paper, an attempt has been made to entity to sell his/her identity information in a fair way and solve the problems that mentioned earlier to exchange identity protect his/her privacy. information on the blockchain. By using the game theory we propose a fair model of selling authorized identity information We proposed a dynamic game for this exchange that in the in an environment that include untrusted parties. Moreover we Nash action profile both owner and buyer properly deal with employ ZK-SNARK to protect users’ privacy. Also we use proxy each other, we can see a fair and an accurate trade in this re-encryption to record these information in IPFS. statement. We use smart contract to eliminate central trusted Index Terms—Blockchain, Privacy, ZK-SNARK, Smart con- third party and enforce game rule.In this game the buyer must tracts, Proxy re-encryption, Game theory, Identity information management prove that he/she get particular data, however, privacy rights prevent him/her to publish clear data, in order to solve this problem we employed ZK-SNARK [6]. I. INTRODUCTION The article structure is as follows: In Section II, we will Researchers in the field of blockchain technology has intro- explore some related works. In Section III-A, we will review duced several applications for blockchain . One of the most some researches and will discuss their weakness. Section important of these applications is the identity information III consists of basic concepts. We will review blockchain management [1] . Citizens need to share their information with technology and smart contract. In Section III-B, we review others in a certified and accredited manner. This action allows some concepts about privacy in the blockchain. We review them to take advantage of different social services. However, the basic concepts about zero-knowledge proof in III-C. The arXiv:2106.14180v1 [cs.CR] 27 Jun 2021 misuse of this information causes privacy violations [2]. proxy re-encryption algorithm is explained in Section III-D. In Blockchain is a distributed database on which the accuracy the next section, we describe our proposed solution. In IV-A, of the stored data can be guaranteed [3]. Researchers usually we present the basic concepts about our model. Also, in IV-B, use this technology for storing metadata. The architecture we discuss on the validity of our solution. Finally, in V, we and the way of employing this technology, along with some describe the conclusion. concerns about privacy and fairness , is the main challenge for researchers. In the present article, a new model has been II. RELATED WORK presented to maintain and enhance users’ privacy. The use of zero-knowledge proof algorithms and other en- In [7] authors develop smart contract that entities can cryption algorithms is a common tool in enhancing the privacy employ to trade IOT data. They use proxy re-encryption of blockchain-based applications. The proxy re-encryption [4] to improve scalability in this market. The confidentiality of algorithms used in the proposed model. A complete description data guaranteed with proxy re-encryption algorithm and the of the function of these algorithms is presented in Section financial transactions are automatically managed with smart III-D. contract. In this paper, writers supposed that all entities are trustable, in other word, they supposed the owner of informa- way that privacy to be improved. These studies often introduce tion send his/her data to the buyer without any dishonesty. Our new structures by applying encryption algorithms [13]. model develop the possibility of trading data in a situation The second category is related to research, in which the where buyer and seller don’t need any trust on each other. blockchain is used to improve privacy in other applications Notably, we have to emphasize that in each exchange of goods, [14]. In the second category, some of the models proposed fairness is very important, in another word seller must get the for identity information management on the blockchain, only money in exchange for goods and similarly for the buyer must stores metadata on the blockchain. In these models, the get goods in exchange of money. primary information is stored on centralized or distributed There are some researches that trying to improve fairness in storage, and the output of the hash function is placed on the blockchain based trading [8] [9] [10].The basic approaches the blockchain. Since it is challenging to make changes to to overcome fairness problem is Atomic Swap [10].Bigi et al. the information recorded on the blockchain, any unauthorized [8] use normal form game to work out fairness problem. In [8], changes to the information stored in the distributed database authors assume sent goods are accurate and authentic, while will be recognizable. owner may send defective goods. In this game if the owner send defective good the buyer prefer to be dishonest and verify C. Zero knowledge proof the transmission, while he get inaccurate good, because he One of the big problems in privacy was proving something want to increase his/her payoff. which prover didn’t want to reveal any information about real There exist different studies to facilitate trading data on things, for example, Alice wants to prove Bob, that she knows blockchain [11] [7] [9].Ari et al. [11] Published one of the first some secrets, but she doesn’t prefer to show that to Bob. paper that proposed criminal smart contract. These contracts Zero-knowledge proof devised to resolve this problem .This employ to handle financials transactions for criminals. For notion proposed in 1989 by MIT researchers Goldwasser et example leakage of secrets, key compromise and “calling- al. [15]. They explained the concept of knowledge, and how card” crimes, such as assassination. Their propose solution can convincingly prove the statement. In all zero-knowledge for document leakage is sophisticate in comparison with our protocols such as ZK-SNARK, we can see completeness, solution. We use game theory and ZK-SNARK to overcome soundness and zero-knowledge. this problem. • Completeness: If the statement is correct, then the verifier III. BASIC CONCEPTS will convince by an honest prover. • Soundness: If the statement is not true, any prover can’t A. Blockchain and Smart Contract convince the honest verifier, except some small probabil- Blockchain is a transparent distributed database that every- ity. one can use, and at the same time, no one has control over it. • Zero knowledge: Prover doesn’t disclose the private in- This database consists of a set of blocks connected by hash formation to verifier. algorithms. The connection of blocks improves the accuracy In this paper, the ZK-SNARK(Zero-Knowledge Succinct of the information contained in the blocks. These blocks are Non-Interactive Argument of Knowledge) is leveraged to updated by network peers. None of the peers has absolute preserve privacy in data transmission and proving of that. For control over the information recorded on the blockchain, and implementation phase, Zokrates [16] used to provide verifier attempts have been made to use motivational engineering smart contract and proof. This library provides high level algorithms so that the peers act in such a way that the blocks language to generating proofs of computation and verification to be updated [3].Storing metadata on the blockchain assist in Solidity. in ensuring the accuracy of these information related to this ZK-SNARK requires initial trusted setup phase which gen- metadata, which has been stored in other centralized and erates the common reference string and it must be done by distributed storage. a trusted entity. This is a challenging phase of the protocol. Ethereum smart contracts, as a distributed programs on Using a trusted entity is not irrational, but there is another peers available in the Ethereum blockchain, allow program- solution which can use to eliminate relying on the centralized mers to make sure their applications are running correctly. entity. Zcash generated ZK-SNARK parameters by using the With smart contracts, it is possible to build applications and trusted setup ceremony(multiparty computation) [17]. projects to have the capability of permanently functioning without intermediaries and corruption. Even a smart contract D. Proxy Re-Encryption programmer cannot change the smart contract code registered Proxy re-encryption algorithms [4] are a set of algorithms in the blockchain [12]. that allow an unreliable intermediary to re-encrypt an en- crypted text by another key. The unreliable intermediary can B. Privacy and Blockchain perform this process without knowing anything about the data. The research on blockchains’ privacy is divided into two Proxy re-encryption algorithms are similar to the public key general categories.