PRIDA-ME: A Privacy-Preserving, Interoperable and Decentralized Authentication Scheme for Metaverse Environment

IF 6.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of the Communications Society Pub Date : 2025-01-01 DOI:10.1109/OJCOMS.2024.3523518

Mehmood Ul Hassan;Yawar Abbas Bangash;Waseem Iqbal;Abdellah Chehri;Javed Iqbal

{"title":"PRIDA-ME: A Privacy-Preserving, Interoperable and Decentralized Authentication Scheme for Metaverse Environment","authors":"Mehmood Ul Hassan;Yawar Abbas Bangash;Waseem Iqbal;Abdellah Chehri;Javed Iqbal","doi":"10.1109/OJCOMS.2024.3523518","DOIUrl":null,"url":null,"abstract":"The metaverse is a new virtual world that has the potential to significantly impact our interactions with digital content and with each other. It is a shared virtual environment where users can seamlessly and with immersive experiences create, interact, and enjoy digital assets. Nevertheless, the metaverse also poses fundamental challenges, particularly about security and privacy concerns, that require careful consideration. One of the most daunting aspects of securing the metaverse is authentication. Several solutions have been proposed, including deployment of blockchain technology and smart contracts, to address these authentication challenges. While these methods provide a secure and tamper-proof authentication mechanism, they fail to meet certain critical security and privacy requirements like interoperability and decentralization. This research proposes an enhanced privacy-preserving authentication scheme based on blockchain, elliptic curve cryptography, biohashing, and a physical unclonable function that guards against various attacks. The proposed scheme does not rely on a single central authority and consists of various phases, including user and avatar authentication, password change, and avatar generation phases. The proposed scheme underwent security assessment using the Burrows Abadi Needham (BAN) logic, ProVerif tool, and Scyther tool. The results demonstrate that it provides a better level of security against a wide range of attack vectors. The proposed scheme offers a swift and efficient authentication mechanism that adheres to the requirements of the metaverse environment, such as interoperability, decentralization, and privacy protection, and requires less computation cost as compared to state-of-the-art schemes.","PeriodicalId":33803,"journal":{"name":"IEEE Open Journal of the Communications Society","volume":"6 ","pages":"493-515"},"PeriodicalIF":6.3000,"publicationDate":"2025-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10819498","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of the Communications Society","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10819498/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

The metaverse is a new virtual world that has the potential to significantly impact our interactions with digital content and with each other. It is a shared virtual environment where users can seamlessly and with immersive experiences create, interact, and enjoy digital assets. Nevertheless, the metaverse also poses fundamental challenges, particularly about security and privacy concerns, that require careful consideration. One of the most daunting aspects of securing the metaverse is authentication. Several solutions have been proposed, including deployment of blockchain technology and smart contracts, to address these authentication challenges. While these methods provide a secure and tamper-proof authentication mechanism, they fail to meet certain critical security and privacy requirements like interoperability and decentralization. This research proposes an enhanced privacy-preserving authentication scheme based on blockchain, elliptic curve cryptography, biohashing, and a physical unclonable function that guards against various attacks. The proposed scheme does not rely on a single central authority and consists of various phases, including user and avatar authentication, password change, and avatar generation phases. The proposed scheme underwent security assessment using the Burrows Abadi Needham (BAN) logic, ProVerif tool, and Scyther tool. The results demonstrate that it provides a better level of security against a wide range of attack vectors. The proposed scheme offers a swift and efficient authentication mechanism that adheres to the requirements of the metaverse environment, such as interoperability, decentralization, and privacy protection, and requires less computation cost as compared to state-of-the-art schemes.

查看原文本刊更多论文

PRIDA-ME：一种面向元环境的隐私保护、可互操作和分散的身份验证方案

虚拟世界是一个新的虚拟世界，它有可能显著影响我们与数字内容以及彼此之间的互动。这是一个共享的虚拟环境，用户可以无缝地沉浸式地创建、交互和享受数字资产。然而，虚拟世界也带来了根本性的挑战，特别是在安全和隐私问题上，需要仔细考虑。保护元数据库最令人生畏的一个方面是身份验证。已经提出了几种解决方案，包括部署区块链技术和智能合约，以应对这些身份验证挑战。虽然这些方法提供了安全和防篡改的身份验证机制，但它们无法满足某些关键的安全和隐私要求，如互操作性和去中心化。本研究提出了一种基于区块链、椭圆曲线加密、生物哈希和物理不可克隆功能的增强隐私保护认证方案，以防止各种攻击。该方案不依赖于单一的中央权威机构，由多个阶段组成，包括用户和虚拟身份验证、密码更改和虚拟身份生成阶段。该方案使用Burrows Abadi Needham （BAN）逻辑、ProVerif工具和Scyther工具进行了安全评估。结果表明，它针对各种攻击媒介提供了更好的安全性。所提出的方案提供了一种快速有效的身份验证机制，符合元环境的要求，如互操作性、去中心化和隐私保护，并且与最先进的方案相比，所需的计算成本更低。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of the Communications Society Multiple-

CiteScore

13.70

自引率

3.80%

发文量

审稿时长

10 weeks

期刊介绍： The IEEE Open Journal of the Communications Society (OJ-COMS) is an open access, all-electronic journal that publishes original high-quality manuscripts on advances in the state of the art of telecommunications systems and networks. The papers in IEEE OJ-COMS are included in Scopus. Submissions reporting new theoretical findings (including novel methods, concepts, and studies) and practical contributions (including experiments and development of prototypes) are welcome. Additionally, survey and tutorial articles are considered. The IEEE OJCOMS received its debut impact factor of 7.9 according to the Journal Citation Reports (JCR) 2023. The IEEE Open Journal of the Communications Society covers science, technology, applications and standards for information organization, collection and transfer using electronic, optical and wireless channels and networks. Some specific areas covered include: Systems and network architecture, control and management Protocols, software, and middleware Quality of service, reliability, and security Modulation, detection, coding, and signaling Switching and routing Mobile and portable communications Terminals and other end-user devices Networks for content distribution and distributed computing Communications-based distributed resources control.