Blockchain-enabled privacy protection scheme for IoT digital identity management

Abstract

With the growth of the Internet of Things (IoT), millions of users, devices, and applications compose a complex and heterogeneous network, which increases the complexity of digital identity management. Traditional centralized digital identity management systems (DIMS) confront single points of failure and privacy leakages. The emergence of blockchain technology presents an opportunity for DIMS to handle the single point of failure problem associated with centralized architectures. However, the transparency inherent in blockchain technology still exposes DIMS to privacy leakages. In this paper, we propose the privacy-protected IoT DIMS (PPID), a novel blockchain-based distributed identity system to protect the privacy of on-chain identity data. The PPID achieves the unlinkability of identity-credential-verification. Specifically, the PPID adopts the Zero Knowledge Proof (ZKP) algorithm and Shamir secret sharing (SSS) to safeguard privacy security, resist replay attacks, and ensure data integrity. Finally, we evaluate the performance of ZKP computation in PPID, as well as the transaction fees of smart contract on the Ethereum blockchain.