Privacy Protection During the Issuance and Revocation of Verifiable Credentials in Self-Sovereign Identity

Self-sovereign identity management systems operate in open network environments and face security threats from semi-trusted or malicious adversary models. In such environments, verifiable credentials are susceptible to attacks such as theft and forgery. In response to the privacy risks associated with verifiable credentials during issuance and revocation, this article proposes a privacy protection scheme for user information during the issuance and revocation processes of verifiable credentials in self-sovereign identity management based on blockchain technology. First, a privacy-preserving method that does not rely on a single identity provider and resists Sybil attacks has been designed using secure multi-party computation cryptographic techniques. Second, the consortium blockchain committee nodes act as the issuer of verifiable credentials. By combining attribute commitments and zero-knowledge proof techniques, the user's identity information is hidden, achieving the privacy protection goal during the issuance of verifiable credentials. Furthermore, in order to protect user privacy during the revocation of verifiable credentials (VCs), we employ a cryptographic accumulator technique to implement the revocation operation. This approach ensures the security of user privacy while effectively managing the revocation of credentials. Finally, this paper conducts a security analysis and performance evaluation of the proposed scheme. The results show that our scheme strikes a balance between security needs and time efficiency.