TY - GEN
T1 - Fully Anonymous Decentralized Identity Supporting Threshold Traceability with Practical Blockchain
AU - Liu, Yizhong
AU - Zhao, Zedan
AU - Zhao, Boyu
AU - Ran, Feiang
AU - Lin, Xun
AU - Li, Dawei
AU - Guan, Zhenyu
N1 - Publisher Copyright:
© 2025 Copyright held by the owner/author(s).
PY - 2025/4/28
Y1 - 2025/4/28
N2 - Decentralized identity (DID) holds significant potential for applications in Web3, such as digital markets and financial systems. Traditional DID paradigms offer a degree of privacy but struggle to prevent the link analysis on user behaviours and repeated public key usage. Anonymity is not fully achieved, as users’ real identities or public keys are exposed to the issuing authority, while introducing high public key management complexity. Besides, existing anonymous credential schemes lack effective mechanisms for threshold traceability, not meeting Web3’s distributed governance requirements. In this paper, we propose FADID-TT, a Fully Anonymous DID system supporting Threshold Tracing with practical blockchain, to tackle the above challenges. Firstly, we propose a distributed identity registration scheme based on secret sharing. A committee composed of distributed issuing authorities is responsible for issuing user’s secret key shares and no single entity in the system can obtain a user’s real identity or public key, achieving anonymity to authority. Moreover, we design a fully anonymous DID system combined with anonymous signatures and decentralized anonymous credentials (DAC). A service provider can only use the committee public key to verify a user identity, eliminating the need for user public keys, fully resisting link attacks, and reducing the user public key management complexity from O(n) to O(1). Furthermore, we design a publicly verifiable threshold tracing mechanism that enables committee members to collaboratively trace the identity of a malicious user without compromising privacy guarantees. FADID-TT realizes publicly verifiable tracing via zero-knowledge proofs. Finally, we give comprehensive security analysis and concrete performance evaluation. In addition to evaluate each part of proposal, we also deploy FADID-TT on two well-known blockchain platforms including Hyperledger Fabric (permissioned) and Ethereum (permissionless) to demonstrate the practical feasibility of FADID-TT.
AB - Decentralized identity (DID) holds significant potential for applications in Web3, such as digital markets and financial systems. Traditional DID paradigms offer a degree of privacy but struggle to prevent the link analysis on user behaviours and repeated public key usage. Anonymity is not fully achieved, as users’ real identities or public keys are exposed to the issuing authority, while introducing high public key management complexity. Besides, existing anonymous credential schemes lack effective mechanisms for threshold traceability, not meeting Web3’s distributed governance requirements. In this paper, we propose FADID-TT, a Fully Anonymous DID system supporting Threshold Tracing with practical blockchain, to tackle the above challenges. Firstly, we propose a distributed identity registration scheme based on secret sharing. A committee composed of distributed issuing authorities is responsible for issuing user’s secret key shares and no single entity in the system can obtain a user’s real identity or public key, achieving anonymity to authority. Moreover, we design a fully anonymous DID system combined with anonymous signatures and decentralized anonymous credentials (DAC). A service provider can only use the committee public key to verify a user identity, eliminating the need for user public keys, fully resisting link attacks, and reducing the user public key management complexity from O(n) to O(1). Furthermore, we design a publicly verifiable threshold tracing mechanism that enables committee members to collaboratively trace the identity of a malicious user without compromising privacy guarantees. FADID-TT realizes publicly verifiable tracing via zero-knowledge proofs. Finally, we give comprehensive security analysis and concrete performance evaluation. In addition to evaluate each part of proposal, we also deploy FADID-TT on two well-known blockchain platforms including Hyperledger Fabric (permissioned) and Ethereum (permissionless) to demonstrate the practical feasibility of FADID-TT.
KW - blockchain
KW - decentralized identity
KW - full anonymity
KW - threshold traceability
UR - https://www.scopus.com/pages/publications/105005140251
U2 - 10.1145/3696410.3714762
DO - 10.1145/3696410.3714762
M3 - 会议稿件
AN - SCOPUS:105005140251
T3 - WWW 2025 - Proceedings of the ACM Web Conference
SP - 3628
EP - 3638
BT - WWW 2025 - Proceedings of the ACM Web Conference
PB - Association for Computing Machinery, Inc
T2 - 34th ACM Web Conference, WWW 2025
Y2 - 28 April 2025 through 2 May 2025
ER -