Title | Lightweight Protection of User Identity Privacy Based on Zero-knowledge Proof |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Ren, Zhengwei, Zha, Xianye, Zhang, Kai, Liu, Jing, Zhao, Heng |
Conference Name | 2019 IEEE International Conference on Systems, Man and Cybernetics (SMC) |
Date Published | oct |
Keywords | authentication, data privacy, human factors, password, policy-based governance, privacy, Proposals, Protocols, pubcrawl, Resiliency, Scalability, zero trust |
Abstract | A number of solutions have been proposed to tackle the user privacy-preserving issue. Most of existing schemes, however, focus on methodology and techniques from the perspective of data processing. In this paper, we propose a lightweight privacy-preserving scheme for user identity from the perspective of data user and applied cryptography. The basic idea is to break the association relationships between User identity and his behaviors and ensure that User can access data or services as usual while the real identity will not be revealed. To this end, an interactive zero-knowledge proof protocol of identity is executed between CSP and User. Besides, a trusted third-party is introduced to manage user information, help CSP to validate User identity and establish secure channel between CSP and User via random shared key. After passing identity validation, User can log into cloud platform as usual without changing existing business process using random temporary account and password generated by CSP and sent to User by the secure channel which can further obscure the association relationships between identity and behaviors. Formal security analysis and theoretic and experimental evaluations are conducted, showing that the proposal is efficient and practical. |
DOI | 10.1109/SMC.2019.8913866 |
Citation Key | ren_lightweight_2019 |