Decentralized Identity Authentication with Auditability and Privacy

Decentralized identity (DID) systems aim to give users full control over their identities by using completely decentralized technologies, such as blockchain or distributed ledgers, providers. However, when user credentials are compromised, it is impossible in existing DID for the detect credential misuse. In this paper, we propose new authentication protocols with two properties: auditability and privacy. The former enables detection of malicious events, while latter prevents an adversary from linking event corresponding service provider. We present that achieve varying privacy performance guarantees. first protocol has high performance, but reveals information about user. second achieves privacy, incurs a higher overhead. formal security analysis our privacy-preserving Tamarin prover. implemented them evaluated permissioned deployed Amazon AWS local cloud infrastructure. results demonstrate able support realistic workloads, nearly practical.