Print Email Facebook Twitter A privacy-preserving tamper-evident revocation mechanism for verifiable credentials Title A privacy-preserving tamper-evident revocation mechanism for verifiable credentials Author Xu, Li (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Erkin, Z. (mentor) Li, T. (graduation committee) Pouwelse, J.A. (graduation committee) Al-Ars, Z. (graduation committee) van Deventer, Oskar (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science | Cyber Security Date 2022-06-28 Abstract Third-party verified credentials (e.g. passports, diplomas) are essential in our daily life. The usage of third-party verified credentials bring us convenience in authentication. The Verifiable Credential (VC) data model is a new standard proposed by the W3C association to ease the expression and verification of third-party verified credentials on the Internet. The issuance and presentation of verifiable credentials are tamper-evident and privacy-preserving by design. However, the current verifiable credential data model lacks an explicit revocation design that guarantees the secure operations of the system. The lack of a revocation mechanism significantly limits the application of verifiable credentials. This thesis studies the revocation mechanisms of existing verifiable credential implementations. The existing revocation mechanisms are either tamper-evident or privacy-preserving. None of them can achieve the two properties together. To evolve the revocation mechanism to be both tamper-evident and privacy-preserving by design, we propose a new method which combines the BBS+ signature, a cryptographic accumulator and the blockchain. Our design enables the verifier to verify the presented credential’s revocation status without compromising the credentials holders’ privacy. We implement a proof-of-concept of our revocation mechanism to show it is practical in the real world. The experimental results show that after adding our revocation mechanism, the presentation time of a five-attribute credential changes from 22.22ms to 62.11ms (+39.89ms), and the verification time changes from 13.36ms to 44.56ms (+31.86ms). Moreover, the scalability analysis shows that our revocation mechanism can satisfy the need for revocation in the real world. Subject RevocationVerifiable CredentialZero-knowledge Proof To reference this document use: http://resolver.tudelft.nl/uuid:46e9c11e-03e9-4c7b-8d10-0040847d6d3e Part of collection Student theses Document type master thesis Rights © 2022 Li Xu Files PDF Master_Thesis_of_Li_Xu.pdf 724.99 KB Close viewer /islandora/object/uuid:46e9c11e-03e9-4c7b-8d10-0040847d6d3e/datastream/OBJ/view