identities & permission-groups for blockchains
TRANSCRIPT
![Page 1: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/1.jpg)
Identities&Permission-GroupsforBlockchains
ThomasHardjono&Alex(Sandy)PentlandMITConnectionScience
February2016
Confidential 12007-2016MITInternetTrustConsortium
OverviewofMITChainAnchor Project
PLEASEDONOTDISTRIBUTE
![Page 2: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/2.jpg)
Current“Identities”inBitcoin
Confidential 22007-2016MITInternetTrustConsortium
• Entitiesknownonlybytheirpublic-key• Self-created (”self-asserted”)• EntitiesaddressableonlywithinBitcoin• Purposedsolelyforcurrency transactions
![Page 3: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/3.jpg)
DigitalIdentitiesToday
Confidential 32007-2016MITInternetTrustConsortium
• IssuedbyIdentityProviders(IdP)• Addressable&routableglobally(cf.DNS)• Primary“identity”foraccessingservices
![Page 4: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/4.jpg)
Attributes&AttributeAuthorities
Confidential 42007-2016MITInternetTrustConsortium
![Page 5: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/5.jpg)
Challenge:WhichAlice&WhichAttributes
Confidential 52007-2016MITInternetTrustConsortium
Howto:• “Link”identitiesacrosslayers- preservingprivacy• Optiontoremainanonymousbutverifiable• Optiontodiscloseananonymousidentity–withoutaffectingotherownedidentities• Bindattributestoanonymousidentitywithverifiabletruthfulness
![Page 6: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/6.jpg)
ChainAnchor:PermissionGroups
Confidential 62007-2016MITInternetTrustConsortium
• PermissionGroup=Logicalgroupofentitiessharingacommonblockchain• GroupOwnerinitiallyknowstrueidentityofmembers• Eachmemberisgivenuniquesecretkeyingmaterial¶meters• Eachmember“blinds”keyingmaterialandthenoperatesanonymously
![Page 7: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/7.jpg)
ProvingMembership(Anonymously)
Confidential 72007-2016MITInternetTrustConsortium
• Memberswitchestoanonymous&̀ `blinds’’secretkeyingmaterial• MemberrunsZero-KnowledgeProof(ZKP)protocolwithVerifier• Membergeneratespublic-keypair,andVerifieraddspubkey tomember’slist• FromStep-2onwards,userisanonymoustoGroup-Owner&Verifier
![Page 8: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/8.jpg)
FilteringforMembers’Transactions
Confidential 82007-2016MITInternetTrustConsortium
• Participatingminerchoosestoprocessonlymembers’transactions• Minerlooks-upanonlistofmembers’public-keyspriortoprocessing• MinercanalsoremainanonymousbyrunningZKPprotocolwithVerifier• Minergetshigherrewardforparticipating– payoutfromGroup-Owner
![Page 9: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/9.jpg)
ChainAnchor:Use-Cases
Confidential 92007-2016MITInternetTrustConsortium
![Page 10: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/10.jpg)
UseCase#1:CompetingEntitiesSharingaCommonLedger
Confidential 102007-2016MITInternetTrustConsortium
• ChainAnchorGroupimplementsmembershiptosharedblockchain• Competingentitiesremainanonymoustooneanother• Optionaldisclosureofidentitywhenchallenged(e.g.regulatoryneeds)• Read/WriteorRead-onlyaccesstosharedblockchain
![Page 11: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/11.jpg)
UseCase#2:AttributeGroups
Confidential 112007-2016MITInternetTrustConsortium
• Membershipexpressespossessionofattributes(e.g.“Over18”group)• Usermustshowevidenceofeligibility(e.g.driver’slicense)• EvidenceissuedbyexternalAttributeAuthority• Userswitchestoanonymousmodeafterobtainingsecretparams.
![Page 12: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/12.jpg)
Use-Case#3:CertificateforAnonymousIdentity
Confidential 122007-2016MITInternetTrustConsortium
• VerifierbecomesaCertificateAuthority(orRegistrationAuthority)• Certificatecontainanonymousidentity&transactionpublic-key• Certificate,identity&public-keyusableoutsideblockchain
![Page 13: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/13.jpg)
Use-Case#4:“AML-Friendly”CurrencyCirculation
Confidential 132007-2016MITInternetTrustConsortium
• ChainAnchor groupimplementscontrolsovercurrencycirculation• GroupOwnerdisbursescurrencytomembersonly• Memberscantransactonlywithingroup• Spendinglimitpertransaction(pertimeduration)• Minersverifymembershipoforiginator&recipient
• TXwithunknownoriginator/recipientaredropped• TXwhichviolatespendinglimitaredropped
• Optiontodisclosedpubkey/addressuponlegalchallenge– butwithoutaffectingotherpubkeys• PropertyofZKPprotocol
• Canbe“overlayed”atopBitcoin
![Page 15: Identities & Permission-Groups for Blockchains](https://reader030.vdocument.in/reader030/viewer/2022012500/6178dc65e17ff6328f311675/html5/thumbnails/15.jpg)
©2007-2015MITInternetTrustConsortium confidential 15