Blockchain-enabled privacy protection scheme for IoT digital identity management

Hao Yu , Guijuan Wang , Anming Dong , Yubing Han , Yawei Wang , Jiguo Yu

High-Confidence Computing ›› 2025, Vol. 5 ›› Issue (4) : 100320

PDF
High-Confidence Computing ›› 2025, Vol. 5 ›› Issue (4) :100320 DOI: 10.1016/j.hcc.2025.100320
Research Articles
research-article

Blockchain-enabled privacy protection scheme for IoT digital identity management

Author information +
History +
PDF

Abstract

With the growth of the Internet of Things (IoT), millions of users, devices, and applications compose a complex and heterogeneous network, which increases the complexity of digital identity management. Traditional centralized digital identity management systems (DIMS) confront single points of failure and privacy leakages. The emergence of blockchain technology presents an opportunity for DIMS to handle the single point of failure problem associated with centralized architectures. However, the transparency inherent in blockchain technology still exposes DIMS to privacy leakages. In this paper, we propose the privacy-protected IoT DIMS (PPID), a novel blockchain-based distributed identity system to protect the privacy of on-chain identity data. The PPID achieves the unlinkability of identity-credential-verification. Specifically, the PPID adopts the Zero Knowledge Proof (ZKP) algorithm and Shamir secret sharing (SSS) to safeguard privacy security, resist replay attacks, and ensure data integrity. Finally, we evaluate the performance of ZKP computation in PPID, as well as the transaction fees of smart contract on the Ethereum blockchain.

Keywords

Blockchain / IoT / Privacy preservation / Zero-knowledge proof / Identity management

Cite this article

Download citation ▾
Hao Yu, Guijuan Wang, Anming Dong, Yubing Han, Yawei Wang, Jiguo Yu. Blockchain-enabled privacy protection scheme for IoT digital identity management. High-Confidence Computing, 2025, 5(4): 100320 DOI:10.1016/j.hcc.2025.100320

登录浏览全文

4963

注册一个新账户 忘记密码

CRediT authorship contribution statement

Hao Yu: Writing - original draft. Guijuan Wang: Writing - review & editing, Investigation, Funding acquisition, Formal analysis. Anming Dong: Methodology, Investigation, Data curation. Yubing Han: Supervision, Resources, Methodology. Yawei Wang: Project administration, Methodology, Investigation. Jiguo Yu: Funding acquisition, Writing - original draft, Writing - review & editing.

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work was supported in part by NSF of China (62202250, 62272256); in part by Shandong Province Youth Innovation Team Project (2024KJH032); in part by the Major Program of Shandong Provincial Natural Science Foundation for the Fundamental Research (ZR2022ZD03); in part by the National Natural Science Foundation of China (62402254); in part by the Natural Science Foundation of Shandong Province of China (ZR2022QF094); and in part by the Colleges and Universities 20 Terms Foundation of Jinan City (202228093), the Pilot Project for Integrated Innovation of Science, Education, and Industry of Qilu University of Technology (Shandong Academy of Sciences) (2024ZDZX08).

References

Publishing order | Descend order by publishing year | Descend order by cited within
[1]

Yuan Yuan, Jiguo Yu, Liangxu Zhang, Zhipeng Cai, Distributed optimization for intelligent IoT under unstable communication conditions, Comput. Commun. 199 (2023) 42-49.
[2]

Jiguo Yu, Suhui Liu, Minghui Xu, Hechuan Guo, Fangtian Zhong, Wei Cheng, An efficient revocable and searchable MA-ABE scheme with blockchain assistance for C-IoT, IEEE Int. Things J. 10 (3) (2022) 2754-2766.
[3]

Antonia Affinito, Stefania Zinno, Giovanni Stanco, Alessio Botta, Giorgio Ventre, The evolution of Mirai botnet scans over a six-year period, J. Inf. Secur. Appl. 79 (2023) 103629.
[4]

Muhammad Junaid Farooq, Quanyan Zhu, Modeling, analysis, and mitigation of dynamic botnet formation in wireless IoT networks, IEEE Trans. Inf. Forensics Secur. 14 (9) (2019) 2412-2426.
[5]

Stephen Herwig, Katura Harvey, George Hughey, Richard Roberts, Dave Levin, Measurement and analysis of hajime, a peer-to-peer IoT botnet,in:Network and Distributed Systems Security (NDSS) Symposium, 2019.
[6]

Constantinos Kolias, Georgios Kambourakis, Angelos Stavrou, Jeffrey Voas, DDoS in the IoT: Mirai and other botnets, Computer 50 (7) (2017) 80-84.
[7]

Yair Meidan, Michael Bohadana, Yael Mathov, Yisroel Mirsky, Asaf Shabtai, Dominik Breitenbacher, Yuval Elovici, N-baiot—network-based detection of iot botnet attacks using deep autoencoders, IEEE Pervasive Comput. 17 (3) (2018) 12-22.
[8]

Yizhong Liu, Boyu Zhao, Zedan Zhao, Jianwei Liu, Xun Lin, Qianhong Wu, Willy Susilo, SS-DID: A secure and scalable Web3 decentralized identity utilizing multi-layer sharding blockchain, IEEE Int. Things J. (2024) 1.
[9]

Kening Zhang, Carman K.M. Lee, Yung Po Tsang, Stateless blockchainbased lightweight identity management architecture for industrial IoT applications, IEEE Trans. Ind. Inform. 20 (6) (2024) 8394-8405.
[10]

Yiting Huang, Yong Yu, Huilin Li, Yannan Li, Aikui Tian, Blockchain-based continuous data integrity checking protocol with zero-knowledge privacy protection, Digit. Commun. Netw. 8 (5) (2022) 604-613.
[11]

Paritosh Ramanan, Dan Li, Nagi Gebraeel, Blockchain-based decentralized replay attack detection for large-scale power systems, IEEE Trans. Syst. Man Cybern.: Syst. 52 (8) (2021) 4727-4739.
[12]

Conner Fromknecht, Dragos Velicanu, Sophia Yakoubov, Certcoin: A namecoin based decentralized authentication system, Tech. Rep, 6, Massachusetts Inst. Technol., Cambridge, MA, USA, 2014, pp. 46-56.
[13]

Taochun Wang, Huimin Shen, Jian Chen, Fulong Chen, Qingshan Wu, Dong Xie, A hybrid blockchain-based identity authentication scheme for mobile crowd sensing, Future Gener. Comput. Syst. 143 (2023) 40-50.
[14]

Xianbin Xu, Yajun Guo, Yimin Guo, Fog-enabled private blockchain-based identity authentication scheme for smart home, Comput. Commun. 205 (2023) 58-68.
[15]

Mustafa Kara, Hisham RJ Merzeh, Muhammed Ali Aydın, Hasan Hüseyin Balık, VoIPChain: A decentralized identity authentication in Voice over IP using Blockchain, Comput. Commun. 198 (2023) 247-261.
[16]

Zhihua Cui, XUE Fei, Shiqiang Zhang, Xingjuan Cai, Yang Cao, Wensheng Zhang, Jinjun Chen, A hybrid blockchain-based identity authentication scheme for multi-WSN, IEEE Trans. Serv. Comput. 13 (2) (2020) 241-251.
[17]

Christian Lundkvist, Rouven Heck, Joel Torstensson, Zac Mitton, Michael Sena,Uport: A platform for self-sovereign identity, 128, 2017, p. 214, https://whitepaper.uport.me/uPort_whitepaper_DRAFT20170221.pdf.
[18]

Nitin Naik, Paul Jenkins, uPort open-source identity management system: An assessment of self-sovereign identity and user-centric data platform built on blockchain, in: 2020 IEEE International Symposium on Systems Engineering, ISSE, IEEE, 2020, pp. 1-7.
[19]

Mohammed Shuaib, Noor Hafizah Hassan, Sahnius Usman, Shadab Alam, Surbhi Bhatia, Arwa Mashat, Adarsh Kumar, Manoj Kumar, Self-sovereign identity solution for blockchain-based land registry system: a comparison, Mob. Inf. Syst. 2022 (2022) 1-17.
[20]

Tsan-Ming Choi, Blockchain-technology-supported platforms for diamond authentication and certification in luxury supply chains, Transp. Res. Part E: Logist. Transp. Rev. 128 (2019) 17-29.
[21]

Tong Zhou, Xiaofeng Li, He Zhao, EverSSDI: blockchain-based framework for verification, authorisation and recovery of self-sovereign identity using smart contracts, Int. J. Comput. Appl. Technol. 60 (3) (2019) 281-295.
[22]

Bakkiam David Deebak, Fida Hussain Memon, Kapal Dev, Sunder Ali Khowaja, Weizheng Wang, Nawab Muhammad Faseeh Qureshi, TAB-SAPP: A trust-aware blockchain-based seamless authentication for massive IoTenabled industrial applications, IEEE Trans. Ind. Inform. 19 (1) (2022) 243-250.
[23]

Priyanka Kamboj, Shivang Khare, Sujata Pal, User authentication using blockchain based smart contract in role-based access control, Peer-To-Peer Netw. Appl. 14 (5) (2021) 2961-2976.
[24]

Asier Atutxa, Jasone Astorga, Marc Barcelo, Aitor Urbieta, Eduardo Jacob, Improving efficiency and security of iIoT communications using in-network validation of server certificate, Comput. Ind. 144 (2023) 103802.
[25]

Mei Wang, Kun He, Jing Chen, Ruiying Du, Bingsheng Zhang, Zengpeng Li, PANDA: Lightweight non-interactive privacy-preserving data aggregation for constrained devices, Future Gener. Comput. Syst. 131 (2022) 28-42.
[26]

Hang Liu, Yang Ming, Chenhao Wang, Yi Zhao, Songnian Zhang, Rongxing Lu, Blockchain-assisted verifiable certificate-based searchable encryption against untrusted cloud server for industrial internet of things, Future Gener. Comput. Syst. 153 (2024) 97-112.
[27]

Tim Güneysu, Philip Hodges, Douglas Stebila, Greg Zaverucha, Georg Land, Mike Ounsworth, Proof-of-possession for KEM certificates using verifiable generation, in:Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, 2022, pp. 1337-1351.
[28]

Chaimaa Boudagdigue, Abderrahim Benslimane, Abdellatif Kobbane, Jiajia Liu, Trust-based certificate management for industrial IoT networks, IEEE Int. Things J. 10 (15) (2023) 12867-12885.
[29]

Zeeshan Siddiqui, Jiechao Gao, Muhammad Khurram Khan, An improved lightweight PUF-PKI digital certificate authentication scheme for the internet of things, IEEE Int. Things J. 9 (20) (2022) 19744-19756.
[30]

Minghui Xu, Yihao Guo, Chunchi Liu, Qin Hu, Dongxiao Yu, Zehui Xiong, Dusit Niyato, Xiuzhen Cheng, Exploring blockchain technology through a modular lens: A survey, ACM Comput. Surv. 56 (9) (2024) 1-39.
[31]

Yongkai Fan, Kaile Ma, Linlin Zhang, Xia Lei, Guangquan Xu, Gang Tan, ValidCNN: A large-scale CNN predictive integrity verification scheme based on zk-SNARK, IEEE Trans. Dependable Secur. Comput. (2024) 1-12.
[32]

Jacob Eberhardt, Stefan Tai, Zokrates-scalable privacy-preserving off-chain computations, in: 2018 IEEE International Conference on Internet of Things (IThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), IEEE, 2018, pp. 1084-1091.
[33]

Gaurang Bansal, Biplab Sikdar, Achieving secure and reliable UAV authentication: A Shamir’s secret sharing based approach, IEEE Trans. Netw. Sci. Eng. 11 (4) (2024) 3598-3610.
[34]

Yin Zhang, Ling Xiong, Fagen Li, Yukai Hao, Zhicai Liu, Blockchain-based privacy-preserving authentication with hierarchical access control using polynomial commitment for mobile cloud computing, IEEE Int. Things J. (2024) 18266-18280.
[35]

Zhonghua Liu, Tiansheng Wang, Fa Zhu, Xingchi Chen, Danilo Pelusi, Athanasios V Vasilakos, Domain adaptive learning based on equilibrium distribution and dynamic subspace approximation, Expert Syst. Appl. 249 (2024) 123673.
[36]

Claus Peter Schnorr, Markus Jakobsson, Security of signed ElGamal encryption, in: International Conference on the Theory and Application of Cryptology and Information Security, Springer, 2000, pp. 73-89.
[37]

Zijian Bao, Debiao He, Muhammad Khurram Khan, Min Luo, Qi Xie, Pbidm: Privacy-preserving blockchain-based identity management system for industrial internet of things, IEEE Trans. Ind. Inform. 19 (2) (2022) 1524-1534.
[38]

Shanshan Li, Chunxiang Xu, Yuan Zhang, Yicong Du, Anjia Yang, Xinsheng Wen, Kefei Chen, Backdoor-resistant public data integrity verification scheme based on smart contracts, IEEE Int. Things J. 10 (16) (2023) 14269-14284.
[39]

Xin Zhou, Bin Wang, Haotian Zhao, Hongbin Sun, Qinglai Guo, Binbin Chen, Incentivized coordinated heat-electricity-gas dispatch: A zero knowledge proof-based solution considering privacy and anti-forgery, IEEE Trans. Sustain. Energy 15 (2) (2023) 713-725.
[40]

Jie Yin, Yang Xiao, Qingqi Pei, Ying Ju, Lei Liu, Ming Xiao, Celimuge Wu, SmartDID: a novel privacy-preserving identity based on blockchain for IoT, IEEE Int. Things J. 10 (8) (2022) 6718-6732.
[41]

Xiaohui Yang, Wenjie Li, A zero-knowledge-proof-based digital identity management scheme in blockchain, Comput. Secur. 99 (2020) 102050.
[42]

David Gabay, Kemal Akkaya, Mumin Cebe, Privacy-preserving authentication scheme for connected electric vehicles using blockchain and zero knowledge proofs, IEEE Trans. Veh. Technol. 69 (6) (2020) 5760-5772.
[43]

Ruoting Xiong, Wei Ren, Xiaohan Hao, Jie He, Kim-Kwang Raymond Choo, BDIM: A blockchain-based decentralized identity management scheme for large scale internet of things, IEEE Int. Things J. 10 (24) (2023) 22581-22590.
[44]

Zhimei Yang, Changgen Peng, Chongyi Zhong, Yangyang Long, Consortium blockchain private key protection scheme based on rational secret sharing and blockchain, Comput. Netw. 242 (2024) 110260.
[45]

Shreyshi Shree, Chen Zhou, Masoud Barati, Data protection in internet of medical things using blockchain and secret sharing method, J. Supercomput. 80 (4) (2024) 5108-5135.
[46]

Mouna Nakkar, Riham AlTawy, Amr Youssef, Lightweight group authentication scheme leveraging Shamir’s secret sharing and PUFs, IEEE Trans. Netw. Sci. Eng. 11 (4) (2024) 3412-3429.
[47]

Jamila Alsayed Kassem, Sarwar Sayeed, Hector Marco-Gisbert, Zeeshan Pervez, Keshav Dahal, DNS-IdM: A blockchain identity management system to secure personal data sharing in a network, Appl. Sci. 9 (15) (2019) 2953.
AI Summary AI Mindmap
PDF

82

Accesses

0

Citation

Detail
Sections
Recommended

AI思维导图

/