Paper 2019/1097
Anonymous Transactions with Revocation and Auditing in Hyperledger Fabric
Dmytro Bogatov and Angelo De Caro and Kaoutar Elkhiyaoui and Björn Tackmann
Abstract
In permissioned blockchain systems, participants are admitted to the network by receiving a credential from a certification authority. Each transaction processed by the network is required to be authorized by a valid participant who authenticates via their credential. Use case settings where privacy is a concern thus require proper privacy-preserving authentication and authorization mechanisms. Anonymous credential schemes are cryptographic mechanisms that allow a user to authenticate while showing only those attributes necessary in a given setting, which makes these schemes a great tool for authorizing transactions in permissioned blockchain systems based on the user's attributes. As in most setups of such systems there is one distinct certification authority for each organization in the network, the use of plain anonymous credential schemes still leaks the association of a user to their issuing organization. Camenisch, Drijvers, and Dubovitskaya (CCS 2017) therefore suggest the use of delegatable anonymous credential schemes, which allows to hide even that remaining piece of information. We implement private transaction authorization in Hyperledger Fabric based on delegatable anonymous credentials. To this end, we provide a production-grade open-source implementation of the Camenisch et al. scheme with several optimizations. We then extend Fabric to support the scheme as an additional mechanism for authorizing transactions. Our solution supports revocation and auditing, making it ready for real-world deployment. Our performance measurements show that the scheme, while incurring an overhead in comparison to the less privacy-preserving ones, is practical for settings with enhanced privacy requirements.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Blockchainpermissioned blockchainanonymous credentialshyperledger fabric
- Contact author(s)
- dmytro @ dbogatov org
- History
- 2022-01-24: last of 10 revisions
- 2019-09-29: received
- See all versions
- Short URL
- https://ia.cr/2019/1097
- License
-
CC BY