Smart Media Journal (스마트미디어저널)

THE KOREAN INSTITUTE OF SMART MEDIA (한국스마트미디어학회)
권호 표지
DOI QR코드

DOI QR Code

Blockchain-based Personal Information Authentication Method using Zero Knowledge Proofs

영지식을 활용한 블록체인 기반 개인정보 인증 기법

  • 이광규 (신한대학교 IT융합공학부 컴퓨터공학전공)
  • Received : 2021.06.28
  • Accepted : 2021.10.04
  • Published : 2021.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

The authentication process is a key step that should be used to verify that a user is legitimate, and it should be used to verify that a user is a legitimate user and grant access only to that user. Recently, two-factor authentication and OTP schemes are used by most applications to add a layer of security to the login process and to address the vulnerability of using only one factor for authentication, but this method also allows access to user accounts without permission. This is a known security vulnerability. In this paper, we propose a Zero Knowledge Proofs (ZKP) personal information authentication scheme based on a Smart Contract of a block chain that authenticates users with minimal personal information exposure conditions. This has the advantage of providing many security technologies to the authentication process based on blockchain technology, and that personal information authentication can be performed more safely than the existing authentication method.

인증 프로세스는 사용자가 합법적인지 확인하는 데 사용되어야 하는 주요 단계이며, 사용자가 합법적인 사용자인지 확인하고 해당 사용자에게만 액세스 권한을 부여하는 데 사용되어야 한다. 최근에는 로그인 프로세스에 보안 계층을 추가하여 인증에 하나의 요소만 사용하는 취약점을 해결하기 위해 대부분의 애플리케이션에서는 이중인증과 OTP체계를 사용하고 있지만, 이 방법도 허가 없이 사용자 계정에 액세스할 수 있는 방법이 알려져 보안에 취약하다. 본 논문에서는 최소한의 개인정보만을 노출 조건으로 사용자를 인증하는 블록체인의 Smart Contract 기반으로 영지식(ZKP:Zero Knowledge Proofs)개인정보 인증 기법을 제안한다. 이는 블록체인 기술을 기반으로 인증 프로세스에 많은 보안 기술을 제공하고, 개인정보 인증을 기존의 인증방식보다 안전하게 수행할 수 있다는 장점이 있다.

Keywords

Acknowledgement

이 논문은 2021년도 신한대학교 교내학술연구지원을 받아 수행된 연구임(No. 2021-0000000).

References

  1. Nakamoto Satoshi, "Bitcoin: A peer-to-peer electronic cash system," Oct., 2008.
  2. Ahmed Kosba, et al, "Hawk: The blockchain model of cryptography and privacy-preserving Smart Contracts," 2016 IEEE symposium on security and privacy (SP), pp. 839-858, San Jose, USA, May, 2016.
  3. Wood Gavin, "Ethereum: A secure decentralised generalised transaction ledger," Ethereum project yellow paper 151, pp. 1-32, 2014.
  4. M. Thomas and V. Panchami, "An encryption protocol for end-to-end secure transmission of SMS," International Conference on Circuits, Power and Computing Technologies, pp. 1-6, Nagercoil, India, Mar., 2015.
  5. Y. S. Jeong, S. H. Han and S. S. Shin. "A Study on Mobile OTP Generation Model," Journal of Digital Convergence, vol. 10, no. 2, pp. 183-191, Mar., 2012. https://doi.org/10.14400/JDPM.2012.10.2.183
  6. C.T.Li, C.Y.Weng and C. Fan, "Two-Factor User Authentication in Multi-Server Networks," International Journal of Security and Its Applications, vol. 6, no. 2, pp. 261-268, Jan., 2012.
  7. S. Yevseiev, et al., "Developing of multi-factor authentication method based on niederreiter-mceliece modified crypto-code system," Eastern-European Journal of Enterprise Technologies, Vol. 6, no. 4, pp. 11-23, Dec., 2016. https://doi.org/10.15587/1729-4061.2016.86175
  8. Z. Lu, Q. Wang, G. Qu, H. Zhang and Z. Liu, "A blockchain-based privacy-preserving authentication scheme for vanets," IEEE Transac- tions on Very Large Scale Integration (VLSI) Systems, vol. 27, no. 12, pp. 2792-2801, Aug., 2019. https://doi.org/10.1109/tvlsi.2019.2929420
  9. M. Campanelli, D. Fiore, and A. Querol, "LegoSNARK: modular design and composition of succinct zero knowledge proofs," CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2075-2092, London, United Kingdom, Nov., 2019.
  10. S. Agrawal, C. Ganesh and P. Mohassel, "Non-interactive zero knowledge proofs for composite statements," CRYPTO2018, pp. 643-673, Aug., 2018.
  11. Jung Sun-IL, Kim Young-Chul, "Study on User Interface for a Capacitive-Sensor Based Smart Device," Smart Media Journal, vol. 8, no. 3, pp. 47-52, Sep., 2019. https://doi.org/10.30693/SMJ.2019.8.3.47
  12. Min Youn-A, "A Study on Modified Consensus Algorithm Considering Private Blockchain Environment-based User Environment," Smart Media Journal, Vol. 9, No. 1, pp.09-15, Mar., 2020. https://doi.org/10.30693/SMJ.2020.9.1.9
  13. Lee Kwan Mok, Kim Yong Hwan, Bae Ki Tae, "Transaction Model Suggestion by using Two Enforcements with a Blockchain based on a Service Platform," Smart Media Journal, Vol. 9, No. 4, pp. 91-96, Dec., 2020.