Invention for Blockchain-based solution for trusted identity

Blockchain and Fintech / By

Invented by Richard Redpath, Daniel A. Gisolfi, Bryce A. Curtis, Aaron K. Reed, International Business Machines Corp

The market for blockchain-based solutions for trusted identity is rapidly growing as organizations and individuals recognize the need for secure and reliable identity verification systems. Blockchain technology offers a decentralized and immutable platform that can revolutionize the way identities are managed and verified. Traditional identity verification systems are often centralized, making them vulnerable to data breaches and hacking attempts. In contrast, blockchain-based solutions provide a secure and transparent way to store and verify identity information. By leveraging the decentralized nature of blockchain, these solutions eliminate the need for intermediaries and reduce the risk of identity theft and fraud. One of the key advantages of blockchain-based identity solutions is the ability to provide self-sovereign identity. This means that individuals have full control over their own identity information and can choose who to share it with. This eliminates the need for individuals to rely on centralized authorities to manage their identities, giving them greater privacy and control. Moreover, blockchain-based identity solutions can also streamline processes such as Know Your Customer (KYC) and Anti-Money Laundering (AML) compliance. These processes often involve multiple parties and require extensive documentation and verification. With blockchain, all relevant information can be stored on a shared ledger, reducing the need for repetitive verification and improving efficiency. The market for blockchain-based identity solutions is not limited to any specific industry. It has applications in finance, healthcare, government, and many other sectors where identity verification is crucial. For example, in the financial industry, blockchain-based identity solutions can help prevent fraud and money laundering by ensuring that individuals are who they claim to be. In healthcare, blockchain-based identity solutions can securely store and share patient information, improving interoperability and enabling better coordination of care. Governments can also benefit from blockchain-based identity solutions by providing secure digital identities for citizens, reducing bureaucracy, and improving service delivery. Several companies and startups are already working on blockchain-based identity solutions. These solutions range from decentralized identity platforms to digital wallets that store and manage identity information. Some notable examples include Sovrin, uPort, and Civic. However, despite the potential of blockchain-based identity solutions, there are still challenges to overcome. One of the main challenges is the integration with existing systems and infrastructure. Many organizations still rely on legacy systems for identity verification, and transitioning to blockchain-based solutions may require significant investment and coordination. Another challenge is ensuring the privacy and security of identity information stored on the blockchain. While blockchain technology itself is secure, the implementation and management of identity solutions need to be carefully designed to protect sensitive information and prevent unauthorized access. In conclusion, the market for blockchain-based solutions for trusted identity is expanding rapidly as organizations and individuals recognize the need for secure and reliable identity verification systems. Blockchain technology offers a decentralized and transparent platform that can revolutionize the way identities are managed and verified. While there are challenges to overcome, the potential benefits of blockchain-based identity solutions are significant, and we can expect to see further growth and innovation in this space.

The International Business Machines Corp invention works as follows

The example operation could include connecting to a blockchain that stores an identity trait for a user and retrieving it from the blockchain. It may also include establishing a digital signature algorithm (DSA), based on the private key of the user, creating a proof of zero knowledge, succinct, non-interactive argument (zkSNARK), based on the DSA of the trait in the DSA trust group homomorphism, as witness data, or obtaining additional trust information about the user using the witness data

Background for Blockchain-based solution for trusted identity

Blockchains are being used in a wide range of applications today. A blockchain is also known as a Cryptographic Distributed Ledger. Distributed ledgers are ledgers that are replicated on multiple computers in their entirety or part. The CDL may have some of the following properties: irreversibility, accessibility, chronological and time-stamped, consensus based, verifiability, etc.

A distributed ledger” is a list of records which are constantly growing. It uses cryptographic techniques, such as the storage of cryptographic hashes for other blocks. A distributed ledger is a common example and can be used to store information as a public ledger. A blockchain is primarily used to store financial transactions but can also be used to store information about goods and services, such as products, packages, or status. A decentralized scheme gives authority and trust to decentralized networks and allows its nodes record continuously and sequentially their transactions in a public “block”, creating a unique “chain”. This is referred to as blockchain. Hash codes are used for cryptography to authenticate a transaction and eliminate a central mediator. A blockchain is a distributed data base that keeps a list of records continuously growing in blocks. These blocks are protected from revision and tampering due to their immutable nature. Each block has a timestamp as well as a link back to the previous block. A blockchain is a way to store, track, transmit and verify data. A blockchain is a distributed ledger system. Before adding a transaction, all peers must reach consensus.

Because a blockchain is distributed, it can be utilized to store traits of user identity that could be used for later validation of an individual’s identity. The trusted information stored in a Blockchain can be used for accessing resources or providing proof of events. This use of trusted data is problematic due to the distributed nature of blockchains. Secret information of users can be shared with others, and they must then rely on security measures. Limiting the dissemination of secret information is crucial. For some conventional solutions, the generation of random numbers for use as witness seeds is done using zero knowledge proofs or non-interactive zero knowledge proofs. These solutions are limited because the witness data does not relate to the identity traits of the user. The identity data can also be encrypted using a key that is derived from witness seed. This key could be obtained by an attacker. As an example, digital driver’s licence data (e.g. name, date-of-birth, license number etc.) can be used. The data is encrypted and hashed with a single key. The user may prefer to use just one data trait as a witness to validate and not the whole set of data traits.

Accordingly what is required is an efficient automated way of storing user identity traits in a Blockchain in such a manner that the user’s identity can be stored more safely and can be reliably confirmed to be trusted by using witness data.

This application aims to provide a method of storing user identity traits in a Blockchain. This application provides a non-interactive method of providing zero-knowledge verifications for a user identity on a blockchain based on trusted credentials.

According to exemplary embodiments of the system and method, a blockchain is used for storing and validating user identification traits. The exemplary embodiments can also use the blockchain for non-interactive, zero-knowledge verifications of a blockchain identity based upon witness data.

The method may include one or more of: connecting an identity service to a blockchain that stores an identity trait for a user; retrieving the identity trait by an Identity server; establishing by the Identity server a digital signature algorithm (DSA), based upon a public-key PK1, for the user associated to the identity trait, creating by the ID server a zero-knowledge-proof function using a DSA for witness data based upon a DSA of the trustgroup homomorphism, and providing the data by the challenger a

The method may include one or more of the following: connecting to a Blockchain configured to store an Identity trait of a User, retrieving the Identity trait from the Blockchain, creating a Trust Group Homomorphism Digital Signature Algorithm (DSA) based upon a Private Key, creating a Zero Knowledge succinct Non-Interactive Argument of Knowledge (zkSNARK), proof based on DSAs of a particular trait in the Trust Group Homomorphism DSA, as witness data,

The system may include a processor and a memory. The processor is configured to perform the following: connect to a Blockchain configured to store a user’s identity trait, retrieve the user’s identity trait from the Blockchain, establish a digital signature algorithm (DSA), based upon a public-key PK1, for the user that is associated with the identity-trait, create a zero knowledge proof function using a DSA for witness data based upon a DSA for a member of the Trust Group Ho

The system may include a processor, memory and a digital signature algorithm for the user that is based upon a private key. It can also be configured to create a proof of zero knowledge, succinct, non-interactive argument (zkSNARK), based upon a DSA.

The following example embodiments may be provided: “Another example embodiment can provide a nontransitory computer-readable medium that contains instructions that, when read by a processing unit, cause the processor perform one or more tasks, including connecting to a Blockchain configured to store the identity traits of a user; retrieving the identity traits from the blockchain; establishing a digital signature algorithm (DSA), based upon a public-key PK1, for the user associated to the identity trait, creating a zero knowledge proof function using a DSA based on a DSA based on a based on a a based based on a based on the based based based based based based based based based based based based based based based a based based based a based a DSA, with a DSA with a DSA with a PK2 with a PK2 with PK2 with a DSA for witness data.

A further example embodiment can provide a nontransitory computer-readable medium that contains instructions that, when read by a processing unit, cause the processor perform one or more of the following: connecting to a Blockchain configured to store the identity trait of the user, retrieving this identity trait from the Blockchain, creating a trust-group homomorphism DSA for the user using a private key; creating a zero-knowledge succinct argument of knowledge (zkSNARK), proof constructed on the basis of a DSA based on an a DSA based on a DSA based on a DSA based based on a DSA based on a DSA based based a DSA based based a DSA based based a DSA a DSA a DSA based based a DSA based a DSA, as witness data a DSA, a DSA, as witness data.

It will be understood that the components of the present invention, as described and illustrated herein in general, can be designed and arranged in many different ways. The following detailed description, which is represented by the figures attached, of one or more embodiments of a method and apparatus, a non-transitory computing medium, and a system is not meant to limit the scope as claimed, but is only representative of certain embodiments.

The instant features and structures or characteristics described in this specification can be combined in any way that suits the purposes of one or more embodiments. The usage of phrases like “example embodiments”, “some embodiments”, or similar language throughout this specification indicates that an embodiment could include a specific feature, structure, or characteristic related to the embodiment. The phrases “example embodiments”, “in some embodiments?”, “in other embodiments?”, or any other similar language throughout this specification don’t necessarily refer to the same group. Furthermore, the features, structures, and characteristics described in this specification may be combined in any way that suits the needs of one or more embodiments.

In addition, the term’message’ may be used in the description of embodiments. While the term?message? may have been used to describe embodiments, the application can be applied to any type of network data such as packet, frame, or datagram. The term “message” can also be used. The term “message” can also refer to packet, frame, or datagram. While certain types of signals and messages may be shown in certain embodiments, they are not limited by a particular type of message and the application does not limit itself to that type of signaling.

Example embodiments” provide methods, systems and non-transitory computers readable media. They also provide devices and/or networks that provide non-interactive proofs of zero-knowledge for a users identity based on traits stored in the blockchain. The example embodiments provide a mechanism to validate user identity using witness data stored on a blockchain.

The exemplary implementations may use recorded stored transactions. A distributed system is a blockchain, which includes nodes that can communicate with one another. A blockchain operates programs called chaincode (e.g., smart contracts, etc. The blockchain holds ledger and state data and executes transactions. Some transactions are chaincode operations. Blockchain transactions must typically be “endorsed” by certain blockchain members. Only endorsed transactions can be added to the blockchain. Other transactions are ignored. “There may be one or more chaincodes that are specific to management functions and parameters. These are collectively known as system chaincodes.

Nodes are the communication units of the Blockchain system. A “node” is a computer. Nodes can perform a logical task in that they may run multiple nodes with different types on the same server. Nodes are organized into trust domains, and they are controlled by logical entities. Nodes may include different types, such as a client or submitting-client node which submits a transaction-invocation to an endorser (e.g., peer), and broadcasts transaction-proposals to an ordering service (e.g., ordering node). A peer node can also receive transactions from clients, commit them, and maintain the state of the blockchain and a copy ledger. It is possible for peers to also act as an endorser. However, this is not required. An ordering-service-node or an orderer is a node running the communication service for all nodes, and which implements a delivery guarantee, such as a broadcast to each of the peer nodes in the system when committing transactions and modifying a world state of the blockchain, which is another name for the initial blockchain transaction which normally includes control and setup information.

A ledger” is a sequenced and tamper resistant record of all the state transitions in a blockchain. State transitions can be triggered by chaincode invocations, i.e. transactions, submitted by participants (e.g. client nodes. ordering nodes. endorser nodes. peer nodes. etc.). As a result of a transaction, if you create, update, delete, or do something similar, resulting in the committal of paired asset keys and values to the ledger, you may see state transitions. The ledger contains a blockchain, also known as a chain. It is used to store immutable records in blocks. The ledger includes a database that maintains the current state of the chain. Typically, there is one ledger for each channel. Each peer node keeps a copy for each channel to which they belong.

A chain” is a log of transactions that is organized as blocks with hash links. Each block contains N transactions, where N is greater or equal to one. The block header contains a hash for the block’s transactions as well as the header of the previous block. All transactions in the ledger can be cryptographically linked and sequenced this way. It is therefore impossible to alter the ledger without destroying the hash links. A hash of the most recent blockchain block represents all transactions on the chain before it. This allows peer nodes to be in a trusted and consistent state. The chain can be stored in a peer-node file system, such as local storage, cloud storage, or attached storage. This allows the blockchain workload to be efficiently supported by appending only.

The current state is the most recent values of all keys in the chain transaction log. The current state is often referred to by the term “world state” because it represents the most recent key values that a channel has access to. Invocations of chaincodes perform transactions on the current state data in the ledger. In order to make chaincode interactions more efficient, it is possible to store the most recent values of keys in a database. State databases can be an index view of the chain’s transactions. They can be generated from the chain whenever needed. State databases can be automatically recovered (or created if necessary) at peer node startup and before transactions are accepted. As mentioned above, the exemplary implementations may use stored blockchain transactions on a ledger.

Click here to view the patent on Google Patents.