Blockchain based Internet of Things (Debashis De, Siddhartha Bhattacharyya etc.)

118

A. Banerjee et al.

3.1

Role of Identity Management on Distributed Ledger

Technology in Internet of Things

Identity is document- or paper-based, which is prone to theft, loss, and fraud [20].

Digital identity allows us to access easily and swiftly between departments and

organizations. But it has an increasing risk of being hacked, compromised, leaked or

breached from the stored centralized server. So being digital is not enough. Digital

identities need to be private and secure.

3.2

Concepts Relating to Identity Management

Identity management can be done using zero knowledge proof, which is described in

Sect. 3.2.1, thus leading to decentralized identity management, which is described in

Sects. 3.2.2 and 3.2.3 discusses another important concept known as self-sovereign

identity.

3.2.1

Zero Knowledge Proof

Zero knowledge proof (ZKP) is the technique to enable data to be veriﬁed without

exposing the data. Therefore, ZKP has the power to control how the data is gathered,

processed, transacted, and shared. It uses a “veriﬁer” and a “prover”. During the

transaction using ZKP, the prover attempts to prove something to the veriﬁer without

informing the veriﬁer of anything else about the thing.

ZKP must maintain three main properties:

Completeness: When the statement is true, the honest veriﬁer must ensure it by

an honest prover.

Soundness: If the statement is false, the dishonest prover cannot prove it true

to an honest veriﬁer besides some small chance of error.

Zero-Knowledge: If the statement is true, no veriﬁer will know anything about

it other than the fact that it is true.

Integrating the zero knowledge proof in blockchain-based IoT will pave the path

towards better interoperability [21], identity management, authentication, security

[22], and privacy [23].

Figure 3 shows the basic diagram of zero knowledge proof (ZKP) [24]. The zero

knowledge proof [25] is a method of identifying legitimate user without revealing

the identity of the user. The ZKF consists of three parts, ﬁrst is ticket generator,

second is user and third is veriﬁer, for example, if we go to movie or cinema hall we

purchase ticket. So, the counter is ticket generator, while purchasing ticket here we

generally don’t reveal our identity such as name, address or social security number.

The allowed to enter movie hall or cinema hall when this ticket is veriﬁed in the gate,

so, this is the veriﬁer algorithm. This chapter gives ZKF for cloud security.