Abstract:Digital identity plays a vital role in enabling secure access to resources and services in the digital world. Traditional identity authentication methods, such as password-based and biometric authentications, have limitations in terms of security, privacy, and scalability. Decentralized authentication approaches leveraging blockchain technology have emerged as a promising solution. However, existing decentralized authentication methods often rely on indirect identity verification (e.g. using passwords or digital signatures as authentication credentials) and face challenges such as Sybil attacks. In this paper, we propose BioZero, an efficient and privacy-preserving decentralized biometric authentication protocol that can be implemented on open blockchain. BioZero leverages Pedersen commitment and homomorphic computation to protect user biometric privacy while enabling efficient verification. We enhance the protocol with non-interactive homomorphic computation and employ zero-knowledge proofs for secure on-chain verification. The unique aspect of BioZero is that it is fully decentralized and can be executed by blockchain smart contracts in a very efficient way. We analyze the security of BioZero and validate its performance through a prototype implementation. The results demonstrate the effectiveness, efficiency, and security of BioZero in decentralized authentication scenarios. Our work contributes to the advancement of decentralized identity authentication using biometrics.

What problem does this paper attempt to address?

The problems that this paper attempts to solve are the insufficient privacy protection, low efficiency in existing decentralized identity authentication methods, and the problem of relying on indirect identity verification (such as passwords or digital signatures), especially biometric authentication on open blockchains. Specifically: 1. **Privacy Protection**: Existing decentralized identity authentication methods cannot effectively protect the privacy of users' biometric data. Directly implementing biometric authentication on open blockchains may lead to the misappropriation of users' identities and the leakage of biometric data. 2. **Efficiency Problem**: Smart contracts are slow in computing speed and high in cost on the currently mainstream open blockchains, and biometric verification usually requires a large amount of computing resources, which makes it difficult to perform efficient biometric verification on blockchains. 3. **Relying on Indirect Identity Verification**: At present, most decentralized authentication methods still rely on using secret information (such as passwords or digital signatures) as authentication credentials, and this method is vulnerable to security threats such as Sybil attacks. To solve these problems, the paper proposes the BioZero protocol, aiming to achieve efficient and privacy - protected decentralized biometric authentication on open blockchains in the following ways: - **Using Pedersen Commitment and Homomorphic Computation**: Protect the privacy of users' biometric data and at the same time allow efficient similarity calculation on ciphertexts. - **Adopting Non - Interactive Homomorphic Computation and Zero - Knowledge Proof**: Ensure the security and efficiency of on - chain verification, enabling users to complete authentication without exposing biometric data. - **Fully Decentralized**: Executed on open blockchains through smart contracts, without relying on any centralized third - party institutions, thus overcoming the limitations of centralized authentication. In summary, the BioZero protocol aims to solve the deficiencies of existing decentralized authentication methods in terms of privacy protection, efficiency, and security, and promote the development of biometric - based decentralized identity authentication.

BioZero: An Efficient and Privacy-Preserving Decentralized Biometric Authentication Protocol on Open Blockchain

A PRIVACY-PRESERVING AUTHENTICATION SCHEME USING BIOMETRICS FOR PERVASIVE COMPUTING ENVIRONMENTS

Decentralized Biometric Authentication based on Fuzzy Commitments and Blockchain

Leveraging zero knowledge proofs for blockchain-based identity sharing: A survey of advancements, challenges and opportunities

Poster: Towards Fully Distributed User Authentication with Blockchain.

Incorporating Zero-Knowledge Succinct Non-interactive Argument of Knowledge for Blockchain-based Identity Management with off-chain computations

A Blockchain-Based Digital Identity System with Privacy, Controllability, and Auditability

A Novel Approach to Blockchain-Based Digital Identity System

A novel blockchain-enabled zero-trust-based authentication scheme in power IoT environments

A Verifiable Credentials System with Privacy-Preserving Based on Blockchain

ZeroTrustBlock: Enhancing Security, Privacy, and Interoperability of Sensitive Data through ZeroTrust Permissioned Blockchain

Blockchain-Based Authentication Protocol Design from a Cloud Computing Perspective

Supervised and Revocable Decentralized Identity Privacy Protection Scheme

The Horcrux Protocol: A Method for Decentralized Biometric-based Self-sovereign Identity

SmartDID: A Novel Privacy-preserving Identity based on Blockchain for IoT

A novel blockchain's private key generation mechanism based on facial biometrics and physical unclonable function

Linking Souls to Humans with ZKBID: Accountable Anonymous Blockchain Accounts for Web 3.0 Decentralized Identity

zkLogin: Privacy-Preserving Blockchain Authentication with Existing Credentials

Bio-Rollup: a new privacy protection solution for biometrics based on two-layer scalability-focused blockchain

Multimodal biometric user authentication using improved decentralized fuzzy vault scheme based on Blockchain network

Fine-Grained and Fair Identity Authentication Scheme for Mobile Networks Based on Blockchain