Decentralized Identity Management

The blockchain can be similarly used as a decentralized identity system. Namely, each entity can reserve and confirm its identity in the blockchain, which will inherently prevent any other entity from spoofing that identity. By confirming the identity records in the blockchain, such an approach ensures that (1) the identity cannot be changed/modified and (2) the identity is uniquely assigned to a single entity.

A successful instantiation of this application is OneName [16]. OneName is a protocol that enables the construction of decentralized identity system (DIS) using the Namecoin blockchain. Users are added to the OneName directory by means of a key-value store (KVS) interface, where the key is the username or ID and the value encodes the corresponding profile data (in JSON format).

Time-Dependent Source of Randomness

Bitcoin’s blockchain (and variant altcoins’ blockchain) can also be used to instantiate a time-dependent randomness generator GetRandomness : T ^ {0,1}?seed where T denotes a set of discrete points in time. In a nutshell, GetRandomness produces values that are unpredictable but publicly reconstructible.

More formally, let cur denote the current time. We define GetRandomness as follows. On input t G T, GetRandomness outputs a uniformly random string in {0,1}?seed if t < cur, otherwise GetRandomness outputs ±. We say that GetRandomness is secure if the output of GetRandomness(t) cannot be predicted with probability significantly better than 2-?seed as long as t < cur.

Similar to [17,18], we instantiate GetRandomness by leveraging functionality from Bitcoin, since the latter offers a convenient means (e.g., by means of API) to acquire time-dependent randomness.

Recent studies show that a public randomness beacon—outputting 64 bits of min-entropy every 10 minutes—can be built atop Bitcoin [19].

Given this, GetRandomness then unfolds as follows. On input time t, GetRandomness outputs the hash of the latest block that has appeared since time t in the Bitcoin blockchain. Clearly, if t > cur corresponds to a time in the future, then GetRandomness will output ±, since the hash of a Bitcoin block that would appear in the future cannot be predicted. On the other hand, it is straightforward to compute GetRandomness(t) fora value t < cur (i.e., t is in the past) by fetching the hash of previous Bitcoin blocks. In this way, GetRandomness enables an untrusted party to sample randomness without being able to predict the outcome ahead of time. Note that the security of GetRandomness depends on the underlying security of the blockchain. More specifically, if an entity is able to predict the outcome of GetRandomness, then he or she is able to predict a future block hash in the blockchain.

< Prev   CONTENTS   Source   Next >