選択的開示に関するReview論文を読む（３）

こんにちは、富士榮です。

引き続き選択的開示に関する調査論文を読んでいきます。

Selective disclosure in digital credentials: A review

https://www.sciencedirect.com/science/article/pii/S2405959524000614

今回はクレデンシャルのタイプごとに採用される選択的開示の手法の違いがあるかどうか、という話です。

リサーチの方法が結構面白くて、2007年から2022年までに発表されたタイプ別の選択的開示の方式、ゼロ知識証明の利用有無、ブロックチェーンの利用有無をまとめて傾向分析をしています。

分析結果から「2020年までは選択的開示署名ベース、ハッシュ値ベースの方式を採用したAC（Anonymous Credential）とABC（Attribute Based Credential）が中心だったのが、2020年以降はVC（Verifiable Credential）とZKP（ゼロ知識証明）を組み合わせた方法に焦点が当たってきている」と結論づけられています。もちろんリサーチベースの傾向なので実装とは別だとは思いますが、いよいよVC＋ZKPが技術的にも確立されてきている、ということなのかもしれません。

こんな感じで方式ベースでクレデンシャルタイプを調査した結果が記載されています。

Table 8. Methods, credentials, ZKP and blockchain in years.

Method	Paper	Year	Credential type	ZKP	Blockchain
Hash-based	[54]	2007	Digital credential
	[55]	2008	Digital credential
	[56]	2010	Digital credential	✓
	[61]	2017	ABC
	[50]	2019	Digital credential		✓
	[52]	2022	VC		✓
	[63]	2022	Digital credential	✓	✓
	[64]	2023	VC		✓
	[62]	2023	Digital credential		✓
	[57]	2023	SBT		✓
Signature-based	[69]	2008	AC	✓
	[67]	2009	Digital credential
	[72]	2015	AC	✓
	[68]	2019	ABC	✓
	[70]	2020	AC	✓
	[71]	2022	VC	✓	✓
	[74]	2023	ABC	✓
	[79]	2023	AC		✓
	[77]	2023	ABC	✓	✓
	[75]	2023	AC	✓
ZKP	[82]	2019	ABC	✓	✓
	[83]	2021	VC	✓	✓
ZKP & Signature-based	[87]	2013	AC	✓
	[78]	2018	ABC	✓	✓
	[88]	2021	PABC	✓
	[89]	2022	ABC	✓
ZKP & Hash-based	[85]	2023	VC	✓	✓
	[86]	2023	AC	✓	✓
Signature-based & Hash-based	[90]	2020	VC		✓
	[91]	2022	VC		✓

別表では切り口が少し異なっていてクレデンシャルタイプを軸に分析しています。

Table 9. Comparison of different credential types.

Type	Algorithma	ZKPa	Blockchaina	Examples	Maturity	Encoding	Characteristics
Digital credential	Hash			/	/	XML, JSON, PDF, blockchain-based formats, cryptographic tokens, smart contracts	Electronic versions of paper credentials. Any form of digital certification. Easily shareable, verifiable online and can improve administrative efficiency. Focused on transparency and traceability. More general and not inherently designed for privacy enhancement, unless otherwise specified.
AC	Signature	✓		/		JSON, XML, cryptographic tokens	Designed for anonymity of user. Enhances privacy and security by preventing user tracking and profiling. Complex in implementation. Misuse in avoiding accountability possible. ZKP enhancements and signatures can be computationally intensive. Extended versions more commonly used in practice.
ABC	Signature	✓		Idemix, U-prove	IBM, Microsoft, ABC4Trust, PrimeLife	JSON, XML, cryptographic tokens	Extension of ACs focused on attributes. Offers fine granularity over attributes disclosed. Increases user control and enhances privacy. Can be less efficient in terms of computation and storage. Flexibility requires strict policy enforcement mechanisms. Implemented and standardized through extensive work on it.
PABC	ZKP & Signature	✓		/	/	JSON, cryptographic proofs	Privacy enhancement of ABCs through the use of ZKPs. Maximizes privacy by ensuring minimal data exposure. Increases complexity and computational costs are higher. Lack of standardizations and practical usage.
SBT	Hash		✓	/	/	Smart contracts, token metadata	Lack of standardization and practical usage. Reliable and immutable proof of attributes. Depends on blockchain which can cause scalability issues. Non-transferability enhances security but causes lack of flexibility and is restrictive.
VC	All	✓	✓	HyperLedger AnonCreds SD-JWT, Multiple wallets	W3C VC	JSON, JSON-LD, JWT, JWP	Standardized format. Credentials can be independently verified (without direct access to the issuer). Highly interoperable and secure. Enhances trust and reduces fraud. Complex in implementation. Needs widespread adoption of the standard.

これらをマッピングして図示するとこんな感じになる様です。

なかなか興味深いですね。