TY - JOUR
T1 - BcFCKA:Blockchain-based Fair and continuous key agreement for DIDComm in Self-Sovereign Identity
AU - Zhang, Mingrui
AU - Meng, Ru
AU - Wang, Tao
AU - Zhou, Yanwei
AU - Zhao, Yi
AU - Yang, Bo
AU - Zhang, Lei
N1 - Publisher Copyright:
Copyright © 2025. Published by Elsevier B.V.
PY - 2026/3
Y1 - 2026/3
N2 - Self-Sovereign Identity (SSI) is a novel identity management paradigm that empowers entities to control their own identities through agents, without relying on centralized authorities. However, the widely adopted DIDComm framework for secure communication between agents in SSI still faces several critical challenges, such as the lack of perfect forward secrecy, insufficient message loss resilience, and the absence of continuous key updates. To address these issues, we propose a blockchain-based Fair and Continuous Key Agreement (BcFCKA) primitive, which enables agents to perform fair and continuous session key updates, even in the presence of message loss and without relying on any centralized trusted entity. We further present a concrete scheme instantiation, namely BcFCX3DH, and provide both formal and informal analyses to demonstrate that our scheme achieves several security properties (e.g., known-key security and perfect forward secrecy) as well as several design goals (e.g., key pre-storage freedom and message loss resilience). In addition, simulation results show that the proposed scheme establishes the initial session key and performs key updates within only a few milliseconds, demonstrating its practicality.
AB - Self-Sovereign Identity (SSI) is a novel identity management paradigm that empowers entities to control their own identities through agents, without relying on centralized authorities. However, the widely adopted DIDComm framework for secure communication between agents in SSI still faces several critical challenges, such as the lack of perfect forward secrecy, insufficient message loss resilience, and the absence of continuous key updates. To address these issues, we propose a blockchain-based Fair and Continuous Key Agreement (BcFCKA) primitive, which enables agents to perform fair and continuous session key updates, even in the presence of message loss and without relying on any centralized trusted entity. We further present a concrete scheme instantiation, namely BcFCX3DH, and provide both formal and informal analyses to demonstrate that our scheme achieves several security properties (e.g., known-key security and perfect forward secrecy) as well as several design goals (e.g., key pre-storage freedom and message loss resilience). In addition, simulation results show that the proposed scheme establishes the initial session key and performs key updates within only a few milliseconds, demonstrating its practicality.
KW - Blockchain
KW - Decentralized identifier
KW - Key agreement
KW - Public key cryptography
KW - Self-sovereign identity
UR - https://www.scopus.com/pages/publications/105020584703
U2 - 10.1016/j.csi.2025.104085
DO - 10.1016/j.csi.2025.104085
M3 - 文章
AN - SCOPUS:105020584703
SN - 0920-5489
VL - 96
JO - Computer Standards and Interfaces
JF - Computer Standards and Interfaces
M1 - 104085
ER -