Anonymous yet accountable authentication can protect users' privacy and security and prevent users from misbehaving when they access public Wi-Fi hotspots. However, most existing privacy-enhanced authentication schemes either do not meet the accountability requirements in public Wi-Fi hotspot access or they are inherently dependent on trusted third parties, and therefore are undeployable in practical settings. In this paper, we design and implement an access authentication scheme to simultaneously and efficiently provide anonymity and accountability without relying on any trusted third party by utilizing a permissionless blockchain (e.g., Bitcoin or Ethereum) and Intel SGX. Inspired by the recent progress on Bitcoin techniques such as Colored Coins, we utilize the unmodified Bitcoin blockchain as the powerful platform to manage access credentials without introducing any trusted third party. We leverage SGX-based mixer to allow users to anonymously exchange their access credentials and design the verification path of access credentials to support blacklisting misbehaving access credentials without compromising users' anonymity. By integrating with the anti-double-spending property of the Bitcoin blockchain, our scheme can simultaneously provide users' accountability and anonymity without involving any trusted third party. Finally, we demonstrate that our proposed scheme is compatible with the current Bitcoin system or other permissionless blockchains, and is highly effective and practical for public Wi-Fi hotspot access control systems.
₹10000 (INR)
IEEE-2023