Securing Digital Identity in the Zero Trust Architecture: A Blockchain Approach to Privacy-Focused Multi-Factor Authentication

As network systems advance and become more sophisticated, the associated security challenges grow more complex. The zero trust model emerges as a new paradigm to address this, significantly emphasizing robust and continuous identity verification. Multi-factor authentication (MFA) methods have become crucial for enhancing authentication security within this framework. Additionally, the integration of blockchain technology is increasingly recognized for its potential to strengthen identity trustworthiness further, complementing the zero trust approach by providing a more secure and transparent identity verification process. However, privacy concerns remain, especially in public blockchain environments where personal data is vulnerable to inadvertent exposure. Also, using centralized servers for authentication, even in systems integrated with blockchain, presents the risk of creating single points of failure. This paper introduces a privacy-preserving MFA system that harnesses the decentralized capabilities of blockchain technology to enable a Distributed Authentication Mechanism (DAM) as a network of authenticators for enhancing the reliability of the authentication process. This system utilizes blockchain-based Zero-Knowledge Proofs (ZKP) as a privacy mechanism to prove the knowledge of a One-Time Password (OTP). This approach not only ensures the authenticity of the proof authenticity but also confirms the identity of the prover. In the final stage of the MFA process, non-transferable, non-fungible tokens (NFTs) are employed as authentication tokens for identity verification. Our experimental results and comparative security analyses suggest a relevant contribution to secure, private, and dependable MFA framework research.