CallChain: Identity Authentication Based on Blockchain for Telephony Networks

TLDR: In this paper, the authors proposed a blockchain-based identity authentication system for telephony networks, called CallChain, which provides end-to-end identity authentication between the caller and receiver in the data channel without modifying the core technologies in telephony network.

Abstract: Telephony networks serve as a reliable communication channel, and phone numbers are usually used to authenticate users' identities in telephony networks. However, modern telephony networks does not provide end-to-end authentication for phone numbers, making it difficult for a receiver to confirm a caller's real identity. Moreover, due to the lack of effective authentication solutions for users, phone numbers are usually exploited to commit identity theft, credit card fraud, or telecom harassment by phone number spoofing a ttacks. I n t his paper, we propose a blockchain-based identity authentication system for telephony networks, CallChain. CallChain issues verifiable digital identities to users which bound a user to his/her phone number. Based on the digital identity, CallChain provides end-to-end identity authentication between the caller and receiver in the data channel without modifying the core technologies in telephony networks. In the proposed system, users first register decentralized identities (DIDs) and store them in the blockchain distributed ledger. Then Call Center issues verifiable PhoneNumber Credentials to users. And finally users conduct end-to-end identity authentication based on these PhoneNumber Credentials before the call is established. We implement a prototype as an App for Android-based phones based on an open source blockchain platform Hyperledger Indy. Moreover, we detect that CallChain only adds a worst-case 2.1 seconds call establishment overhead and can resist DDoS attacks effectively.