Traceable AI-driven Avatars Using Multi-factors of Physical World and Metaverse

TL;DR

This paper introduces a multi-factor authentication method for AI-driven avatars in the Metaverse, ensuring traceability and security against impersonation attacks through novel identity modeling and signature schemes.

Contribution

It proposes a new traceability authentication framework combining iris features, public keys, and a chameleon proxy signature scheme for AI avatars.

Findings

Authentication protocols complete in about 1 second.

The scheme is unforgeable and resists false accusations.

Effective in preventing impersonation attacks.

Abstract

Metaverse allows users to delegate their AI models to an AI engine, which builds corresponding AI-driven avatars to provide immersive experience for other users. Since current authentication methods mainly focus on human-driven avatars and ignore the traceability of AI-driven avatars, attackers may delegate the AI models of a target user to an AI proxy program to perform impersonation attacks without worrying about being detected. In this paper, we propose an authentication method using multi-factors to guarantee the traceability of AI-driven avatars. Firstly, we construct a user's identity model combining the manipulator's iris feature and the AI proxy's public key to ensure that an AI-driven avatar is associated with its original manipulator. Secondly, we propose a chameleon proxy signature scheme that supports the original manipulator to delegate his/her signing ability to an AI proxy. Finally, we design three authentication protocols for avatars based on the identity model and the chameleon proxy signature to guarantee the virtual-to-physical traceability including both the human-driven and AI-driven avatars. Security analysis shows that the proposed signature scheme is unforgeability and the authentication method is able to defend against false accusation. Extensive evaluations show that the designed authentication protocols complete user login, avatar delegation, mutual authentication, and avatar tracing in about 1s, meeting the actual application needs and helping to mitigate impersonation attacks by AI-driven avatars.