Revocable and Offline-Verifiable Self-Sovereign Identities

被引:15
作者
Abraham, Andreas [1 ]
More, Stefan [1 ]
Rabensteiner, Christof [1 ]
Horandner, Felix [1 ]
机构
[1] Graz Univ Technol, Inst Appl Informat Proc & Commun IAIK, Graz, Austria
来源
2020 IEEE 19TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2020) | 2020年
关键词
identity management; self-sovereign identity; offfine authentication; revocation; distributed ledger; SIGNATURES;
D O I
10.1109/TrustCom50675.2020.00136
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offfine-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using non-interactive zero-knowledge proofs, all while being offline.
引用
收藏
页码:1021 / 1028
页数:8
相关论文
共 25 条
[1]   Privacy-Preserving eID Derivation for Self-Sovereign Identity Systems [J].
Abraham, Andreas ;
Hoerandner, Felix ;
Omolola, Olamide ;
Ramacher, Sebastian .
INFORMATION AND COMMUNICATIONS SECURITY (ICICS 2019), 2020, 11999 :307-323
[2]  
Allen C., 2016, The path to self-sovereign identity
[3]  
Boldyreva A, 2003, LECT NOTES COMPUT SC, V2567, P31
[4]  
Boneh Dan, 2018, Advances in Cryptology - ASIACRYPT 2018. 24th International Conference on the Theory and Application of Cryptology and Information Security. Proceedings: Lecture Notes in Computer Science (LNCS 11273), P435, DOI 10.1007/978-3-030-03329-3_15
[5]   Short signatures from the Weil pairing [J].
Boneh, D ;
Lynn, B ;
Shacham, H .
JOURNAL OF CRYPTOLOGY, 2004, 17 (04) :297-319
[6]   Bulletproofs: Short Proofs for Confidential Transactions and More [J].
Bunz, Benedikt ;
Bootle, Jonathan ;
Boneh, Dan ;
Poelstra, Andrew ;
Wuille, Pieter ;
Maxwell, Greg .
2018 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2018, :315-334
[7]  
Cooper D., 2008, RFC 5280
[8]  
Drijvers M., 2019, IACR CRYPTOL EPRINT, P514
[9]  
Eastlake D., 2011, 6066 RFC INT ENG TAS, DOI [10.17487/rfc6234., DOI 10.17487/RFC6234]
[10]  
L. Foundation, 2020, TAIV SKYW