Privacy-Preserving eID Derivation to Self-Sovereign Identity Systems with Offline Revocation

Andreas Abraham, Karl Koch, Stefan More, Sebastian Ramacher, Miha Stopar

Research output: Chapter in Book/Report/Conference proceedingConference paper

Abstract

Digital identities play a vital role in an increasingly
digital world. These identities often rely on central authorities to
issue and manage them. Central authorities have the drawback
of being a central trusted party, representing a bottleneck and
single point of failure with exclusive control of identity-related
data. Self-sovereign identity (SSI) tackles those problems by
utilizing distributed ledger technology and making users the
sovereign owners of their identity data. Nevertheless, SSI, as
recent technology, still lacks qualified identity data. This is
especially a problem since sensitive services like eGovernment
or banking services require identity data issued by a qualified
identity provider; thus, SSI-based identities cannot be used for
these services.
In this paper, we propose a concept for deriving identity data
from an existing identity system into an SSI in a fully privacypreserving
way by additionally supporting offline verification.
This way, we enable a chain of trust from the existing identity
system to the SSI system by introducing a novel trust model.
Our concept utilizes novel cryptographic primitives to support
efficient and privacy-preserving identity showing as well as revocation.
To underline the feasibility of our concept, we implement
a proof system and benchmark the related use cases.
Original languageEnglish
Title of host publicationThe 20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2021)
PublisherIEEE Computer Soc.
Publication statusAccepted/In press - 18 Aug 2021
Event20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications - Shenyang, Shenyang, Shenyang, China
Duration: 18 Aug 202120 Aug 2021
Conference number: 20
https://trustcom2021.sau.edu.cn/

Conference

Conference20th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Abbreviated titleTrustCom 2021
CountryChina
CityShenyang
Period18/08/2120/08/21
Internet address

Keywords

  • Self-Sovereign Identity
  • eID derivation
  • offline revocation
  • zero-knowledge proofs

Cite this