Revocable and Offline-Verifiable Self-Sovereign Identities

Research output: Chapter in Book/Report/Conference proceedingConference paper

Abstract

Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline.

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
EditorsGuojun Wang, Ryan Ko, Md Zakirul Alam Bhuiyan, Yi Pan
Pages1020-1027
Number of pages8
ISBN (Electronic)9780738143804
DOIs
Publication statusPublished - Dec 2020
EventThe 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications - Guangdong Hotel, Hybrider Event, Guangzhou, China
Duration: 29 Dec 20201 Jan 2021
http://ieee-trustcom.org/TrustCom2020/

Publication series

NameProceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020

Conference

ConferenceThe 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Abbreviated titleIEEE TrustCom 2020
CountryChina
CityHybrider Event, Guangzhou
Period29/12/201/01/21
Internet address

Keywords

  • Identity Management
  • Self-Sovereign Identity
  • Distributed Ledger
  • Offline Authentication
  • Revocation
  • Offline authentication
  • Distributed ledger
  • Self-sovereign identity
  • Identity management

ASJC Scopus subject areas

  • Software
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Revocable and Offline-Verifiable Self-Sovereign Identities'. Together they form a unique fingerprint.

Cite this