The Horcrux Protocol: A Method for Decentralized Biometric-based Self-sovereign Identity

Most user authentication methods and identity proving systems rely on a centralized database. Such information storage presents a single point of compromise from a security perspective. If this system is compromised it poses a direct threat to users digital identities. This paper proposes a decentralized authentication method, called the Horcrux1 protocol, in which there is no such single point of compromise. The protocol relies on decentralized identifiers (DIDs) under development by the W3C Verifiable Claims Community Group and the concept of selfsovereign identity. To accomplish this, we propose specification and implementation of a decentralized biometric credential storage option via blockchains using DIDs and DID documents within the IEEE 2410–2017 Biometric Open Protocol Standard (BOPS).1The term “horcrux” comes from the Harry Potter book series in which the antagonist (Lord Voldemort) places copies of his soul into physical objects. Each object is scattered and/or hidden to disparate places around the world. He cannot be killed until all horcruxes are found and destroyed.

[1]  Chris Reed,et al.  Beyond BitCoin - legal impurities and off-chain assets , 2018, Int. J. Law Inf. Technol..

[2]  Yao Zhao,et al.  Automatic Vulnerability Checking of IEEE 802.16 WiMAX Protocols through TLA+ , 2006, 2006 2nd IEEE Workshop on Secure Network Protocols.

[3]  D. Baars Towards self-sovereign identity using blockchain technology , 2016 .

[4]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[5]  Niklas Carlsson,et al.  A Look at the Third-Party Identity Management Landscape , 2016, IEEE Internet Computing.

[6]  Ray Denenberg,et al.  Report from the Joint W3C/IETF URI Planning Interest Group: Uniform Resource Identifiers (URIs), URLs, and Uniform Resource Names (URNs): Clarifications and Recommendations , 2002, RFC.

[7]  Germano Caronni,et al.  Walking the Web of trust , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[8]  Michael Rosemann,et al.  Digital Identity 3.0: The Platform for People , 2015 .

[9]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[10]  Arun Ross,et al.  Visual Cryptography for Biometric Privacy , 2011, IEEE Transactions on Information Forensics and Security.

[11]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.

[12]  Marc Roeschlin,et al.  Mobile Biometrics in Financial Services: A Five Factor Framework , 2017 .

[13]  V. Radha,et al.  A Survey on Single Sign-On Techniques , 2012 .

[14]  Mounaim Cortet,et al.  PSD2: The digital transformation accelerator for banks , 2016, Journal of Payments Strategy & Systems.

[15]  Moni Naor,et al.  Visual Cryptography , 1994, Encyclopedia of Multimedia.

[16]  Muneeb Ali,et al.  Blockstack: A Global Naming and Storage System Secured by Blockchains , 2016, USENIX Annual Technical Conference.

[17]  Graeme G. Shanks,et al.  Identity crisis: user perspectives on multiplicity and control in federated identity management , 2011, Behav. Inf. Technol..