A Survey on Essential Components of a Self-Sovereign Identity

Abstract This paper provides an overview of the Self-Sovereign Identity (SSI) concept, focusing on four different components that we identified as essential to the architecture. Self-Sovereign Identity is enabled by the new development of blockchain technology. Through the trustless, decentralised database that is provided by a blockchain, classic Identity Management registration processes can be replaced. We start off by giving a simple overview of blockchain based SSI, introducing an architecture overview as well as relevant actors in such a system. We further distinguish two major approaches, namely the Identifier Registry Model and its extension the Claim Registry Model. Subsequently we discuss identifiers in such a system, presenting past research in the area and current approaches in SSI in the context of Zooko’s Triangle. As the user of an SSI has to be linked with his digital identifier we also discuss authentication solutions. Most central to the concept of an SSI are the verifiable claims that are presented to relying parties. Resources in the field are only loosely connected. We will provide a more coherent view of verifiable claims in regards to blockchain based SSI and clarify differences in the used terminology. Storage solutions for the verifiable claims, both on- and off-chain, are presented with their advantages and disadvantages.

[1]  David Shaw,et al.  OpenPGP Message Format , 1998, RFC.

[2]  Arvind Narayanan,et al.  An Empirical Study of Namecoin and Lessons for Decentralized Namespace Design , 2015, WEIS.

[3]  Dragos Velicanu,et al.  A Decentralized Public Key Infrastructure with Identity Retention , 2014, IACR Cryptol. ePrint Arch..

[4]  Jude C. Nelson,et al.  Blockstack : A New Decentralized Internet , 2017 .

[5]  Jim Groom,et al.  The Path to Self-Sovereign Identity , 2017 .

[6]  Ahto Buldas,et al.  Efficient Quantum-Immune Keyless Signatures with Identity , 2014, IACR Cryptol. ePrint Arch..

[7]  Tatiana Gayvoronskaya,et al.  Blockchain: Hype oder Innovation , 2020 .

[8]  Marko Vukolic,et al.  Eventually Returning to Strong Consistency , 2016, IEEE Data Eng. Bull..

[9]  David Chadwick Smart Cards Aren't Always the Smart Choice , 1999, Computer.

[10]  Rich Salz,et al.  A Universally Unique IDentifier (UUID) URN Namespace , 2005, RFC.

[11]  Juan Benet,et al.  IPFS - Content Addressed, Versioned, P2P File System , 2014, ArXiv.

[12]  Sid Stamm,et al.  Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper) , 2011, Financial Cryptography.

[13]  Carl M. Ellison,et al.  Establishing identity without certification authorities , 1996 .

[14]  Ian Clarke,et al.  Freenet: A Distributed Anonymous Information Storage and Retrieval System , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[15]  Andreas Uhl,et al.  A survey on biometric cryptosystems and cancelable biometrics , 2011, EURASIP J. Inf. Secur..

[16]  Muneeb Ali,et al.  Blockstack: A Global Naming and Storage System Secured by Blockchains , 2016, USENIX Annual Technical Conference.

[17]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[18]  Stuart Haber,et al.  How to time-stamp a digital document , 1990, Journal of Cryptology.

[19]  Paul H. Levine,et al.  The Apollo DOMAIN Distributed File System , 1987 .

[20]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[21]  Paulo Sérgio Almeida,et al.  ID generation in mobile environments , 2006 .

[22]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[23]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .