Revocable and Offline-Verifiable Self-Sovereign Identities

Andreas Abraham; Stefan More; Christof Rabensteiner; Felix Hörandner

doi:10.1109/TrustCom50675.2020.00136

Revocable and Offline-Verifiable Self-Sovereign Identities

Andreas Abraham, Stefan More, Christof Rabensteiner, Felix Hörandner

Institute of Applied Information Processing and Communications (7050)

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline.

Original language	English
Title of host publication	Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020
Editors	Guojun Wang, Ryan Ko, Md Zakirul Alam Bhuiyan, Yi Pan
Pages	1020-1027
Number of pages	8
ISBN (Electronic)	9780738143804
DOIs	https://doi.org/10.1109/TrustCom50675.2020.00136
Publication status	Published - Dec 2020
Event	19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications: TrustCom 2020 - Guangdong Hotel, Hybrider Event, Guangzhou, China Duration: 29 Dec 2020 → 1 Jan 2021 http://ieee-trustcom.org/TrustCom2020/

Publication series

Name	Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020

Conference

Conference	19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Abbreviated title	IEEE TrustCom 2020
Country/Territory	China
City	Hybrider Event, Guangzhou
Period	29/12/20 → 1/01/21
Internet address	http://ieee-trustcom.org/TrustCom2020/

Keywords

Identity Management
Self-Sovereign Identity
Distributed Ledger
Offline Authentication
Revocation
Offline authentication
Distributed ledger
Self-sovereign identity
Identity management

ASJC Scopus subject areas

Software
Information Systems and Management
Safety, Risk, Reliability and Quality
Computer Networks and Communications

Access to Document

10.1109/TrustCom50675.2020.00136

Cite this

Abraham, A., More, S., Rabensteiner, C., & Hörandner, F. (2020). Revocable and Offline-Verifiable Self-Sovereign Identities. In G. Wang, R. Ko, M. Z. A. Bhuiyan, & Y. Pan (Eds.), Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020 (pp. 1020-1027). [9343191] (Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020). https://doi.org/10.1109/TrustCom50675.2020.00136

Revocable and Offline-Verifiable Self-Sovereign Identities. / Abraham, Andreas; More, Stefan; Rabensteiner, Christof et al.
Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020. ed. / Guojun Wang; Ryan Ko; Md Zakirul Alam Bhuiyan; Yi Pan. 2020. p. 1020-1027 9343191 (Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abraham, A, More, S, Rabensteiner, C & Hörandner, F 2020, Revocable and Offline-Verifiable Self-Sovereign Identities. in G Wang, R Ko, MZA Bhuiyan & Y Pan (eds), Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020., 9343191, Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020, pp. 1020-1027, 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Hybrider Event, Guangzhou, China, 29/12/20. https://doi.org/10.1109/TrustCom50675.2020.00136

Abraham A, More S, Rabensteiner C, Hörandner F. Revocable and Offline-Verifiable Self-Sovereign Identities. In Wang G, Ko R, Bhuiyan MZA, Pan Y, editors, Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020. 2020. p. 1020-1027. 9343191. (Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020). doi: 10.1109/TrustCom50675.2020.00136

Abraham, Andreas ; More, Stefan ; Rabensteiner, Christof et al. / Revocable and Offline-Verifiable Self-Sovereign Identities. Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020. editor / Guojun Wang ; Ryan Ko ; Md Zakirul Alam Bhuiyan ; Yi Pan. 2020. pp. 1020-1027 (Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020).

@inproceedings{e3316477e5f9425994dbaf17a7bf4b5c,

title = "Revocable and Offline-Verifiable Self-Sovereign Identities",

abstract = "Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline.",

keywords = "Identity Management, Self-Sovereign Identity, Distributed Ledger, Offline Authentication, Revocation, Offline authentication, Distributed ledger, Self-sovereign identity, Identity management",

author = "Andreas Abraham and Stefan More and Christof Rabensteiner and Felix H{\"o}randner",

year = "2020",

month = dec,

doi = "10.1109/TrustCom50675.2020.00136",

language = "English",

series = "Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020",

pages = "1020--1027",

editor = "Guojun Wang and Ryan Ko and Bhuiyan, {Md Zakirul Alam} and Yi Pan",

booktitle = "Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020",

note = "19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications : TrustCom 2020, IEEE TrustCom 2020 ; Conference date: 29-12-2020 Through 01-01-2021",

url = "http://ieee-trustcom.org/TrustCom2020/",

}

TY - GEN

T1 - Revocable and Offline-Verifiable Self-Sovereign Identities

AU - Abraham, Andreas

AU - More, Stefan

AU - Rabensteiner, Christof

AU - Hörandner, Felix

PY - 2020/12

Y1 - 2020/12

N2 - Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline.

AB - Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using noninteractive zero-knowledge proofs, all while being offline.

KW - Identity Management

KW - Self-Sovereign Identity

KW - Distributed Ledger

KW - Offline Authentication

KW - Revocation

KW - Offline authentication

KW - Distributed ledger

KW - Self-sovereign identity

KW - Identity management

UR - http://www.scopus.com/inward/record.url?scp=85101205447&partnerID=8YFLogxK

U2 - 10.1109/TrustCom50675.2020.00136

DO - 10.1109/TrustCom50675.2020.00136

M3 - Conference paper

T3 - Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020

SP - 1020

EP - 1027

BT - Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2020

A2 - Wang, Guojun

A2 - Ko, Ryan

A2 - Bhuiyan, Md Zakirul Alam

A2 - Pan, Yi

T2 - 19th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Y2 - 29 December 2020 through 1 January 2021

ER -

Revocable and Offline-Verifiable Self-Sovereign Identities

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

E-Government Innovationszentrum - EGIZ - E-Government innovation center (EGIZ)

Cite this

Revocable and Offline-Verifiable Self-Sovereign Identities

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Projects

E-Government Innovationszentrum - EGIZ - E-Government innovation center (EGIZ)

Cite this