Skip to main content

Anonymous Credentials and Self-Sovereign Identity - An Initial Assessment

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2024)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 204))

  • 623 Accesses

Abstract

Privacy-enhancing authentication allows the use of a service requiring authentication while protecting privacy. Two main research lines try to achieve the trade-off between authentication and privacy: Anonymous Credentials and Self-Sovereign Identity. Anonymous Credentials are a cryptographic protocol closely related to group signatures and identity escrow schemes with several available implementations. Self-Sovereign Identity is a collection of primitives focusing on the users’ control over their digital identity with a strong push towards practicability in the form of W3C Verifiable Credentials. Both concepts are rarely compared despite their similar settings and use cases. This work provides an analysis of the current intersection between the two research fields.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://abc4trust.eu/index.php.

  2. 2.

    https://essif-lab.eu/.

  3. 3.

    https://www.hyperledger.org/use/anoncreds.

  4. 4.

    https://hyperledger-fabric.readthedocs.io/en/release-1.3/whatsnew.html.

  5. 5.

    https://www.aries-project.eu.

  6. 6.

    https://privacybydesign.foundation/irma-explanation/.

  7. 7.

    https://abc4trust.eu/index.php.

  8. 8.

    https://olympus-project.eu/.

  9. 9.

    https://abc4trust.eu/index.php.

References

  1. Abramson, W., Hickman, N., Spencer, N.: Evaluating trust assurance in Indy-based identity networks using public ledger data. Front. Blockchain (2021)

    Google Scholar 

  2. Adane, P., Jadhav, A., Kodgire, S., Agrawal, A., Kumar, S.: Integration of self sovereign identity in security systems. Int. J. Next-Gener. Comput. (2021)

    Google Scholar 

  3. Allen, C.: The Path to Self-Sovereign Identity. Life with Alacrity (2016)

    Google Scholar 

  4. Au, M.H., Susilo, W., Mu, Y.: Constant-size dynamic k-TAA. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 111–125. Springer, Heidelberg (2006). https://doi.org/10.1007/11832072_8

    Chapter  Google Scholar 

  5. Bernabe, J.B., David, M., Moreno, R.T., Cordero, J.P., Bahloul, S., Skarmeta, A.: Aries: evaluation of a reliable and privacy-preserving European identity management framework. Futur. Gener. Comput. Syst. 102, 409–425 (2020)

    Article  Google Scholar 

  6. Bernabe, J.B., et al.: An overview on ARIES: reliable European identity ecosystem. In: Challenges in Cybersecurity and Privacy-The European Research Landscape, pp. 231–254 (2022)

    Google Scholar 

  7. Bichsel, P., et al.: An architecture for privacy-ABCs. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-Based Credentials for Trust, pp. 11–78. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14439-9_2

    Chapter  Google Scholar 

  8. Bobolz, J., Eidens, F., Krenn, S., Ramacher, S., Samelin, K.: Issuer-hiding attribute-based credentials. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 158–178. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92548-2_9

    Chapter  Google Scholar 

  9. Bosk, D., Frey, D., Gestin, M., Piolle, G.: Hidden issuer anonymous credential. In: Proceedings on Privacy Enhancing Technologies 2022, pp. 571–607 (2022)

    Google Scholar 

  10. Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press (2000)

    Google Scholar 

  11. Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_7

    Chapter  Google Scholar 

  12. Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_5

    Chapter  Google Scholar 

  13. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_20

    Chapter  Google Scholar 

  14. Cameron, K.: The laws of identity. Microsoft Corp 12, 8–11 (2005)

    Google Scholar 

  15. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)

    Article  Google Scholar 

  16. Connolly, A., Lafourcade, P., Perez Kempner, O.: Improved constructions of anonymous credentials from structure-preserving signatures on equivalence classes. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) Public-Key Cryptography–PKC 2022, vol. 13177, pp. 409–438. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97121-2_15

  17. Čučko, Š, Turkanović, M.: Decentralized and self-sovereign identity: systematic mapping study. IEEE Access 9, 139009–139027 (2021)

    Article  Google Scholar 

  18. Der, U., Jähnichen, S., Sürmeli, J.: Self-sovereign identity \(-\) opportunities and challenges for the digital revolution. arXiv preprint arXiv:1712.01767 (2017)

  19. Dündar, Y., Sertkaya, I.: Self sovereign identity based mutual guardianship. J. Mod. Technol. Eng. 5(3), 189–211 (2020)

    Google Scholar 

  20. Esposito, C., Hartig, O., Horne, R., Sun, C.: Assessing the solid protocol in relation to security & privacy obligations. arXiv preprint arXiv:2210.08270 (2022)

  21. Ferreira, J.C., Ferreira da Silva, C., Martins, J.P.: Roaming service for electric vehicle charging using blockchain-based digital identity. Energies 14(6), 1686 (2021)

    Google Scholar 

  22. Fu, Y., et al.: Non-transferable blockchain-based identity authentication. Peer-to-Peer Network. Appl. 16, 1354–1364 (2023)

    Article  Google Scholar 

  23. Fuchsbauer, G., Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and constant-size anonymous credentials. J. Cryptol. 32, 498–546 (2019)

    Article  MathSciNet  Google Scholar 

  24. GarcĂ­a-RodrĂ­guez, J., Moreno, R.T., Bernabe, J.B., Skarmeta, A.: Implementation and evaluation of a privacy-preserving distributed ABC scheme based on multi-signatures. J. Inf. Secur. Appl. 62, 102971 (2021)

    Google Scholar 

  25. GarcĂ­a-RodrĂ­guez, J., Moreno, R.T., BernabĂ©, J.B., Skarmeta, A.: Towards a standardized model for privacy-preserving verifiable credentials. In: Proceedings of the 16th International Conference on Availability, Reliability and Security, pp. 1–6 (2021)

    Google Scholar 

  26. Ghosh, B.C., Patranabis, S., Vinayagamurthy, D., Ramakrishna, V., Narayanam, K., Chakraborty, S.: Private certifier intersection. Cryptology ePrint Archive (2022)

    Google Scholar 

  27. Gross, J., Sedlmeir, J., Babel, M., Bechtel, A., Schellinger, B.: Designing a central bank digital currency with support for cash-like privacy. In: PSN: Exchange Rates & Currency (Comparative) (Topic) (2021)

    Google Scholar 

  28. Halpin, H.: Vision: a critique of immunity passports and W3C decentralized identifiers. In: van der Merwe, T., Mitchell, C., Mehrnezhad, M. (eds.) SSR 2020. LNCS, vol. 12529, pp. 148–168. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64357-7_7

    Chapter  Google Scholar 

  29. Heiss, J., Muth, R., Pallas, F., Tai, S.: Non-disclosing credential on-chaining for blockchain-based decentralized applications. In: Troya, J., Medjahed, B., Piattini, M., Yao, L., Fernández, P., Ruiz-Cortés, A. (eds.) Service-Oriented Computing: 20th International Conference, ICSOC, pp. 351–368. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-20984-0_25

  30. Jaques, S., Lodder, M., Montgomery, H.: ALLOSAUR: accumulator with low-latency oblivious sublinear anonymous credential updates with revocations. Cryptology ePrint Archive (2022)

    Google Scholar 

  31. Kakvi, S.A., Martin, K.M., Putman, C., Quaglia, E.A.: SoK: anonymous credentials. In: Security Standardisation Research: 8th International Conference, SSR, vol. 13895, pp. 129–151. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30731-7_6

  32. Kalos, V., Polyzos, G.C.: Requirements and secure serialization for selective disclosure verifiable credentials. In: Meng, W., Fischer-Hübner, S., Jensen, C.D. (eds.) ICT Systems Security and Privacy Protection: 37th IFIP TC 11 International Conference, vol .648, pp. 231–247. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-06975-8_14

  33. Karatas, R., Sertkaya, I.: Self sovereign identity based E-petition scheme. Int. J. Inf. Secur. Sci. 9(4), 213–229 (2020)

    Google Scholar 

  34. Moreno, R.T., et al.: The Olympus architecture: oblivious identity management for private user-friendly services. Sensors 20(3), 945 (2020)

    Article  Google Scholar 

  35. Mühle, A., Grüner, A., Gayvoronskaya, T., Meinel, C.: A survey on essential components of a self-sovereign identity. Comput. Sci. Rev. 30, 80–86 (2018)

    Article  Google Scholar 

  36. Muth, R., Galal, T., Heiss, J., Tschorsch, F.: Towards smart contract-based verification of anonymous credentials. In: Matsuo, S., et al. (eds.) Financial Cryptography and Data Security. FC 2022 International Workshops, vol. 13412, pp. 481–498. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-32415-4_30

  37. Papadopoulos, P., Abramson, W., Hall, A.J., Pitropakis, N., Buchanan, W.J.: Privacy and trust redefined in federated machine learning. Mach. Learn. Knowl. Extr. 3(2), 333–356 (2021)

    Article  Google Scholar 

  38. Pauwels, P.: zkkYC: a solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs. Cryptology ePrint Archive (2021)

    Google Scholar 

  39. Reed, D., Law, J., Hardman, D.: The technical foundations of Sovrin. The Technical Foundations of Sovrin (2016)

    Google Scholar 

  40. Richter, M., Bertram, M., Seidensticker, J., Margraf, M.: Cryptographic requirements of verifiable credentials for digital identification documents. In: COMPSAC 2023, Torino, Italy, 26–30 June 2023, pp. 1663–1668. IEEE (2023)

    Google Scholar 

  41. Sanders, O.: Efficient redactable signature and application to anonymous credentials. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 628–656. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_22

    Chapter  Google Scholar 

  42. Schanzenbach, M., Kilian, T., SchĂĽtte, J., Banse, C.: ZKlaims: privacy-preserving attribute-based credentials using non-interactive zero-knowledge techniques. In: International Conference on E-Business and Telecommunication Networks (2019)

    Google Scholar 

  43. Schardong, F., CustĂłdio, R.: Self-Sovereign identity: a systematic review, mapping and taxonomy. Sensors 22(15), 5641 (2022)

    Article  Google Scholar 

  44. Schlatt, V., Sedlmeir, J., Traue, J., Völter, F.: Harmonizing sensitive data exchange and double-spending prevention through blockchain and digital wallets: the case of E-prescription management. In: Distributed Ledger Technologies, Research and Practice (2022)

    Google Scholar 

  45. Sedlmeir, J., Barbereau, T., Huber, J., Weigl, L., Roth, T.: Transition pathways towards design principles of self-sovereign identity. In: International Conference on Interaction Sciences (2022)

    Google Scholar 

  46. da Silva, C.F., Moro, S.: Blockchain technology as an enabler of consumer trust: a text mining literature analysis. Telematics Inform. 60 (2021)

    Google Scholar 

  47. Sousa, P.R.R.: Privacy preserving middleware platform for IoT. Ph.D. thesis, Universidade do Porto (Portugal) (2021)

    Google Scholar 

  48. Takaragi, K., Kubota, T., Wohlgemuth, S., Umezawa, K., Koyanagi, H.: Secure revocation features in eKYC-privacy protection in central bank digital currency. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 106(3), 325–332 (2023)

    Article  Google Scholar 

  49. Tobin, A., Reed, D.: The inevitable rise of self-sovereign identity. Sovrin Found. 29(2016), 18 (2016)

    Google Scholar 

  50. W3 Consortium: Verifiable credentials data model 1.0: expressing verifiable information on the web (2019). https://www.w3.org/TR/vc-data-model/?#core-data-model

  51. Yildiz, H., Küpper, A., Thatmann, D., Göndör, S., Herbke, P.: A tutorial on the interoperability of self-sovereign identities. arXiv preprint arXiv:2208.04692 (2022)

  52. Zhu, X., He, D., Bao, Z., Luo, M., Peng, C.: An efficient decentralized identity management system based on range proof for social networks. IEEE Open J. Comput. Soc. (2023)

    Google Scholar 

Download references

Acknowledgements

I would like to thank Tarek Galal, Alexander MĂĽhle and Inga Stumpp for their comments and feedback and Professor Andreas Polze for his overall support.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Katja Assaf .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Assaf, K. (2024). Anonymous Credentials and Self-Sovereign Identity - An Initial Assessment. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 204. Springer, Cham. https://doi.org/10.1007/978-3-031-57942-4_32

Download citation

Publish with us

Policies and ethics