Abstract
Privacy-enhancing authentication allows the use of a service requiring authentication while protecting privacy. Two main research lines try to achieve the trade-off between authentication and privacy: Anonymous Credentials and Self-Sovereign Identity. Anonymous Credentials are a cryptographic protocol closely related to group signatures and identity escrow schemes with several available implementations. Self-Sovereign Identity is a collection of primitives focusing on the users’ control over their digital identity with a strong push towards practicability in the form of W3C Verifiable Credentials. Both concepts are rarely compared despite their similar settings and use cases. This work provides an analysis of the current intersection between the two research fields.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
References
Abramson, W., Hickman, N., Spencer, N.: Evaluating trust assurance in Indy-based identity networks using public ledger data. Front. Blockchain (2021)
Adane, P., Jadhav, A., Kodgire, S., Agrawal, A., Kumar, S.: Integration of self sovereign identity in security systems. Int. J. Next-Gener. Comput. (2021)
Allen, C.: The Path to Self-Sovereign Identity. Life with Alacrity (2016)
Au, M.H., Susilo, W., Mu, Y.: Constant-size dynamic k-TAA. In: De Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 111–125. Springer, Heidelberg (2006). https://doi.org/10.1007/11832072_8
Bernabe, J.B., David, M., Moreno, R.T., Cordero, J.P., Bahloul, S., Skarmeta, A.: Aries: evaluation of a reliable and privacy-preserving European identity management framework. Futur. Gener. Comput. Syst. 102, 409–425 (2020)
Bernabe, J.B., et al.: An overview on ARIES: reliable European identity ecosystem. In: Challenges in Cybersecurity and Privacy-The European Research Landscape, pp. 231–254 (2022)
Bichsel, P., et al.: An architecture for privacy-ABCs. In: Rannenberg, K., Camenisch, J., Sabouri, A. (eds.) Attribute-Based Credentials for Trust, pp. 11–78. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14439-9_2
Bobolz, J., Eidens, F., Krenn, S., Ramacher, S., Samelin, K.: Issuer-hiding attribute-based credentials. In: Conti, M., Stevens, M., Krenn, S. (eds.) CANS 2021. LNCS, vol. 13099, pp. 158–178. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-92548-2_9
Bosk, D., Frey, D., Gestin, M., Piolle, G.: Hidden issuer anonymous credential. In: Proceedings on Privacy Enhancing Technologies 2022, pp. 571–607 (2022)
Brands, S.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press (2000)
Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44987-6_7
Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_5
Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Persiano, G., Galdi, C. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36413-7_20
Cameron, K.: The laws of identity. Microsoft Corp 12, 8–11 (2005)
Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)
Connolly, A., Lafourcade, P., Perez Kempner, O.: Improved constructions of anonymous credentials from structure-preserving signatures on equivalence classes. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) Public-Key Cryptography–PKC 2022, vol. 13177, pp. 409–438. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-97121-2_15
Čučko, Š, Turkanović, M.: Decentralized and self-sovereign identity: systematic mapping study. IEEE Access 9, 139009–139027 (2021)
Der, U., Jähnichen, S., Sürmeli, J.: Self-sovereign identity \(-\) opportunities and challenges for the digital revolution. arXiv preprint arXiv:1712.01767 (2017)
Dündar, Y., Sertkaya, I.: Self sovereign identity based mutual guardianship. J. Mod. Technol. Eng. 5(3), 189–211 (2020)
Esposito, C., Hartig, O., Horne, R., Sun, C.: Assessing the solid protocol in relation to security & privacy obligations. arXiv preprint arXiv:2210.08270 (2022)
Ferreira, J.C., Ferreira da Silva, C., Martins, J.P.: Roaming service for electric vehicle charging using blockchain-based digital identity. Energies 14(6), 1686 (2021)
Fu, Y., et al.: Non-transferable blockchain-based identity authentication. Peer-to-Peer Network. Appl. 16, 1354–1364 (2023)
Fuchsbauer, G., Hanser, C., Slamanig, D.: Structure-preserving signatures on equivalence classes and constant-size anonymous credentials. J. Cryptol. 32, 498–546 (2019)
GarcĂa-RodrĂguez, J., Moreno, R.T., Bernabe, J.B., Skarmeta, A.: Implementation and evaluation of a privacy-preserving distributed ABC scheme based on multi-signatures. J. Inf. Secur. Appl. 62, 102971 (2021)
GarcĂa-RodrĂguez, J., Moreno, R.T., BernabĂ©, J.B., Skarmeta, A.: Towards a standardized model for privacy-preserving verifiable credentials. In: Proceedings of the 16th International Conference on Availability, Reliability and Security, pp. 1–6 (2021)
Ghosh, B.C., Patranabis, S., Vinayagamurthy, D., Ramakrishna, V., Narayanam, K., Chakraborty, S.: Private certifier intersection. Cryptology ePrint Archive (2022)
Gross, J., Sedlmeir, J., Babel, M., Bechtel, A., Schellinger, B.: Designing a central bank digital currency with support for cash-like privacy. In: PSN: Exchange Rates & Currency (Comparative) (Topic) (2021)
Halpin, H.: Vision: a critique of immunity passports and W3C decentralized identifiers. In: van der Merwe, T., Mitchell, C., Mehrnezhad, M. (eds.) SSR 2020. LNCS, vol. 12529, pp. 148–168. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64357-7_7
Heiss, J., Muth, R., Pallas, F., Tai, S.: Non-disclosing credential on-chaining for blockchain-based decentralized applications. In: Troya, J., Medjahed, B., Piattini, M., Yao, L., Fernández, P., Ruiz-Cortés, A. (eds.) Service-Oriented Computing: 20th International Conference, ICSOC, pp. 351–368. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-20984-0_25
Jaques, S., Lodder, M., Montgomery, H.: ALLOSAUR: accumulator with low-latency oblivious sublinear anonymous credential updates with revocations. Cryptology ePrint Archive (2022)
Kakvi, S.A., Martin, K.M., Putman, C., Quaglia, E.A.: SoK: anonymous credentials. In: Security Standardisation Research: 8th International Conference, SSR, vol. 13895, pp. 129–151. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30731-7_6
Kalos, V., Polyzos, G.C.: Requirements and secure serialization for selective disclosure verifiable credentials. In: Meng, W., Fischer-Hübner, S., Jensen, C.D. (eds.) ICT Systems Security and Privacy Protection: 37th IFIP TC 11 International Conference, vol .648, pp. 231–247. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-06975-8_14
Karatas, R., Sertkaya, I.: Self sovereign identity based E-petition scheme. Int. J. Inf. Secur. Sci. 9(4), 213–229 (2020)
Moreno, R.T., et al.: The Olympus architecture: oblivious identity management for private user-friendly services. Sensors 20(3), 945 (2020)
Mühle, A., Grüner, A., Gayvoronskaya, T., Meinel, C.: A survey on essential components of a self-sovereign identity. Comput. Sci. Rev. 30, 80–86 (2018)
Muth, R., Galal, T., Heiss, J., Tschorsch, F.: Towards smart contract-based verification of anonymous credentials. In: Matsuo, S., et al. (eds.) Financial Cryptography and Data Security. FC 2022 International Workshops, vol. 13412, pp. 481–498. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-32415-4_30
Papadopoulos, P., Abramson, W., Hall, A.J., Pitropakis, N., Buchanan, W.J.: Privacy and trust redefined in federated machine learning. Mach. Learn. Knowl. Extr. 3(2), 333–356 (2021)
Pauwels, P.: zkkYC: a solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs. Cryptology ePrint Archive (2021)
Reed, D., Law, J., Hardman, D.: The technical foundations of Sovrin. The Technical Foundations of Sovrin (2016)
Richter, M., Bertram, M., Seidensticker, J., Margraf, M.: Cryptographic requirements of verifiable credentials for digital identification documents. In: COMPSAC 2023, Torino, Italy, 26–30 June 2023, pp. 1663–1668. IEEE (2023)
Sanders, O.: Efficient redactable signature and application to anonymous credentials. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 628–656. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45388-6_22
Schanzenbach, M., Kilian, T., SchĂĽtte, J., Banse, C.: ZKlaims: privacy-preserving attribute-based credentials using non-interactive zero-knowledge techniques. In: International Conference on E-Business and Telecommunication Networks (2019)
Schardong, F., CustĂłdio, R.: Self-Sovereign identity: a systematic review, mapping and taxonomy. Sensors 22(15), 5641 (2022)
Schlatt, V., Sedlmeir, J., Traue, J., Völter, F.: Harmonizing sensitive data exchange and double-spending prevention through blockchain and digital wallets: the case of E-prescription management. In: Distributed Ledger Technologies, Research and Practice (2022)
Sedlmeir, J., Barbereau, T., Huber, J., Weigl, L., Roth, T.: Transition pathways towards design principles of self-sovereign identity. In: International Conference on Interaction Sciences (2022)
da Silva, C.F., Moro, S.: Blockchain technology as an enabler of consumer trust: a text mining literature analysis. Telematics Inform. 60 (2021)
Sousa, P.R.R.: Privacy preserving middleware platform for IoT. Ph.D. thesis, Universidade do Porto (Portugal) (2021)
Takaragi, K., Kubota, T., Wohlgemuth, S., Umezawa, K., Koyanagi, H.: Secure revocation features in eKYC-privacy protection in central bank digital currency. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 106(3), 325–332 (2023)
Tobin, A., Reed, D.: The inevitable rise of self-sovereign identity. Sovrin Found. 29(2016), 18 (2016)
W3 Consortium: Verifiable credentials data model 1.0: expressing verifiable information on the web (2019). https://www.w3.org/TR/vc-data-model/?#core-data-model
Yildiz, H., Küpper, A., Thatmann, D., Göndör, S., Herbke, P.: A tutorial on the interoperability of self-sovereign identities. arXiv preprint arXiv:2208.04692 (2022)
Zhu, X., He, D., Bao, Z., Luo, M., Peng, C.: An efficient decentralized identity management system based on range proof for social networks. IEEE Open J. Comput. Soc. (2023)
Acknowledgements
I would like to thank Tarek Galal, Alexander MĂĽhle and Inga Stumpp for their comments and feedback and Professor Andreas Polze for his overall support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Assaf, K. (2024). Anonymous Credentials and Self-Sovereign Identity - An Initial Assessment. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 204. Springer, Cham. https://doi.org/10.1007/978-3-031-57942-4_32
Download citation
DOI: https://doi.org/10.1007/978-3-031-57942-4_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57941-7
Online ISBN: 978-3-031-57942-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)