HTTPS (HTTP over TLS) protocol provides message integrity, confidentiality, and server authentication. No other work has offered an operational prototype of an academically pure identity solution without any trusted third parties, critical external services, or any server in general. IPv8 is comprised of a peer-to-peer middleware stack with Sybil attack resilience and strong privacy through onion routing. Our design consists of a hierarchy of middleware layers which are minimally required to establish legal viability.
To address this problem we present IPv8, a complete system for passport-grade Self-Sovereign Identity. We identify how related work attempts to legalize identity by reintroducing centralization and disregards common attacks on peer-to-peer interactions, missing out on the strong privacy guarantees offered by the data disclosure protocols. However, proposed solutions concentrate on data disclosure protocols and are unable to produce identity with legal status. Self-Sovereign Identity gives citizens the ownership back of their own identity. Digital identity is often outsourced to central digital identity providers, introducing a critical dependency. ClaimChain is flexible with respect to deployment options, supporting fully decentralized deployments, as well as centralized, federated, and hybrid modes of operation.ĭigital identity is essential to access services such as: online banking, income tax portals, and online higher education. Moreover, the specific construction of Merkle trees in ClaimChain, along with the usage of verifiable random functions, ensures users can not equivocate about the state of other people. This allows to openly and verifiably publish claims that can only be read by the authorized users, ensuring privacy of the social graph. To solve this, we use cryptographic verifiable random functions to derive private identifiers that are re-randomized on each chain update. Such information can reveal the social graph, and sometimes even communication patterns. The claims about keys of other people introduces a privacy problem that does not exist in the centralized PKI design. ClaimChain allows to detect chain compromises, manifested as forks of hash chains, and to implement various social policies for deriving decisions about the latest state of users in the system. We introduce the concept of cross-referencing of hash chains as a way of efficient and verifiable vouching about states of other users. High integrity of the repositories is maintained by virtue of storing claims on authenticated data structures, namely hash chains and Merkle trees, and their authenticity and non-repudiation by the use of digital signatures.
We envision a decentralized Public Key Infrastructure (PKI) design, that we call ClaimChain, where each user or device maintains repositories of claims regarding their own key material, and their beliefs about public keys and, generally, state of other users of the system.
0 kommentar(er)
