Eprint already available on another site (E-prints, Working papers and Research blog)
Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs
Babel, Matthias; Sedlmeir, Johannes
2023
 

Files


Full Text
2301.00823.pdf
Author preprint (962.58 kB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
Anonymous credential; Digital certificate; Privacy; Self-sovereign identity (SSI); Verifiable computation; zk-SNARK
Abstract :
[en] Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit the digital transformation in general and seem particularly concerning in the context of novel applications such as access control for decentralized autonomous organizations and identification in the Metaverse. Decentralized or self-sovereign identity (SSI) aims to offer a solution to this dilemma by empowering individuals to manage their digital identity through machine-verifiable attestations stored in a "digital wallet" application on their edge devices. However, when presented to a relying party, these attestations typically reveal more attributes than required and allow tracking end users' activities. Several academic works and practical solutions exist to reduce or avoid such excessive information disclosure, from simple selective disclosure to data-minimizing anonymous credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that the SSI solutions that are currently built with anonymous credentials still lack essential features such as scalable revocation, certificate chaining, and integration with secure elements. We then argue that general-purpose ZKPs in the form of zk-SNARKs can appropriately address these pressing challenges. We describe our implementation and conduct performance tests on different edge devices to illustrate that the performance of zk-SNARK-based anonymous credentials is already practical. We also discuss further advantages that general-purpose ZKPs can easily provide for digital wallets, for instance, to create "designated verifier presentations" that facilitate new design options for digital identity infrastructures that previously were not accessible because of the threat of man-in-the-middle attacks.
Research center :
Interdisciplinary Centre for Security, Reliability and Trust (SnT) > FINATRAX - Digital Financial Services and Cross-organizational Digital Transformations
NCER-FT - FinTech National Centre of Excellence in Research [LU]
Disciplines :
Computer science
Management information systems
Author, co-author :
Babel, Matthias
Sedlmeir, Johannes  ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > FINATRAX
Language :
English
Title :
Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs
Publication date :
02 January 2023
Number of pages :
27
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR16326754 - Privacy-preserving Tokenisation Of Artworks, 2021 (01/06/2022-31/05/2025) - Gilbert Fridgen
Name of the research project :
U-AGR-7110 - C21/IS/16326754/PABLO (01/06/2022 - 31/05/2026) - FRIDGEN Gilbert
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 10 January 2023

Statistics


Number of views
89 (10 by Unilu)
Number of downloads
101 (4 by Unilu)

Bibliography


Similar publications



Contact ORBilu