The word blockchain brings out many associations. I guess for most of you, Bitcoin comes first. And maybe other cryptocurrencies like Ripple and Ethereum. From there, you probably think about illegal buying and dark web, and anonymity. Yes, true. As with any type of fiat currency, you can also use cryptocurrencies to buy illegal stuff, and to be anonymous. But remember that blockchain is technology, and technology is only bad if it is used in a bad way.
Why can blockchain be useful for identities?
Anyway, this post is not about money but about identities. What are the reasons to consider blockchain to hold digital identities? And what are the properties of blockchain, which can be useful for identities.
For one, a blockchain is distributed, so there is no central authority which manages your identity. And it is immutable, which means that as soon as an identity is stored on the blockchain, it can never be removed. These properties means that your digital identity can not be purged. This would prevent any government from taking away the identity from people based on religion, ethnicity or other attributes, and you would be in control of your own identity. This is often referred to as sovereign identity.
Proof of concept with the sovereign identity idea
Signicat has been doing a proof of concept with the sovereign identity idea. Below are the components of this PoC:
Each attribute is encrypted and stored separately. This means that if the encryption is cracked on one attribute, only data for this attribute is exposed. For example that somebody is born on January 1st 1972, that somebody is over 18, or that is somebody has a given Nationality. But not who. And even if two records are broken, there is nothing indicating that these belong to the same individual. To know this connection, you must have the private key.
To ensure a validity of an attribute, an eIDP (electronic identity provider) or eAP (electronic attribute provider) is involved. This could be public eID providers (such as BankID in Norway and Sweden or NemId in Denmark), consumer identity providers (such as Facebook or Google), it could be a bank, a government, or even a group of friends. Before storing the attribute record on the blockchain, it is validated by one or more of these. This means that the recipient of the attribute can verify the validity of the attribute.
Exposing an attribute
If you want to provide an attribute to somebody, for example that you are over 18, you send the record ID and the encryption key for this record to the recipient. This will prove that the record is yours, and that it is valid (by checking the attribute provider validation). The encryption key can only be used to decrypt the given record, so the owner is in control of, what is being shared. Additional measures are used to prevent replay of the attribute, for example that the recipient uses this to another party.
Private key storage
A user needs a private key to identify his or her records on the blockchain. A challenge is that users lose their private key, and thereby lose access to their blockchain information. By using a key splitting algorithm, the private key is split into as many parts as there are nodes in the blockchain and each node is given one part. In addition, the algorithm defines how many parts are needed to construct the key. If there for example are 20 nodes, you could require 10 parts to reconstruct the key. Any 10 arbitrary parts will suffice. By setting up rules for releasing the private key parts, requiring one or more eIDPs or aIDPs to prove your identity, a node can release one part, thereby allowing the key owner to reconstruct the private key.
Attribute and identity providers
The eAPs and eIDPs will be approved by the blockchain. Only the approved nodes are trusted, which is especially important for the release of private key parts. If a provider is no longer trusted, it will be removed from the trustlist.
Finally a word of warning: Before going all-in on an identity solution (or any solution using sensitive data) on the blockchain, privacy must be considered carefully. When data is on the chain, there is no way to change it, so there is no room for error in the initial setup.
Blogpost by: John Erik Setsaas, Identity Architect