Decentralized Enterprise

In the realm of identity management within zero trust security frameworks, the "never trust, always verify" paradigm is critical. This approach, a departure from traditional IT security models, assumes no inherent trust in users, devices, or networks, regardless of their location or origin. It emphasizes continuous verification and authentication, fundamentally changing the way access and credentials are managed.

In this context, the role of signature schemes in credential issuance is critical. Traditional methods that rely on a single issuing instance are incompatible with the Zero Trust philosophy. To align with this approach, threshold signature schemes become indispensable. These schemes distribute the responsibility of credential issuance across multiple parties (or isolated systems within a domain), thereby eliminating single points of failure in the process.

The prominent BBS+ signature scheme stands out in this distributed approach. On the one hand, it offers compatibility with various zero-knowledge proof schemes, and on the other hand, it allows credential holders to selectively disclose certain attributes, thereby strengthening both privacy and security in line with zero-trust principles. However, when adapting schemes like BBS+ to a threshold setting, a key challenge arises: the issuance process becomes highly interactive, requiring continuous communication between all issuers during signing. This interaction creates bottlenecks for systems that need to issue large numbers of credentials and introduces potential security risks by providing additional attack vectors.

To overcome these challenges, recent advances in the form of so-called "Pseudorandom Correlation Generators" offer an interesting approach. By facilitating a pre-processing phase, this new cryptographic primitive enables non-interactive credential issuance by schemes such as BBS+, eliminating the need for per-credential issuer communication. This development dramatically reduces communication overhead while ensuring complete isolation between issuing instances.

This talk will provide a high-level overview of these advances and their implications for credential issuance in zero-trust environments, highlighting how they can potentially improve the security and efficiency of digital identity management systems.

As verifiable credentials are adopted at scale in ecosystems around the world, addressing security and privacy challenges is becoming increasingly important. In this talk, I will discuss some of the most pressing issues around protocols and credential formats and how they can — or cannot — be addressed.

Using the OpenID and IETF specifications as examples, I will discuss the challenges of establishing trust, mitigating replay and phishing attacks, avoiding linkability and tracking, securing cross-device flows, addressing confidentiality and (non-)repudiation, and more. While some of these issues are well known in identity protocols, others only arise in the context of verifiable credentials.

As an editor of the OAuth Security Best Current Practice draft, the Cross-Device Flow Best Current Practice draft, the SD-JWT and SD-JWT VC specifications, and a contributor to many other specifications in this area, I will share my experiences and insights from moving from the world of OAuth and OpenID to the world of verifiable credentials.