Background

The Swiss government has published a public beta of the future Swiss E-ID. The Swiss E-ID will be based on self-sovereign identity (SSI) principles. Similarly, the European Union and many companies around the world plan to introduce SSI-based solutions for identity and access management. With SSI, users own their digital identity and autonomously control what information is disclosed to which service providers. This contrasts with current Internet single sign-on architectures, which threaten user privacy by deploying central identity providers.

For protection of user privacy, the Swiss E-ID uses batch issuance of one-time keys (2). With this, subsequent presentations of the same E-ID can not be correlated and are hence unlinkable for verifiers, protecting users from surveillance and tracking. However, if the issuer and verifiers collude, the privacy of users can be broken, because the issuer knows which keys belong to which batch from which user. For achieving even stronger levels of privacy, cryptographic techniques such as zero-knowledge proofs are in discussion (3).

However, there is a certain reluctance to introduce even stronger privacy measures. What happens when users have perfect privacy and start misusing their E-ID? They could sell anonymous checks on the internet (e.g. for legal age, nationality, personhood) by having people forward the verifiers’ requests to them. Also, they could freely use their E-ID in illegal transactions. Law enforcement would have no way of holding offenders accountable, due to the impossibility of identifying the people behind illegal transactions. In real life, if investigators have “probable cause” and convince a judge to sign a search warrant, they may override individual privacy for the sake of public interest. Then, and only then, houses may be searched. What if we could transfer this legal process with a separation of powers (police and judge) to the digitial realm and build something like a cryptographic search warrant? Investigators would be able to decrypt the owner of a suspicious transaction iff they possess such a digital search warrant. Users would profit from adoption of stronger privacy protection (e.g. by using ZKPs and TOR) while law enforcement agencies could hold offenders accountable in accordance with legal provisions.

Tasks

  • Survey related work
  • Design a possible protocol for a digital search warrant in the E-ID infrastructure
  • Discuss pros and cons of different designs
  • Implement a proof-of-concept
  • Evaluate the implementation according to different aspects

Requirements

  • Good knowledge of cryptographic building blocks, in particular privacy enhancing technologies (PET)
  • Interest in self-sovereign identity technologies
  • Coding skills
  1. SWIYU technical documentation
  2. Batch Issuance and Renewal
  3. General-Purpose Zero-Knowledge Proofs for Verifiable Credentials