Library

SSI and eIDAS: a vision on how they are connected - Share your views!

  • Carlos GOMEZ MUNOZ profile
    Carlos GOMEZ MUNOZ
    20 May 2019 - updated 1 year ago
  • 10 comments
    Total votes: 15
Document(s): 
PDF icon eIDAS supported SSI
Year of publication: 
2019
Tags: 
eIDASeIDtrust servicesSSI


Self-Sovereign Identity (SSI) is an emerging concept, relying on blockchain technologies, associated to the way identity is managed in the digital world. Focused on user-centricity, it aims to give users full control of their own identity, without relying on any centralised authority.


As the blockchain community in Europe has started working on implementing SSI, some groups have raised their doubts and concerns with regards to the alignment of SSI with the European legal framework, especially the GDPR and the eIDAS Regulation, asking for guidance and support (see for example the report on blockchain and identity of the EU blockchain Observatory and Forum or the position paper from the Identity Working Group of the German Blockchain Association).


In that sense, this short document aims to start a reflection on the issue, by providing a view and some ideas of how the trust framework created by the eIDAS Regulation and related services can support the development and implementation of the Self-Sovereign Identity concept in Europe.


The objective is to raise awareness and stimulate a conversation on how the deployment of blockchain technology in the EU could leverage and benefit from the eIDAS regulatory framework, thus contributing to the development of a secure, privacy-respectful and legally predictable digital identity ecosystem, in which users are able to create and control their own identity.


The document is shared for an open discussion with all of you. We would like to hear from everyone interested in this topic!


Share your views by posting a comment below.


Please note that this is just a concept paper that does not necessarily reflect the official opinion of the Commission. Neither the Commission nor any person acting on the Commission’s behalf may be held responsible for the use which may be made of the information contained in the document.
 

Comments

Log in to post comments
Fredrik LINDÉN's picture
Fredrik LINDÉN,
08/04/2020 09:51

Solving some of the below comments via the difference between LESS-Identity and trustless identity? As explained in eg. https://ssimeetup.org/how-avoid-another-identity-tragedy-with-ssi-christ...

Total votes: 0
Paolo Campegiani's picture
Paolo Campegiani,
06/08/2019 17:30

I’d like to add two elements to this document, which is very informative.

First: when the document suggests that the eIDAS public key could be used as a DID selector, it did not stress enough the privacy risks associated with that. Particularly, according to the GDPR, each data that could be associated with a person is protected by the regulation and, according to Art. 29 Working Party, a public key is personal data. So, it’s very difficult to have a GDPR-compliant blockchain if you store public keys inside the blocks. Problem could be probably solved by storing a hash of the public key, although this is still a grey area (the incoming CEN/CENELEC Technical Group on Blockchain and DLT will be tasked to work also on this specific matter).

Second, every time that you share a digital signature made with an RSA algorithm, you weaken the key. This is generally not a problem when you are using RSA to sign contracts (as these are documents that you share with another party in limited number and not public), but it’s a problem for other kinds of massive usage of RSA, like timestamping (and in that case is solved by rotating keys). So, using eIDAS RSA keys to sign DIDs inside a blockchain is not safe; ECDSA seems safe until now, but it still difficult to ascertain if it’s because it’s less studied or by its inherent strengths.

Generally speaking, there are many ways to integrate, or leverage, eIDAS in/for a SSI system (which should in this case aptly named Self-Managed Identity), and also many areas to explore when it comes to key management, which is still a very weak spot for these systems.

Total votes: 2
Stephan Engberg's picture
Stephan Engberg,
10/07/2019 08:45

First. This document describe a man-in-the-middle attack on both eIDAS and GDPR at the same time where a thrid party attain control of the citizen.

Second. There is no way to make a secure blockchain - it is merely an online daabase in a distributed and redundant cloud structure. When the security problems is solved, e.g. through zero-knowledge cryptography, you literally to not have a ledger any more and as such do not have a blockchain.

Third. Trustworthy identity - which of course do NOT involve Idnetificaiotn in the transactions - has to be established OUTSIDE and BELOW blockchain as just another cloud model. https://www.digitaliser.dk/resource/896495/artefact/NewDigitalSecurityMo...

In short - withdraw this document viuolating both GDPR and eIDAS in its entirety before it legitimize havoc.

What is happening in Eu Commision? This is literally handing neo-feudal control of EU consumers over to US BigTech abuse against every European interest.

 

Stephan Engberg

 

 

Total votes: 6
Esther Makaay's picture
Esther Makaay,
05/07/2019 13:38

I think the crux is in Chapter 4: Linking the DID. For the notified eID scheme, this paper states "In order to ensure the trustworthiness of the link, the user agent needs to guarantee that the legitimate owner of the DID is the same person that is authenticating via eIDAS."

This is not trivial! This is probably the most important part of the puzzle and isn't elaborated on in this paper.

For linking to an electronic certificate, this issue is solved because of the reusability of the public/private keys with the DID (and the implicit continuing existing link). This scenario however involves the ubiquitous issues regarding private key management and usability (especially with usage by individual persons).

 

Total votes: 2
Alberto ZANINI's picture
Alberto ZANINI,
31/05/2019 16:33

Very interesting reading. A comment from my side - section 6.2, page 8: the link of the DID's private key with the certificate's private key implies that if a usage of the DID's private key is needed, the certificate's private key must be used: it is often stored on a secure device, non-exportable and protected by a second factor (i.e. PIN), this should be considered. Moreover, in such a case, the secure device must be present and accessible by the user agent.

Total votes: 3
David Rennie's picture
David Rennie,
23/05/2019 12:00

This is a very helpful article. However, it brings into sharp relief the major problem we have in making progress: separating 'policy' from 'technology'. eIDAS presents a (policy) solution to the very complex challenges of digital identity. It enables organisations to invest without risk of technology obsolescence. But the private sector does not understand this because technology and policy are so entwined. Alas, discussion of new technologies (SSI, blockchain, AI, biometrics) only add to the caution.

SSI is a very interesting new technology solution - with some significant questions still to be addressed, not least with regard to GDPR. But we need the EC to categorise it as such - and not an answer to policy issues.

Total votes: 4
Paul Fockens's picture
Paul Fockens,
22/05/2019 22:35

I really like this: short, insightful and relevant. We rae adressing similar issues with our company Sustainable Rescue in the Netherlands. We would like to get involved if possible to share ideas and some thoughts.

Total votes: 0
Stephan Engberg's picture
Stephan Engberg,
21/05/2019 11:00

Building Digital Identity online on deterministic cryptography such as DLT/Blockchain is a huge mistake as it will only feed the ongoing surveillance capitalism market collapse.

Linking SSI to eIDAS is adding insult to injury and incompatible with GDPR.

Fact is - the DLT-aspect add nothing to identity but creating an unsecure bottleneck

The document is full of false claims:

1. The claim that there is no PII in blockhchain is inherently wrong. A hash of PII is still PII.

2. The claim that citizen have control is inherently wrong as either the models is subject to backdoors for key revocation or loss of key control means total loss of identity control.

3. Crating a lockin to DLT is establishing a commercial way to control european markets - - both commercial and public sector - through standards. No citizen can be required to accept identity in blockchain without a violation of existign regulation and principles.

4. The biggest fallacy is the claim that SSI is a grassroot initiative - behind it is US BigTechs trying to take control of identity in order to control payments, data and market making. Lets not confuse science and marketing as the growing desparation of the blockchain community clarly is adding to this.

 

Identity do NOT belong in blockchain/DLT - not the keys, identifiers and no part of the ecosystem can be securely stored on a blockchain - key is to respect it is online and heavily redundant.

When the DLT aspect of blockchain has been eliminated, it is no longer a DLT, but just encrypted transactions supported by cryptographic proofs and has to be evaluated under  those properties.

Total votes: 6
Rinze Cats's picture
Rinze Cats,
22/10/2019 17:23

Hi Stephan, I just noticed your comments here and what you are saying here isn't entirely correct in my opinion.

1. The claim that there is no PII on the blockchain is entirely correct. Correct DID implementations don't store hashes on the blockchain. As a matter of fact, very little is stored on the blockchain. A person or company can choose to publish their DID (just the identifier) on-chain, but that's just for discoverability purposes, it's not necessary. The blockchain is mainly used to publish revocations, which also do not contain any PII.

 2. I'm not sure what kind of backdoors you are referring to, but DID's can be created entirely offline, including the keys to protect them. The user, in fact, does have full control. 

3. There isn't necessarily a lockin to DLT. Most of the heavy lifting for verifiable credentials is done using cryptography without any DLT involvement. Issuers can however publish revocations on a DLT (or multiple) that a verifier can decide to validate against. This doesn't even have to be a DLT, but as it turns out, it's very well suited for the job. DID is an open standard and issuers and verifiers are free to choose the implementation they trust.

4. It is true that a lot of big companies are looking into this, but it's mainly the identity community that is developing this. This comment appears to stem from a general dislike of blockchain technology, which is fine ofcourse. But again, the involvement of blockchain in SSI and DID's is actually very minimal. DID is an SSI implementation where identity institutions can give signed credentials to the user (peer-to-peer), which in turn they can share with verifiers (peer-to-peer).

Total votes: 2
Stephan Engberg's picture
Stephan Engberg,
01/12/2019 11:35

Creating a longlived verified Public Id key in blockchain is already too much.

The rest is just marketing.

But there is a more important problem. Identity is not about a credential - it is about a set of credentials that must have integrity. Splitting Identity up as SSI/DID/VC do is a bigtech devide-and-conquer approach that ends up benefiting horisontal infrastrukture only.

Today, an "open standard" just means that someone payed to push it through as hardcoded "pseduo-regulation". In most cases, no citizens or governance was really involved. Look e.g. to Car-to-x standardization in EU which the car manufacturers ensured was designed as a gatekeeper lockin to violate existing regulation "by design". Same with 5G and here DID.

Total votes: 1