UBITECH has participated at the competitive open call on Decentralised Digital Identity of the EC funded TRUSTCHAIN Horizon Europe project (https://trustchain.ngi.eu/), that focuses on trustworthy digital identities and data, and was awarded with a cascading grant for implementing the PRIVÈ project that will result in a Privacy Respecting Identity Verification Enabler for Digital Identity Wallets, extending the decentralized user-centric identity management framework by building an open source library that can be added as an extension to any SSI wallet on the Holder side to enable the use of hardware-based keys.
As a matter of fact, PRIVÈ offers the possibility to bind Verifiable Credentials (VCs) to the wallet of the holder and transfer the root of trust of the SSI ecosystem purely to the digital wallet by considering an underlying Trusted Component as part of the wallet, without making any assumptions on the trustworthiness of the other layers. This enables digital identity wallets to align with emerging regulations and standards like eIDAS that require higher level of assurances for services.
At the same time, PRIVÈ makes sure that privacy-enhancing properties like selective-disclosure are fully supported, in order to make the wallet compliant with privacy regulations like GDPR. To this end, PRIVÈ utilizes a privacy-preserving cryptographic protocol, namely Direct Anonymous Attestation (DAA) to provide verifiable evidence and assurances about the presented VC’s origin and integrity – enforcing that a VC can only be issued by an attested Issuer and that this VC is bound to the Holder’s device (wallet), overcoming the current limitations of bare proof-of-possession of a sw-based key. PRIVÈ follows a user-centric design and implementation, co-evaluated with the end users, thus, envisioning to achieve high level of user acceptance. It is also agnostic of the wallet’s implementation and the underlying VC Data Model considered.
PRIVÈ innovation lays on the use of decentralized Roots-of-Trust (TPM, TEE) for establishing trust across multiple stakeholders without requiring persistent Decentralized Identifiers (DIDs). Instead, it brings novel cryptographic trust anchors, Direct Anonymous Attestation (DAA), for generating HW-based keys to be binded to a Holder’s VC (Wallet) that can provide verifiable evidence and assurances about the presented VC’s origin and integrity. Internal strong crypto operations of DAA (blind signatures, zero knowledge proofs) enable PRIVÈ to minimize the data disclosed in a given transaction.
In the context of PRIVÈ, UBITECH collaborates with the non-profit organization Homo Digitalis for fully achieving the objectives of the grant.
