Bachelor/Master Thesis

Exploring Distributed Threshold Issuance of Credentials

A recent line of research is exploring how to apply the benefit of a decentralized design to a credential system. A credential system supports the issuing of digital identities to allow primarily authentication and authorization policies for online services. In this contest, we refer to decentralization as a system whose governance is shared among multiple entities, i.e., blockchain. The shift of trust assumptions from one to a committee of servers allows for addressing privacy concerns derived from the well-established solution with a central trusted provider.

In this project, we aim to collect and understand the current state-of-the-art regarding decentralized solutions for credential issuance. We seek to systematize this knowledge in order to understand the following:

• Entities composing the system,
• properties that must be fulfilled in such systems,
• adversarial model that should be taken into consideration for real-world scenarios,
• cryptographic solutions employed.

Finally, we want to analyze whether current solutions meet such requirements and identify open questions and new lines of research.

Two prominent designs are CanDID[1] and Coconout[2].

References

[1] CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability

[2] Coconut: Threshold Issuance Selective Disclosure Credentials with Applications to Distributed Ledgers

Contact Mariarosaria Barbaraci for more information.

Nature of the project: Theory 100%.