DID:RING: Ring Signatures using Decentralised Identifiers For Privacy-Aware Identity
Dimitrios Kasimatis, Sam Grierson, William J. Buchanan, Chris Eckl, Pavlos Papadopoulos, Nikolaos Pitropakis, Craig Thomson, Baraq Ghaleb
TL;DR
This paper addresses privacy-preserving identity verification within decentralised identifiers (DIDs) by integrating ring signatures to conceal which public key signs a DID document. It introduces a Ring DID method and an architectural framework for anonymous identification that leverages verifiable credentials in a signing ring, and it implements Borromean ring signatures to evaluate performance. The results demonstrate that ring-based verification can enhance privacy, albeit with throughput trade-offs as ring size increases, across a ledger-agnostic setup. The work points to future improvements including tighter integration of ring public keys directly in the ring and potential incorporation of zero-knowledge proofs to further bolster privacy.
Abstract
Decentralised identifiers have become a standardised element of digital identity architecture, with supra-national organisations such as the European Union adopting them as a key component for a unified European digital identity ledger. This paper delves into enhancing security and privacy features within decentralised identifiers by integrating ring signatures as an alternative verification method. This allows users to identify themselves through digital signatures without revealing which public key they used. To this end, the study proposed a novel decentralised identity method showcased in a decentralised identifier-based architectural framework. Additionally, the investigation assesses the repercussions of employing this new method in the verification process, focusing specifically on privacy and security aspects. Although ring signatures are an established asset of cryptographic protocols, this paper seeks to leverage their capabilities in the evolving domain of digital identities.