Distributed-Ledger-based Authentication with Decentralized Identifiers and Verifiable Credentials

TL;DR

This paper presents a decentralized identity management system using distributed ledger technology, enabling user-controlled privacy and verifiable credentials, thus addressing centralization and security issues in digital authentication.

Contribution

It introduces a decentralized OpenID Connect Provider integrated with Self-Sovereign Identity and a verifiable credential-based PKI leveraging distributed ledgers, enhancing privacy and control.

Findings

Prototype implementation of decentralized OpenID Connect Provider.

Demonstration of verifiable credential-based digital certificates.

Improved user privacy and control over digital identities.

Abstract

Authentication with username and password is becoming an inconvenient process for the user. End users typically have little control over their personal privacy, and data breaches effecting millions of users have already happened several times. We have implemented a proof of concept decentralized OpenID Connect Provider by marrying it with Self-Sovereign Identity, which gives users the freedom to choose from a very large pool of identity providers instead of just a select few corporations, thus enabling the democratization of the highly centralized digital identity landscape. Furthermore, we propose a verifiable credential powered decentralized Public Key Infrastructure using distributed ledger technologies, which creates a straightforward and verifiable way for retrieving digital certificates.