Framework for a DLT Based COVID-19 Passport

TL;DR

This paper proposes a secure, privacy-preserving framework using blockchain and biometric hashing to store and authenticate COVID-19 vaccination records anonymously, ensuring data integrity and user privacy.

Contribution

It introduces a novel, provably secure hashing algorithm combined with iris biometrics for anonymous authentication on a decentralized blockchain.

Findings

Secure storage of vaccination data on blockchain

Biometric hashing enables anonymous user authentication

Enhanced privacy with no personally identifiable information leaked

Abstract

Uniquely identifying individuals across the various networks they interact with on a daily basis remains a challenge for the digital world that we live in, and therefore the development of secure and efficient privacy preserving identity mechanisms has become an important field of research. In addition, the popularity of decentralised decision making networks such as Bitcoin has seen a huge interest in making use of distributed ledger technology to store and securely disseminate end user identity credentials. In this paper we describe a mechanism that allows one to store the COVID-19 vaccination details of individuals on a publicly readable, decentralised, immutable blockchain, and makes use of a two-factor authentication system that employs biometric cryptographic hashing techniques to generate a unique identifier for each user. Our main contribution is the employment of a provably secure input-hiding, locality-sensitive hashing algorithm over an iris extraction technique, that can be used to authenticate users and anonymously locate vaccination records on the blockchain, without leaking any personally identifiable information to the blockchain.