COD-ssi: Enforcing Mutual Privacy for Credential Oblivious Disclosure in Self Sovereign Identity

TL;DR

This paper introduces COD-ssi, a framework that enforces mutual privacy in Self-Sovereign Identity credential exchanges, allowing verifiers to access claims without revealing which claims were accessed, thus protecting both parties.

Contribution

It presents the first approach to enforce mutual privacy in SSI credential disclosures using Oblivious Pseudorandom Functions, with formal security verification and practical evaluation.

Findings

Formal security of the proposed framework is verified.

Prototype implementation demonstrates moderate overhead.

Mutual privacy can be achieved in SSI with practical performance.

Abstract

The Self-Sovereign Identity (SSI) paradigm is instrumental for decentralised identity management, allowing an entity to create, manage, and present their digital credentials without relying on centralised authorities. Credential selective disclosure is one of the most attractive privacy-preserving features of SSI, allowing users to reveal only the minimum necessary information from their credentials. However, current selective disclosure mechanisms primarily focus on protecting the privacy of credential Holders, while offering limited protection to the Verifiers of credentials. Indeed, the specific credential information requested by a Verifier can inadvertently reveal to credential Holders sensitive information, including internal decision-making criteria, business rules, or strategic plans. In this work, we address this threat by proposing, to the best of our knowledge, the first approach that enforces mutual privacy in credential exchanges. To this end, we introduce COD-ssi (Claim Oblivious Disclosure for SSI), a novel framework that leverages Oblivious Pseudorandom Functions to allow Verifiers to selectively access a subset of claims without revealing which specific claims were accessed to the credential Holder. The security of our solution is formally verified and its feasibility is assessed through the experimental evaluation of our open-source prototype implementation. These results show that provable mutual privacy in the context of SSI can be achieved with just moderate computational and communication overhead.