SSI, from specifications to protocol? : Formally verify security!

Braun, Christoph H.-J. and Horne, Ross and Käfer, Tobias and Mauw, Sjouke; (2024) SSI, from specifications to protocol? : Formally verify security! In: WWW '24: Proceedings of the ACM on Web Conference 2024. ACM, Singapore, 1620–1631. ISBN 9798400701719 (https://doi.org/10.1145/3589334.3645426)

Preview

Text. Filename: Braun-etal-ACM-2024-SSI-from-specifications-to-protocol.pdf Final Published Version License: Download (1MB)| Preview

Abstract

We evaluate a bundle of specifications from the Self-Sovereign Identity (SSI) paradigm to construct an authentication protocol for the Web. We demonstrate how relevant standards such as W3C Verifiable Credentials (VC), W3C Decentralised Identifiers (DIDs), and components of the Hyperledger Aries Framework are to be assembled methodologically into a protocol. We make those assumptions from standard trust models explicit that underlie the derived protocol, and verify security and privacy properties, notably secrecy, authentication, and unlinkability. This enables us to formally justify the additional precision that we urge these specifications to consider, to ensure that implementors of SSI-based systems do not neglect security-critical controls.

• Share and Export
  

  RDF+XMLBibTeXRIOXX2 XMLRDF+N-TriplesJSONDublin CoreAtomSimple MetadataReferMETSHTML CitationASCII CitationOpenURL ContextObjectEndNoteOpenURL ContextObject in SpanMODSMPEG-21 DIDLEP3 XMLData Cite XMLRIS (EndNote Online, Zotero, Ref manager, etc)RDF+N3Multiline CSV
• Item metadata

  Item type:	Book Section
  ID code:	89386
  Dates:	Date Event 13 May 2024 Published
  Subjects:	Science > Mathematics > Electronic computers. Computer science
  Department:	Faculty of Science > Computer and Information Sciences Faculty of Education
  Depositing user:	Pure Administrator
  Date deposited:	28 May 2024 14:19
  Last modified:	12 Jun 2024 00:47
  URI:	https://strathprints.strath.ac.uk/id/eprint/89386