Learning Series – What is a digital identity?

Part 5 – Cryptography

Previously, we’ve focused on the terminology (see Part 1 – Fundamentals), and described the digital identity lifecycle (see Part 2 – Lifecycle). We’ve also outlined the environment surrounding verifiable credentials (see Part 3 – Models) and why it is important to overcome the barriers to adoption (see Part 4 – Barriers to Adoption). It is now time to get more technical and describe the technologies and principles that enable the trusted use of identity credentials in a digital space. We will start by taking a look at cryptography and digital signatures.


Cryptography

Cryptography is a cornerstone for securing a trusted digital identity. When sharing data between an issuer and a holder, or a holder and a verifier, cryptography ensures: 

  • Data integrity – that the information has not been altered since its creation.
  • Authentication – that the information has been sent by the expected sender.
  • Non-repudiation – that the sender cannot retract, contest, deny or otherwise refuse ownership over the creation of an encrypted message. This is partly enabled by uniquely “signing” the  message using a private “key”, in the case of asymmetric encryption (see below).

The fundamental functions of cryptography are encryption, decryption, and digest. Encryption helps ensure that information being sent from one party to another is coded, meaning it is unintelligible to unauthorized entities. Decryption converts coded information back to its original form. Creating a message digest creates a unique signature making sure that the message was not tampered with.

Keys are the basis for cryptography. These are strings of numbers and letters that transform data through a cryptographic algorithm, or systematic computer process, so that the data appears random. Like a physical key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it. The longer and more complex a key and encryption algorithm are, the less likely an unauthorized entity can decrypt or falsely sign a message. So why not just make the key as long as possible? From a security perspective, longer keys and more complex algorithms require greater computing power and more time to decode the encryption without the appropriate key, i.e., to break the lock. However, this added complexity also results in a performance trade-off: even with the appropriate keys more computing power is required to encrypt and decrypt information. Algorithms and the standards for their use are constantly evolving as the capabilities of malicious attacks on security continue to evolve as well. 

An additional trade-off is the way in which keys are used. There are two basic models: 

  • Symmetric encryption uses the same key to encrypt/decrypt information. 
  • Asymmetric encryption uses one key to encrypt information and another mathematically related key for decryption. Typically, the encryption key is called the private key, and the decryption key is called the public key.

Symmetric encryption is usually easier to execute, consuming fewer computing resources. While symmetric encryption algorithms are secure, taking a long time to solve by simply “guessing” using current day technology, their shorter key lengths and relative simplicity is much faster to process. This makes them well-suited for encryption within a closed network or between two trusted parties. Examples well suited for symmetric encryption include databases or large volumes of exchanged data, like for the financial sector. This is because communication happens in a relationship for which credentials and authentication have already been established and verified. The disadvantages of this approach include the difficulties with ensuring that both parties in a transaction, and only those parties, have the same key. Authenticating the origin of a message can also be a challenge since more than one party will have the same key. This impedes the principle of non-repudiation described above, since the information is no longer provided with proof of origin, authenticity or integrity, and the recipient may not be able to confirm the sender’s identity. Also, symmetric cryptography does not scale well. As the number of parties grows, the number of peer-to-peer keys increases exponentially. This is because key management requires secure key distribution channels. The more parties and transaction types, the greater number of distribution channels required, which quickly gets out of hand. It has been a frustration in cryptography for a long time, and this is where asymmetric cryptography drastically simplifies key distribution. Symmetric encryption also does not work well when trying to exchange protected information on the open internet between parties that do not have a pre-established trust relationship. 

For this reason, asymmetric cryptography is more often used. Asymmetric cryptography uses key pairs that are mathematically related. The private key is used to encrypt a message, and only the public key can decrypt it. This is the basis of public key encryption, in which one key is made public, while the other remains private and protected. The private key is not exchanged, eliminating the need for distribution channels, while public keys are exchanged through public key servers or other means.

There is also a mixed model that is often employed in cryptography to leverage the strengths of both symmetric (speed and efficiency) and asymmetric approaches (better trust support). In this approach asymmetric methods are used to establish a trusted relationship and symmetric keys are generated on the fly for use in the rest of the protected transaction. 

One of the most common uses of the mixed model approach is the establishment of a secure browser session (🔒https://). To establish a secure browser connection, the browser and web server identify each other using an asymmetric exchange of keys. This leverages the authentication features of asymmetric methods. During this exchange, a single-use session key is generated and shared between webserver and browser. From that point, until the end of the communication session, this session key and symmetric encryption are used. This has the benefit of leveraging the speed of symmetric encryption for the heavy information exchange between browser and web server.

In the context of decentralized identity, the use of cryptographic technologies and techniques supports interoperability between participants creating and consuming digital credentials. These credentials must be expressed in a way that is cryptographically secure, privacy respecting, and machine verifiable in order to be convenient, reliable, and fundamentally usable. For instance, a government credential is issued (e.g., Driver’s Licence), and the holder may wish to present its attributes to a verifier (e.g., financial institution) to support a claim (e.g., proof of address). It is essential that the benefits cryptography provides be at work, such as integrity of the data and authentication of the holder it represents, for trust to be established. This kind of technology relies heavily on asymmetric cryptography.


Digital Signatures

Public key cryptography and digest algorithms are also used for digital signatures, aiming to prove that a digital message was not modified since it was signed. A short unique piece of information is created, the message digest or “hash”, and encrypted using the sender’s private key. The signed hash generated is unique to the message or document and to the sender, and changing even a single bit of the message will completely change the hash.

When the recipient receives the message and the signature, they can generate their own hash of the message and decrypt the sender’s hash (included in the original message) using the sender’s public key. The recipient can compare the hash they generated against the decrypted hash. If they match, the message has not been modified and the sender is authenticated. Adoption of digital credentials is enabled through this technology and only possible if the mechanisms are in place for its consistent and dependable performance.


Wrap-up

We’ve now introduced some of the more technical aspects of digital credentials. These cryptographic methods and concepts surrounding security and privacy set the foundation for trust in digital interactions. Without such guardrails, adoption would ultimately never be possible. Using stringently developed and robust techniques can unlock the benefits of performing important transactions digitally. This will increase the confidence that everyday credential holders have in performing their activities online, accelerating adoption and innovation.

We would love to hear from you. Let us know what other topics we should cover next. Get in touch with IDLab!