IDIN Key Management
A digital signature is a cryptographic scheme for signing and verifying authenticity of digital messages and documents. It enables cryptographic trusts and forms the core of any decentralized identity platform, ensuring privacy and security of all identity transactions and exchanges.
In the IDIN platform, all HTTP requests to the IDIN blockchain and all VCs are cryptographically signed and verified by elliptic-curve digital signature algorithm (ECDSA) with secp256r1(P-256) curve. In this signature protocol, private keys are used for signing whereas public keys are used for verification. The sizes of public keys, private keys and digital signatures in the IDIN platform are summarized below.
Key | Size (hex) | Size (bit) |
Public key | 130 | 520 |
Private key | 64 | 256 |
Signature | 128 | 512 |
To ensure security and privacy of identity transactions while preserving seamless user experience, the IDIN platform provides a management system for cryptographic keys. All private keys are securely kept in secure storagesβsuch as iOS secure enclaves and Android keystoresβand can be accessed from IDIN e-ID wallets. On the other hand, public keys are immutably recorded in the IDIN blockchain. This provides a common trust point where all identity transactions can be reliably verified.
Every key series is associated with a DID, and every DID must always have at least one active key series. During a registration of a new DID with the did_register operation, a new key series must also be specified.
A DID is allowed to have multiple key series. This function allows a DID owner to organize her transactions by, e.g., signing different types of transactions with different key series. Adding a new key series requires another active key series to sign the did_add operation.
Active key series can be revoked and become inactive. To revoke a key series, another active key series must be used to sign the did_revoke operation. A key series cannot be used to revoke itself since every DID must always have at least one active key series.
If a DID owner loses her device (e.g. smart phone) and loses an access to all of her private keys, she will no longer be able to commit another transaction to the IDIN blockchain. As a result, the IDIN platform provides a DID reset operation that revokes all key series of the reset DID and then gives it a new key series. The holder can then use the new key series to commit further transactions, including adding more key series.
To prevent a malicious user from resetting another user's DID, the reset operation are performed by a set of trusted entities, called DID resetters. When a DID reset operation is initiated, the resetters must vote whether to allow the reset operation. If approval votes exceed a predetermined threshold (set by DID owner), the consensus is reached, and the IDIN platform will carry out the reset operation.
First, a DID owner must register a set of other DIDs as her resetters with the did_register_resetters operation. The resetters must then approve the registration before they become active resetters of that DID. During the registration, the DID owner must also allocate voting powers to the resetters and specify the threshold for a acceptable number of voting powers.
Once the registration is complete, the DID owner could then initiate the DID reset operation. For the DID reset operation to be complete, the resetters must vote with the did_resetter_approve operation and then reach a consensus, i.e. the combined voting powers exceeding the threshold.
The DID owner could also revoke the current set of resetters with the did_revoke_resetters operation. However, for the revocation to be complete, the current resetters must vote with the did_resetter_approve operation and then reach a consensus, similar to the reset operation. After the old set of resetters are revoked, the DID owner could register a new set of resetters.
Reset Request
The DID owner cannot submit a request to reset her DID herself. To invoke the reset operation, she must contact each of her resetters individually and ask them to submit a reset request with the did_resetter_approve operation. For the reset operation to be complete, the combined voting powers from all resetters must surpass the threshold.
