Abstract
Decentralized identifiers (DID) has shown great potential for sharing user identities across different domains and services without compromising user privacy. DID is designed to enable the minimum disclosure of the proof from a user's credentials on a need-to-know basis with a contextualized delegation. At first glance, DID appears to be well-suited for this purpose. However, the overall security of DID has not been thoroughly examined. In this paper, we systemically explore key components of DID systems and analyze their possible vulnerabilities when deployed. First, we analyze the data flow between DID system components and analyze possible security threats. Next, we carefully identify potential security threats over seven different DID functional domains, ranging from user wallet to universal resolver. Lastly, we discuss the possible countermeasures against the security threats we identified.
Highlights
DID is a new paradigm, where users can securely control their own identity (ID) and sovereignty without relying on any single central authority or third-party entities for managing users’ credentials [1]
RELATED WORK we present the prior research related to the background of the emergence of Self-Sovereign Identity (SSI), DID systems to enable SSI, and their security issues
We focus on the security issues of the DID-based SSI, along with their implications when deployed in realworld scenarios
Summary
BONG GON KIM 1, (Graduate Student Member, IEEE), YOUNG-SEOB CHO 2, SEOK-HYUN KIM 2, HYOUNGSHICK KIM 3, AND SIMON S.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
