A new Privacy Preserving and Scalable Revocation Method for Self Sovereign Identity – The Perfect Revocation Method does not exist yet
Digital Identities are playing an essential role in our digital lives. Today, used Digital Identities are based on central architectures. Central Digital Identity providers control and know our data and, thereby, our Identity. Self Sovereign Identities (SSI) are based on a decentralized data storage and data exchange architecture, where the user is in sole control of his data and identity. Most of the issued credentials need the possibility of revocation. For a Central Digital Identity, revocation is easy. In decentral architectures, revocation is more challenging. Revocation can be done with different methods e.g. lists, compressed lists and cryptographic accumulators. A revocation method must be privacy preserving and must scale. This paper gives an overview about the available revocation methods, include a survey to define requirements, assess different revocation groups against the requirements, highlights shortcomings of the methods and introduce a new revocation method called Linked Validity Verifiable Credentials.
READ FULL TEXT