Montassar Naghmouchi

Montassar Naghmouchi, Maryline Laurent, Claire Levallois-Barth et al.

National digital identity systems have become a key requirement for easy access to online public services, specially during Covid-19. While many countries have adopted a national digital identity system, many are still in the process of establishing one. Through a comparative analysis of the technological and legal dimensions of a few selected national digital identity solutions currently being used in different countries, we highlight the diversity of technologies and architectures and the key role of the legal framework of a given digital identity solution. We also present several key issues related to the implementation of these solutions, how to ensure the State sovereignty over them, and how to strike the right balance between private sector and public sector needs. This position paper aims to help policy makers, software developers and concerned users understand the challenges of designing, implementing and using a national digital identity management system and establishing a legal framework for digital identity management, including personal data protection measures. The authors of this paper have a favorable position for self-sovereign identity management systems that are based on Blockchain technology, and we believe they are the most suitable for national digital identity systems.

Montassar Naghmouchi, Maryline Laurent

Although ring signatures offer highly desirable privacy requirements like anonymity and ad-hoc group formation with signer autonomy, they partially lack trust requirements like linkability and accountability that are required for strict use-cases, such as consent management in healthcare. Existing signature schemes fail to natively integrate scoped linkability with decentralized accountability (on-demand deanonymization) in a single scheme without relying on separate commitments or a centralized opener. We therefore introduce Deanonymizable Scoped Linkable Ring Signatures (DSLRS). The originality of the DSLRS is manifold. DSLRS uses scopes (context identifiers) and dynamic key images to provide scoped linkability and unlinkability across different scopes. Decentralized accountability is provided thanks to two ELGamal components deeply embedded in the signature, and a decentralized deanonymization network of k-of-N nodes that can collaboratively extract the signer's public key. DSLRS scheme is defined and proved under the ECDLP and DDH hardness assumptions in the Random Oracle Model (ROM). Formal security definitions and formal reduction proofs are provided before introducing a blockchain-based instantiation for a consent management application using DSLRS.

Montassar Naghmouchi, Hella Kaffel, Maryline Laurent

Nowadays, open standards for self-sovereign identity and access management enable portable solutions that are following the requirements of IoT systems. This paper proposes a blockchain-based identity and access management system for IoT -- specifically smart vehicles -- as an example of use-case, showing two interoperable blockchains, Ethereum and Hyperledger Indy, and a self-sovereign identity model.