The Horcrux Protocol: A Method for Decentralized Biometric-based Self-sovereign Identity
This addresses security risks for users in digital identity systems, though it appears incremental as it builds on existing standards like DIDs and BOPS.
The paper tackles the security vulnerability of centralized identity databases by proposing the Horcrux protocol, a decentralized authentication method using biometrics and blockchain, which eliminates single points of compromise.
Most user authentication methods and identity proving systems rely on a centralized database. Such information storage presents a single point of compromise from a security perspective. If this system is compromised it poses a direct threat to users' digital identities. This paper proposes a decentralized authentication method, called the Horcrux protocol, in which there is no such single point of compromise. The protocol relies on decentralized identifiers (DIDs) under development by the W3C Verifiable Claims Community Group and the concept of self-sovereign identity. To accomplish this, we propose specification and implementation of a decentralized biometric credential storage option via blockchains using DIDs and DID documents within the IEEE 2410-2017 Biometric Open Protocol Standard (BOPS).