Paper 2024/1361
What Did Come Out of It? Analysis and Improvements of DIDComm Messaging
Abstract
Self-Sovereign Identity (SSI) empowers individuals and organizations with full control over their data. Decentralized identifiers (DIDs) are at its center, where a DID contains a collection of public keys associated with an entity, and further information to enable entities to engage via secure and private messaging across different platforms. A crucial stepping stone is DIDComm, a cryptographic communication layer that is in production with version 2. Due to its widespread and active deployment, a formal study of DIDComm is highly overdue. We present the first formal analysis of DIDComm’s cryptography, and formalize its goal of (sender-) anonymity and authenticity. We follow a composable approach to capture its security over a generic network, formulating the goal of DIDComm as a strong ideal communication resource. We prove that the proposed encryption modes reach the expected level of privacy and authenticity, but leak beyond the leakage induced by an underlying network (captured by a parameterizable resource). We further use our formalism to propose enhancements and prove their security: first, we present an optimized algorithm that achieves simultaneously anonymity and authenticity, conforming to the DIDComm message format, and which outperforms the current DIDComm proposal in both ciphertext size and computation time by almost a factor of 2. Second, we present a novel DIDComm mode that fulfills the notion of anonymity preservation, in that it does never leak more than the leakage induced by the network it is executed over. We finally show how to merge this new mode into our improved algorithm, obtaining an efficient all-in-one mode for full anonymity and authenticity.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. ACM CCS 2024
- Keywords
- DIDCommProvable securityPrivacyEncryption
- Contact author(s)
-
christian badertscher @ iohk io
fabio banfi @ zuhlke com
jesus diazvico @ iohk io - History
- 2024-08-30: approved
- 2024-08-29: received
- See all versions
- Short URL
- https://ia.cr/2024/1361
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2024/1361, author = {Christian Badertscher and Fabio Banfi and Jesus Diaz}, title = {What Did Come Out of It? Analysis and Improvements of {DIDComm} Messaging}, howpublished = {Cryptology {ePrint} Archive, Paper 2024/1361}, year = {2024}, url = {https://eprint.iacr.org/2024/1361} }