Selective Disclosure (w/o ZKP)

From IIW

Selective Disclosure (w/o ZKP)

Tuesday 2I

Convener: Joe Genereux

Notes-taker(s): Joe Genereux

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Claims Proofs; W3C Credentials Working Group Proposal 1.0

• Authors:

o Joe Genereux joe.genereux@workday.com

o Rory Martin rory.martin@workday.com

o Bjorn Hamel bjorn.hamel@workday.com

o Gabe Cohen gabe.cohen@workday.com


• Last Updated: September 28, 2019

Status • Status: PROPOSAL • Status Date: 2019-08-28 • Status Note: Request for Comments (RFC), draft 1

Abstract The W3C Verifiable Credentials Data Model suggests the principle of data minimization to reduce the cost of privacy violations in the exchange of verifiable claims. This document outlines the claim Proof mechanism proposed by Workday as a solution to achieve data minimization in Linked Data Signatures, and is a natural and backwards compatible extension to the W3C-Spec. The following proposal is intended for migration into the W3C specification as a future addition.

Contents • Status • Abstract • Contents • Proposal o Introduction  Selective Claim Disclosure o Claim Proofs  Embedded Proofs • Embedded Proof Example  Claim Proofs • Claim Proof Example • Interoperability • Signatures Note • Proof Request/Response • Drawbacks/Limitations • Alternatives • Privacy Considerations • References


Proposal:

Introduction

In section 7.8 of the Verifiable Credentials Data Model (here-afterW3C-spec) we learn that privacy violations occur when information divulged in one context leaks into another. It is widely accepted that for individuals and organizations large and small, privacy is becoming a central focus and feature in the exchange of information. Principles such as data minimization help reduce the risk of such violations. Hereafter we define data minimization as limiting the information requested, and received, to the absolute minimum necessary.

Verifiable credentials help reduce the risks of privacy violations by allowing the holder to share limited information with a verifier. This is in contrast to the traditional credential verification model where a verifier talks directly to an issuer. However, verifiable credentials are also susceptible to privacy violations when the credential contains more information than the verifier requires. To address this susceptibility, the W3C-Spec recommends for issuers [... to limit] the content of a verifiable credential to the minimum required by potential verifiers for expected use. And correspondingly, For

accessing services .

For systems that are usingLinked Data Signatures for claims exchange, this specification proposes a mechanism called a claim proof that facilitates selective disclosure of individual claims. We recognize that zero-knowledge proofs and derived credentials is another technique to achieve data minimization in claims exchange. This document focuses only on systems using Linked Data Signatures.

Selective Claim Disclosure

The W3C-spec uses a term calledselective disclosure to refer to the holder's ability to make fine- grained decisions about what information to share. When using Linked Data Signatures, the granularity is limited to the full credential. As stated above, this relies on the issuer making a predetermination about the minimum required by potential verifiers for expected use. We submit that this will always lead to some level of privacy violation given that the issuer cannot know a priori the minimum set required by every verifier. We believe that the appropriate level of granularity should be on a per claim basis.

We formalize on the concept of selective claim disclosure, which we define as the process of only revealing the values and signatures of a subset of claims and withholding all others on the credential. Whether or not that subset of claims satisfies the data requested by the verifying party depends on the credential exchange protocol implementation.. An example is given in the spec: [...] a driver's license containing a


There are many reasons why a holder of a credential or a verifier may want to hide the non-requested information. The most obvious case that comes to mind relates that the holder simply does not want a verifier to know any extra information than what is needed to satisfy the proof. Conversely, the verifier, concerned about privacy violations, may not want to be liable for requesting and holding any information that isn't required to fulfill the request. Another reason is simply the less information revealed in a presentation results in less sensitive information being transferred from the holder to verifier where someone might be able to intercept the data in the middle.

Claim Proofs

The following section outlines the Claim Proof protocol and its implementation details.

Embedded Proofs

In a typical verifiable credential (as defined by the W3C-spec), we create an embedded proof using a linked data signature. This signature is issued over the whole credential in order to detect tampering and verify authorship of a credential or presentation.

Embedded Proof Example – Unable to transfer (copy/paste) this into this word.doc