Transforming digital identity management in Switzerland with zero-knowledge

Transforming digital identity management in Switzerland with zero-knowledge

ZUG, 27 NOVEMBER 2023. In a groundbreaking collaboration, Partisia Blockchain and the University of Applied Sciences and Arts Western Switzerland (HES-SO Valais-Wallis) are poised to transform the management of digital identities for Swiss citizens. This partnership aims to develop a decentralized electronic identity system in harmony with the Swiss Federal Council’s unwavering commitment to data privacy and security.

This collaboration marks a significant leap toward redefining digital identity management in Switzerland. The joint project aims to empower individuals with control over their personal data, ensuring a future where privacy and security are not compromised.

The primary objective of this project is to define the architecture for a self-sovereign identity (SSI)-based electronic identity (e-ID), creating a minimum viable product (MVP) and seamlessly integrating it into a public administration portal.

The SSI solution empowers citizens by enabling them to wield credentials issued by public administrations in mobile applications, offering the autonomy to select the data they disclose when accessing services. Central to this innovation is the blockchain technology, with Partisia Blockchain at the forefront, introducing a fast, sustainable, and privacy-centric blockchain solution.

Kurt Nielsen, PhD, President of Partisia Blockchain, says:

“Our aim is to place control firmly in the hands of individuals, allowing them to become the ultimate custodians of their personal information. This approach not only enhances privacy but also elevates the level of security that individuals can expect from digital identity management.”

Partisia Blockchain, known for its proficiency in zero-knowledge and private smart contracts, provides a platform where individuals exercise absolute control over their personal data. This decentralized system ensures that the individual is the ultimate owner of their information, setting a new standard in privacy and security.

Jean-Luc Beuchat, Professor at HES-SO Valais-Wallis, says:

“We are thrilled to introduce our SSI solution, designed to provide a simple, secure, and open-source approach to digital identity management. Its versatility makes it ideal for a wide range of applications, from government-issued e-IDs to humanitarian aid initiatives. Our scalable solution can be seamlessly adapted to meet the unique requirements of diverse organizations.”

In response to the rejection of the Federal Act on Electronic Identification Services (e-ID Act) by Swiss citizens in March 2021, the Swiss Federal Council promptly recommended Parliament to approve six motions addressing citizens’ concerns and proposing a new e-ID Act. This led to the drafting of technical solutions by the Federal Office of Justice (FOJ), including the discussion paper on the target vision for an e-ID in August 2021. The paper outlined three technical approaches: a state identity provider, a public-key infrastructure, and self-sovereign identity (SSI). Opting for the latter approach, the Federal Council is in the final stages of concluding consultations before the year’s end.

The solution developed by Partisia Blockchain, DuoKey and HES-SO Valais-Wallis is slated for presentation to the Swiss Federal Department of Justice before Christmas. Emphasizing its various benefits, including non-disclosure of personal information, data usability for statistics and planning without revealing personal information, and its compliance with Swiss legislation, this solution aligns seamlessly with the vision outlined by the Swiss Federal Council.

The Partisia Blockchain and HES-SO Valais-Wallis’ joint solution is a pivotal moment in reshaping digital identity management in Switzerland, emphasizing a commitment to privacy, security, and a decentralized approach. The joint efforts aim to echo the Swiss regulations of data governance, prioritizing individual empowerment and stringent privacy measures.

The system relies on verifiable credentials (VCs) to ensure secure and privacy-preserving authentication along with SD-JWT selective disclosure. Managed through smart contracts deployed by a universally trusted governance framework, citizens can securely log into various web portals using these credentials. Supported by proven cryptographic techniques, this system maintains data integrity and privacy, ensuring a robust digital identity management solution.

Energy efficiency, scalability, and security have been at the core of our solution as well. Partisia Blockchain not only offers a sustainable choice but also ensures the scalability needed to accommodate any number of users while upholding the highest standards of security.

The collaboration between Partisia Blockchain, DuoKey and HES-SO Valais-Wallis marks a pivotal step forward in digital identity management in Switzerland, particularly in the context of the broader European landscape where projects, such as the European Union’s e-ID, are sparking discussions about privacy and data security. By focusing on an SSI-based e-ID and utilizing zero-knowledge and private smart contracts, this solution aims to empower individuals with unparalleled control over their personal data. This approach not only ensures robust privacy and security, but also sets a new standard in digital identity management, highlighting user empowerment and a commitment to a decentralized framework.

About Partisia Blockchain: Partisia Blockchain brings unparalleled opportunities by empowering privacy-preserving, interoperable and sustainable innovation for fairness and transparency. It fuels the most secure and efficient networks to solve global problems. Distilled with 35 years of rigorous research, Partisia Blockchain future-proofs solutions, solves tomorrow’s challenges by powering fair, secure, distribution of benefits. While preserving privacy and confidentiality, it brings accountable, transparent and decentralized governance. Learn more:

About HES-SO Valais-Wallis: HES-SO Valais-Wallis, a pioneering institution, hosts eleven Bachelor’s degree and three PEI study programs, and houses nine research institutes. It stands as a prominent hub fostering skills and innovation, meticulously grooming students for the professional realm. Enriching economic and social landscapes, this institution significantly contributes to job creation within the canton of Valais. With approximately 2,800 students, HES-SO Valais-Wallis comprises five distinct schools: the School of Art, School of Management, School of Engineering, School of Health Sciences, and School of Social Work.

About DuoKey: DuoKey is a cybersecurity company specializing in encryption and key management solutions. The company offers advanced key management services and double key encryption systems designed to provide unparalleled data protection across cloud and hosted applications. DuoKey primarily serves industries requiring high levels of data security, such as financial services, healthcare, and government sectors. It was founded in 2020 and is based in Lausanne, Switzerland.

Stay updated: Website X Discord • Telegram LinkedIn Facebook Instagram GitLab Medium YouTube

MPC for self-sovereign identity

MPC for self-sovereign identity

Self-sovereign identity (SSI) is an ever increasingly important concept to enable users control over their own data and let them share it with whom they want. Today, data rests in centralized databases that belong to big enterprises with little transparency into how the data is actually being used and for what purpose.

SSI turns this around and data starts with the users, actually resting at users own device at first. Then it is up to the users to choose with whom and what data they share. Additionally, privacy-preserving features, such as selective disclosure and predicates enhance the user to share data without sharing it all or just prove simple facts about the data.

There are many great tools and infrastructures that can handle SSI, and Partisia Blockchain’s MPC technology adds a new component to the stack that enables new business models, enhances privacy for the data-driven economy, and will take your project ahead of the competition. So read on if you are a builder of the US$27 billion global digital identity market that is expected to expand at a CAGR of 17.2% from 2023 to 2030.

DIDs and verifiable credentials

First things first, digital identity usually revolves around three actors: issuer, holder, and verifier.

The issuer issues verifiable credentials to the holder, and the holder can then present the credentials to a verifier who can verify the content by digital signatures and Decentralized Identifiers (DIDs) that may be on a blockchain. For most digital identity use cases, DIDs and associated DID documents are the only elements that get on the blockchain. We do not take a deep dive on this in this article.

DIDs and verifiable credentials are some of the essential components that make up digital identity, especially digital identity that works with decentralized networks. DIDs are a type of address that is generated to manage digital signatures, and verifiable credentials are credentials created and issued by any issuer based on their DIDs.

SSI tools

To enable real SSI, the users will have to store all data themselves at first, often in digital identity wallets, and only then will the user be in full control. The data itself can be data inputs from users such as personal Identifiable Information (PII) or digital verifiable credentials issued by a third-party, e.g. KYC provider issues KYC claim as digital verifiable credential. Credentials are often issued and exchanged by an agency that establishes secure peer wise connections.

MPC takes digital identity to the next level

Multiparty computation (MPC) is a groundbreaking technology that allows multiple data inputs to remain private while still being computed on and only sharing the outputs. The computing itself is carried out by specially selected MPC validator nodes who each compute on secret shares of the data and privacy is guaranteed by cryptography.

Compared to ZK proofs, such as zk-SNARKs, MPC is a game changer that allows computing on any function. This takes digital identity to the next level because it is now not only possible to share data with privacy features, but also carry out decentralized computation on private data and write business logic into private and public smart contracts to orchestrate the process and rules.

MPC for private data analytics

As we learned before, ZK proofs are good for simple presentations about specific data, e.g. a verifiable credential issued by an employer can be used to prove to the bank that you earn more than US$80,000 a year to qualify for a loan without revealing the exact amount you earn.

Now imagine that we need to compute statistics on multiple inputs from multiple users and compare a single person’s salary to the average, all while preserving privacy. ZK proofs cannot handle general computations on multiple inputs and comparison is limited to two users presenting against each other, so another system would have to support it. This is where Partisia Blockchain’s MPC comes to save the day! MPC on Partisia Blockchain can handle multiple inputs and preserve the privacy while carrying out efficient general computation.

Even though all smart contracts and data can be private, it is often worth considering only to push the most sensitive data and operations into private computation because it is generally more expensive than public computation. This goes for all ZK technology. For instance, if you want to calculate the average salary of employees, you might consider just the salary as private inputs plus pseudonymized identity, and then do statistical calculations in the public space.

MPC for verification

When we look at DID/SSI solutions, the business requirements of the implementation usually go past simple verification of ID. DID/SSI proof is just the first step. The real challenge is what other data do you need after the verification. Perhaps it is to verify that this person has proper credentials for accessing a system. Or another popular use case for DID is to verify a user has enough assets to pay for something without revealing their total asset holding. Another app that is looking to build on our system is trying to create a persona on-chain, which advertisers can target, without revealing personal information about the user themselves.

In all these use cases, a simple proof system becomes too expensive and slow due to the fact that each individual parameter must require a proof. When you have 10 users, maybe this is possible. But what happens when you need to scale to 1000 or 10,000 users? And proofs are not computations. It is unable to compute the various different private data for analysis.

This is where MPC can extend the functionality of DID/SSI to create multi-functional applications. Through MPC you can both prove and compute multiple parameters in a single computation and include all the additional business requirements while keeping the data private.

MPC for Covid-19 passport

During the pandemic, many attempts were made to create a Covid-19 passport so citizens could prove they were either vaccinated or tested negative while preserving privacy. Zk proofs are good for this, but limited to only presenting yes/no results to a verifier without extensive physical verification such as ID cards, which would compromise SSI principles.

In collaboration with HES-SO Valais-Wallis, Partisia Blockchain developed a solution where identification is reduced to matching an individual’s face with an image of the person’s face powered by MPC in order to increase security and privacy. The Partisia Blockchain ensures trustworthy information is broadcasted to the verifier and MPC ensures that the private information about the citizen is used only for matching and kept hidden for the verifier.

Stay updated:

Website • Twitter • Discord • Telegram • LinkedIn • Facebook • Instagram • GitLab • Medium • YouTube