Skip to Main content Skip to Navigation
Conference papers

SSI-AWARE: Self-sovereign Identity Authenticated Backup with Auditing by Remote Entities

Abstract : The self-sovereign identity (SSI) model entails the full responsibility and sovereignty of a user regarding his identity data. This identity data can contain private data which is solely known to the user. The user himself is therefore required to manage the whole lifecycle of his private data, including the backup and restore. We show that prior work on how to backup and restore the user’s identity data does not meet the requirements of the SSI setting, and we present the first solution which does meet the requirements. Authenticated backup with auditing by remote entities (AWARE) combines SSI sustaining aspects and extends them to create a truly self-sovereign backup-and-restore protocol. In AWARE, trusted, physically met humans, called custodians, hold a secure device. Custodians with a secure device offer an offline backup possibility and a secure channel. The backup and restore are audited by commits on a publicly accessible distributed ledger. These commits are answered by auditing services which are required during restore. Only some auditing services hold relevant data for a restore. The self sovereignty of the user lies in the exclusive information which auditing services hold relevant data. AWARE  is the first backup-and-restore mechanism that fully complies with the SSI model. We perform an in-depth security-risk analysis of AWARE, showing a risk rating which is comparable to the best risk rating o related non-SSI-compliant backup-and-restore mechanisms. We instantiate the AWARE protocol with cryptographic primitives providing a high security level of 256-bit. We show its implementation feasibility by providing a simulation of AWARE, and conclude with an estimated performance analysis on a microcontoller architecture based on our simulation and implementation results in the literature.
Document type :
Conference papers
Complete list of metadata
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, March 18, 2021 - 5:38:31 PM
Last modification on : Thursday, March 18, 2021 - 5:50:24 PM
Long-term archiving on: : Monday, June 21, 2021 - 8:56:04 AM


 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document


Distributed under a Creative Commons Attribution 4.0 International License



Philipp Jakubeit, Albert Dercksen, Andreas Peter. SSI-AWARE: Self-sovereign Identity Authenticated Backup with Auditing by Remote Entities. 13th IFIP International Conference on Information Security Theory and Practice (WISTP), Dec 2019, Paris, France. pp.202-219, ⟨10.1007/978-3-030-41702-4_13⟩. ⟨hal-03173901⟩



Record views