Decentralized Key Management for Digital Identity Wallets

Self-sovereign identity (SSI) is considered by experts as the next step in the evolution of digital identity management systems. Blockchain and distributed ledger technologies have provided the necessary building blocks and facilities that bring us closer to the realization of the objectives and ideals of SSI. In contrast to most previous identity management systems, where the service provider was at the center of the identity model, SSI is user-centric and eliminates the need for a central authority. It allows users to own their identities and carry them around, for example, in a digital identity wallet on their mobile device or through a cloud service. Mechanisms exist for key generation, credential issuance and validation, as well as selective disclosure that protects users from unintended sharing of their personal data. However, if the root secret key of the wallet is lost, the user will not be able to recover the digital wallet, posing one of the critical challenges in the SSI ecosystem. This research focuses on the problem of decentralized key management and recovery. In this chapter, we propose a decentralized key backup and recovery model for SSI wallets based on Shamir’s Secret Sharing algorithm. Furthermore, we present a prototype that generates a private key from a digital identity wallet, allowing it to be shared among trustees and subsequently recovered in the event of a loss of the private key. Additionally, this chapter provides an overview of the fundamental concepts and state-of-the-art developments in the SSI ecosystem and highlights the remaining challenges.