How do you know the person you are talking to on the web or in metaverse is who they say they are? How do you know the mixed reality space or the object you are interacting with are what you think they are? With more aspects of our personal lives extending into the digital world, we need a scalable identity system that is secure, private, trustworthy, and available for everyone.
Fundamentally, a digital identity includes a private or access restricted component that the identity owner knows or has access to, such as a secret identity key, as well as a public component that people can use to refer to the identity in a reliable way, such as a DID (opens in new tab), email address, or a public identity key. Our research in digital identities focuses on the foundational problem of storage, management, and distribution of such secret and public identity keys.
Storage and management of private identity keys
It is well-known that people cannot reliably store cryptographic keys, no matter how valuable they are. There are many reported cases where lost keys to cryptocurrency wallets have resulted in wallet owners losing access to vast amounts of money. In the future, when even more of our financial and personal identities are reflected in our digital identities, reliably guarding access to cryptographic keys and recovering them becomes paramount.
There are two opposing aspects to this problem. On one hand, tech companies should have less ownership and control over people’s identities; the identity subjects – the people – should be in charge. On the other hand, fully decentralized solutions for identity secret key storage and management can be impractical. Our goal is to explore what can exist in between, where we can get the best of both extremes. In particular, we believe there are solutions that allow us to decentralize trust in the system, but still provide a centralized access point for functionality.
Distributing public identity keys
Public identity keys must somehow be distributed in a reliable manner. Essentially, we need a replacement of the WebPKI, but for consumers. For example, if two or more people (identity owners) want to set up a protected channel between themselves, each of them needs to be absolutely confident that they are using the correct public identity keys for the other participants. Failure to verify this leads to a total break of the system, as a malicious party can potentially perform a meddler-in-the-middle attack. These concerns are very real; for example, there are known cases where existing public-key directories have been attacked to replace the public keys of well-known journalists.
We are researching new types of solutions to public identity key distribution that have extremely high reliability guarantees, cryptographic auditability properties, and capability to scale to massive scale that can serve the identity needs of the entire planet. One first step in this direction is the SEEMless (opens in new tab) auditable public-key directory that allows users to verify that their public keys are correctly delivered to relying parties, e.g., in end-to-end encrypted messaging or video conferencing applications.