Identity Wallet in a Hostile Environment: Privacy and Trust By-Design

he European eIDAS 2 Regulation, now nearing completion in the legislative process, aims to tackle these challenges by decentralizing the identity ecosystem. Central to this concept is the European Identity Wallet—a device controlled by the identity holder, responsible for managing identification and authentication processes, including the handling of attribute certificates. This approach shortens the path from the source of attributes to their practical use by the holder. While the regulation outlines only the general framework, it leaves room for various implementations. However, the road to implementation is not without fundamental challenges, which is why current pilot programs focus on simpler, more basic use cases.

The European Identity Wallet, like many other cryptographic solutions, faces several critical issues that require urgent resolution. Given the scale of its potential applications, it’s essential to consider the risks posed by devices potentially infected with malicious code, especially from their manufacturers. This is particularly dangerous for black-box solutions. Devices may fail, and the supporting infrastructure may not be available. Lastly, the lack of robust access control mechanisms poses a risk of third-party impersonation.

The project aims to develop solutions that enhance the resilience of the identity ecosystem against emerging threats. One approach is to replace the traditional wallet and supporting infrastructure with distributed systems, ensuring that the failure of individual components does not lead to a complete system collapse. Such approach serves two key objectives: protecting data and enabling user verifiability of processes. These mechanisms will be implemented at the cryptographic layer, largely independent of the underlying hardware.

We will pay special attention to the issues of digital signatures and cryptographic token systems. In the latter case, our goal is to enable the use of single-use tokens without relying on a central system to track token usage. Instead responsibility for securing components will be decentralizes and distributed between users. The main goal is to liberalize the process of issuing tokens, allowing users—not just large organizations—to act as token issuers.

Of course, a paradigm shift in operations requires building efficient cryptographic protocols with provable security, non-repudiation, and privacy properties. Last but not least, these solutions must be lightweight in terms of communication and computational complexity and at the same time remain transparent and understandable to the average users – without overwhelming them with “cryptographic magic.”

The project is financed by the National Science Centre’s OPUS LAP grant and is being implemented in cooperation with CISPA – Helmholtz Center for Information Security.