CredChain: Take control of your own digital identity… and keep that valuable Bitcoin password safe

New blockchain architecture out of UNSW Engineering allows secure sharing and verification of credentials that has multiple real-world applications.
Neil Martin | UNSW Newsroom
The new blockchain architecture called CredChain offers a way to securely create, share and verify credentials. Photo: Shutterstock

UNSW computer scientists have created a new blockchain architecture that could help people from losing passwords to cryptocurrency wallets worth millions of dollars.

Dr. Helen Paik and Prof. Salil Kanhere have led a team from UNSW Engineering to create CredChain, a blockchain-based Self-Sovereign Identity (SSI) platform architecture that allows secure creation, sharing and verification of credentials.

The system has potential real-world applications for medical and academic record-keeping and information-sharing but could also help keep important passwords safe.

That lost password issue has proved extremely costly recently for a number of people who have been unable to access their digital Bitcoin wallets.

One German man, now living in San Francisco, cannot access his wallet containing 7002 Bitcoin – worth around AU$457million at the start of March 2021 – after forgetting his password.

Stefan Thomas created a complicated passcode for the wallet when he was paid in Bitcoin for work on a project in 2011, at a time when it was worth only a few thousand dollars.

He wrote the password on a piece of paper, which he subsequently lost, and now has virtually no chance of remembering or guessing what the log-in credentials are.

Key sharding

Dr. Paik and Prof. Kanhere, from the School of Computer Science and Engineering at UNSW, say that ‘Key Sharding’ is a potential feature of their CredChain platform that could help solve such an expensive problem.

The basic concept is that a complicated password can be split into a number of separate pieces (or shards) that are individually meaningless – until enough of the shards are re-assembled to validate the entire password.

“In this case we say the password is a key. We can ‘split the key’, so-to-speak, into multiple pieces and store each piece in different locations,” Prof. Kanhere says.

“If or when the key is lost, the owner can present enough pieces of the keys to the system to prove his identity and recover the original key. Each piece on its own cannot be used to access the account.

“Managing important passwords is one of the big and ongoing challenges. In the case of a Bitcoin wallet, the system may only offer one way to connect the person’s identity to Bitcoin, so losing that single connection can have a very detrimental effect.”

 

Helen Paik and Salil Kanhere

Dr Helen Paik and Professor Salil Kanhere led the UNSW Engineering team that created CredChain.

 

A paper on the CredChain system, where credentials are managed through a decentralised application/wallet which allows users to store their data privately under their full control and re-use as necessary, won the Best Paper Award at the 2020 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom).

Dr Paik says their new architecture addresses important issues regarding privacy and security.

“At the centre of this is the idea of decentralisation of this identity authority. So, there are no central government or big ID service-providers that are controlling your identity. It's now on the blockchain, decentralised. No one owns it, except the user, who has control and owns their own identity on the blockchain platform,” she says.

“Most digital credential sharing schemes currently adopt centralised storage and management of credentials and associated keys, which could lead to a single point of failure and high security risks.”

Decentralised service

The CredChain architecture could be utilised for many applications where establishing trust in certain claimed information is critical to delivering services.

“CredChain is a decentralised identity service and in the paper we talk about micro-credentials in the education service — where the user can collect all the small bits of information about the courses completed and grades achieved and store that in a tamper-proof system and later be able to verify that to anyone who wanted or needed to know,” Dr Paik says.

“Our system also ensures that when a credential is shared, the user can redact parts of the credential to minimise the private data being shared, while maintaining the validity of the credential.

“This could also be applied for people collecting and controlling their own medical records and being able to decide precisely what personal information they share.”

Prof. Kanhere is the general chair, and Dr Paik is also part of the organising committee, for the 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC) which will take place virtually between May 3-6.

The Conference is the primary forum for technical exchange of the latest research and innovation, regulation, policies, standards, and applications in the exciting and emerging area of blockchain and cryptocurrency.