Transition of Self-Sovereign Identity to Post-Quantum Cryptography

This paper addresses the transition of the Self- Sovereign Identity (SSI) model to Post-Quantum Cryptography (PQC) and its practical implementation in the IOTA Identity library. The design and the implementation provide pure Post-Quantum (PQ) and Post-Quantum/Traditional (PQ/T) hybrid solutions for the SSI model based on Decentralized IDentifier (DID), Verifiable Credential (VC), and Verifiable Presentation (VP) data models. The PQ/T hybrid approach leverages a novel type of verification method called CompositeSignaturePublicKey, which exploits the concept of composite public key. This novel type, specifically designed for authentication in SSI ecosystem, provides the Weak Non-Separability (WNS) property of the hybrid signature and performance comparable to the pure PQ approach. Moreover, the PQ/T hybrid approach ensures backward compatibility and today’s level of security in case the selected PQ algorithms are found to be theoretically flawed in the future. The experimental results demonstrate the validity and effectiveness of the open source implementation.