UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

- Trained on our vast library of engineering resources.

ETSI - TR 119 476

Electronic Signatures and Infrastructures (ESI); Analysis of selective disclosure and zero-knowledge proofs applied to Electronic Attestation of Attributes

active, Most Current
Organization: ETSI
Publication Date: 1 August 2023
Status: active
Page Count: 82
scope:

The present document analyses cryptographic schemes for selective disclosure and their potential application for privacy of electronic attestation attributes in line with the expected requirement of the proposed regulation amending Regulation (EU) No 910/2014 (commonly called eIDAS2) [i.54].

NOTE 1: The term selective disclosure is a collective term that may also include various concepts of unlinkability, Zero-Knowledge Proofs, predicates and range proofs depending on the context of the specific cryptographic scheme. The scope of the present document is primarily to describe selective disclosure and unlinkability of each analysed cryptographic scheme.

NOTE 2: Zero-knowledge proofs, range proofs, and predicates are out of scope in the ARF [i.34]. If an analysed cryptographic scheme relies on any of these features, they will be described in the context of that particular cryptographic scheme.

The present document aims at providing a comprehensive overview of existing cryptographic schemes for selective disclosure and the credential formats and protocols associated with these cryptographic schemes.

The aim of the present document is first to provide input to ETSI standardization relating to how selective disclosure may be applied to the eIDAS2 credentials (Qualified) Electronic Attribute Attestations ((Q)EAA) and Person Identification Data (PID). More specifically, the present report may serve as input to (Q)EAA issuance policies as being specified in ETSI TS 119 471 [i.49] and (Q)EAA profiles as being specified in ETSI TS 119 472 [i.50].

Second, the present document will also analyse the policy requirements for (Q)TSPs and PID providers issuing (Q)EAAs or PIDs with selective disclosure capabilities to EUDI Wallets.

Third, the present document analyses how the user of an EUDI Wallet can present selected attributes of a (Q)EAA or PID to relying parties (or (Q)TSPs acting as relying parties). Consequently, the present document can highlight needs that may require future standardization efforts.

The present document analyses the concepts of selective disclosure, unlinkability, ZKP, predicates, and range proofs in the following main clauses:

• Selective disclosure signature schemes (clause 4): This clause describes the academic research of the cryptographic algorithms and schemes that shape the foundation for selective disclosure signature schemes.

• Selective disclosure credential formats (clause 5): This clause describes the credential formats that have been developed and standardized based on the aforementioned selective disclosure signature schemes.

• Selective disclosure protocols and systems (clause 6): This clause describes the complete protocols and/or systems that have been developed and standardized based on the aforementioned selective disclosure signature schemes and credential formats.

Since the ARF [i.34] specifies the PID to be issued to an EUDI Wallet as ISO mDL [i.87] (with ISO mDL MSO for selective disclosure) or W3C Verifiable Credentials (with SD-JWT for selective disclosure), these formats and protocols are analysed in more detail in clause 7.

Document History

TR 119 476
August 1, 2023
Electronic Signatures and Infrastructures (ESI); Analysis of selective disclosure and zero-knowledge proofs applied to Electronic Attestation of Attributes
The present document analyses cryptographic schemes for selective disclosure and their potential application for privacy of electronic attestation attributes in line with the expected requirement of...

References

Advertisement