The strongest Encryption scheme for DID users — ECIES
We were faced with a dilemma: putting people’s IDs on the Blockchain. The Blockchain being inherrently open meant that we had to use encryption standards that leave banks and governemnts behind.
Presenting ECIES: The strongest form of Encryption available in the market.
Let’s look at from the prospect of DID. We are logging user’s personal information in an Ethereum smart contract. Thus it is available for introsepection. After playing with a lot of encryption schemes, we decided to use ECIES. It wasn’t just an Elliptic curve, it was also a learning curve for the dev team. ECIES is already used for encrypting cryptocurrency schemes as well as being used by the corporate. With the corporate, we observed that they were using ECIES to also gain trust of the signing party. And well, this is exactly what we required too. In the case of the corporates (e.g. Google), they are using the scheme to e.g. verifiy a developer package or to confirm a payload to push servers. But we did find that ECIES was reserved for “high-level” tasks. In our case, DID brings ECIES to all its users. We are trying to build trust in a trustless world. We wanted to make sure that your data is well-encrypted and that only the intended party can decrypt it.
Why ECIES: Once encrypted, even you can’t decrypt your own data! Only the encrypted party can.
What we had to struggle with: The moral dilema of revealing the public key of the user. But we figured out that on a public Decentralized network (like Ethereum), when an account transacts, the public key becomes visible anyhow. In order to further mitigate any form of recognition/tracking, we have also introduced a function in our app where you can simply change your address, public key and private key! While we are still evaluating whether we should force users to change their address, we are currently leaving it to the users to make the best decision for themselves. From our side, we are taking care of users’ data by providing the strongest encryption in the world!
So, the next time you provide your ID via the DID Login app, rest assured that your data is encrypted with the highest standards of security. Your data is in your control and no one can decrrypt it apart from the party you intended it to be decrypted by.
We are putting your ID in your control. And are providing the best encryption technology to do so.
Come join the revolution at: https://decentralized.id
Further reading:
For beginners: https://en.wikipedia.org/wiki/Integrated_Encryption_Scheme
For experts: https://www.researchgate.net/publication/251958691_A_comparison_of_the_standardized_versions_of_ECIES
