Specifications

Vaultys Protocol is a set of different cryptographic data models handling the lifecycle of Decentralised Digital Identity. The Security Model is not about privacy (i.e., resistant against decryption) but about securing identification (person, servers), making it cryptographically hard to steal an identity without stealing a cryptographic private key. In comparison with classical authentication systems (User/Password/MFA), the protocol offers better resistance to the compromise of the communication channel or the guessing of passwords based on previously leaked data in a central identification server. Moreover, the protocol is designed with extension in mind. Only a subset of the protocol extensions is being certified.

In a nutshell, here are the security claims of the protocol:

• The compromise of a central identification server does not compromise the identities (only public keys are stored).
• The P2P ID handshake is resistant to passive channel attacks.
• The P2P authentication is resistant to passive and active channel attacks.

The cryptographic curves used are:

• Ed25519 for software implementation.
• P256 if using FIDO2 bridge.

Resistance means:

• either fail in the case of an active channel attack
• or succeed with the assurance that both legitimate sides have effectively verified and signed the authentication message.

Recommendations for implementation: The security of later communications after authentication (like session cookie stealing using replay attack) is outside the scope of the model.