Thesis title: Towards the Evolution of Digital Identity from Centralized to Decentralized Applications
In traditional Client/Server applications, trusted parties associate identity in the digital world with those in the physical one. Blockchain technology, based on the agreement of the status of the system through a consensus algorithm and not a trusted party, enables a new form of identity management where users are entirely in control of their identities. However, they still need authoritative entities certifying the identity of the users. This contrasts with the decentralized nature of the blockchain because it requires putting trust in some peer of the network.
This thesis investigates a dichotomy between the decentralized nature of the blockchain and the necessity for a centralized creation of the identity attributes. Starting from the analysis of a concrete use case such as the Robinson List, we have shown that it is acceptable (and often necessary) a centralized creation of identity attributes by authoritative entities (e.g., the States), provided that their management is decentralized. Decentralized identity management is not limited to a single blockchain but can span over multiple ones to build more complex applications.
However, the thesis also shows how to design decentralized protocols for creating some types of identity attributes. Indeed, we show how to certify that a blockchain identity controls a communication endpoint (e.g., phone number, email) in a decentralized fashion or how to enforce that some attributes, self-asserted by users, respect well-defined consistency rules concerning the previous blocks of the ledger. We exploit smart contracts for both cases to perform on-chain transparent verification.
The thesis concludes that we still need trusted entities in blockchain applications to issue certificates defining identity attributes not challengeable through verification algorithms or protocols. However, identity management benefits from disintermediation provided by the blockchain because the user is always in control of its identity without the need for third parties.