Enhancing Decentralized Identity with Privacy Computing Technologies

Introduction

Trusted Execution Environment (TEE) and Zero Knowledge Proofs (ZKP) are two of the most commonly used technologies in decentralized identity and data privacy. Litentry adopts TEE for its speed, versatility, and efficiency as it provides a secure area within the CPU, ensuring data privacy and integrity, especially useful in scenarios like transmitting verifiable credentials and confidential communications. For instance, when performing a crypto transaction, TEE can securely process the transaction without exposing sensitive details. ZKP is also used in identity verification as it allows verifiers to securely access and verify the identity of users without having access to their actual data. However, ZKP involves more complex and time-consuming cryptographic processes.

Litentry currently adopts TEE in the IdentityHub. The Litentry parachain is composed of nodes that utilize a dPOS (Delegated Proof of Stake) mechanism to synchronize and generate blocks and its sidechain is made up of nodes equipped with Trusted Execution Environments (TEEs). The TEE sidechain is supported by Integritee and enables the runtime to execute in an SGX secure run environment. ZKP-based credentials can simultaneously serve as an additional layer of identity attestation, enhancing overall productivity within the framework.

Trusted Execution Environments provide isolated and secure execution spaces within a computing system. The goal is to safeguard sensitive operations, ensuring they remain confidential and tamper-resistant. TEE is a secure vault within a device’s processor, safeguarding data from malware or other threats. Imagine a scenario where you’re storing sensitive documents on your device; TEE ensures that even if your main operating system is compromised, these documents remain secure.

Trusted Execution Environment (TEE) is a secure area, also known as an “Enclave,” that is isolated from the main operating system (OS). The TEE is secured by an isolated, cryptographic electronic structure resistant to malicious attacks and unauthorized access.

Intel SGX manufactures Litentry TEE and it leverages hardware-based security features to create secure enclaves. These enclaves operate in isolation from the host system, protecting the confidentiality and integrity of the code and data within it. The hardware manufacturer guarantees that no one — not even the system administrator or the operating system — has access to the keys or can read the memory stored within the TEE.

TEEs are integral to secure computations, particularly in scenarios where confidential data like verifiable credentials must be processed. They are employed in scenarios ranging from secure key storage to executing sensitive algorithms, making them crucial components in building secure and trustworthy systems.

Trusted Execution Environments (TEEs) rely on a combination of hardware and software technologies to create isolated and secure execution spaces within a computing system. Attestation mechanisms, secure boot process, enclave technology, and hardware-based security make it the top choice for Litentry.

Zero-Knowledge Proofs (ZKPs)

Zero-knowledge proofs enable one party to prove to another that they possess certain knowledge without revealing the knowledge itself. This concept ensures that the verifier gains confidence in the authenticity of the information without gaining any insight into the actual data.

At its core, ZKPs rely on mathematical constructs such as elliptic curve cryptography and advanced algebraic structures. The prover utilizes these constructs to convince the verifier of the truthfulness of a statement, all while maintaining zero disclosure of the underlying information.

The technology finds applications in decentralized ecosystems, where privacy is paramount. By employing ZKPs, users can demonstrate ownership of assets or validate transactions without divulging sensitive details. For instance, zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) are widely used in privacy-focused protocols.

The Peculiarities of TEE in Data and Privacy Management

While both are powerful tools, TEEs possess certain advantages over ZKPs in specific use cases. Here, we’ll explore some of the reasons why Litentry adopted the Trusted Execution Environment:

1. Secure Execution Environment:
   TEEs provide a secure execution environment where code and data can be processed in isolation from the broader system. This ensures that sensitive operations are shielded from external threats, making TEEs particularly effective in scenarios where the integrity of the execution environment is paramount. ZKPs, while excellent for proving knowledge without disclosure, do not inherently provide a secure execution environment. They rely on cryptographic protocols to achieve privacy but may still operate within the standard execution environment.
2. Protection Against Malicious Hosts:
   TEEs, through hardware-based security features, protect against malicious hosts or compromised operating systems. The secure enclave operates independently, mitigating the risk of a compromised underlying system.
3. Broad Applicability in Secure Computation:
   TEEs are well-suited for a broad range of secure computation scenarios, including the execution of sensitive algorithms, secure key storage, and protection of intellectual property. They provide a versatile and robust platform for various applications.
4. Efficiency in Processing Confidential Data:
   TEEs can efficiently process confidential data within the secure enclave, minimizing the risk of exposure. This makes them effective in scenarios where computations involve sensitive information that must be kept confidential.
5. Real-Time Secure Operations:
   TEEs enable real-time secure operations, as they provide a secure and isolated environment for executing code. This is crucial in applications where timely and secure processing of data is essential.

Identity Privacy

Litentry being an identity aggregator adopted Trusted Execution Environments for the numerous benefits it offers in terms of privacy, security, and efficiency of transmitted confidential data. All of these align with the goal of Litentry. ZKPs operate at the application layer and provide a solid layer of privacy by focusing on privacy-preserving proofs. Integrating it into the IdentityHub will provide an additional layer of privacy for data. With this, the TEE will be the privacy tech for storing data and ZKP will be the privacy tech for the actual sharing of data.

About Litentry

Litentry is a privacy-preserving Identity Aggregation protocol that enables granular access to and control of data. Featuring a DID indexing protocol and a Substrate-built distributed DID validation blockchain, Litentry provides a decentralized, interoperable identity aggregation service that mitigates the difficulty of resolving agnostic DID mechanisms. Litentry provides a secure vehicle through which users manage their identities and dApps obtain real-time DID data of an identity owner across different blockchains.

Stay in touch with us!

Discord | Telegram | Twitter | Github | Website | Newsletter