6 Basic cryptography techniques for SSI

by Brent Zundel and Sajida Zouarhi

Cryptography is the fuel that powers all of self-sovereign identity (SSI). The goal of this chapter is to make you conversant in the basic building blocks of cryptography: hash functions, encryption, digital signatures, verifiable data structures and proofs, as well as common patterns for how they are combined to create the cryptographic magic SSI delivers. Cryptography as a topic is too broad and complex to summarize it in a few pages. We intend this chapter to be a reference and a refresher for those readers who understand the basic cryptographic techniques explained here and an index of what may be studied in more depth for those who have had less exposure to basic cryptographic techniques. Your guides will be two technical cryptographers with direct experience in the SSI space. Brent Zundel, Senior Cryptography Engineer at Evernym, and Sajida Zouarhi, engineer and researcher with ConsenSys. Brent also serves as co-chair of the W3C Decentralized Identifier Working Group that is producing the DID standard (the subject of our DID chapter).

6.1   Basic cryptographic building blocks

6.2   Hash Functions

6.2.1   What is a hash?

6.2.2   Types of hash functions

6.2.3   Hash function usage in SSI

6.3   Encryption

6.3.1   What is encryption?

6.3.2   Symmetric-key cryptography

6.3.3   Asymmetric-key cryptography

6.4   Digital signatures

6.5   Verifiable data structures

6.5.1   Cryptographic Accumulators

6.5.2   Merkle Trees

6.5.3   Building a Merkle tree

6.5.4   Searching a Merkle tree

6.5.5   Patricia Tries

6.5.6   Merkle-Patricia Trie - a hybrid approach

6.6   Proofs

6.6.1   Zero-Knowledge Proofs

6.6.2   ZKP applications for SSI

6.6.3   Privacy and Personal Control

6.6.4   Signature Blinding