CitizenKey

CitizenKey is a P2P Identity framework based on the open source library U-Prove.

U-Prove implements cryptographic Selective Disclosure zero-knowledge proofs based on the principle of blinding-at-issuance. In CitizenKey proof keys are split into parts partly in the UI CitizenKey App and partly as keys controlled in a smartcard acting as a witness with on-card display and on-card biometrics.

CitizenKey helps you build customized purpose-specific identity without loosing control. CitizenKey implement the principle of Citizen-Centric Once Only or Trustworthy Data Sharing meaning citizens can reuse data through selective disclosure across data sources without linking these. Citizens can remain non identified, but cannot lie as authorized parties sign statements.

With CitizenKey Selective Disclosure Proofs you can without revealing any data that can be used to identify you prove e.g.

• to have Citizenship,
• not being wanted by the police
• and tested negative to Covid-19 yesterday .

Today even the simplest of digital services involves citizens loosing control through identification. With CitizenKey this change and even very complex digital process can occur with full citizen control without dis-regarding the secondary interests in e.g. justice, research or ensuring overall economic progress.

CitizenKey eliminate the trade-offs as a digital catalyst to making digitale processes work better even given previously assumed conflicts.

Trustworthy Identity is multi-stakeholder Security by Design

Identities always start as data minimized Trustworthy Anonymous which in P2P interactions are gradually customized and adapted to multi-stakeholder security requirements. Provided no identifying data is leaked deliberately, the identity will remain non-identified and thus enabling Citizens to share data without ever loosing control.

Privacy by Design is the very narrow area of Security by Design where citizens are anonymous and thus e.g. GDPR are unconditionally ensured. An example of Privacy by Design is Democratic Election where we know a lot about the physical votes, but they are unconditionally anonymous.

In moderns societies, there are a lot of areas that could and principle must be Privacy by Design - research, knwledge collection, marketing, Covid-19 passports - but most multi-stakeholder transactions involves more complex balances.

Accountability or Conditional Identification subject to e.g. a judge is something that can be added in the customization process. But accountability is not default nor is it part of CitizenKey itself as there is not trusted party involved. In CitizenKey all control are with peers and resolved in Peer-to-Peer interactions.

Disclaimer

However, in CitizenKey parliament or compliance to law is a peer it itself. So e.g. ensuring taxation is a natural part of any transaction either directly or as part of infrastructure operating acting on behalf of compliance as required. For a deeper general discussion see e.g. New Digital Security Models

Resilliance to failure

In CitizenKey keys and identifiers are single-purpose with no reuse making the entire framework non-dependant on revocation of digital keys.

Any hardware device lost will simply lose the ability to authenticate as part of the framework and thus effectively revoke all subsequent use of keys. Since the keys themselves are both single-purpose and split this means that - with proper backup mechanisms - this effectively enable Drop and Forget at the hardware level.

Perfect security is, however, not something we assume or guarantee, it is something we work towards but never expect to achieve.