Decentralized Key Management using Blockchain

The purpose of this SBIR Proposal is to conduct the research needed to enable blockchain technology to serve as serve as a decentralized foundation for privacy-respecting identity management. In this phase, Evernym will research and develop a decentralized key management system (DKMS) based on the DID (Decentralized Identifier) specification developed in Phase I. The DID specification has already been embraced by the leading developers of blockchain identity solutions and is currently being implemented for Bitcoin, Ethereum, and Sovrin.

The combination of DIDs for identity and DKMS for public key discovery and verification will enable a decentralized identity management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities. Open standards and established industry protocols will permit identity owners to selectively disclose identity claims and manage their privacy and digital relationships.

Evernym's thesis is that the combination of DIDs, DKMS, and DIDM architecture, using public and/or private blockchains as "trust anchors", can meet traditional information security principles of confidentiality, integrity, availability, non-repudiation and provenance as well as privacy-by-design principles of user control, selective disclosure of information, and pseudonymity.

This proposal presents the basic research challenges that need to be accomplished to adapt traditional PKI technologies to blockchains, simplifying both identity management and key management for individuals and institutions while at the same time enhancing both security and privacy. Our proposed effort and deliverables will enable the development and release of commercial products in Phase III for Homeland Security Enterprise applications and enterprise customers.