re:claimID is a decentralised service for self-sovereign personal data sharing. It allows users to reclaim their privacy and control over their digital identities and data while at the same time offering standard compliant protocol support through OpenID Connect.
In this lecture, we present the motivation behind the technology and the technical foundations.
Today, users are often required to share personal data, like email addresses, to use services on the web. As part of normal service operation, such as notifications or billing, services require access to -- ideally fresh and correct -- user data.
Sharing attributes in the Web today is often done via centralised service providers to reduce data redundancy and to give services access to current, up-to-date information even if the user is currently offline.
Abuse of this power is theoretically limited by local laws and regulations.
But, the past has shown that even well-meaning identity providers struggle to keep user data safe as they become major targets for hackers and nation state actors while striving for monetising anonymised statistics from these data.
We advocate for a new, decentralised way for users to manage their identities for the following reasons:
re:claimID is built as a service on top of the peer-to-peer framework GNUnet.
It emerged from research conducted by the research group "Secure
Applications and Services" at the Fraunhofer AISEC research institute.
A scientific, peer-reviewed paper on the theoretical foundations of re:claimID
was published at TrustCom 2018
primarily developed in the
GNUnet source tree as Free Software.
Accompanying tools and sources can be found in the