IACR News item: 28 November 2022
Matt Davison, Ken King, Trevor Miller
ePrint Report
The tech industry is currently making the transition from Web 2.0 to Web 3.0,
and with this transition, authentication and authorization have been reimag-
ined. Users can now sign in to websites with their unique public/private key
pair rather than generating a username and password for every site. How-
ever, many useful features, like role-based access control, dynamic resource
owner privileges, and expiration tokens, currently don’t have efficient Web
3.0 solutions. Our solution aims to provide a flexible foundation for resource
providers to implement the aforementioned features on any blockchain
through a two-step process. The first step, authorization, creates an on-chain
asset which is to be presented as an access token when interacting with a
resource. The second step, authentication, verifies ownership of an asset
through querying the blockchain and cryptographic digital signatures. Our
solution also aims to be a multi-chain standard, whereas current Web 3.0
sign-in standards are limited to a single blockchain.
Additional news items may be found on the IACR news page.