Cryptographic Requirements of Verifiable Credentials for Digital Identification Documents

Verifiable Credentials have evolved into a de facto standard for digital credentials. One of their most critical use cases are digital identity documents. Regarding their technical cryptographic requirements, we argue that most attempts of defining verifiable credentials and their use cases seem to be somewhat imprecise and not always coherent. We further argue that in particular government-issued digital IDs require more stringent cryptographic requirements than the general use cases, which are usually examined. We also comment on possible cryptographic realizations of the derived security requirements and, in particular, consider the widely-used authentication protocol AnonCreds. The conclusive set of cryptographic requirements may serve as a guideline to design, build and analyze verifiable credential systems.