Prof. Sandy Pentland
MIT Connection Science & Engineering
Self-sourced (self-issued) identities offers a direction for solving privacy-preserving identity in large networks such as the new generation of blockchains currently being designed. Some cryptographic identity schemes offer strong privacy through identity anonymity and unlinkability of transactions. A new model for privacy-preserving identities is needed if blockchain systems are to operate at a global scale: it must allow entities in the ecosystem to (i) verify the "quality" or security of an identity, and (ii) to assess the relative "freedom" or independence of an identity from any given authority (e.g. government, businesses, etc.), and (iii) to assess the source of trust for a digital identity.
Recent interest in the Bitcoin system  has rekindled interest in the long-time problem of self-issued digital identities. The notion of self-issued identities was first posed in the mid-1990s in the context of self-signed X509 certificates, Simple PKI (SPKI)  and in the Pretty Good Privacy (PGP) system .
We believe that a more accurate term for self-issued digital identities is "self-sourced" identities. What matters in digital identities is not so much the form of the identity (e.g. email-address; RSA public keys; X509 certificates ) but rather the source of trust for the provenance for the claimed identity.
In the Bitcoin system, users self-generate (e.g. using software) public key pairs, and transact by using the key-pair. The Bitcoin system uses the term "address" for their identities, which is simply a cryptographic hash of the public-key of the key-holder (i.e. holder of the matching private key). The address scheme in Bitcoin (hash of public-key) is functionally equivalent to the plain public-key. The use of public-key ("address") in Bitcoin as an identity scheme provides some degree of anonymity to the key-holder at the expense of scalability. The identity scheme in Bitcoin can be used only within the Bitcoin system.
This scalability limitation is also present in the PGP system  where a user self-issues their PGP key-pair. The user as the key-holder must provide their PGP public-key directly to their friends and colleagues, either in-person or through a public "key ownership declaration" event (e.g. "PGP key signing parties" at IETF face-to-face meetings).
Within the community of Bitcoin users and developers, one oft-cited positive feature of the system is the "anonymity" (pseudonymity) of key-holders through their use of self-sourced identities. In this line of thinking –- which we believe to be inherently self-limiting for scalability -– there is a perceived equivalence between anonymity (through the use self-sourced public-key pairs) and "independence from any trusted authority".
Furthermore, the current self-issued digital identities (in the form of self-generated public-key pairs) does not scale because it lacks integration with existing infrastructures -- both digital infrastructures and real-world infrastructures.
A complete and scalable identity management system needs to ground identity in the real world, and must not rely solely and unconditionally on existing identity/service providers. We believe a new model is needed for "self-sourced identities" that provide privacy-preservation as well as scalability at the global Internet level.
A key feature of the new model is that it must allow entities in the ecosystem to (i) verify the "quality" or security of an identity, and (ii) to assess the relative "freedom" or independence of an identity from any given authority (e.g. government, businesses, etc.), and (iii) to assess the source of trust for a digital identity.
If anonymity is a requirement for self-source identities to fulfill the needs of user privacy, then true anonymity in digital identities requires more than self-issuance of a public-key pair (as it is the case today in the Bitcoin system ). It requires that the identity also possess the feature of unlinkability or untraceability . And even if a digital identity has anonymity, unlinkability, it still requires the relying party (counter-party) to accept the identity. That is, the relying party must be able to assess the provenance and source of trust of a given anonymous self-sourced identity.
We believe a new model for digital identities for future blockchain systems is required, which is summarized in the following progressive steps:
Our current efforts on the ChainAnchor system (see [4,5]) seeks to address these properties that are foundational to the proposed new model.
A legal trust framework is a certification program that enables a party who accepts a digital identity credential (called the relying party) to trust the identity, security, and privacy policies of the party who issues the credential (called the identity service provider) and vice versa .
We believe the current LTFs as practiced in the industry (e.g. FICAM  , OIX , SafeBioPharma ) can be extended to introduce special type of identity providers, called the Root-Identity Provider (RiP) and the Root-Identity Verifier (RiV) .
The Root-Identity Provider takes a user's existing identity which has a high degree of source of trust (step (1) above) and converts it using a privacy-preserving function into anonymous root-identity for the user (step (2) above). The user is then free to self-issue one or more anonymous transaction-identities to be used on the blockchain system with other users (relying parties).
The Root-Identity Verifier provides a validation service to which a relying-party may inquire about the status and source-grade of a given anonymous transaction-identity (step (4) above) prior to transacting.
In this context a LTF provides the following:
Thomas Hardjono the Director of the MIT Internet Trust Consortium, within MIT Connection Science. He has been active in identity management and identity federation for nearly two decades now, starting from the mid-1990s working in the emerging X509 PKI industry as principal scientist at VeriSign which became the largest PKI provider in the world. His work included devices certificates for DOCSIS cable modems and for Wi-Fi devices, and his achievements included standing-up the first commercial root CA service for TPM1.2 secure hardware. He was chair of the TPM Infrastructure WG in the Trusted Computing Group, which was tasked to solve the integration of TPM management within Enterprise infrastructures. His work also expanded into the area of security assertions and claims management. He was active in the SAML2.0 community in the Liberty Alliance and in OASIS. He is currently the chair of the SAML2.0 Technical Committee. Thomas has also been instrumental in supporting the development of the MIT Kerberos open source software and the development of the OpenID-Connect 1.0 protocol (OIDC) for identity federation based on the OAuth2.0 framework. He is the technical editor of the recently published User Managed Access (UMA 1.0) architecture for user-centric consent management based on OAuth2.0. Thomas was successful in standing-up the first OpenID-Connect service at a major university (oidc.mit.edu), and in representing MIT at various industry consortiums and standards organizations. Recently he was instrumental in standing-up the first Ripple digital currency validation server at a major university (rippled.media.mit.edu). He is currently focusing on identities and identity management for blockchain systems, and on privacy-preserving computing.
Alex “Sandy” Pentland is founding faculty director of the MIT Connection Science Research Initiative, which uses network science to access and change real-world human behavior, and is the Toshiba Professor of Media, Arts, and Sciences at the Massachusetts Institute of Technology (MIT). He also holds a triple appointment at MIT in Media Arts and Sciences, Engineering Systems Division and with the Sloan School of Business. Sandy has helped create and direct MIT’s Media Lab, the Media Lab Asia, and the Center for Future Health. He chairs the World Economic Forum's Data Driven Development Council, is Academic Director of the Data-Pop Alliance, and is a member of the Advisory Boards for Google, Nissan, Telefonica, the United Nations Secretary General, Monument Capital, and the Minerva Schools. In 2012 Forbes named Sandy one of the “seven most powerful data scientists in the world”, along with Google founders and the CTO of the United States, and in 2013 he won the McKinsey Award from Harvard Business Review. He is among the most-cited computational scientists in the world, and a pioneer in computational social science, organizational engineering, wearable computing (Google Glass), image understanding, and modern biometrics. His research has been featured in Nature, Science, and Harvard Business Review, as well as being the focus of TV features on BBC World, Discover and Science channels. His most recent book is Social Physics, published by Penguin Press. Over the years Sandy has advised more than 50 PhD students. Almost half are now tenured faculty at leading institutions, with another one-quarter leading industry research groups and a final quarter are founders of their own companies. Sandy's research group and entrepreneurship program have spun off more than 30 companies to date, three of which are publicly listed and several that serve millions of poor in Africa and South Asia. Recent spin-offs have been featured in publications such as The Economist and The New York Times, as well as winning a variety of prizes from international development organizations.