User- and developer-friendly authentication based on DNS

Introducing VeraId: A Decentralized, User-Friendly Authentication Protocol Based on DNS

VeraId is a decentralized authentication protocol that uses DNS (Domain Name System) to provide secure and user-friendly authentication. This innovative solution extends existing standards like DNSSEC, X.509, and CMS, while offering an open protocol with open-source reference implementations.

Key Features:

• Decentralized Authentication: VeraId allows users to authenticate without relying on centralized authorities, making it ideal for offline systems and peer-to-peer networks.
• DNS-Based Verification: The protocol uses DNS to verify user identities, ensuring that digital signatures can be independently verified without external queries.
• Offline Authentication: Users can authenticate with customisable identifiers, even when offline, providing a seamless experience.

How it Works:

1. DNSSEC Chain: A trust anchor in the PKI (Public Key Infrastructure) verifies the public key of the organisation associated with a domain name.
2. X.509 Certificate Chain: The certificate chain confirms the authenticity of the user's identity.
3. CMS SignedData: The digital signature bundle contains enough data to be independently verified without external queries.

Benefits:

• Robust Security: VeraId offers enhanced security compared to traditional PKIs, such as TLS, which relies on multiple trust anchors.
• Flexibility: The protocol can be integrated into various systems and applications, providing a flexible authentication solution.
• Scalability: VeraId's decentralized architecture allows for scalability, making it suitable for large-scale deployments.

Real-World Applications:

• Offline Systems: VeraId enables offline user authentication, ensuring seamless experiences in remote or resource-constrained environments.
• Peer-to-Peer Networks: The protocol facilitates secure peer-to-peer communication and data sharing among network participants.
• Next-Generation Decentralized Systems: VeraId empowers the development of decentralized systems that are hard to imagine today, like peer-to-peer web hosting with contents reliably attributed to their respective domain names.

Try Demo

Experience VeraId's authentication capabilities with a demo application, available on the official website.

By leveraging DNS and open-source technology, VeraId offers a robust and user-friendly authentication solution that can be applied in various contexts.