This document provides the results of KRAKEN design activities in the context of the tasks T2.3 Self-sovereign Identity specifications and T2.4. Cryptographic tools and analytic engine specifications.

Regarding Self-Sovereign identity components, a description of KRAKEN main SSI components, external components and related actors interacting with them is provided. Among the external entities are the eIDAS network for obtaining a high-level of assurance of identity, and the backup service for storing the key material used on several devices or when the device is lost or stolen. The final mobile Graphical User Interface and the basic storylines used in the pilots are defined. The current alignment status with EBSI/eSSIF is also described.

Regarding Cryptographic Analysis tools, the final architecture design of the Privacy Preserving Analytics component is described The component is built upon four main technologies: secure multy-party computation, zero-knowledge proofs, group signatures and homomorphic proxy re-encryption. In this deliverable the high level description of the architecture given in deliverable D2.4 Intermediate technical design is expanded. The final technical choices of cryptographic schemes used in the architecture and how they interact are detailed. Finally a description of the deployment of Privacy Preserving Analytics component and APIs to use it is given.

Work Package
WP2 Technical aspects and architecture specifications