A Private Key Recovery Scheme Using Partial Knowledge
In this paper we explore the problem of secure handling of private keys in blockchain applications. We present a novel approach, named "Partial Knowledge Recovery Scheme" (PKRS), which allows for the recovery of an encrypted private key through the use of personal security questions. In PKRS, an individual is asked a set of questions, and the answers to those questions are used to encrypt the input and produce a secured private key. Through the use of Shamir's secret sharing algorithm, the original private key can be recovered if the individual can answer correctly only a subset of the original questions. PKRS does not require any external services for the recovery process, since all the required information is stored within the secured private key itself. This approach tries to achieve a middle ground between security and usability. Security, where the private key needs to be encrypted and safely stored offline. Usability, where an individual wants to be able to recover their private key without the need of an easily forgotten passphrase and be able to store it in their personal cloud environments. We also discuss the correct design of personal security questions in social environments where an individual's personal data can be mined through public records and social networks. Finally, we present a blockchain Self-sovereign Identity use case, which was used for the integration and evaluation of PKRS within a real-world application.