×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Information Security

Master Thesis Project | ECDSA Zero- Credentials in Yivi’s EUDI Wallet

Job in 3500, Utrecht, Utrecht, Netherlands
Listing for: Caesar Experts
Apprenticeship/Internship position
Listed on 2026-05-25
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Information Security
Salary/Wage Range or Industry Benchmark: 40000 - 60000 EUR Yearly EUR 40000.00 60000.00 YEAR
Job Description & How to Apply Below
Position: Master Thesis Project | ECDSA Zero-Knowledge Credentials in Yivi’s EUDI Wallet

Master Thesis project proposal

“Designing and implementing an ECDSA-based Zero-Knowledge Credential Architecture for Yivi as EUDI Wallet”

Context and motivation

Background

Yivi is a privacy-preserving digital identity platform that has produced production deployments using IRMA/Idemix protocols based on zero-knowledge proof (ZKP) schemes. With the EU Digital Identity (EUDI) Wallet regulation (eIDAS 2.0), Yivi aims to evolve into a compliant EUDI wallet while preserving its privacy guarantees and crypto-agile architecture.

The EUDI ecosystem standardises on:

  • Verifiable Credentials (e.g. W3C VC, SD-JWT-VC, ISO 18013-5 mDL/MDOC)
  • Presentation and issuance protocols such as OpenID4

    VCI and OpenID4VP
  • Selective disclosure and zero-knowledge techniques, including BBS+, CL signatures and other privacy-enhancing cryptographic mechanisms

Yivi aims to leverage these developments while preserving its core privacy values: minimum disclosure, unlinkability, and user-controlled identity.

Strategic challenge

Today, many credentials are signed using ECDSA keys (e.g. JWT-based credentials, SD-JWT-VC, MDOC). Privacy-preserving credential systems often rely on different cryptographic primitives (e.g. CL, BBS+ on BLS
12-381).

Yivi faces a strategic challenge:

  • How to evolve towards an EUDI-compliant wallet that reuses existing and widely deployed ECDSA key material
  • Supports zero-knowledge proofs and selective disclosure
  • Remains interoperable with OpenID4

    VCI / OpenID4VP and standard verifiers
  • Preserves Yivi’s strong privacy guarantees and crypto-agility

The ECDSA-based ZKP opportunity

Recent work such as Google’s Longfellow project (“Anonymous credentials from ECDSA”) and new proposals around BBS# indicate that it is possible to:

  • Build anonymous credential schemes on top of existing ECDSA-signed credentials
  • Provide selective disclosure and unlinkable presentations
  • Minimise changes to issuer infrastructure
  • Potentially integrate with standard protocols such as OpenID4

    VCI and OpenID4VP

This opens the possibility for Yivi to design a next-generation ZKP layer that:

  • Uses ECDSA keys as the fundamental trust anchor
  • Compares and possibly combines Longfellow-style constructions with BBS+/BBS#-based approaches
  • Is grounded in the requirements and recommendations of ETSI TR 119 476
Research objectives

Primary objective

Design and prototype an ECDSA-based zero-knowledge credential architecture for Yivi that:

  • Provides selective disclosure and unlinkable presentations based on ECDSA keys
  • Is aligned with the cryptographic and privacy requirements from ETSI TR 119 476
  • Supports interoperability with OpenID4

    VCI and OpenID4VP
  • Can be integrated into Yivi’s roadmap towards an EUDI-compliant wallet

Specific research questions

RQ1:
Requirements analysis based on ETSI TR 119 476. How can the privacy, security and interoperability requirements from ETSI TR 119 476 for selective disclosure and ZKP-based credentials be translated into concrete requirements for a Yivi ECDSA-ZKP architecture, in particular regarding:

  • Unlinkability across presentations
  • Minimal disclosure and predicate proofs
  • Revocation and status verification
  • Crypto-agility and (future) post-quantum considerations

RQ2: ECDSA-based ZKP design options (Longfellow vs BBS#/BBS+) What are the design trade-offs between:

  • Longfellow / “Anonymous credentials from ECDSA” using existing ECDSA-signed credentials (JWT / SD-JWT-VC / MDOC) as the base
  • Generating zero-knowledge proofs over attributes derived from these credentials
  • BBS+/BBS#-based credentials anchored in ECDSA trust. Mapping Yivi (and EUDI) credential structures to BBS+/BBS# signatures
  • Exploring how ECDSA-based PKI and BBS#/BBS+-based ZKP can be combined or bridged

RQ3:
Yivi architecture integration. How can an ECDSA-based ZKP scheme (Longfellow, BBS#, or a hybrid) be integrated into Yivi’s architecture while:

  • Maintaining backward compatibility with existing IRMA/Idemix credentials where needed
  • Supporting multiple credential formats (e.g. SD-JWT-VC, MDOC, IRMA) within Yivi
  • Preserving Yivi’s privacy-first design, including unlinkability and minimal disclosure
  • Allowing for crypto-agile evolution as standards mature

RQ4:
Interoperability with OpenID4

VCI and OpenID4VP. How can the…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search