Pairwise DID

A Pairwise Decentralized Identifier (Pairwise DID) is a decentralized identifier that is uniquely created for each relationship between a holder (e.g., a user) and a specific relying party (e.g., a service provider). Unlike a public DID, which is reused across multiple interactions, a Pairwise DID ensures that a user's activities with different entities cannot be correlated, providing a fundamental layer of privacy by preventing linkability across contexts. This architecture is a core principle in Self-Sovereign Identity (SSI) systems and is defined within the W3C Decentralized Identifiers (DIDs) specification.

The mechanism works by having the identity holder generate a new DID and its associated DID Document for every new relationship. For example, when Alice connects with her bank and her healthcare provider, she would use did:example:bank123 for one and a completely separate did:example:health789 for the other. Even though both DIDs are controlled by the same cryptographic keys held by Alice, the two identifiers share no publicly visible connection, making it impossible for the bank and the healthcare provider to collude and track her activities without her explicit consent.

Implementing Pairwise DIDs requires careful key management. While it is possible to use the same master key pair to derive unique key pairs for each relationship (a process known as key derivation), a more common and secure practice is to generate entirely separate cryptographic key pairs for each Pairwise DID. The corresponding private keys are securely stored in the user's digital wallet, which manages the creation and presentation of these distinct identifiers and Verifiable Credentials during authentication and authorization flows.

The primary use cases for Pairwise DIDs are scenarios demanding high privacy, such as accessing sensitive financial services, healthcare portals, or anonymous online forums. They are essential for complying with strict data protection regulations like the GDPR, which mandate data minimization and purpose limitation. By design, Pairwise DIDs prevent the formation of a centralized cross-service profile of an individual, putting control over linkability firmly in the hands of the identity holder.

It is important to contrast Pairwise DIDs with Public DIDs (or Universal DIDs). A Public DID is intended for broad, public recognition—such as a corporation's official identifier on a ledger or a government's issuer DID for verifiable credentials. This single identifier is used across all interactions, which is necessary for establishing trust but inherently creates correlation. A well-designed SSI ecosystem will strategically employ both types: Public DIDs for institutional trust and Pairwise DIDs for private user interactions.

A Pairwise Decentralized Identifier (DID) is a privacy-enhancing design pattern where a unique, separate DID is created for each relationship or interaction between two parties. This architecture prevents correlation across different contexts, as the same entity uses distinct identifiers with a bank, an employer, and a social network, making it impossible for these service providers to collude and build a composite profile. The core principle is relationship-specific pseudonymity, which is a foundational concept for user-centric identity systems like Self-Sovereign Identity (SSI).

The technical workflow involves several key steps. First, the DID Controller (e.g., a user's wallet) generates a new DID and its associated cryptographic key pair specifically for a new relationship with a Relying Party (RP). This new pairwise DID and its public key are then recorded to a verifiable data registry, such as a blockchain or a distributed ledger. Crucially, the RP only ever sees and uses this unique identifier; it has no visibility into the user's master identity or other pairwise DIDs. All verifiable credentials and interactions for that specific relationship are cryptographically bound to this dedicated key pair.

This model contrasts sharply with a public DID or universal identifier, which is reused across multiple relationships and inherently enables tracking. The pairwise approach provides unlinkability, a critical property defined by the W3C DID Core specification. Even if two different verifiers (e.g., a hotel and an airline) both receive credentials from the same issuer, they cannot determine if those credentials were issued to the same holder, provided pairwise DIDs were used in the credential issuance and presentation flows.

Implementing pairwise DIDs introduces management complexity, as users must securely store and organize multiple key pairs and DIDs—one for each relationship. DIDComm protocols and encrypted data vaults are often used to handle this orchestration. Furthermore, while pairwise DIDs excel at privacy, they can complicate scenarios requiring persistent reputation or long-term audit trails across sessions with the same entity, sometimes necessitating hybrid models or selective disclosure of a more permanent identifier under user control.

A Pairwise Decentralized Identifier (Pairwise DID) is a unique, self-sovereign identifier that is created for each specific relationship between two entities, ensuring that activities in one context cannot be correlated with those in another. Unlike a public DID, which is reused across multiple interactions, a Pairwise DID is generated for a single pairwise relationship, such as between a user and a specific service provider. This architecture is fundamental to privacy-by-design in decentralized identity systems, as it prevents the unintended linkage of a user's activities across different digital services, a common vulnerability in traditional identifier models.

The technical implementation relies on cryptographic key pairs, where each Pairwise DID is bound to a unique set of private and public keys used exclusively for that relationship. When establishing a new connection, such as through a DIDComm protocol, the parties generate a new DID and its associated DID Document containing the new public keys and service endpoints. This document is then recorded on a verifiable data registry, like a blockchain or a distributed ledger, but crucially, the DID itself contains no personally identifiable information. The separation of keys and contexts means a compromise in one relationship does not affect the security of others.

A core use case for Pairwise DIDs is in user-centric identity ecosystems, such as those built on the W3C Verifiable Credentials data model. Here, a holder might use one Pairwise DID with their healthcare provider and a completely different one with their employer, even when presenting credentials from the same issuer. This prevents either verifier from colluding to build a composite profile of the individual. Protocols like OIDC (OpenID Connect) for decentralized identity and ACA-Py agents utilize this pattern to facilitate secure, private, and consent-based data exchanges without creating a central correlation point.

From an architectural perspective, managing Pairwise DIDs introduces challenges in key management and relationship discovery, as an entity must securely store and retrieve the correct key pair for each interaction. Solutions often involve wallet software or identity agents that handle the lifecycle of these identifiers—generation, storage, resolution, and rotation. The DID Resolution process fetches the DID Document associated with a given Pairwise DID to obtain the current public keys and service endpoints necessary for authentication and secure communication, all while maintaining the privacy boundary of the relationship.