Slashdot Mirror

← Back to Stories (view on slashdot.org)

Digital Credentials Offer Enhanced Privacy

Posted by kdawson on from the cypherpunks-write-code dept.

John Q Random writes "Stefan Brands's company credentica.com announced their U-Prove library and SDK implementing ID tokens — also known as digital credentials or private credentials. (Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are; to allow you to have a digital life without the digital dossier effect inherent in a central databases.) Following this announcement, Adam Back announced credlib, an open source implementation of Brands credentials (and the older more basic Chaum certificates). These developments relate to recent news from IBM's Zurich labs on their identity-mixer project (previously discussed on Slashdot) that is based on the less efficient Jan Camenisch and Anna Lysyanskaya credentials."

3 of 49 comments (clear)

  1. RTFA by Wesley+Felter · · Score: 3, Interesting

    When I read "digital credentials" I immediately thought "(SSL/SMIME) certs and (SSH/PGP) keys". Those are two standard and widely implemented forms of "strong" digital authentication.

    The problem with regular certs is that they are all-or-nothing, so if you disclose your cert to a party, they now have all the information in the cert. For example, consider using a "digital drivers license" to prove your age or using a "digital student ID" to get a student discount; it's totall overkill.

    The summary explains why Brands credentials are an improvement:

    Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are (emphasis added)

  2. How? by pesc · · Score: 2, Interesting

    I don't need this certificate myself. Can someone explain why I can't obtain one proving my age (42) and sell it to a youngster? All other attributes are masked.

    --

    )9TSS
  3. Re:Identity Theft by Zeinfeld · · Score: 2, Interesting
    The fact that Adam Back is involved lends serious credibility to this effort. There may well be weaknesses, as with any scheme. But at least it's been looked at and implemented in part by one of the best in the biz.

    Stefan is not exactly in need of credibility. We all know he can do the business on the technology side.

    The main concerns here are first Stephan has a tendency to prioritize certain political attachments over practical issues. So the question is not whether the system will be as private as claimed but whether it will be realistic enough to be viable. The second concern is navigating the thicket of patent claims various parties control.

    Tony Nadalin and myself have been proposing what appear to be similar schemes independently that do not offer the same degree of academic perfection (there is a possibility of registry default) but the IP is held (as far as we know) by companies that have a bigger interest in something happening than in milking their IP portfolios.

    I don't yet have a white paper on the subject but I did present the scheme at RSA. Details should be comming out soon.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/