Protecting Online Identity Through Cryptography

A new startup, Credentica, hopes to offer the ability for you to perform secure transactions using the smallest amount of personal information possible. Their goal is to both protect privacy and enhance security, which they hope will be a mutually inclusive process. "The technique employs secure multi-party computation, a branch of cryptography that can calculate meaningful answers about secret information by knowing only some non-revealing clues about that secret. The underlying theory was demonstrated in 1982 by Andrew Yao in the so-called Millionaire's Problem [...] U-Prove employs an ID token, a special kind of digital certificate that allows for minimal selective disclosure. The tokens can store all kinds of information, but users can disclose only the minimum amount of data required in any given transaction. They leave no unwanted data trails and permit both anonymity and pseudonymity."

Identity theft is still aided by it's own victims

[erick99 (743982)]

Unfortunately it is all too easy to accomplish identify theft via some very uncomplicated and low-tech methods. People still click on links in emails and type their financial information into fake websites or answer questions over the phone to the nice IRS man who wants to send me a tax rebate. However, I do applaud any effort to protect folks identities.

Re:Identity theft is still aided by it's own victi

[gotzero (1177159)]

Tools like these will do more do help consumers. People that really have things to hide are doing just fine with things like PGP and other encryption standards. I hope that products like this, implemented and used well, would go a long way to help the kinds of people that have no idea online-privacy is an issue...

Re:

[davester666 (731373)]

Tools like these COULD do more do help consumers. [fixed it for you]

Really, do you think Amazon or Google or somesmallretailer.com will settle for asking the minimum amount of information necessary to complete a transaction?

They already ask for more info than they need, presumably for 'security' purposes [ie, so someone isn't using your credit card to buy a bunch of Dells for orphans in Russia], but they just happen to keep using that data for marketing purposes. And now that they are already collecting al

Re:

[gotzero (1177159)]

Data for financial transactions on most sites is processed separately from the rest of the data provided. I think it would be feasible to make a system beneficial and transparent to both sides. I would like to think that an online merchant does not have any additional utility from having my CC#, as long as they know I paid, and know it was me. I agree that a quick mass adaptation of a system like this would not be the best, and I would absolutely not feel comfortable with a single company running it all,

Re:

[Vectronic (1221470)]

I also see the potential for even worse identity theft, from what I gather the gist of it is basically instead of asking you exactly what is required, its now asking you stuff related to what is required?

Sort of like, they need to know that you are 21, so they ask you what your Grad year was, and what school you went to instead of how old are you?

Maybe I dont get it, but it seems like a possibility of "Personality" theft not just Identity theft...

Re:Identity theft is still aided by it's own victi

[slobarnuts (666254)]

There are so many different avenues by which Identity theft can occur, I'm even weary of giving my information to the customer service people who will turn on my gas and electricity. If you think about it, you give them everything, and who is to say they are trustworthy? The company has no vested interest in doing so, they want the labor at the cheapest price. They may perform background checks to the extent that you never declared bankruptcy and have never been arrested, but that doesn't mean your privat

Re:Identity theft is still aided by it's own victi

[Stanislav_J (947290)]

Unfortunately it is all too easy to accomplish identify theft via some very uncomplicated and low-tech methods. People still click on links in emails and type their financial information into fake websites or answer questions over the phone to the nice IRS man who wants to send me a tax rebate.

Far lower tech than that -- much identity theft is still accomplished through dumpster diving, mailbox theft, over-the-shoulder snooping, and many other techniques that have been around since way before the Intern

Re:Identity theft is still aided by it's own victi

[jacksonj04 (800021)]

Or, say, give all their information to a website which claims it will keep it secure and only send companies the information they need?

</cynical>

Millionaire's Problem

[Vectronic (1221470)]

Millionaire's Problem: Alice and Bob want to find out who has more money without disclosing the amount of their fortunes to each other, or even to a mutually trusted third party. By applying special functions to their information that disguised it, Yao proved that each could know who was richer without either revealing their true holdings.

No wonder Millionaires are so stupid... if this is what they consider a "Problem"...

Re:

[paulthomas (685756)]

Stupid millionaires typically don't remain so for long.

Re:

[britneys 9th husband (741556)]

Counterexample [parishiltonzone.com]
another counterexample [wikipedia.org]

Re:

[Dachannien (617929)]

Maybe Paris Hilton and Dubya are just smarter than you think they are.

Hey, it could happen.

Re:

[STrinity (723872)]

Well, i'd like to pretend like (at least) Paris (specifically) isnt as dumb as she appears, but given that she wasnt exactly "poor" to start with, I cant really find a reason for her not to be as stupid as she appears.

She may've started with a nice kaboodle, but she's increased it significantly on her own through fashion-lines, perfumes, TV shows, and getting paid to show up at bars and clubs.

The only evidence of her stupidity that I've seen has been what she's said on those TV shows, which I have no rea

Re:

[britneys 9th husband (741556)]

Yes, because every college freshman gets DUIs and then drives on the suspended license so many times they get thrown in jail for it. Most colleges don't even allow freshmen to have cars on campus, and there's bars/parties/frats within walking distance anyway.

Re:

[Dr_Barnowl (709838)]

Stupid millionaires typically don't remain so for long.

George. W. Bush.

Re:Millionaire's Problem

[Workaphobia (931620)]

"No wonder Millionaires are so stupid... if this is what they consider a "Problem"..."

If you think that's bad, then I have some dining philosophers that I'd like you to meet...

Re:

[TubeSteak (669689)]

http://geekz.co.uk/schneierfacts/facts/top [geekz.co.uk]
Bruce Schneier knows Alice and Bob's secret.

Anonymous?

[by Anonymous Coward]

Forget about security on any large (sort of large) anything. Look at this site...you are immediately penalized for being anonymous.

What a load of shit.

Three Words

[tobiah (308208)]

Online Drug Trade

Some interesting questions here.

[Z00L00K (682162)]

This seems to be an idea about not revealing enough of yourself. But there is a risk too and that is if someone steals the ID token and forces you to reveal the key to it then it can be abused with low risk.

Another issue is that such tokens may be forged. What are the safeties in place to verify that it isn't forged?

Forged identities are likely to be abused by those that really doesn't want to be on the map, like terrorists and major drug dealers. The latter can probably afford a lot to be anonymous - e

Re:

[Z00L00K (682162)]

Which means that you REALLY misunderstood...

In both cases the dealers would have failed to do a sufficient verification of the ID by checking that it was valid and not reported as missing and that the person providing it did match the person holding it. So in both cases the dealers has to take full responsibility by being insufficient.

Book pointer

[Beryllium Sphere(tm) (193358)]

For people who want background or just enjoy math, Brands's book is Rethinking Public Key Infrastructure [barnesandnoble.com].

Re:

[by Anonymous Coward]

IBM has developed IDEMIX, a pseudonymous credential system. It work on the same principle and is going to be contributed to the Eclipse project as open source! http://www.zurich.ibm.com/security/idemix/ [ibm.com] There is some white papers for those interested in the techno background.

Re:

[pavon (30274)]

Thanks for that link. To be honest, I don't know that I'll get around to reading it due to my other school and work obligations, and the fact that security isn't my strong point (ability or interest wise), but stuff like this is what makes slashdot worth the noise.

This will never fly

[Nartie (1128613)]

Why would any business want to use it? The bar that scans your drivers license gets some valuable information in the process. The porn site that asks for your credit card information to verify your age gets a credit card that they can use or sell. The bank that you ask for a loan gets all sorts of information, all of which it can sell or use to market itself. The current situation is bad for the customer, but the customer isn't the one who decides what verification system is used. None of this will change

Re:

[fastest fascist (1086001)]

it certainly won't happen if there is no alternative available.

Please explain

[Compuser (14899)]

The notion of comparing two integers without knowing both simultaneously (or knowing intermediate results from which original
numbers could be derived) sounds impossible. Can someone explain how the problem is solved in plain English (since IANA crypto expert).

Re:

[Chexum (1498)]

A practical application of this is at http://www.cypherpunks.ca/otr/ [cypherpunks.ca] (with a plugin for a few common AIM application, most usefully for pidgin née gaim).

This one has an implementation called the "Socialist Millionaires Problem", which sounds the same, although I recall it being used only to tell if two secret values are the same on both side, thus augmenting the key exchange protocol with man-in-the-middle detection capabilities, provided the parties has shared knowledge about something (and somethin

Re:

[Martin Geisler (1118923)]

I can not explain to you how a comparison is done without leaking information (that is pretty involved), but I can understand the much simpler operation of addition.

Imagine three millionaires in a room who wants to compute the sum of their incomes. Let us say that the millionaires can agree in advance that the sum can be represented by an integer in the range 0..100. They just need some upper limit, so the number could denote billions, trillions or whatever. Each millionaire then chooses three numbers a ran

companies like that trail

[nguy (1207026)]

There are plenty of simple things we could be doing already to make transactions more anonymous and secure, but companie and governments like getting all that information, and they collude to force customers to provide it.

terroristsdream

[noz (253073)]

To the asshole who tagged the article `terroristsdream': terrorism is not an excuse to erode our right to privacy. Fuck off.

Re:

[swillden (191260)]

I can't understand how people actually believe nonsense like that. Lack of privacy is, by itself, a form of terrorism when taken to an extreme.

I don't know about a "form of terrorism", but I'd say that trading privacy for safety, even if it worked, would be a bad trade.

Jefferson's well-known quote is very appropriate: "The tree of liberty must be refreshed from time to time with the blood of patriots". Most people take this to mean that soldiers have to give their lives to preserve liberty, but I think there's another important truth in the statement: In some cases liberty is incompatible with safety, which means that people will die, includi

No reason to use it

[Fnord666 (889225)]

Simply put, this will not take off until businesses and corporations that warehouse our personal data are held financially liable for any losses that occur related to that data. Right now there is way too much positive financial incentive to hold onto as much consumer data as a company can, and almost no incentive not to. This situation will have to be reversed before companies will invest in a technology such as this.

Gas stations already do this....

[foniksonik (573572)]

When you pay with a credit card outside they make you verify the billing zip code. That's it. It's enough information to verify that you are either the primary card holder or know the person well enough to know their zip code. It's not cryptography in any sense but it does implement the concept of least necessary information rather well. They could ask for a lot more... your SSN or DOB for instance... but for the purposes of buying gas a zip code is just the right amount of info.

Re:

[Dr_Barnowl (709838)]

That's not smart. You could steal the card from the envelope it's delivered in, and instantly know the zip code. This is why cards and PIN numbers are mailed separately.

Re:

[foniksonik (573572)]

You have to activate cards before you can use them.... which means calling the activation number from the number you designated as your home phone.

Re:Why do we need spy tools?

[timmarhy (659436)]

i certainly hope that was an attempt at humor

Re:

[bhima (46039)]

Just out of curiosity:

Would you call yourself technically adept?
Would you say you are socially liberal or socially conservative?
Is there a political ideology which resonates with you or your priorities? If you've found one which is it?
Do you adhere to a religion? If so which one?

Have you studied many different perspectives in order to acquire these ideologies or are these those you grew up with? (Those of your parents and community)

Re:

[ShieldW0lf (601553)]

Sure, what the hell.

Yes, I'm technically adept.

I don't believe in party politics. Liberal and conservative are equally bad.

The ideology that resonate most with me are such as Anarchist Communism, but I don't think they're realistic as they have been put forward in the past.

I favour mandatory non-discriminatory involvement by all citizens in the infrastructure that supports their lives, and the absence of compulsion at any level beyond that.

Every person should be involved in the various systems that are req

Re:

[ShieldW0lf (601553)]

Ah, another idiot who thinks '1984' is a howto book.

Actually, I do think that some of the ideas put forth in 1984 have a lot of potential to liberate people from manipulation if they were employed properly and for higher purposes.

http://slashdot.org/~ShieldW0lf/journal/195726 [slashdot.org]

Re:

[kaidadragonfly (993636)]

I don't want privacy and anonymity.

Can we get your:

• Real name: first and last
• Credit card numbers
• Bank account numbers
• Social Security Number
• And for good measure, your mother's maiden name

Please, show us how you don't want privacy or anonymity. Or did you mean you want it only for yourself?

Re:

[harlows_monkeys (106428)]

You seem very confused. If you don't trust people, you should love this technology. It will allow you to deal with those untrustworthy people without you having to give them your private information.

Re:

[Brad Mitchell (1236086)]

We live in an age where anonymity is almost totally gone. We can hope, now, only for privacy. And the best way to do that is by vigorous demand for encryption methods and other tools that prevent a company or entity from asking a thousand and one personal questions just to pad their database.

Re:

[SpaceLifeForm (228190)]

Years ago, there was a thing called coinage.

Anonymity and privacy were features that were built in.

Re:

[slashqwerty (1099091)]

Years ago, there was a thing called coinage.

Anonymity and privacy were features that were built in.

We also have electronic cash [wikipedia.org] which uses zero-knowledge [wikipedia.org] systems to protect privacy. Note real implementations are far more sophisticated than the simple example at Wikipedia. The only information you can get from the cash is the information necessary to prove it has been paid to you.

Re:Why do we need spy tools?

[by Anonymous Coward]

We live in an age where anonymity is almost totally gone.

No, it's not.

MPC and it's uses

[0ptix (649734)]

This is not the first use of multi-party computation. MPC is probably the most advanced cryptographic tool theoretical crypto has produced in the last 35 years. (The strongest flavour being Universally Composable MPC). Also, though the intuitive concept of secure MPC was introduced by Yao the later results of Goldreich, Micali and Wigderson in their 1986 paper How to Play Any Mental Game [purdue.edu] is the one upon which modern MPC is based and the result which is usually cited in cryptographic literature. (My guess is the wired article author got the bit about Yao from wikipedia.) It is in this paper that the security requirements of such a protocol are first formally described using what is now called the ideal/real paradigm. Essentially a secure protocol computing some joint functionality of all players inputs should be as secure as if there where a totally honest trusted third party who would gather their input, compute the function and privately hand the outputs back to all players. (This paradigm is probably at least as important a contribution to modern crypto as the actual MPC protocol they presented in the paper.)

The problem with MPC protocols is that since they are so very general and powerful they tend to also be horribly inefficient (though polynomially bounded (i.e. in P). Never the less the constant are often horrible and could require on the order of n^2 rounds of communication. Another hurdle in their wider adoption in the field of security is that they represent a significantly more complicated concept then say encryption or a hash function and so tend to be a difficult sell to non-cryptographers.

However at least one company, Cryptomathics [cryptomathic.com] of Aarhus, Denmark are working on an implementation of MPC. The main client being the danish government which wants to use the product to setup an online market through which local farmers can to sell there goods. The idea being that by using an MPC protocol to do this rather then some central (government run) server no body needs to trust anyone else, not even the government; just their own implementation of the software on their computers. As long as that is correct and uncorrputed they are guarenteed all the security they could hope for.

Of course there is always the argument that you might well be better off trusting the government to host the entire show then your own computer, but on the other hand even IF the government runs some online auction server, you still need to connect to that remote system from your own computer. So a secure server is still not going to help you protect yourself from local corruptions. At least now that is the ONLY thing left to worry about.

Re:

[Broken scope (973885)]

And thats why all my data is fake.

Re:

[mlts (1038732)]

Maybe a cryptographic token is the answer to this, be it an add-on to the SIM card of a cellphone, a civilian CAC, or a custom Aladdin eToken. When a purchase is done, the user has his cryptographic token (preferably by both a fingerprint swipe and a PIN) sign the order.

For validing an ID, all it takes is a government CA adding certs onto someone's public key stating that they are above 21, not a felon, etc. Of course, all the certs are revocable, and ones that would possibly change (absence of a criminal

Re:

[STrinity (723872)]

Authentication is a probelm, whether it's considered one or not.