Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Digital Credentials Offer Enhanced Privacy

Posted by kdawson on Tue Feb 20, 2007 06:41 PM
from the cypherpunks-write-code dept.
Privacy Software
John Q Random writes "Stefan Brands's company credentica.com announced their U-Prove library and SDK implementing ID tokens — also known as digital credentials or private credentials. (Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are; to allow you to have a digital life without the digital dossier effect inherent in a central databases.) Following this announcement, Adam Back announced credlib, an open source implementation of Brands credentials (and the older more basic Chaum certificates). These developments relate to recent news from IBM's Zurich labs on their identity-mixer project (previously discussed on Slashdot) that is based on the less efficient Jan Camenisch and Anna Lysyanskaya credentials."
+ -
story

Related Stories

[+] IT: IBM to Open Source Novel Identity Protection Software 40 comments
coondoggie handed us a link to a Network World article reporting that IBM plans to open source the project 'Identity Mixer'. Developed by a Zurich-based research lab for the company, Identity Mixer is a novel approach to protecting user identities online. The project, which is a piece of XML-based software, uses a type of digital certificate to control who has access to identity information in a web browser. IBM is enthusiastic about widespread adoption of this technology, and so plans to open source the project through the Eclipse Open Source Foundation. The company hopes this tactic will see the software's use in commercial, medical, and governmental settings.
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Digital Credentials Offer Enhanced Privacy 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Identity Theft (Score:4, Insightful)

    by biocute (936687) on Tuesday February 20 2007, @06:44PM (#18088978) Homepage
    This is under the presumption that the holder/applicant is who he claims he is.

    I guess it'll just get added to the to-do list of phishers and ID thieves.

    And the fact that (real) sensitive data has to be included to prevent 'leading/sharing' just begs for hacking.
    • /me trundles off to create a website that asks users to upload their private keys to guarantee the strength of the security...
      • Why is it that when I hear from a press release that a new product offers "enhanced privacy" that I immediately think that means "less privacy"?

        This is about the world as it has been made by the corporate masters, and their "interesting" repurposing of words.

      • Re: (Score:3, Interesting)

        by Zeinfeld (263942)
        The fact that Adam Back is involved lends serious credibility to this effort. There may well be weaknesses, as with any scheme. But at least it's been looked at and implemented in part by one of the best in the biz.

        Stefan is not exactly in need of credibility. We all know he can do the business on the technology side.

        The main concerns here are first Stephan has a tendency to prioritize certain political attachments over practical issues. So the question is not whether the system will be as private as cl

  • Well blow me down! (Score:3, Funny)

    by Itninja (937614) on Tuesday February 20 2007, @06:53PM (#18089080) Homepage
    At first I thought is said "Digital Credentials Offer Enhanced Piracy"

    "Me SmartCard an' Biometrics allow en' more booty to be plundered, yarhhh!"
  • Following this announcement, Adam Back announced credlib, an open source implementation of Brands credentials (and the older more basic Chaum certificates).

    That certainly sounds like a credlib-able solution to the problem.
  • Where is the threat to individual privacy? As I see it, the threat is companies misusing legitimately-obtained personal information. Now let's tie in privacy with today's earlier discussion about credit card fraud. To buy anything over the Net from a reputable vendor, you usually must provide your legal name, home address, and phone number in order for the credit card transaction to be approved. (Buying from less reputable vendors may actually provide more privacy because AFAIK Paypal doesn't expose all these personal details when you make a payment.) What is the chance that VISA/MC/AMEX will re-engineer their systems to be privacy-preserving?

    • Re: (Score:3, Insightful)

      by John.P.Jones (601028)
      > What is the chance that VISA/MC/AMEX will re-engineer their systems to be privacy-preserving?

      Much better when there is a well understood solution to the problem. The technology is a necessary not a sufficient condition for fixing these problems. No it won't magically solve our problems but that doesn't negate the use of developing the technology.
    • >What is the chance that VISA/MC/AMEX will re-engineer their systems to be privacy-preserving?

      Pretty high, but only if they are on the hook legally for privacy breaches, or if their customer start swinging business based on privacy concerns. Otherwise nil.

  • How? (Score:3, Interesting)

    by pesc (147035) on Tuesday February 20 2007, @07:37PM (#18089616)
    I don't need this certificate myself. Can someone explain why I can't obtain one proving my age (42) and sell it to a youngster? All other attributes are masked.

    • anti-lending feature (Re:How?) (Score:4, Informative)

      by Anonymous Coward on Tuesday February 20 2007, @07:54PM (#18089794)
      They have an anti-lending option. Here's how it works: the credential can have multiple private keys, one of which has to be random and the others of which can be secrets you would not be happy to sell to a youngster. (Say like your credit card number, or any other info that could be risky to lend to someone). Without all of the private keys you cant use the credential, so the would be lender, or reseller cant transfer the credential without revealing secrets chosen to be risky to share.

      The CA or credential issuer, he sees secrets when the credential is issued, however you trust him not to abuse those secrets (and maybe you paid him with the same credit card number eg). However due to the crypto magic the CA cant observe nor trace your uses of the credential back to you even with full collusion with relying parties.

      In fact the privacy is unconditionally secure and the user has full control and doesnt have to trust anyone (not CA, not relying parties, etc) only that the software of his credential wallet software is correctly implemented. This software would typically be open source and peer reviewed.
      • the credential can have multiple private keys, one of which has to be random and the others of which can be secrets you would not be happy to sell to a youngster. (Say like your credit card number, or any other info that could be risky to lend to someone).

        So someone with nothing to lose (a bum?) can't get to verify he's 40?

        Apart from a credit card number (can't you get one-off credit cards or cancel them or report it stolen?) I don't know what kind of information you absolutely can't share.

          • Well even that just means the minimum price of the credential resale is set by the issuer.

            Well not really. If the ecash coin has $1000 in it and I want to sell my identify for $100 then the price to the buyer is $1100 and he gets $1000 back straight away.

  • True of all such "private" information storage facilities...

    Either the information is kept by someone and can be obtained from the issuer (whether through legitimate legal means or theft. This is valuable information. Unscrupulous people will steal, trade and sell it). You're basically trusting the issuer to keep you safe. SSL certs are kinda like this but there's no pretense of private data being stored encrypted in the cert.

    OR

    Once the certificate is issued there is no way to identify who it is issued to,
    • That's what the cryptography is for. You don't need to trust the issuer but in a case of fraud it is possible to tell who you are and at no other time. The math is quite solid, but people's understanding of it is a bit shaky.
      • Huh? Are you misunderstanding me on purpose?

        If you kept your library lending record on such a token you'd be smoking wacky weed! You might keep some summary information like a trust rating. Or you might just keep it to basics like age, country of residency etc. The reason that anon payments would be useful is in case you didn't trust the vendor to keep your information secret. You already trust the public library not to publish your lending record. However you might not trust a porn retailer not to put you
  • It remains to be seen at this point whether the Camenisch/Lysyanskaya Idemix credentials are really "less efficient" than Brands. Certainly the CL credential work is newer. Brands' stuff is good but the field does not stand still. Until we see benchmarks putting them side by side, it is too early to say which is more efficient.

    • RTFA (Score:4, Interesting)

      by Wesley Felter (138342) <wesley@felter.org> on Tuesday February 20 2007, @07:09PM (#18089298) Homepage
      When I read "digital credentials" I immediately thought "(SSL/SMIME) certs and (SSH/PGP) keys". Those are two standard and widely implemented forms of "strong" digital authentication.

      The problem with regular certs is that they are all-or-nothing, so if you disclose your cert to a party, they now have all the information in the cert. For example, consider using a "digital drivers license" to prove your age or using a "digital student ID" to get a student discount; it's totall overkill.

      The summary explains why Brands credentials are an improvement:

      Private Credentials are a cool PKI replacement and anonymous e-cash tech that allows you to prove certified attributes like age, credit rating, group membership, etc. without revealing who you are (emphasis added)

      • The problem with regular certs is that they are all-or-nothing, so if you disclose your cert to a party, they now have all the information in the cert. For example, consider using a "digital drivers license" to prove your age or using a "digital student ID" to get a student discount; it's totall overkill.

        You don't put things like "age" or "student ID" on a cert, and you certainly wouldn't put them on a key. Instead, you could use the verified IDs from certs/keys to look up information from a master DB, muc

        • They're exactly correct. But this post puts somebody's credentials behind their position. :-)
        • >Instead, you could use the verified IDs from certs/keys to look up information from a master DB, much like Brands and dozens of other interchangable knuckleheads are proposing.

          That is the exact opposite of what Dr. Brands is proposing, and the existence of a central database full of sensitive information is precisely the problem he's trying to prevent. How anyone could read his PhD thesis without understanding that is beyond my imagination.

          >you're still trusting a third party to only give out a piece
    • CAC Card is redundant based on what it is supposed to stand for. In reality it isn't because its a Can't Access Crap Card. It was a great idea, with an implementation that makes you wish the edges of your ID card were sharper so you could just slit your wrists at the computer and be more productive.

      • Guess we're not only not reading articles now, but not even reading the summary!!


        That's right; I'm a true tech through and through. If manuals are for wimps then TFA is for wussies too. C'mon - Slashdot editors: you need to shorten up those summaries for those of us with post-MTV-era attention spans!
    • I dunno. I find the whole PKI thing to be incredibly baroque and subject to failure/inconsistency/difficulty-of-use (what's the opposite of ease-of-use?).

      Now maybe when I get it all set up right, it'll run OK. But so far getting it set up has proven to be a massive time sink for me, and I'm still not there yet.

              dave

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.