Anna Lysyanskaya, Brown University got her PhD under Ron Rivest at MIT, and has received many awards. She allows people to prove themselves without exposing themselves.
Basic: user name and password:
- Pros: intuitive, human-memorizable (up to a point)
- Cons: not privacy preserving, insecure in so many ways
With public key certificates
- Cons: not intuitive, not human memorizable, not privacy preserving
- Pros: secure – your device would need to be hacked or stolen before your identity could be stolen…
What are digital signature schemes? You need two keys:
- Secret signing key SK(alice) allows Alice to sign and prove she is Alice
- Public verification key PK(alice) allows anyone to verify.
To sign a message m, Alie uses SK(alice) to comput a signature O
When anyone wants to verify Alice’s signature on m, use her public key PK(alice).
Your public certificate may contain additional information, like date of birth, gender, which buildings you’re allowed to access….
So, they are not privacy preserving.
Even if you think, I don’t have anything to hide! Just because you think this, doesn’t mean your not leaving a trace of information that you consider private (health care, past abortion, etc) that someone else may want to attack even if you’re not a public figure.
For example, let’s say you use a persistent ID to log into a newspaper, even if it’s “secret” and not associated with your name, you are still identifiable. If you put in your zip code to look up weather? They know where you live. Look up your horoscope, learns your date of birth. Based on the articles you read, they can accurately infer your gender. Those three pieces of information – someone could find your real name.
We’d like to use anonymous credentials – where you can prove you’re authorized, but cannot be tracked bake to you.
- Cons: not super intuitive, not human-doable (need a device to remember the credentials)
- Pros: secure – your device would need to hacked before your identity can be stolen – privacy-reserving
Okay, how do these work? Underlying building block: zero-knowledge proofs. She gave us a neat graphic explanation with a 3 colored graph.
Anything that is provable at all can be provable in zero-knowledge proofs.
Now that we’ve been doing this for awhile, efficiency is approaching certificate based non-anonymous authentication.
The old New Yorker joke was: “Nobody knows on the Internet that you’re a dog.” – now, that’s not true! Google knows everything about you. Facebook knows everything about you and your friends.
But what happens if something goes wrong?
Trust her, we can solve this with cool crypto 🙂
Right now, you can’t do this – as there’s no provider that allows for things like anonymously watching a movie (and actually pay for it).
Why aren’t software companies doing this? They may not think users care about this. It’s also a fast developing industry, so they may not have caught up, yet.
Things may change due to last week’s European Court of Justice ruling may have some impact.
Come learn more at Brown! 🙂
They have a CyberSecurity master’s program – neat!