I've been really enjoying all these articles proposing solutions to anonymous age verification, mainly because most of them are written as if this has never been implemented in the real world. German IDs support age verification that just returns a yes/no response to the question "is this user above the age of 18," and not a single service in the entire country supports it.
Anonymous age verification isn't a technical problem to be solved, as it's already been solved, it's a societal problem in that either the companies or the politicians pushing for age verification don't want to support it.
I remember reading in tech magazines about the "foss" acheivement which went on to become Aadhar. Remember this was prior to 2007 I think.
The idea was your id would be an autehnticator of sorts. You need to verify yourself, the website asks Aadhar if the person is genuine, the website returns binary yes no. Same for you, is gender male? Or ages above 18?
They would not return any other data.
In the end, it became just another "formality" and tool for politicians and to flex muscles.
People ended up taking photocopies of your card "just in case" and "that's the norm" even when it was said that's a bad idea.
People still do Aadhar kyc but it is in hands of politicians now and the bureaucracy.
All the more reason for us to get out an actual implementation of age verification that IS anonymous first, so that when a law is pushed for or passed, companies can adopt the anonymous implementation.
This article is a great explainer of the basics underlying anonymous credentials. I look forward to the promised follow-up explaining real-world examples.
The key issue however is trust. The underlying protocols may support zero-knowledge proofs. But as a user I'm unlikely to be able to inspect those underlying protocols. I need to be able to see exactly what information I'm allowing the Issuer to see. Otherwise a "correct" anonymous scheme is indistinguishable from a "bad" scheme whereby the Issue sees both my full ID and details of the Resource I wish to access. Assuming a small set of centralized Issuers, they are in a position of great power if they can see exactly who is trying to access exactly what at all times. That's the question of trust - trust in the Issuer and in the implementation, not the underlying math.
In Switzerland a digital identity like this will launch this summer and the underlying infrastructure and app is open source. And the issuer of the ID and the registry that holds and verifies credentials are separated. The protocol also isn't novel and is already used in other countries (Germany(?)).
I only skimmed the article, but the proposed solution seems to be that the authority (the "issuer") sends data to a device the user owns but has no control over. Like an Android or iOS phone.
The data is of such form that the phone then can pass challenges of type "are you of at least x years old" without giving out any other information.
And the user cannot share that data with other users because their phone will not let them.
I believe they were attempting to link to https://eprint.iacr.org/2006/454 a paper titled How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication.
Most people outside of a narrow set of cryptography engineers are unfamiliar with the term anonymous credentials, while age and identity verification are two privacy-invasive requirements that are being heavily discussed and rapidly being written into laws lately. The post's intro discusses both quite heavily, and they form the author's entire motivation for writing the post.
The central question the post attempts to answer is "The problem for today is: how do we live in a world with routine age-verification and human identification, without completely abandoning our privacy?"
My rephrase is an attempt to surface that, compared to the dry and academic title that will get overlooked. I think this is a very important topic these days where we are rapidly ceding are privacy to at best, confused and at worst, malicious regulations.
I've been really enjoying all these articles proposing solutions to anonymous age verification, mainly because most of them are written as if this has never been implemented in the real world. German IDs support age verification that just returns a yes/no response to the question "is this user above the age of 18," and not a single service in the entire country supports it.
Anonymous age verification isn't a technical problem to be solved, as it's already been solved, it's a societal problem in that either the companies or the politicians pushing for age verification don't want to support it.
I remember reading in tech magazines about the "foss" acheivement which went on to become Aadhar. Remember this was prior to 2007 I think.
The idea was your id would be an autehnticator of sorts. You need to verify yourself, the website asks Aadhar if the person is genuine, the website returns binary yes no. Same for you, is gender male? Or ages above 18?
They would not return any other data.
In the end, it became just another "formality" and tool for politicians and to flex muscles.
People ended up taking photocopies of your card "just in case" and "that's the norm" even when it was said that's a bad idea.
People still do Aadhar kyc but it is in hands of politicians now and the bureaucracy.
We all know these laws are about suppressing dissent and not about age.
If anyone implemented this privacy preservation scheme, would all the laws flip to say "yeah we really did mean it govt id tied to your post".
All the more reason for us to get out an actual implementation of age verification that IS anonymous first, so that when a law is pushed for or passed, companies can adopt the anonymous implementation.
This article is a great explainer of the basics underlying anonymous credentials. I look forward to the promised follow-up explaining real-world examples.
The key issue however is trust. The underlying protocols may support zero-knowledge proofs. But as a user I'm unlikely to be able to inspect those underlying protocols. I need to be able to see exactly what information I'm allowing the Issuer to see. Otherwise a "correct" anonymous scheme is indistinguishable from a "bad" scheme whereby the Issue sees both my full ID and details of the Resource I wish to access. Assuming a small set of centralized Issuers, they are in a position of great power if they can see exactly who is trying to access exactly what at all times. That's the question of trust - trust in the Issuer and in the implementation, not the underlying math.
This is exactly it. It is a huge issue if the authentication can trivially become non-privacy preserving in a way that is impenetrable to users.
In Switzerland a digital identity like this will launch this summer and the underlying infrastructure and app is open source. And the issuer of the ID and the registry that holds and verifies credentials are separated. The protocol also isn't novel and is already used in other countries (Germany(?)).
For more information check the out technology behind it: https://www.eid.admin.ch/en/technology
I only skimmed the article, but the proposed solution seems to be that the authority (the "issuer") sends data to a device the user owns but has no control over. Like an Android or iOS phone.
The data is of such form that the phone then can pass challenges of type "are you of at least x years old" without giving out any other information.
And the user cannot share that data with other users because their phone will not let them.
Note that there is a broken link to "great paper" in:
> These techniques are described in a great paper whose title I’ve stolen for this section.
I believe they were attempting to link to https://eprint.iacr.org/2006/454 a paper titled How to Win the Clone Wars: Efficient Periodic n-Times Anonymous Authentication.
Title has been modified by this submission. Actual title of article is Anonymous credentials: an illustrated primer.
Most people outside of a narrow set of cryptography engineers are unfamiliar with the term anonymous credentials, while age and identity verification are two privacy-invasive requirements that are being heavily discussed and rapidly being written into laws lately. The post's intro discusses both quite heavily, and they form the author's entire motivation for writing the post.
The central question the post attempts to answer is "The problem for today is: how do we live in a world with routine age-verification and human identification, without completely abandoning our privacy?"
My rephrase is an attempt to surface that, compared to the dry and academic title that will get overlooked. I think this is a very important topic these days where we are rapidly ceding are privacy to at best, confused and at worst, malicious regulations.