IETF Logo Mail Archive

Re: [Cfrg] ZKP for proving ownership of a credential

David Jacobson <dmjacobson@sbcglobal.net> Thu, 04 June 2015 03:10 UTC

Return-Path: <dmjacobson@sbcglobal.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB83D1B331D for <cfrg@ietfa.amsl.com>; Wed, 3 Jun 2015 20:10:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9eshgDHFmPg3 for <cfrg@ietfa.amsl.com>; Wed, 3 Jun 2015 20:10:12 -0700 (PDT)
Received: from nm21-vm2.access.bullet.mail.gq1.yahoo.com (nm21-vm2.access.bullet.mail.gq1.yahoo.com [216.39.63.49]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 160B41B32F5 for <cfrg@irtf.org>; Wed, 3 Jun 2015 20:10:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sbcglobal.net; s=s2048; t=1433387411; bh=DOsWGdGUk8k3LmDmif1NjV34mOWiB8eeIpQUTRJtTyA=; h=Date:From:To:Subject:References:In-Reply-To:From:Subject; b=Y4pHsmbYfqTBTdw52ustfzHocNnk+yW+WCQOC39jqNGX4eZ0mjSP/a4UECBNbLVvYwZfjgDnOSmLV5ZL32WuC92Qj0i2gDmQdGsvLI+04ue3DcQkg/hFuiAmZrCgTTJWeAX/kkeNViNOpbOH7hU3QOGyuIXpiAvK/KaxFZHS566SiEVueBAU7+Ew0yuTVVl4MRBRFJjZPIHBaY76d02/E671yKareY67kUp3RGohJIwGzxKA6mpAeFH7B9djiVroahZ5UndG0fCKQVj+vQUltaUGrF6sGRgOBpdaVM7KpBzyczsBvX1o0FZ81Gr2NzDi6R8vKx3xVRwbaMkzssLfgw==
Received: from [216.39.60.175] by nm21.access.bullet.mail.gq1.yahoo.com with NNFMP; 04 Jun 2015 03:10:11 -0000
Received: from [67.195.22.116] by tm11.access.bullet.mail.gq1.yahoo.com with NNFMP; 04 Jun 2015 03:10:11 -0000
Received: from [127.0.0.1] by smtp111.sbc.mail.gq1.yahoo.com with NNFMP; 04 Jun 2015 03:10:11 -0000
X-Yahoo-Newman-Id: 486697.14730.bm@smtp111.sbc.mail.gq1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: _T5CEHsVM1mtqLWitNhI2vk.Cpc0HZ__zQqOqXWhRPWHXij fqJfdykPomIaQZUIk9h0nd4btegQTv7BEpG_grq2r_XTT_fBUyEkRrwT8_oj GfxCfCW5sXEibNhxn2eQ5QIZNJoDIV5p03cYV7xljboreipDbHYWmOL0cb8U _s_L_cn15nsDK5vzNmSnJTtZ_Cv4AnIoSYTbT._78aWmszCpEjbcj2hTAxPu DLtmab4vPSpFgNiW9W_kNohJSCE3sZ8OyL7Y9CBOZlYZzS3QNtQH.PXEFPdt AlmFvwonBaU_N20AU3pwT6VaSMDup3joKoejE010wNzJUZjjaZbfKpf8Ozu7 jZcMc2s78odMZ22Vhh3p4JgXBDoxfhg2SPsTer8D5122r5xPCa.BYKldTA_j 4a_Bf_Q2Pcwe8KBAn3nVFOQMyrxA5HFUS0imYdsyDyZ0k.m0e0aXdWgUz7Lk hN9ZblH1CdjmV5Dzd2h_FNiGx7AwFMew.HzZT0Pn.CemufQgwJdxYFzhhGh. CgZ3hyClKNok.3g3Hp5g6dM3A3LGZpl6IlcnVyD1X.1qHdBKz1AR2XI5x
X-Yahoo-SMTP: nOrmCa6swBAE50FabWnlVFUpgFVJ9Gbi__8U5mpvhtQq7tTV1g--
Message-ID: <556FC192.4040704@sbcglobal.net>
Date: Wed, 03 Jun 2015 20:10:10 -0700
From: David Jacobson <dmjacobson@sbcglobal.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Paul Lambert <paul@marvell.com>, Manu Sporny <msporny@digitalbazaar.com>, "cfrg@irtf.org" <cfrg@irtf.org>
References: <556E63DB.8090904@digitalbazaar.com> <D193B311.6A3A7%paul@marvell.com> <556E7D47.8020403@digitalbazaar.com> <D194E3AD.6A6D8%paul@marvell.com>
In-Reply-To: <D194E3AD.6A6D8%paul@marvell.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/pBQQH8IMP0naLtYMztT3mnLpMRo>
Subject: Re: [Cfrg] ZKP for proving ownership of a credential
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2015 03:10:13 -0000

On 6/3/15 5:07 PM, Paul Lambert wrote:
>
> Manu,
>
>> On 06/02/2015 10:33 PM, Paul Lambert wrote:
>>> Unless the credential is different each time it is provided to a
>>> third party the recipient is trackable.
>> Understood.
>>
>>> This problem has been Œsolved' to some degree by P1609.2 for
>>> automotive applications.
>> Can you define "to some degree"?
> The clear note from William on P1609 hopefully answered that I was
> referring to the engineering solution of P1609 having many attribute
> certificates issued per entity.
>
>
> Paul
>
>> Any chance that you (or someone else)
>> has a pointer to the methods used in that IEEE spec wrt. protecting
>> privacy? I can shell out the $212 for the paper, but I'd like to know a
>> bit more about the content before I do. I did read the preview of the
>> paper, but couldn't get a handle on what sort of crypto they had settled
>> on to solve the problem.
>
>> -- manu
>>
>> -- 
>> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
>> Founder/CEO - Digital Bazaar, Inc.
>> blog: Web Payments: The Architect, the Sage, and the Moral Voice
>> https://manu.sporny.org/2015/payments-collaboration/
>>
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> http://www.irtf.org/mailman/listinfo/cfrg
Keep in mind that Manu's original request was cast in terms of proving 
citizenship and at last age 21.  The solutions that have been mentioned 
address the problem of proving that some key-fob-like device is assigned 
to a person who is a UK Citizen and at least 21. They do not address the 
issue of proving that the person in possession of the device is the 
person it was assigned to.  That is not all that much of a problem with 
a car.  The owner of the car will presumably protect the device quite 
well, and will only loan it to people he/she intends to have access to 
the car.  But things might be different when it comes to under-age kids 
getting into drinking establishments.

     --David

v2.23.0 | Report a Bug | By Email