Wednesday, February 27, 2008

Stefan Brands new start-up

Stefan Brands has started a new company.

"Imagine you could prove you were 21 without revealing your date of birth -- or anything else about you, for that matter. Or qualify for a loan without disclosing your net worth. Or enjoy the benefits of e-commerce, e-health and e-government without a moment's fear that you are open to identity theft.

Sound impossible? It is. But it won’t be if cryptographer and entrepreneur Stefan Brands has his way.

Brands runs Credentica, a Montreal-based startup that is rolling out an encryption-and-authentication system called U-Prove that allows users to disclose the absolute minimum to complete digital transactions -- and to do so in a way that ensures the information they need to reveal has no shelf life whatsoever...

The U-Prove approach has been tried before, without commercial success. Most companies tried to sell privacy software to consumers, which was the wrong approach.

So Brands is flipping it around by developing a software developers kit that would appeal to businesses and government agencies that want to prevent costly and damaging data breaches on behalf of their customers.

In addition, Brands hopes that by providing a somewhat stripped-down version of his technology under a noncommercial license he can encourage developers to explore its potential applications -– just like RSA Data Security did in the 1980s when it offered free, noncommercial use of its public-key cryptosystem and went on to dominate the online security market."

Scheier says : "Cryptographer Stefan Brands has a new company, Credentica, that allows people to disclose personal information while maintaining privacy and minimizing the threat of identity theft.
http://www.credentica.com/
http://www.wired.com/politics/security/news/2008/02/...
I know Stefan; he's good. The cryptography behind this system is almost certainly impeccable. I like systems like this, and I want them to succeed. I just don't see a viable business model. I'd like to be proven wrong."

Kim Cameron says:

"Google’s Ben Laurie has a new paper called Selective Disclosure in which he argues the importance of zero knowledge proofs and privacy-enhancing cryptography. I fully share his view of the importance of these technologies.

Everyone with a technical interest in identity should look at Credentica’s recently released SDK, called U-Prove. It holistically embodies the cryptographic breakthroughs of Stefan Brands.

There is also a competing system from IBM called IDEMIX, though it is not yet publicly available and I can’t talk about it first-hand.

On his way toward explaining how these systems work, Ben takes the time to put forward his own Laws of Identity (”Let a thousand flowers bloom!”) He is responding to my Fourth Law, which asserts the need for the Identity Metasystem to support both public identifiers (for example, my blogging address) and private ones (my account number with a given company, unknown to anyone but me and them). He says:

“For an identity management system to be both useful and privacy preserving, there are three properties assertions must be able to have. They must be:

  • Verifiable: There’s often no point in making a statement unless the relying party has some way of checking it is true. Note that this isn’t always a requirement - I don’t have to prove my address is mine to Amazon, because its up to me where my goods get delivered. But I may have to prove I’m over 18 to get alcohol delivered.
  • Minimal: This is the privacy preserving bit - I want to tell the relying party the very least he needs to know. I shouldn’t have to reveal my date of birth, just prove I’m over 18 somehow.
  • Unlinkable: If the relying party or parties, or other actors in the system, can, either on their own or in collusion, link together my various assertions, then I’ve blown the minimality requirement out of the water.”

These are important things for the Identity Metasystem to support, and I make the same points in my own version of the laws. But I don’t think these characteristics are the whole story - rather, they describe requirements for certain use cases. However, there are other use cases, and it was the goal of the original Laws of Identity to embrace them as well.

For example, when I blog I want to use an identity that is linkable. I want anyone who is interested in my ideas to be able to talk about them with anyone else, and tell them how to get to my web site, which is - in the most literal sense of the word - a “linkable” characteristic of my identity...

I take Ben’s real point to be that an important and mainstream use case is one where verifiability, minimal disclosure AND unlinkability, should all be achievable at the same time. This I agree with."

They take a bit of time to digest but for anyone serious about understanding digital identity Kim and Ben's exchanges are absolutely essential reading.

No comments: