Anonymity and Trust: Meet The Camenisch-Lysyanskaya Signature
We have several problems with the Internet. The first is that we have our identities harvested by companies such as Facebook and Google, and the second is that we must now prove things — such as our age or our location — and in doing so, we are revealing our information to others. So how can we create a trusted digital world, where we prove things, without revealing our sensitive information?
We have barely got to the point where we can digitally sign our documents, and where many industries still rely on wet signatures. With this, we create a public key (pk) and a private key (sk) and then use our private key to sign something. This then creates a signature (S). Our public key then validates the entity which signed it. But whenever we sign a document, it often reveals our identity, and, possibly other parts of our identity (such as our age, address, and so on). In many cases, though, such as being served in a bar, Peggy should just have to prove that she is over 18 years old, and not have to reveal her name, date of birth and address.
So in a paper-based system, Peggy will have some ID that has a unique identifier that only a trusted entity will be able to create. This might be a driver’s licence that has a government watermark on the card. But in an electronic system how do we create the equivalent? Well…