18
ANONYMITY, TRUST, ACCOUNTABILITY Romek Szczesniak Eleanor McHugh

Anonymity, trust, accountability

Embed Size (px)

Citation preview

ANONYMITY, TRUST, ACCOUNTABILITYRomek Szczesniak

Eleanor McHugh

Cryptographer PKI & AppSec

Physicist System Architecture

1998 InterClear CA

2003 ENUM

2006 Telnic

2011 Malta E-ID

2012 HSBC GC

2014 YOTI

DIGITAL IDENTITY - THE GRAIL QUEST

➤ can we create a global identity system that:

➤ nobody owns

➤ cannot be subverted

➤ works on desktop, mobile & IoT

➤ embraces anonymity rather than pseudonymity

➤ anchors to real-world identity documents

➤ embraces UK common law

➤ scales to global needs

➤ transacts in < 500ms

CURRENT SOLUTIONS

➤ PKI

➤ SSO

➤ OpenID

➤ IAM

➤ passwords

➤ biometrics

COMMON LAW CONTRACTS & TRANSACTIONS

➤ at least one party makes an offer

➤ all parties must then reach mutual assent

➤ and have an intention to create legal relations

➤ an exchange of sufficient consideration must then occur

➤ identification of the parties is implicit

➤ and my be put to the test in court

MOBILE DEVICES SEEM RESTRICTED

BUT THEY CAN BE ANCHORED TO A TRUSTED SERVER

A NAIVE APPROACH TO SHARING IDENTITY

➤ conventional client-server architecture

➤ A must trust B and B must trust Server

➤ each link involves a request-response over HTTPS links

➤ this is noisy and each link is an attack point for flow analysis

REDUCING IDENTITY TO A CLEAN TRANSACTION

➤ unidirectional data-flow architecture

➤ B doesn't contact Server, and V doesn't contact B

➤ Server contacts both B and V

➤ each link is less susceptible to flow analysis

IMMUTABLE PROFILES

➤ PKI certificate information - too heavy

➤ Attributes – too many, changeable

➤ SSO – not enough information

➤ we need a Goldilocks solution…

➤ fixed collections of one or more attributes

➤ change attributes by creating new profiles

➤ each profile links to its antecedent

➤ use cryptography to secure the version chain

MANAGING A PERSON'S IDENTITIES

➤ anchor documents

➤ passport, driving licence, identity card, ...

➤ biometric stream

➤ successions of biometric captures for the person

➤ profile set

➤ a choice of user profiles

➤ credentials

➤ large ephemeral random identifiers

➤ assigned to the [user | device | profile]

MANAGING A PERSON'S IDENTITIES

RECEIPTS CONFIRM TRANSACTIONS

A FINE-CHAINED DISTRIBUTED LEDGER TRACKS RECEIPTS

PRODUCING A COMPLETE TRANSACTIONAL IDENTITY SYSTEM

APPLICATION: AGE VERIFICATION

APPLICATION: AGE VERIFICATION WITH SECURE CHANNEL

PATENTS

➤ US2016239658 Digital Identity

➤ US2016239653 Digital Identity

➤ US2016241532 Authentication of Web Content

➤ US2016241531 ConfidenceValues

➤ US2016239657 Digital Identity System