anonymity, trust, accountability
TRANSCRIPT
Cryptographer PKI & AppSec
Physicist System Architecture
1998 InterClear CA
2003 ENUM
2006 Telnic
2011 Malta E-ID
2012 HSBC GC
2014 YOTI
DIGITAL IDENTITY - THE GRAIL QUEST
➤ can we create a global identity system that:
➤ nobody owns
➤ cannot be subverted
➤ works on desktop, mobile & IoT
➤ embraces anonymity rather than pseudonymity
➤ anchors to real-world identity documents
➤ embraces UK common law
➤ scales to global needs
➤ transacts in < 500ms
COMMON LAW CONTRACTS & TRANSACTIONS
➤ at least one party makes an offer
➤ all parties must then reach mutual assent
➤ and have an intention to create legal relations
➤ an exchange of sufficient consideration must then occur
➤ identification of the parties is implicit
➤ and my be put to the test in court
A NAIVE APPROACH TO SHARING IDENTITY
➤ conventional client-server architecture
➤ A must trust B and B must trust Server
➤ each link involves a request-response over HTTPS links
➤ this is noisy and each link is an attack point for flow analysis
REDUCING IDENTITY TO A CLEAN TRANSACTION
➤ unidirectional data-flow architecture
➤ B doesn't contact Server, and V doesn't contact B
➤ Server contacts both B and V
➤ each link is less susceptible to flow analysis
IMMUTABLE PROFILES
➤ PKI certificate information - too heavy
➤ Attributes – too many, changeable
➤ SSO – not enough information
➤ we need a Goldilocks solution…
➤ fixed collections of one or more attributes
➤ change attributes by creating new profiles
➤ each profile links to its antecedent
➤ use cryptography to secure the version chain
MANAGING A PERSON'S IDENTITIES
➤ anchor documents
➤ passport, driving licence, identity card, ...
➤ biometric stream
➤ successions of biometric captures for the person
➤ profile set
➤ a choice of user profiles
➤ credentials
➤ large ephemeral random identifiers
➤ assigned to the [user | device | profile]