The identity r/evolution is ongoing. For a while it seemed that not much has changed since Kim Cameron spearheaded the discussion about “The Laws of identity”. New technologies like Privacy-ABC based on ZKP were ready to provide the user with control over how much personal data he wants to disclose, while promising, commercial solutions were neither accepted by the market nor solving the problem of reliability of transactions exhaustively. Today, the new decentralized digital identity model of Self-Sovereign Identity, utilizing verifiable credentials and Decentralized Identifiers, is giving new hope of finding sustainable solutions. This session will map out the main questions around privacy within this context:
David will talk aboout a new technology that allows the person owning a public key to prove that they have memorized a passphrase, from which they could at any time easily compute the private key.
One example use is for votexx.org elections, which are conducted remotely without polling places. The ballot-casting in such elections is done by a signature that is publicly verifiable as corresponding to a particular public key posted in advance by the election authority. The voter registration authority would require a proof that the voter knows the corresponding passphrase and hence ensures that the voter has irrevocable access to the private key corresponding to the posted public key. This lets the voter give all of their keys (in an extreme case) to a vote buyer and/or coercer – while the voter is never able to give up knowledge of the passphrase and the ability that it confers to secretly cancel any vote made with the corresponding private key. This is just one example David will feature in his presentation.