anonymity +- credentials

Ian Grigg iang at systemics.com
Mon Oct 6 17:55:22 EDT 2003 

Anton Stiglic wrote:

> > >We need a practical system for anonymous/pseudonymous
> > >credentials.  Can somebody tell us, what's the state of
> > >the art?  What's currently deployed?  What's on the
> > >drawing boards?
> >
> > The state of the art, AFAIK, is Chaum's credential system.
> 
> The state of the art is Brands' credentials.


Thanks for clearing up the record there - it was
also my understanding that Brands' work was the
current theoretical state of the art!

In terms of actual "practical" systems, ones
that implement to Brands' level don't exist,
as far as I know?  Also, the use of Brands work
would need to consider that he holds a swag of
patents over it all (as also applies to all of
the Chaum concepts).

There is an alternate approach, the E/capabilities
world.  Capabilities probably easily support the
development of psuedonyms and credentials, probably
more easily than any other system.   But, it would
seem that the E development is still a research
project, showing lots of promise, not yet breaking
out into the wider applications space.

A further alternate is what could be called the
hard-coded psuedonym approach as characterised
by SOX.  (That's the protocol that my company
wrote, so normal biases expected.)  This approach
builds psuedonyms from the ground up, which results
in a capabilities model like E, but every separate
use of the capability must be then re-coded in hard
lines by hardened coders.

Which means, for example, that whilst the E crowd
can knock up a new capability over lunchtime, it
takes us about a year of hard work to get a new
capability in place (we've done several - payments,
messaging, trading, projects, ...).  The plus side
is that these capabilities are far more suited to
purpose than something built over a high level
platform.

In summary, the state of the art would seem to be
just that, an art in a state.  There is no clear
view as to how this will pan out in the future,
to my mind.


iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list