Blinded Identities [was Re: exporting signatures only/CAPI]

Tue Oct 15 09:14:35 PDT 1996

At 11:25 PM -0500 10/14/96, William H. Geiger III wrote:

(responding to Hal Finney's comments about blinded credentials, including
identity credentials)

>Hmmmm... I am at a loss as why the customers identity needs to be know at all?
>
>What does it matter if I am a new customer or not?

This is an important issue, which has an important answer. The answer will
sound flippant, but is worth thinking about.

Namely, maybe it _doesn't_ matter if one is a new customer, maybe it
_does_. More particularly, it is up to the customer and vendor to negotiate
a mutually agreeable arrangement. Sometimes this includes identities,
sometimes proofs of religious belief, sometimes proofs of credit worthiness
(solvency, expectation of repayment, etc.).

Neither Chaum nor Finney nor myself have ever (that I recall) called for a
government-mandated system of _identities_. The whole point of "blinded
credentials" is so that "selective disclosure of information" can occur.

The canonical example is an "age credential" for entry into bars, for
example, or for rental of adult videos, as another example. (The present
system--simply _looking_ at a person to confirm that they "look old
enough"--works pretty well for most adults, with only those in the margin
zone being "carded." Even with "carding," a bar owner only checks the age
field, and the photo field of course, to verify age. Chaum's concerns when
he wrote his "systems to foil Big Brother" papers in the mid-80s were that
fully-computerized versions of these credentials would present substantial
threats to privacy. Rather than just looking at an age credential, and then
forgetting the data seen, computers and surveillance systems would
_remember_ all presentations of credentials, allowing extensive
construction of dossiers on movements, purchases, habits, etc.).

Anyway, getting back to Wm. Geiger's question, "What does it matter if I am
a new customer or not?," maybe it does matter, maybe it doesn't. As a
merchant, I might offer "new customers" special prices or services that I
don't normally offer. Whatever. The important point is not to have
government (for example) interefere in such transactions. Customers are
free to offer such credentials as they wish to, and merchants are free to
refuse the credentials offered.

(In the real world, there are few businesses that want extensive
credentials. The most important credential to them is _cash_, which is an
interesting form of "blinded credential" (if you think about it). Namely,
cash is "proof of ability to pay without any other credentials." Paying by
check (a promise that one's bank will make good) or by asking for a
purchase to be put on a "tab" (for later payment), are both situations
where a merchant might demand various forms of credentials.)

>I don't see why we couldn't have anonymous prepaid credit-cards similiar
>to the prepaid calling cards available now. You pop down to the local bank
>here's $500 cash, they give you your card, when you have used up your $500
>you throw it away. Of cource the issuer of the card would charge some fee
>for the service, say $1 on every $100, maybe more maybe less the market
>will decide that. :)

But in this example, William has just described a form of blinded
credential! Exactly Hal's point.

>No one need know who I am or what I am purchasing. Much simpler to
>implement, no id verification, no blinded credentials, Just treat it like
>any other credit card.
>
>KISS - Keep It Simple Stupid :)

Sometimes things are simple, sometimes simple things are stupid. The key of
our kind of cryptography is to allow mutually acceptable, mutually
negotiated protocols. Sometimes these will be just "blinded proofs of
ability to pay" (cash, prepaid cards, etc.), sometimes these may involve
other forms of proof. (For example, imagine a sex club that demands a
blinded proof that one is HIV-negative.)

The key point is that such protocols be voluntary.

--Tim May

"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay at got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."