Hacker News new | ask | show | jobs
by teravor 6 hours ago
worthless is too strong.

the truth is that the two extremes you listed can be titrated.

if you use nullifiers you can trade some privacy for some security. basically you convert your true identity into a private token which you can use to authenticate aspects of yourself, the price being that the token can be tracked with some effort across services. better than just using your identity at least. if a token/nullifier is abused it can be revoked and then you have to jump through a bunch of hoops to get another.

there are some other trade offs that can be made.
1 comments
rockskon 5 hours ago
Okay - so you verify age and what else?

What combination of details can you validate on that is meaningfully privacy-preserving and couldn't result in wide-spread re-use of tokens?

Additionally - what would prevent some kids from getting a homeless man in the city to hand them his ID, get a facial scan, and everything else you can think of to generate a token and then pass that token around?

ZKP are a cryptography-nerd's joy but are are categorically unsuitable for the purpose of age verification. I stand by this without the slightest reservation.

link
teravor 5 hours ago
the same thing that prevents them from doing reuse right now: platform detection mechanisms. the difference is that right now the identity of the subject is known whereas with ZKP (nullifier approach) only the dirty token is known and where that token was used.
link
rockskon 5 hours ago
So....what exactly would platform detection mechanisms be basing their decisions off of that wouldn't defeat the entire privacy-preserving premise of ZKP?
link
teravor 5 hours ago
multiple use of the same token on multiple accounts...?

tying multiple accounts and services together isn't ideal but its inarguably better than tying your real world identity to every single service.

link
rockskon 5 hours ago
Wait - so you're advocating for use of a persistent identifier tied to a person? How is that any different than what advertising networks do right now beyond giving them additional guaranteed information of your age bracket?

To clarify - it's not cryptographically necessary to present the same token for each and every transaction and serves to categorically defeat the entire privacy guarantee of ZKP.

It also makes it trivial to associate your ZKP token with your real identity.

link
teravor 5 hours ago 

    > use of a persistent identifier
at the terminus, yes. there is no other way to avoid the homeless problem you listed. by terminus I am referring to where a central authority vouches for unforgability. this does not mean advertisers will have a token they can use (see remote attestation infrastructure).

    > tied to a person
whether or not the terminus can tie a token to a real world identity will depend on how careless the user was and how much collusion there is between the terminus and the services. at the very least it will impose an investigation cost.

contrast this with the situation as it currently is (under ideal assumptions) where a central authority verifies your real identity and issues temporary rate limited tokens which are then saved by each service and can at any time be linked to you whenever the central authority can get the service to disclose the database entry. the nullifier will force the central authority to do an investigation about who the nullifier actually belongs to which may actually fail.

realistically I expect VPNs and Tor to just become more popular in response to such nonsense. I wouldn't be using government issued tokens for anything that isn't trivial to tie to your identity already: such as a personal bank access.

link