Identity assertions with Bitcoin instead of CA in Payment Protocol?

Mike Hearn

legendary

Activity: 1526

Merit: 1129

It doesn't solve the same problem. What they're doing is anonymous credentials a la anonymous passports/SINs/fidelity bonds. These are not identities that are intended for humans to work with directly, which is why their example applications are things like TPM DAA systems or anti-sybil in P2P networks, and not a replacement for SSL CA's.

Gavin Andresen

legendary

Activity: 1652

Merit: 2216

Chief Scientist

Quote from: grau on November 04, 2013, 03:58:45 AM

If that holds shouldn't Payment Protocol's use of CA be revisited?

No. If their anonymous credential scheme is successful (and I hope it is!), then the payment protocol should be extended to use it. The payment protocol is quite carefully designed so that replacing the public key infrastructure system is easy.

grau

hero member

Activity: 836

Merit: 1021

bits of proof

https://eprint.iacr.org/2013/622.pdf

The authors of the paper claim in the abstract:

Quote

In this work we propose a novel anonymous credential scheme that eliminates the need for a trusted
credential issuer. Our approach builds on recent results in the area of electronic cash and uses techniques |
such as the calculation of a distributed transaction ledger | that are currently in widespread deployment
in the Bitcoin payment system. Using this decentralized ledger and standard cryptographic primitives,
we propose and provide a proof of security for a basic anonymous credential system that allows users to
make exible identity assertions with strong privacy guarantees. Finally, we discuss a number of practical
applications for our techniques, including resource management in ad hoc networks and prevention of
Sybil attacks. We implement our scheme and measure its eciency.

If that holds shouldn't Payment Protocol's use of CA be revisited?

Topic: Identity assertions with Bitcoin instead of CA in Payment Protocol? (Read 702 times)