Title: Identity assertions with Bitcoin instead of CA in Payment Protocol?
Post by: grau on November 04, 2013, 07:58:45 AM
https://eprint.iacr.org/2013/622.pdf The authors of the paper claim in the abstract: In this work we propose a novel anonymous credential scheme that eliminates the need for a trusted
credential issuer. Our approach builds on recent results in the area of electronic cash and uses techniques |
such as the calculation of a distributed transaction ledger | that are currently in widespread deployment
in the Bitcoin payment system. Using this decentralized ledger and standard cryptographic primitives,
we propose and provide a proof of security for a basic anonymous credential system that allows users to
make exible identity assertions with strong privacy guarantees. Finally, we discuss a number of practical
applications for our techniques, including resource management in ad hoc networks and prevention of
Sybil attacks. We implement our scheme and measure its e�ciency.
If that holds shouldn't Payment Protocol's use of CA be revisited?
Title: Re: Identity assertions with Bitcoin instead of CA in Payment Protocol?
Post by: Gavin Andresen on November 04, 2013, 09:19:52 AM
If that holds shouldn't Payment Protocol's use of CA be revisited?
No. If their anonymous credential scheme is successful (and I hope it is!), then the payment protocol should be extended to use it. The payment protocol is quite carefully designed so that replacing the public key infrastructure system is easy.
Title: Re: Identity assertions with Bitcoin instead of CA in Payment Protocol?
Post by: Mike Hearn on November 04, 2013, 01:46:41 PM
It doesn't solve the same problem. What they're doing is anonymous credentials a la anonymous passports/SINs/fidelity bonds. These are not identities that are intended for humans to work with directly, which is why their example applications are things like TPM DAA systems or anti-sybil in P2P networks, and not a replacement for SSL CA's.
|