Brainstorm: Decentralized Periodic Identity Verification

[NewLibertyStandard]

What is the best way to tie one person to one identity in a global decentralized system such that on average, over consecutive daily, weekly or monthly intervals, each identity only represents one willing and real participant in the system? Is it even possible?

More participation practicality, less difficulty and less cost are the kind of measurements which determine how good one method is over another.

If a good solution is possible, I would really like to figure it out; so please contribute even if you don't have the whole solution.

In a centralized system, you can simply gauge simple participation which is difficult to scale to multiple accounts and then continually check for cheating. This is essentially what many closed websites do. They're not closed in the sense that they're trying to keep everyone out, it's just that they're trying to tie one person to one account to promote and maintain a particular cultural environment.

I originally posted this question in another thread. I have reposted the question in this general forum because the question is very important to me and I would like feedback from the whole range of forum participants.

[1714926914]

1714926914

[1714926914]

1714926914

[1714926914]

1714926914

[1714926914]

1714926914

[FreeMoney]

So, to get a handle on what you are looking for:

A simple private public key pair is no good because while one user belongs to each pair, many pairs can belong to one user. You want to make sure no one can have multiple identities?

Here's the bar to beat cost wise. Hold everyone down at gunpoint, implant a heart monitor that explodes when removed and communicates with your server continuously.

[NewLibertyStandard]

So, to get a handle on what you are looking for:

A simple private public key pair is no good because while one user belongs to each pair, many pairs can belong to one user. You want to make sure no one can have multiple identities?

Here's the bar to beat cost wise. Hold everyone down at gunpoint, implant a heart monitor that explodes when removed and communicates with your server continuously.

Correct, a simple private key pair is not sufficient.

I realize that the second example is a joke, but willingness is a necessity, not a preference. Only people who volunteer and want to be verified will be verified, but there will be some people who want to be verified more than once. Also, your solution is by no means cheap.

One idea is to do periodic DNA tests which can be used as the private part of a cryptographic pair. The DNA labs would have to be independent and be audited by independent auditors who also audit one another. This pretty well solves the problem, but much too expensively and too difficultly. The challenge is now for someone to come up with a better solution according to the metrics of high practicality, low difficulty and low cost.

[Red]

I know this is not a decentralized as you would like, but you asked for partial solutions.

In the general case this problem is solved by Certificate Authorities who check people's real world credentials. In your case, you could have people add their SSN or other national ID to a standard 509 certificate. I bet that has already been done somewhere.


NOTE: If people are unclear the difference between a public key and a public certificate: A public key is pure mathematical data no identifying information about the user. A certificate is a signed document that contains a public key. It deliberately contains other structured information about its owner. Normally name, email, sometimes phone or physical address. But really you can put anything you want. It is signed by a trusted authority to avoid web-of-trust issues. However, you can generate your own certificate and sign it yourself if you want.

[NewLibertyStandard]

Thanks Red. That probably is the best solution currently available. Improvements to the certificate authorities would incrementally improve the whole verification system. What we need are organizations which rate the certifications based on how hard it is to create fake certificates.

Also, it would be important that they not only verify that the certificate is linked to a real identity, but that the solution would prevent multiple valid certificates created. For example, it wouldn't wok if I could create one certificate with an approved CA using my passport and social security number and then create another certificate with another approved CA using my driver license and utility bill.

Privacy would be a concern, but I think that's secondary to the other measurements.

[Red]

Also, it would be important that they not only verify that the certificate is linked to a real identity, but that the solution would prevent multiple valid certificates created.

I meant you should ONLY accept certificates that contain verified SSN (or other unique country ID). That would get you most of the way there because you could spot duplicates yourself.

However, you have the problem that some people are dual nationals or otherwise might be able to get unique IDs from different countries. There is some ability to get replacement SSNs as well if one is compromised.

It is by no means a perfect solution. But it would frustrate the non-hacker types.

[fresno]

And what about those who refuse to participate in the SS fraud? We can't use banks or credit cards, are you going to freeze us out of Bitcoin as well?

You know that the SSN is the index into Baal's Big Database. So much for decentralization!


 

[Willsway]

One solution I can think of is to create a unique key pair from a fingerprint scanner and a secret algorithm. Problem of course is most people have 10 fingers and 10 toes, but some have less or none and a few have more. Making the key generation uncrackable would also be a problem, I think.

[NewLibertyStandard]

One solution I can think of is to create a unique key pair from a fingerprint scanner and a secret algorithm. Problem of course is most people have 10 fingers and 10 toes, but some have less or none and a few have more. Making the key generation uncrackable would also be a problem, I think.

That's a fabulous idea! I think that the current capability of artificial intelligence could probably be adapted learn to verify the authenticity and originality of two high resolution scans of both hands, which could be combined with a password to create a unique key. People could then scan their hands and enter their password whenever they wanted to be verified, but perhaps be required to scan their hands at least yearly or every other year to confirm that they're still alive. They could perhaps be allowed to reset their password once per year or every other year in case someone had previously been forcing them to be verified and didn't let them know the password. The main potential weakness is that although you'd have good hackers trying to strengthen the verification, you'd also have bad hackers trying to crack the verification. It would work so long as the general population and the good hackers had confidence that the bad hackers wouldn't be able to crack the system to allow unlimited verification. Most any solution would be susceptible to vulnerable people being taken advantage of, but that's really the problem of the local government and law enforcement. The system could have a voting system built into it so that people could set their vote for which hardware and software would be allowed. They could change their vote at any time so that whenever it comes to light that some hardware or software is better or worse than other hardware and software, good versions could be added and bad versions could be excluded.

[Red]

You probably already know this but if you don't know the google term this might be helpful.

There are the terms two-factor authentication, three-factor authentication and multi-factor authentication which might help your search.

The general definitions are:

First Factor = something you know. i.e. a password.
Second Factor = something you have. i.e. a physical key, dongle, smartcard, etc.
Third Factor = something you are. i.e. Retinal scan, fingerprint, face recognition, etc.

Multi-factor is considered to be two or more authentication factors taken from different groups.
i.e. A smartcard and a password. A finger scan and a dongle. a face recognition and password.

Happy Googling!

[Anonymous]

One solution I can think of is to create a unique key pair from a fingerprint scanner and a secret algorithm. Problem of course is most people have 10 fingers and 10 toes, but some have less or none and a few have more. Making the key generation uncrackable would also be a problem, I think.

This would incentivize hand and finger amputation?

[NewLibertyStandard]

One solution I can think of is to create a unique key pair from a fingerprint scanner and a secret algorithm. Problem of course is most people have 10 fingers and 10 toes, but some have less or none and a few have more. Making the key generation uncrackable would also be a problem, I think.

This would incentivize hand and finger amputation?

If it was used for evil, sure. But not within the constraints of a voluntary beneficial system as I implied.