Quick links

Decentralized Anonymous Credentials and Electronic Payments from Bitcoin

Date and Time
Wednesday, November 5, 2014 - 4:30pm to 5:30pm
Location
Computer Science Small Auditorium (Room 105)
Type
CS Department Colloquium Series
Host
Ed Felten

Traditionally, making statements about identity on the Internet, whether literal assertions of identity or statements about one’s identity, requires centralized providers who issue credentials attesting to the user’s information. These organizations, which include Certificate Authorities, DNS maintainers, or login providers like Google and Facebook, play a large role in securing internet infrastructure, email, and financial transactions. Our increasing reliance on these providers raises concerns about privacy and trust. 

Anonymous credentials represent a powerful solution to this privacy concern: they deprive even colluding credential issuers and verifiers of the ability to identify and track their users. Although credentials may involve direct assertions of identity, they may also be used for a large range of useful assertions, such as “my TPM says my computer is secure”, “I have a valid subscription for content”, or “I am eligible to vote.” Anonymous credentials can also be used as a basis for constructing untraceable electronic payment systems, or “e-cash".

Unfortunately most existing anonymous credential and e-cash systems have a fundamental limitation: they require the appointment of a central, trusted party to issue credentials or tokens. This issuer represents a single point of failure and an obvious target for compromise. In distributed settings such as ad hoc or peer-to-peer networks, it may be challenging even to identify parties who can be trusted to play this critical role.

In this talk I will discuss new techniques for building anonymous credentials and electronic cash in a fully decentralized setting. The basic ingredient of these proposals is a "distributed public append-only ledger", a technology which has most famously been deployed in digital currencies such as Bitcoin. This ledger can be employed by individual nodes to make assertions about a user’s attributes in a fully anonymous fashion — without the assistance of a credential issuer. One concrete result of these techniques is a new protocol named “Zerocash”, which adds cryptographically unlinkable electronic payments to the Bitcoin currency.

Prof. Matthew Green is a Research Professor at the Johns Hopkins University Information Security Institute. His research focus is on cryptographic techniques for maintaining users’ privacy, and on technologies that enable the deployment of privacy-preserving protocols. From 2004-2011, Green served as CTO of Independent Security Evaluators, a custom security evaluation firm with a global client base. Along with a team at Johns Hopkins and RSA Laboratories, he discovered flaws in the Texas Instruments Digital Signature Transponder, a cryptographically-enabled RFID device used in the Exxon Speedpass payment system and in millions of vehicle immobilizers.

Follow us: Facebook Twitter Linkedin