Adam Back wrote:
Related to this announcement, credentica.com (Stefan Brands' company)
has released U-Prove, their toolkit SDK for doing limited-show,
selective disclosure and other aspects of the Brands credentials.
http://www.credentica.com/uprove_sdk.html
(Also on Stefans blog http://www.idcorner.org/?p=144).
I believe Brands credentials are considerably more computationally
efficient and more general/flexible than Camenisch credentials.
Not sure about more general. Brands does claim they are more efficient,
though - however, Camenisch/Lysyanskya credentials have been improved
since they were first thought of, and are also a lot faster if you don't
insist on academic rigour. I have not yet put them side-by-side, but I
do have a partial implementation of C/L credentials for OpenSSL and am
planning a Brands implementation, too.
(Re Hal's comment on the patent status of Camenisch credentials, as
far as I know patents apply to both systems).
Looks like you can obtain an evaluation copy of U-prove also.
Adam
On Sun, Feb 04, 2007 at 10:34:33AM -0800, Hal Finney wrote:
John Gilmore forwards:
http://news.com.com/IBM+donates+new+privacy+tool+to+open-source/2100-1029_3-6153625.html
IBM donates new privacy tool to open-source
By Joris Evers
Staff Writer, CNET News.com
Published: January 25, 2007, 9:00 PM PST
IBM has developed software designed to let people keep personal
information secret when doing business online and donated it to the
Higgins open-source project.
The software, called Identity Mixer, was developed by IBM
researchers. The idea is that people provide encrypted digital
credentials issued by trusted parties like a bank or government agency
when transacting online, instead of sharing credit card or other
details in plain text, Anthony Nadalin, IBM's chief security architect,
said in an interview.
...
I just wanted to note that the idemix software implements what we
sometimes call Camenisch credentials. This is a very advanced credential
system based on zero knowledge and group signatures. The basic idea is
that you get a credential on one pseudonym and can show it on another
pseudonym, unlinkably. More advanced formulations also allow for
credential revocation. I don't know the specifics of what this software
implements, and I'm also unclear about the patent status of some of the
more sophisticated aspects, but I'm looking forward to being able to
experiment with this technology.
Hal Finney
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
--
http://www.apache-ssl.org/ben.html http://www.links.org/
There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]