Microsoft has
acquired Montreal-based privacy technology company
Credentica. While that probably means nothing to most of you out there, it is one of the most important and promising developments in the digital identity world.
My main criticism around user-centric identity management has been that the identity provider (the party that you and others rely on, like your credit card issuer or the agency that gave you your driver's license) knows a lot about the users. Microsoft's identity architect Kim Cameron
explains it very well:
[W]ith managed cards carrying claims asserted by a third party authority, it has so far been impossible, even for CardSpace, to completely avoid artifacts that allow linkage. (...) Though relying parties are not able to collude with one another, if they collude with the identity provider, a set of claims can be linked to a given user even if they contain no obvious linking information.
This is related to the digital signatures involved in the claims flows. Kim goes on:
But there is good news. Minimal disclosure technology allows the identity provider to sign the token and proof key in such a way that the user can prove the claims come legitimately from the identity provider without revealing the signature applied by the identity provider.
Stefan Brands was among the first to
invent technology for minimal disclosure or "zero knowledge" proofs in the early nineties, similar to what David Chaum
did with his anonymous digital cash concept. His technology was bought by the privacy firm Zero Knowledge until they ran out of funding and gave it back to Stefan. He has since then built his own company,
Credentica, and, together with his colleagues Christian Paquin and Greg Thompson, developed it into a comprehensive middleware product called
"U-Prove" that was released a bit more than a year ago. U-Prove works with SAML, Liberty ID-WSF, and Windows CardSpace.
The importance of the concept of "zero knowledge proofs" for privacy is comparable to the impact public key infrastructures (PKIs)
described by Witfield Diffie and Martin Hellmann had on internet security. The U-Prove technology based on these concepts has been compared to what Ron Rivest, Adi Shamir and Leonard Adleman (RSA) did for security when they were the first to offer an
algorithm and a product based on PKIs.
When I was at the
CFP conference in Montreal last May, I was meeting Kim and Stefan, and a colleague pointed me to the fact that Kim was being
very nice to Stefan. "He has some cool patents Microsoft really wants", my colleague said. Bruce Schneier
recently also praised U-Prove, but questioned the business model for companies like Credentica. He added, "I’d like to be proven wrong."
Kim Cameron is now
bragging about having proven Bruce wrong (which is hard to imagine, given the
fact that "Bruce Schneier feeds
Schrödinger's cat on his back porch. Without opening the box"), while admitting that he still has no business model:
Our goal is that Minimal Disclosure Tokens will become base features of identity platforms and products, leading to the safest possible intenet. I don’t think the point here is ultimately to make a dollar. It’s about building a system of identity that can withstand the ravages that the Internet will unleash. That will be worth billions.
Stefan Brands is also
really happy:
For starters, the market needs in identity and access management have evolved to a point where technologies for multi-party security and privacy can address real pains. Secondly, there is no industry player around that I believe in as much as Microsoft with regard to its commitment to build security and privacy into IT systems and applications. Add to that Microsoft’s strong presence in many of the target markets for identity and access management, its brain trust, and the fact that Microsoft can influence both the client and server side of applications like no industry player can, and it is easy to see why this is a perfect match.
A good
overview of other reactions is at Kim's latest blog post. The cruicial issue has, again, been
pointed out by Ben Laurie, who quotes the
Microsoft Privacy Team's blog:
When this technology is broadly available in Microsoft products (such as Windows Communication Foundation and Windows Cardspace), enterprises, governments, and consumers all stand to benefit from the enhanced security and privacy that it will enable.
Ben sarcastically reads it like "the Microsoft we all know and love", implying market domination based on proprietary technology. But the Microsoft we all know in the identity field is not the one we used to know with Passport and other crazy proprietary surveillance stuff. They have released the standards underlying the CardSpace claims exchange under an
open specification promise, and Kim assures us that they will have their lawyers sort out the legal issues so anybody can use the technology:
I can guarantee everyone that I have zero intention of hoarding Minimal Disclosure Tokens or turning U-Prove into a proprietary Microsoft technology silo. Like, it’s 2008, right? Give me a break, guys!
Well. Given the fact that U-Prove is not just about claims flows, but involves fancy advanced cryptography, they really should do everybody a favour and release the source code and some libraries that contain the algorithm under a free license, and donate the patent to the public domain.
First of all, because yes - it's 2008, and
"free is the new paid", as even the IHT has discovered in January 2007.
Second, because yes - it's 2008, and there has been an alternative product out there under a free license for more than a year. IBM Research Labs Zurich have finished their
Idemix identity software that works with zero-knowledge proofs in January 2007. It is
part of the Higgins identity suite and will be available under an open source license. (The Eclipse lawyers seem to have been
looking into this for more than a year, though. Does anybody know about the current status?)
Third, because yes - it's 2008,
it's not 1882 anymore, to quote Bruce Schneier again:
A basic rule of cryptography is to use published, public, algorithms and protocols. This principle was first stated in 1883 by Auguste Kerckhoffs.