A new technology purchased by Zero Knowledge Systems purports to let a Web surfer assure people of his personal data without identifying him.
"It prevents people from compiling dossiers," ZKS chief scientist Ian Goldberg tells Wired, after ZKS told the Financial Cryptography '00 conference this week it bought exclusive licenses for patents covering so-called "minimal disclosure" digital certificates. Wired says ZKS hopes marketers will embrace them.
The idea, the magazine continues, "is that companies and advertisers will accept smaller slices of information about customers -- as long as it's more reliable than the frequently incorrect data visitors currently provide to Web sites."
The eight current and pending patents are owned by a Netherlander, cryptographer Stefan Brands, who moved to Montreal last week and now works as a senior ZKS scientist, Wired says. Brands discovered the new encryption form while at Centrum voor Wiskunde en Informatica in the early 1990s, the magazine says.
While many offer similar services letting you give your information and then revealing it selectively, ZKS plans a clever cryptographic technique to distinguish it from competitors.
"Here's how it works: If your bank 'certifies' you as having a credit line of $50,000, you can mathematically prove to a car dealer that you're a worthy prospect -- without revealing your name, address, or phone number," Wired says. "While a dealership currently might be able to verify this by phoning your bank, this technology lets them do the same check simply by performing a calculation on a PC or handheld computer."
ZKS digital certificates rely on the difficulty of performing discrete logarithms on a specific type of mathematical structure, the magazine continues.
But Wired also says there are downsides - as in, the same plan purporting to protect your privacy could, ironically, reduce it. "Before you can get a ZKS-approved digital certificate that proves you are, for example, more than 21 years old," the magazine says, "someone has to check you out first -- and you have to trust that company or government not to abuse your privacy by compiling records or leaving a database vulnerable to malicious hackers."
And the magazine says some Financial Cryptography '00 delegates were somewhat skeptical for other reasons. ZKS getting the exclusive rights to the Brand patents was called by Bob Hettinga a "repeat" of DigiCash's mistake - acquiring such valuable technology but refusing to license it freely, the magazine says.
