Comment on Is it completely impossible to do age verification without compromising privacy?
Saledovil@sh.itjust.works 3 months agoHere’s my idea: Bob gives Alice a token, assigning her an unique random number n. Alice goes to Grace and tells her, “Somebody assigned me number n, can you verify that I’m allowed?” Grace then writes: “User n is allowed, signed Grace”. Alice then takes this letter and shows it to Bob. Bob now knows that Alice is allowed, but nothing else. Grace only knows that somebody wanted to know that Alice is allowed, not who that somebody is.
Of note here: This system does nothing to protect against an allowed user helping a not allowed user to gain access, but I don’t think it’s possible to protect against traitorous users.
That could very well work, yes; but I think that would require Bob verifying Grace’s signature, and that would require trusting that Grace didn’t make a unique signature that she only used for Alice, and making a note of who verified it.
There might be a way to verify those signatures with public keys in a way that didn’t require Bob to tell Grace that he was verifying the signature, which is still rattling around in my brain.
Bob would have to know and trust Grace beforehand. Grace could be the IRS, for example. The idea here being to have somebody who already knows your age vouch for your age.
That’s not about Bob trusting Grace specifically (that’s a premise of the entire operation), it’s about trusting that the letter Alice handed Bob was actually signed by Grace.
Well, if Grace is already well known, then her public key should be available.
This is called a nonce.
Which as a Brit is a really bad name for anything used to access porn.
We could change it to being called a Mountbatten-Windsor but that’s a much lengthier way to say the same thing.
There is no system in the world that can fully prevent an authorized user to grant access to an unauthorized user. Even with an all time on camera and screensharing I can still find ways to have someone else control my computer while I “authorize” the connection with my face in the camera
Yeah a small false-positive rate will have to be accepted. This is the same like you can’t fully prevent minors from getting access to alcohol. Consider that their older sibling can buy it for them (at an increased price, ofc).
gandalf_der_12te@discuss.tchncs.de 3 months ago
The problem is that it leaves a paper trail.
Grace also knows what number n got verified, and the identity of the user n. Later, the website can ask the age-verifying service who user n actually was. It requires that the age-verifying service cooperates with the website, though, but this could be mandated by law, which would create a single point of (privacy) failure.
PS: i love your writing style. It’s so simple and clear :)
Cryptography is a really complicated subject. You managed to express it very easily understandable.
Saledovil@sh.itjust.works 3 months ago
Yeah, that is a problem.
And thanks for the compliment.