U-Prove - How Do We Use Privacy Enhancing Crypto?

From IIW

Issue/Topic: U-Prove – How Do We Use Privacy Enhancing Crypto?

Convener: James Brown (Microsoft)

Session: 2D

Conference: IIW-Europe October 11, London Complete Notes Page

Notes-taker(s): Rod

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

U-Prove is a different spin on crypto. It is the fruits of a split in the math heads view of the world 30 years ago. Half went down the PKI route and the other half ended up here.

Microsoft bought a company set up by Dr Stephan Brands which uses this "new way". IBM also owns technology in this space (Identity Mixer).

So what is it? The important thing is to understand that this is done at the crypto level. The mechanism is one in which a principal can release any one of a basket of attributes to any relying party it wants. These attributes are originally issued by a trusted third party (the IdP) as a basket but carry no information which allows anyone to trace back to the IdP.

This gives one the building blocks on which to build quite interesting user centric data. Further you can express derivations of the data. So the IdP may make a statement "Born on the 15 Jun 1963", but the principal has assert (with the authority of the IdP) "Is over 21" or "Is under 65".

So, the Principal can end up with a bunch of assertions (presumably from a bunch of IdPs) and can chose to assert *parts* of any or all of them to any RP. The principal gets to decide who sees the information, but it carries the authority of the issuing IdP.

Now, Microsoft has this technology. Such specs and profiles as exist are in the public domain (and are in the process of going through whichever standards bodies are appropriate). They have a C# and a Java SDK. They have an Cardspace with U-Prove "community tech preview" which uses this and they have an ADFS example as well. They also have a JavaScript version of the crypto engine (but it ain’t fast)

We had discussions about precisely how these assertions were to be shovelled about - what are going to be the winning profiles? is this another WS-trust variant?. The impression I get is that we are early on in the process and nothing has really been firmed up yet (except the maths behind the lowest level crypto). Profiles are going to be everything. For instance I asked about establishing technical trust in this space, and no-one could answer (or the question was meaningless, or we are not there yet).

The issue here is "what to do with it". Microsoft will not be introducing this until there is a reason to invest and bring a product to market. Two ideas were (from Vodafone) child protection and age verification (with respect to geo data and (e.g. from Mydex) to a government administrating social services, reducing the cost of gathering all the data by each group which does the admin.

Microsoft are open to discussions on use cases that will help evolve understanding and market testing in this area.