Security without identification: transaction systems to make big brother obsolete

Reviewer: Richard Allan Smith

This paper discusses the problem of how computerization is laying a foundation for a dossier society, whereas organizations are attempting to avoid abuse by devising more pervasive, efficient, and interlinked computerized record-keeping systems. The paper presents a new approach which may be a practical and effective solution to these problems. The new approach differs in three ways: (1) the way identifying information is used; (2) who provides the mechanism used to conduct transactions; and (3) the ability to allow all parties to protect their own interests. In the first approach, by using a digital pseudonym with each organization, an individual cannot be linked with records used by other organizations. Each person can still authenticate ownership while ensuring that the digital pseudonyms are not improperly used by others. The new approach would allow an individual to use a credit-card-sized personal computer, which would have no secrets from its owner and no unmodifiable structures. A transaction would be communicated to the card-sized personal computer and authorized by entering a secret authorizing number on the keyboard. A backup authorized card computer could be made if this one was lost or stolen, once the owner or some trustees supplied other sufficient secret numbers. Current system security is one-sided in favor of the organization attempting to protect themselves from individuals, whereas the new approach allows protection for all parties. Three types of consumer transactions, each having its own special problems, are demonstrated: communications, payment, and credential systems. In communications, the new approach provides untraceability and pseudonym authentication. The author introduces and discusses the concept of unconditional untraceability using “the dining cryptographers problem.” In payment transactions, the author demonstrates blind signatures, which protect against various kinds of abuse and prevents tracing without the individual's consent. For credential transactions, the solution recommended is based on an individual's ability to transform a specially coded credential under different pseudonyms, which also ensures that obsolete information becomes unlinkable. Besides several real-world applications, broader issues (advantages) include the following: (1) Individuals can maintain backup copies of card computers and allow transfer by use of a key. (2) An alternative is to distribute (divide) the group of digits making up the key (the identification number) into parts and give different parts to more than one trustee. (3) Physical identification techniques can protect card computers from misuse. (4) The design presented allows pseudonyms to be changed on a periodic basis, while still allowing traceability to be used, if needed. Advantages of the new approach to the organization are that it helps maintain good will, improves security, and uses advanced computerization. Several new terms and techniques have been introduced besides those already mentioned. They include unconditional sender and recipient untraceability, multiparty security, unconditional unlinkable pseudonyms, and card computers. The intended audiences are information security specialists and the financial community. The value of this paper is the markedly different approach to identification than that which has already beem implemented. The design criteria and architecture deserve serious evaluation for future large-scale automated transaction systems. There are so many new techniques introduced that the social implications, although favorable, are the major hurdle to overcome.