Re: selective disclosure without ZKP

On Wed, Jun 10, 2020 at 6:42 PM Nikos Fotiou <fotiou@aueb.gr> wrote:

>  Kim Hamilton <kimdhamilton@gmail.com> wrote:
>
> > I think the redaction signature suite is a lot like what you describe:
> https://w3c-ccg.github.io/lds-redaction2016/
>
>
>
> > It's kind of fallen by the wayside, but many of us are interested in
> the simplicity of this approach, so if you're interested, we may be able to
> drum up interest.
>

I'm a fan of the redaction signature suite, which is particularly well
suited for use in data minimization (not truly selective disclosure)
because it basically takes each of the JSON-LD quads and hashes each of
them separately, then you hash the hashes. This allows you to present just
the quads you want, otherwise you just off the "quince" ;-)

This is very lightweight approach, and also allows data minimization to
happen at the holder layer, not at the issuer layer, which few other
alternatives support privacy choice of at that layer.

That being said, `lds-redaction2016` was missing any cryptographic review,
and should not be used without one. At a minimum it needs some type of
per-VC nonce so that you can't correlate the hashes, but I suspect further
review would show some other hash related tricks would be necessary.

I'd still like to see something like the redaction signature suite emerge —
I'm a fan of bbs but it has some complications that redaction does not.

— Christopher Allen

Received on Thursday, 11 June 2020 04:07:26 UTC