Comment by rockskon
3 days ago
Zero knowledge proofs based on too little information are trivial to abuse.
To combat this, you need to have it based off of more and more personal info....which is at odds with the privacy-preservation goal.
Sadly when it comes to age assurance, Zero knowledge proofs are little better than marketing.
In this case the ZKPs are tied to a private key stored in a secure element in the phone, so effectively they are tied to control of the device where the original credential was enrolled.
That's nice and all for the cryptography but now think about what's needed to associate it with the physical attribute (such as the age) of the user of the device which may or may not change hands over time.
I'm not quite sure what you're getting at here.
The Google system is tied to a mobile driver's license, and there is an identity check at enrollment that is intended to tie the credential to the device. It's true that if you give someone access to your phone without erasing it, then they can potentially use this mechanism to circumvent age assurance. This is true for a number of other age assurance mechanisms (e.g., credit card-based validation).
In any case, I'm not really interested in getting into an argument with you about the level of assurance provided by this system and whether it's "trivial to abuse" or not. I was merely describing the way the system worked in case people were interested.
The suitability of the remedy (ZKP) for the purpose of age assurance is the entire problem. The non-cryptographic aspects cannot be handwaved away as something not worth discussing when they're the primary area of concern here.
1 reply →
But they must allow some kind of proxy signing so that you can sign in from other devices besides the phone. So how do you protect against misuse of that feature without logging any identifiers?