← Back to context

Comment by AnthonyMouse

4 hours ago

> German IDs support age verification that just returns a yes/no response to the question "is this user above the age of 18,"

If the only thing that came out of the ID was those letters then you wouldn't need the ID, you could just type "yes" or "no" when the site asks you if you're over 18. So it's presumably not doing that, instead it's providing some kind of signature.

And then the privacy implied by "just returns a yes/no response" isn't actually there, because it's actually returning more than that. Does the response have a fixed signature which is unique to the ID, therefore able to be correlated across sites? Does the ID have a unique public keypair that it uses to sign, with the same problem? If someone extracts the key from one ID, or just hooks it up to a computer, can they now set up a service to anonymously sign for everyone in the world? If they can't anonymously sign for everyone, can't the same mechanism used to identify them also be used to identify anyone else?

"Someone attempted to do this but no one uses it" is no proof that their attempt was any good or addressed the concerns people have about doing this.

2 comments

AnthonyMouse

Reply
lachiflippi  3 hours ago

My understanding is that the responses are signed, but in a way that prevents linking signatures across vendors, so the same card being used for verification on different sites could not be linked, while the same card being used multiple times for the same vendor could.

As I'm not an expert on the crypto underlying the protocol, feel free to check the eIDAS standard for more info (the documents are in English, even if the link is not): https://www.bsi.bund.de/EN/Themen/Unternehmen-und-Organisati...

  • AnthonyMouse  3 hours ago

    A cursory look implies they're using group signatures:

    https://en.wikipedia.org/wiki/Group_signature

    Which allow the group manager (presumably the government, or anyone who compromises them) to identify who signed something.

    If using the same card multiple times with the same site allows the site to correlate them then that obviously also allows the site to link two accounts you intended to be separate, or two sites to set themselves up as the same "vendor" and thereby correlate your accounts between them.