HackerLangs
TopNewTrendsCommentsPastAskShowJobs

fbrusch

846 karmajoined 15 anni fa

Submissions

Obfuscation: Building the final boss of cryptography (Part I)

vitalik.eth.limo
85 points·by fbrusch·12 giorni fa·12 comments

The Crowd Joins the Race to Break Elliptic Curve Cryptography

twitter.com
3 points·by fbrusch·mese scorso·0 comments

UC Berkeley Law Artificial Intelligence Policy

law.berkeley.edu
3 points·by fbrusch·mese scorso·0 comments

The Final Form of Software Development

blog.zksecurity.xyz
2 points·by fbrusch·2 mesi fa·0 comments

A shallow dive into formal verification

vitalik.eth.limo
3 points·by fbrusch·2 mesi fa·0 comments

LLM Knowledge Bases

twitter.com
2 points·by fbrusch·3 mesi fa·0 comments

Let a thousand societies bloom

vitalik.eth.limo
38 points·by fbrusch·7 mesi fa·26 comments

A GKR Tutorial

vitalik.eth.limo
2 points·by fbrusch·9 mesi fa·0 comments

comments

fbrusch
·15 giorni fa·discuss
In Italy every citizen has an electronic ID card that contains a private key and can sign challenges. It also has state-signed credentials/certificates that bind the public key to info about the citizen (date of birth etc).

You can do this: when you want to log into a service, the service provider gives you a fresh challenge C, bound to that service/session. You sign the challenge, and then generate a zkp of the fact that:

1. you have the signed challenge C with a certain public key P 2. you have a state-signed credential/certificate that binds P with a person with birth date BD 3. current date - BD > 18 years 4. optionally, you derived a per-service nullifier, e.g. from the card/credential secret, the service origin and a time bucket, so the service can rate-limit abuse without getting a global cross-site identifier

You send the proof to the service provider, that verifies it, and learns nothing about you (except for the fact that you're of age).

An adult can of course give away the card/PIN, but you need to have it physically to sign fresh challenges, so it cannot be passed around as easily as a bearer token. Moreover he loses access to his actual ID, which is required for other services.