By Dr. Jan Camenisch
How many cryptographers do you know were influenced by their grandmothers?
It all started around 20 years ago in a picturesque Swiss village or “dorf,” as we say, with fewer than 400 citizens. And as with any small town scuttlebutt travels fast, whether its about the new village romance or what is more likely in Switzerland, which cow is producing the best milk – after all we are known as the land of cows with more than 700,000 of them (2010).
But back to my story. It was the 1980s and I was supporting a citizen initiative related to animal rights. In Switzerland, as in other democratic societies, initiatives can reach the highest levels of government by collecting signatures and I started with my closest relatives including my dear grandmother.
Showing a keen sense of awareness, before signing the form my grandmother asked me if anyone else would have access to the signatures. After giving her a bewildered look I said that the local town officials would review and validate the signature list before it’s mailed to the Swiss capital of Bern. At that point, to my surprise, she refused to sign the form because she didn’t want the rest of the community, made up of many fellow farmers, to know that she was in favor of such a law.
This brief moment would set me on a career path, which continues to this day, in developing technologies which enable people to conduct transactions as privately as possible.
Solving the Paradox
During the humble beginnings of the Internet, and before cookies and private browsing, users could be completely anonymous online. Whatever you did on the Internet was your business. This is not the case anymore.
Today we are in the era of Big Data. Analyst firms predict that billion of devices will make up the Internet of Things in the next 10 years. And these connected devices will generate a lot of data, Big Data as it has become known. Just like a diamond which needs to be polished, Big Data can also be mined and cleaned and turned into an invaluable resource.
For example, IBM scientists have worked with police precincts around the world to mine arrest records to predict when and where future crimes will be committed. We can also find the proverbial needle in a haystack by analysing millions of medical documents to find interesting correlations between proteins, diseases and treatments which haven’t been discovered yet.
Due to all of this it’s my opinion that the data generated by humans is the world’s newest currency. As with any currency it can be bought and sold for example to markers to provide more targeted products. Or in a worse case scenario, your personal data can be sold on the black market for just a few dollars to generate a new identity for a criminal.
And here lies the dilemma. With every click analyzed to provide us with a more personalized online experience, how can we protect our identities?
One answer is a technology we’ve been developing for more than a decade called Identity Mixer. Identity Mixer uses a cryptographic algorithm to encrypt the certified identity attributes of a user, such as their age, nationality or address, in such a way that the user is able to reveal only selected pieces to third parties, such an web service or online retailer.
For example, consider a web-based video streaming service is offering several films which have age restrictions. To stream the 12+ movie, Alice needs to prove that she is at least 12 years of age and that she lives within the appropriate region. The typical way to do this would require Alice to enter her full date of birth and address, but this actually reveals more than is necessary. Identity Mixer can simply confirm that Alice is at least 12 without disclosing the month, date and year of her birth and reveal that she lives in the correct region, i.e. region 1, instead of her full address. This ensures that even if the video streaming service is hacked Alice’s personal data remains safe. Try the demo now.
Previously available for download and demonstrated to work on smart cards, Identity Mixer will soon be made available as an experimental web service in IBM Bluemix, IBM’s new platform-as-service (PaaS) cloud that combines the strength of IBM software, third-party and open technologies to enable developers to create apps in the cloud.
To demonstrate the new cloud version of Identity Mixer we are collaborating with academic and industrial partners in Europe and Australia in a new pilot project called Authentication and Authorization for Entrusted Unions (AU2EU). In the two year, 8.6 million euro pilot we will test Identity Mixer in two unique scenarios in Germany with the Deutsches Rotes Kreuz (German Red Cross) and with the Commonwealth Scientific and Industrial Research Organisation (CSIRO), Australia’s national science agency.
I think we are on the cusp of changing the paradigm in favor of privacy. Join me and my colleagues today for a Tweet Chat Identity Mixer and privacy management today at 10:00 AM EDT today using #identitymixer.