PhD Defense: Anonymous Programmable Identities and Credentials

Due to the wide adoption of digital communication and services, tracking users across multiple interactions have proliferated. Anonymity is essential for free speech across the internet and to ensure the safety of individuals. Unfortunately, many online platforms require tracking of authenticated users for moderation and fraud protection. Despite not being widely adopted, researchers have explored building protocols for anonymous credentials since the 1980’s. While existing cryptographic protocols have solved the basic goal of creating anonymous authenticated tokens, hurdles block their deployment. One major roadblock in their adoption is handling the moderation of bad actors. If a site does not know who committed the offending act, they cannot easily penalize their bad behavior. Even if there were such a mechanism, it must be done in a way that does not identify the individual.
Service providers need a way to moderate and punish bad actors, and existing schemes cannot realistically achieve this as even supporting the most basic requirement of banning are too inefficient for realistic scenarios. Some limitations include limiting all clients into rigid one size fits all approach, while some require them to do work linearly proportional to the size of all offending actions. No prior work can efficiently support asynchronous negative feedback, a necessary feature for practical systems.
In this talk I will be presenting my work on building anonymous identities and credentials. The first part will be about zk-promises, the first efficient and programmable framework for anonymous credentials that supports asynchronous feedback through callbacks. This improves on prior works by being much more scalable, to the degree that commodity hardware can support realistic scenarios like Wikipedia moderation, and by being much more flexible in the logic that can be incorporated to the system. In my second work, I will be discussing an extension to zk-promises, by not only keeping the state hidden from the server, but also the client. This has applications where client state cannot be known to any party. An example of this is fraud or bot detection, where the client's activity should be hidden from the server, but the fraud scoring of each client action should not be known to the client. We employ the use of continuous anonymous secure multi-party computation, a topic that has not been extensively studied in existing literature. This is a challenging problem as it requires non-trivial properties, especially to be made efficient. Lastly, I will be outlining my proposed work, with a focus on new notions of anonymous credentials and identities for different applications.