Privacy-protected age verification

[Gary Hinson]

Prompted by a brief mention in the latest RISK-LIST digest, I've been exploring and contemplating privacy-preserving age verification schemes this morning - in particular a conference paper due to be presented by Steve Bellovin this October citing a 2001 conference paper by Jan Camenisch and Anna Lysyanskaya.

Along the way, I picked out a few new terms to add to [a future edition of] the hyperglossary, and was reminded of Steve's ability to explain complex technical issues well enough for me to get a feel for the topic.  I'm certainly no expert in privacy-preserving age verification or cryptography, and fear 'knowing just enough to be dangerous' - a consistent concern as I'm working on the hyperglossary, especially in less familiar and still-developing areas of cybersecurity.

And that thought reminds me I should really dig out the reference for the Dunning-Kruger effect ...

 

And so the game continues.

Once the hyperglossary is published, I sincerely hope to receive comments, critiques, corrections and amplifications of the definitions from actual experts: aside from updating the text, I value the knowledge.  'Zero knowledge' is not my happy place! 

Kind regards/Ngā mihi,

Gary

PS  Here's Cory Doctorow's typically cynical take on the governance, political and practical issues associated with privacy-preserving age verification.  Is it literally an insoluble or merely an intractable challenge?  Hmmm, maybe the hyperglossary should define, compare and contrast those terms too ... 

________________________________________

Gary Hinson CEO of IsecT Ltd

Information risk and security consulting

ISO27k  Audit  ISMS templates and policies
Pragmatic Security Metrics (with Krag Brotby)
Cybersecurity Hyperglossary (soon!  Currently copy-editing!)

________________________________________