How Do I Prove That I Am Spartacus Without Showing My ID?

True story … I phone my bank … and my bank asks me for my password to prove that I am who I say I am, and I say “No! … I’m not giving you that”, and I say “Can you prove to me that you are my bank?” … and they say … “Well, you phoned us!” … and I say “but how do I know you are my bank?” … “We just are! Okay … give me your password” and I say “No!”, and they say “Well we can’t help you if you don’t give us your password” … and they hung up! Doh!

On the Internet, we give away so much information, and the more we give away, the more that our data can be used by others for malicious purposes. Every time we give away our date of birth, someone could use it to crack our bank account details. So how do we prove something, if we don’t want to reveal our data?

The Internet we have created uses a trust model, where we have a trusted party — Trent — which will check the information. But what if we don’t trust anyone on the Internet — how can we still check?

Oblivious Transfer (OT)

So how do we determine if someone is of a certain height or a certain age, without them giving away their height or age? One method is to use oblivious transfers, where Bob and Alice can exchange information, but not reveal their core data. The core of this is OT, which is a privacy…