Zero-knowledge proofs for subject anonymisation?

[scouten-adobe]

It should be possible in some situations to use Zero Knowledge Proofs to anonymize the credential subject while still proving some facts about them (e.g. you don’t know their name but you know that they are a photographer that has been issued a digital credential by a professional association). we should chat about examples, but I’ve been thinking that redaction is not always the only thing we’d want to specify.

[christianpaquin]

ZK proofs if one of many privacy-preserving technologies that can be used to provide some degree of anonymity for the identity assertion creator, and arguably is the most complicated. Others include signatures that support selective disclosure of attributes (e.g. hashed based mechanisms used in mDL or SD-JWT), blind signatures or proof-of-knowledge of signatures to provide unlinkability (e.g., U-Prove, CL, BBS). It will be helpful to discuss target scenarios first and then analyze which technology can support them, while keeping the cryptographic complexity to a practical level.

[mrbao]

Whistleblowers or confidential sources are a common scenario in the media. This is a classic. https://www.wired.com/2012/12/oops-did-vice-just-give-away-john-mcafees-location-with-this-photo/ But there are many more cases in which newsrooms post images (for example, from Iran or China) and the photographer may be held criminally liable for sharing that image with the newsroom. The newsroom would need to be able to scrub all of that, and the metadata should show that it has been scrubbed, by whom, and why that person/organization is trustworthy.