To switch to the other topic, identity is pretty much always established by proving that you know the solution to some really tough problem that only you would know the answer to. There are a few ways to do this. Banks typically ask you to fill out answers to personal questions when you register, the theory being that only you would know those answers. Passwords do the same thing--registering a shared secret that in theory only you will know. But there is a much cooler way...
There are certain types of puzzles that are easy to create but hard to solve if you don't know how they were created. Factoring large prime numbers is an example. We have math that lets us quickly test if numbers are prime, but it's really hard to factor composite numbers into the primes that make them up. This means we can quickly find two large (hundreds of digits) prime numbers and multiply them together to get a really big composite number that pretty much only the person who knows the original two primes can factor.
Here's the cool part. You can put up the really big composite number on the web so that anyone can see it. It is so hard to factor that no one will be able to. Now, when anyone needs to authenticate you, all you have to do is prove that you can factor it. You now have a public test that only you can pass and that anyone can use to verify your identity.
The tricky part is making such a test reusable (proving that you know *how* to factor the number without revealing what those factors actually *are*), but that's a whole different topic.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
no subject
Date: 2008-12-05 05:42 pm (UTC)There are certain types of puzzles that are easy to create but hard to solve if you don't know how they were created. Factoring large prime numbers is an example. We have math that lets us quickly test if numbers are prime, but it's really hard to factor composite numbers into the primes that make them up. This means we can quickly find two large (hundreds of digits) prime numbers and multiply them together to get a really big composite number that pretty much only the person who knows the original two primes can factor.
Here's the cool part. You can put up the really big composite number on the web so that anyone can see it. It is so hard to factor that no one will be able to. Now, when anyone needs to authenticate you, all you have to do is prove that you can factor it. You now have a public test that only you can pass and that anyone can use to verify your identity.
The tricky part is making such a test reusable (proving that you know *how* to factor the number without revealing what those factors actually *are*), but that's a whole different topic.