Press "Enter" to skip to content

IBM’s Higgins project: anonymous authentication for all

IBM, along with Novell and a small company called Parity Communications, announced in February that they were starting work on the Higgins Project, an attempt to create an open-source identity manager that web developers and web surfers could use as a single point of authentication online. This week, IBM announced that the project had borne its first fruit: an anonymous online credential system called idemix, short for Identity Mixer. 苏州美睫美甲

The idea behind idemix is to preserve user privacy online by letting users identify themselves to various e-commerce web sites without revealing any more personal information—or allowing personal information to be subsequently traced—than is absolutely necessary. "The basic concept is very simple," the IBM web site explains, "personal data is best protected if not revealed at all, i.e., if the amount of data revealed is kept to a minimum. The idea is not new, many laws on the protection of personal data contain data frugality as an implicit guideline. The question then is how 'minimum' is defined."

The system works like this: the user logs on to the idemix web site, selects a pseudonym, then registers this fake name. In return the user receives a set of digitally-signed, electronic "credentials" that identify the user. This set of credentials can then be used to log on to e-commerce web sites. In order to preserve anonymity, the credentials are presented to the e-commerce site only in encrypted form, and the encryption changes each time the user logs on. This prevents sites from being able to easily track a user's surfing habits. IBM calls this cryptographic method a "Zero Knowledge proof."

Of course, in some cases it is important that sites be able to track the user who has been logging in, for example in cases of law enforcement. To allow for this, the idemix system selects a "designated authority" who can retrieve the original user data if necessary. This should be a third-party organization trusted by both parties.

To discourage users from sharing their credentials with other users in order to get around the need for registration—the "Bugmenot" effect—IBM has designed idemix so that if a user shares one of their credentials for a single web site with a friend, it can be used to grant that friend access to all their idemix credentials. This—in theory—should keep people from sharing their credentials freely.

IBM claims that online transactions using idemix take five times as long as regular e-commerce transactions, but that as the time for each transaction is typically measured in milliseconds, it should not be noticeable for end users.

The idea of keeping one's anonymity while signing on to various web sites may seem useful in theory, but it remains to be seen how well it will work in practice. Web site owners are unlikely to embrace the idea of not being able to easily track their customers, and users may worry about the idea of all their credentials being accessible should they fall into the wrong hands. While the idemix idea seems like a good one, it is unlikely that it will find much traction in the business world. However, IBM is determined to make a go of it, and plans to add support for idemix to its enterprise products such as Tivoli.