Occasionally, ISRG explores ideas that we believe have the potential for positive impact on security and privacy for people using the Internet. Our interest in this work is to advance promising technologies, typically by developing a proof of concept or implementing them. We have also worked on specification and standards development, but that is usually a necessary byproduct of getting code up and running.
Current Research
Digital Identity
Background
There is growing momentum for managing human identities digitally; this reflects the integration between our everyday lives and the digital space. The technical concepts in this arena have great potential to make things better and/or easier, but there is also potential for policy and technology decisions to be harmful. Organizations globally have sought solutions that allow for attestation of specific identity information digitally.
In 2024, an interesting idea emerged from folks at Google. Longfellow is a zero knowledge proof (ZKP) system that is optimized for proving statements from widely-deployed cryptography like ECDSA with P256 curves and SHA-256 digests. Longfellow is compatible with existing credentials, provides greatly enhanced security from today's paradigm, and is fast enough for Internet scale.
Our Work
ISRG has developed deep expertise in authenticating digital infrastructure through our work on the Let's Encrypt Certificate Authority. We were naturally interested in the idea of using ZKPs as applied to the digital identity space. Since ZKPs are a family of techniques that enable proving statements without revealing anything other than the strict minimum of required information, they offer the potential to add security and privacy to an area of society that handles significant personal data, allowing computers to check assertions that a person is old enough, or a resident, rather than sharing specifics such as birth date and location, or even credentialing and licensing.
The decades of theoretical development in ZKPs has put that field in an excellent position for the recent rapid advances in practical applicability.
ISRG engineers are developing an open-source implementation of Longfellow in Rust, in partnership with the SIROS Foundation. It will serve as the PKI back-end of SIROS's EU digital identity effort, named wwWallet.
From our Blog
Next Steps
In addition to Longfellow, there are similar anonymous credential systems such as Vega and Crescent, which have distinct properties that might make them useful in different use cases. This is a rapidly evolving area of research and ISRG is continuing to explore it. There may be opportunities to leverage anonymous credentials for various authentication needs, which is an area of research that ISRG is well-suited to pursue due to our experience operating privacy-enhancing technologies at internet-scale.