How would you implement anonymous authentication?
https://stackoverflow.com/questions/9202636
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm building a web-based app centered around security, privacy, and anonymity. One of the key principals of the app is that users can store sensitive data anonymously.
As a result, I expect to outsource system authentication entirely, preferably using OAuth or OpenID.
Is this even possible? I'd like to avoid storing email addresses or any other kind of user-identifying information on my side.
Solution
A friend of mine was working on this a few years ago. His idea was to hash an email address and a thumb or fingerprint into a unique image (biometric data is just a stream of bits, and in theory a fairly unique one compared to a human-input password like "123456").
That image could then be stored on that person's devices using their own password or bitlocker, or even printed out and locked away physically. The image would be the key when shown to a webcam or uploaded, sort of a reversal of QR codes.
Of course, the image-creation would be the potential tracking point. But if that was done entirely in memory or with a free and widely-distributed key generation tool then you would probably have some legal-protection from being compelled to reveal original users' data or identities. (this all glosses over the need for wide use of biometric scanners and secure connections all around)
Edit:
Biometric data streams are slightly different each time they're taken. There is no "password recovery" if you hash a stream like this as-is, it will likely never be the same. Most dimensionality-reduction would make it far less secure, and might still leave a chance that it couldn't be reproduced.
OTHER TIPS
To begin with, OAuth is a completely different thing, separate from your project's scope.
I guess it depends on your definition of "anonymous". If you use OpenID, you would be saving your users' OpenID URLs. In other words, your system would be precisely as anonymous as your users' OpenIDs.
A more intrinsically anonymous solution might be to simply let your users enter an arbitrary string to identify themselves. Returning users would simply type in that same string again. If you want to display a user's "identity", you could run that string through a hash function. No registration required (and not unlike 4chan's secure tripcodes).
