Since the entire digital certificate is used during authentication, if compromised it could lead to a breach of sensitive information about the user, some of which could be used later for stealing the legitimate user's identity or authentication credentials for malicious access.
The technology, also called minimal disclosure certificates, was developed in 2000 by Stefan Brands, a cryptographer and professor of computer science at McGill University in Montreal.
Here's a scenario to explain how it works. Someone goes into a bar and the bartender asks for the person's driver's license to verify if he or she is of legal age to drink. Most likely, the bartender just looks at the person's date of birth and isn't interested in the name, address or other personal information. Once the bartender is satisfied, the person puts their license away and is allowed to stay in the bar.
But in open networks -- like the Web and the Internet -- an entire digital certificate may be exposed to the whole world over the wire, where its contents can be sniffed and stolen by hackers interested in stealing authentication credentials.
Minimal disclosure certificates solve that problem by only providing enough information from the user's DC to grant access to a system for a specific request. The user's whole identity or credentials aren't served up to the system requesting authentication.
Anonymous credentials are a similar concept, but are more about hiding credentials altogether rather than selective release of identity information.
Brands has a fascinating blog on the subject, The Identity Corner, where he explains and debates the finer points of these two concepts. He says there are three privacy properties of minimal disclosure: minimal traceability back to the user, minimal linkage back to the user and selective disclosure about the user.
Their effect on enterprise access management systems is hard to say right now, since the technology is still currently evolving and not widely adopted. Minimal disclosure certificates and anonymous credentials require access management systems with a high degree of granularity, meaning such systems must be capable of being tuned to pick and choose which pieces of users' identities can be used for authentication.
The technology is being discussed as part of CardSpace, a Microsoft identity management initiative, and as part of the Security Assertions Markup Language (SAML), a similar open source project.
For more information:
This was first published in October 2007