Age verification

Mark Lomas ukcrypto at
Fri Dec 2 20:43:07 GMT 2016

A temporary secret is insufficient because an adult can give such a secret
to a child, similar to asking your older brother to buy you some cigarettes.

Of the examples you give, only two are amenable to solution - nightclub
entry and local alcohol sales. I can imagine a tamper-proof device that
contains a biometric reader, accepts remote attestations (e.g. from my
bank), confirms a customer's age but does not otherwise identify them.

I deliberately say 'local' because if you offer a remote service it is open
to the older brother attack.


On 2 December 2016 at 14:36, Graham Cobb <g+ukcrypto at> wrote:

> Age verification is back in the news again due to the DE Bill.  I have
> wondered for a while whether crypto could allow us to create some sort
> of double-blind age verification system: where the identity (name, date
> of birth, etc) of the person is hidden from the entity needing
> verification, and the identity of the resource being accessed is hidden
> from the entity providing verification.  Ideally, of course, it would be
> triple blind: third parties such as law enforcement cannot find out what
> resource was accessed by what person, at least not after the fact (maybe
> they could with prior notification that a particular person or a
> particular resource was to be monitored).
> I had in mind something like:
> 1. Assume that some entities exist who can provide acceptable age
> verification (I will use a bank as an example below but it could be any
> private or state entity).
> 2. Bank verifies your age.
> 3. You request them to sign a certificate stating that you are over a
> specific age (say 18).
> 4. Bank provides the certificate to you.
> 5. You pass the certificate to the entity needing the proof (say, a
> nightclub).
> 6. Nightclub validates the certificate against the bank's public key
> (without needing to contact the bank).
> The hard part would seem to be proving that the certificate relates to
> the actual person who is presenting it (to a practical level of
> certainty similar to traditional techniques), without allowing the
> nightclub to find out who that person is! I assume it would have to be
> based on some sort of temporary secret which you would have to present
> along with the certificate.
> I am sure the naive approach above would not work for various reasons
> but I wonder what work has been done on this? It seems that proof of age
> for everything from creating social media accounts, to shopping, to
> drinking, to accessing porn, to ... is becoming more common and it is
> essential that we have some way of proving age without disclosing who we
> are, or what we want the proof for.
> Graham
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the ukcrypto mailing list