I have a set of UUIDs that I want to assign to a set of people. I want to deliver these UUIDs to people in a secure manner, such that everyone knows that I do not know which UUID corresponds to which person. I.e., I want it to be publicly verifiable that the assignment process was random and that the delivery process was private, and that no record is kept of the assignments and deliveries. I am having a lot of trouble figuring out how to implement this digitally.
The purpose here is to allow people to prove that they received a legitimate ID for authentication purposes, without revealing who they are in particular when they submit said ID. A real life analogy would be to have people one at a time pick a random slip of paper with their ID written on it from a jar, where everyone can see that the jar owner does not know which ID was picked by each person, and also everyone knows that every person only received one ID.
I toyed with the idea of sending a link to a private webpage via email, where people could then click one of a set of links on said webpage to claim a particular ID, but then I have no way of ensuring that each person claims only one ID without recording some kind of credential to keep track of who has already claimed an ID.
Aucun commentaire:
Enregistrer un commentaire