Hello Privacy Subscribers of Lemmy, I’m Webhost0101. With the help of ChatGPT, I’ve been exploring the challenges we face with digital identity, particularly regarding the use of email addresses. I’ve developed a concept aimed at enhancing privacy and security in our digital interactions.
Identifying the Problem: Our dependence on email addresses as universal identifiers exposes us to various privacy and security risks. The dual nature of emails - serving both as identifiers and gateways to personal communication - presents a significant challenge. The goal is to create a system that can help gradually step away from this bad practice.
The plan
The plan involves converting email addresses into hash codes to serve as digital identifiers, with these codes usable in both digital and physical realms through personalized QR codes. This approach offers a secure and private method for identity verification. While similar systems exist that use QR codes for login purposes, this concept is distinct because it does not store any authentication keys. It only maintains a ‘username,’ which is the hashed email, and instructions on how to convert an email address into this username. This ensures enhanced security, as the ‘Sign’ system is designed primarily for identity verification without directly facilitating authentication or access.
The Concept: Creating Your ‘Sign’
- Initial Step: Visit the ‘Sign’ website and input your email to start the process.
- Email Verification: Receive a unique link via email, confirming your email’s validity.
- Hash Generation: Use the unique link to select from multiple hashing algorithms or a default option. This generates a hash code, presented as both a string and a QR code, encapsulating the hash and the algorithm/options used.
- Optional AI Art Generation: You have the option to generate AI-based art from the QR code, adding a personalized aesthetic touch.
- Finalizing the Sign: Enter your ‘Sign’ into the system, which stores only the sign including the algorithm/options used. No email addresses, names, or URLs are kept.
- Receiving Your QR-Art: Obtain a high-quality image of your QR-art for printing on various personal items.
Using ‘Sign’ for Digital Identification
- Online Login: On supported platforms, log in with your ‘Sign’ rather than your email address. The service checks for a corresponding email in their database that produces the same hash with the chosen algorithm/options. Services can eventually replace emails with ‘Signs’ for regular users.
- Real-Life Usage: In physical stores, use your QR-art ‘Sign’ when asked if you have an account/booked at table.
Security and Privacy Considerations
- Robust Encryption and Data Protection: Implement strong encryption and secure data handling practices.
- Multifactor Verification: Use the ‘Sign’ as part of a multifactor identification process, alongside other verification methods.
- Handling Hash Collisions: Establish protocols to manage the unlikely event of hash collisions, ensuring system integrity.
Advantages and Use Cases
- Enhanced Privacy: Limits the need to share email addresses, reducing spam and data breach risks.
- Versatility: Applicable both online and offline, enhancing convenience.
- Personalization: The AI-generated art offers a unique, personal touch to each ‘Sign’.
Conclusion: The ‘Sign’ system proposes a novel approach to digital identity, focusing on privacy, security, and user convenience. It represents a potential step forward in how we handle and protect our digital identifiers across various settings.
It seems doable, but it also seems like a solution to a set of already solved problems, with a chain of new dependencies that require global acceptance of new infrastructure.
The reason email works is because it pre-dates ubiquitous Internet and is something everyone has.
That said, the public PGP key I generated in 1994 is already in published keystores, can verify my email address, and be shared as a QR code. It even has a recognizable visual thumbprint that works similar to your generated art.
The downside to it is that despite being around since 1993, PGP and OpenGPG never became ubiquitous for this purpose, so even though it solved these issues, it became a curiosity for identity management instead of the de-facto method.
It works though, as long as everyone involved has the tools needed.
This sounds like a less secure passkey.
Edit: Passkeys use WebAuthN
Could you please compare WebAuthN to your suggestion? What are the pros and cons as they relate to each other?
…aaand this is why chatgpt is no substitute for expertise.
It’s “generative” AI, in that it generates lists of words that fit together. But it has no actual understanding of anything so the stuff it generates is totally surface, middle-of-the-road whatever-you-want-to-hear.
It didn’t need to. The idea is fully mine and i take full responsibility for any lack of expertise and understanding.
I am really bad at writing my thoughts down, il take critics over using ai ais over my horrendous spelling and grammar any day. I know ai flaws, its a tool.
I spend over 2 hours on this before discussing with chatgpt, granted i was stoned most of it but i be damned i wont be told i didn’t put in any effort.
I doesn’t matter that much its flawed, i have ideas like this around the clock, most never make it out of my head. I was glad to participate and learn this time.
I apologise for my dismissive tone earlier. Thanks for putting your idea out there 🙂
People will just instantly be a bit pissed of when it looks like they’re reading something generated. Your post would probably have gone better if you changed the text and removed the most obvious hints of LLM usage.
I’m not great at this sort of stuff, but if Sign is meant to be a third party website that other websites authenticate your identity against, given by step 1:
Initial Step: Visit the ‘Sign’ website and input your email to start the process.
Could this also be likened to a less secure OAuth?
Its not meant to be but can be used as one.
My initial idea what that sites could look up a combo of an email and sign to see if they are a match by Looking up the algo used to make it.
But I realized this wasn’t all that necessary once i realized you can include the hashing protocol in the code so sites that you have account for can verify on their own without third party.
I guess i forgot that there is no point left for the sites to be used to verify as all it really will tell you is that yes that is a valid sign registered here. But i see no reason why a competitor cant try the same thing.
Others beat me to the punch on saying this is just worse WebAuthN, but there are some specific flaws that boil down to saying that this whole thing is, at best, totally inconsiderate of real attack vectors such as phishing
Online Login: On supported platforms, log in with your ‘Sign’ rather than your email address. The service checks for a corresponding email in their database that produces the same hash with the chosen algorithm/options. Services can eventually replace emails with ‘Signs’ for regular users.
Enhanced Privacy: Limits the need to share email addresses, reducing spam and data breach risks.
Huh? What does this even mean? How can you avoid sharing your email and replace it with a sign, if they need to check it against their database of… Emails?
Real-Life Usage: In physical stores, use your QR-art ‘Sign’ when asked if you have an account/booked at table.
Ah excellent. Someone can just look at a security camera or just snap a photo over your shoulder and steal your sign then. Because your proposal sure doesn’t note any way that these are 1-time use only. And if they were, this sounds like an awfully inconvenient way of receiving a temporary number (which sites usually only ever do as a cheap/bad 2FA method/password resets)
Email Verification: Receive a unique link via email, confirming your email’s validity.
Oh boy, better make sure to not get phished! Or that the link is 1 time use! Or that you aren’t being victimized by a MITM attack and getting it intercepted immediately!
I mean, a fair amount of people have point out my system is flawed and has been done better so its kinda a waste of time but i don’t think these are good against arguments against it so i will try to clarify this a bit more.
The sign is not a point of entry, it doesn’t matter that people can copy it anymore than people can have the same first name as you. There is very little anyone can win by knowing or copying your sign except maybe light bullying. It definiteness inst worse then what stranger can do with your email address. It is a name people can use to identify you but its not a proof of identity on its own, you’d need to combine it with something like a password for that.
At this point of time every site, every store every account is made using your email, the databases already exist. Rather then just inventing a brand new system for new sites, i though of something that could work with the current one. They only need to check their existing database once per email and change it into the hash, so now the user can login using the hash and can no longer login using he email.
The email verification thing is bog standard procedure we use today build in every account registration setup to guarantee that its the owner of the email that is making an account, i would be using it the same way to make sure you cant create a code for someone elses emai. You may wander how to do this when there is no more email in the registration for other sides. Easy, there is no initial check, its not a problem irl that people have the same name, neither is it a real problem that someone used your sign for a login, i cant see a reason why they would but next to forgot pasword there is now “Someone else has used my sign” In this case the site could still ask an email address as a secondary identifier, Cross reference the email again the code itself (as the code contains the algorithm to convert the email into the code), send standard verification mail so the owner can proof ownership. old account gets deleted and they get a new one. Using someone else sign cant be stopped just like you can pick any first and last name on facebook but because we know the signs to be unique it should be against TOS to create an account using someone a sign made with an email you don’t own without permission.
This has gone on to long again, its a flawed idea, i wont actually execute it and i pretty much expected it to be shot down, the feedback is still valuable to me, which is why i did it.
I’ll summarize myself and my initial intentions in a final stance.:
I firmly stand again the practice of using email addresses as usernames for online identities, there are good reasons for sites to require your email address but a username or way to login is not a good reason for such sensitive communication-information.
