CardSpace finished, U-Prove just beginning

In February, Microsoft announced the cancellation of the Windows CardSpace federated identity management framework. (Foley, 2011) The framework allowed users to organize their various online identities and select one for any given website interaction. The framework adhered to Kim Cameron’s seven laws of identity.

Instead, Microsoft is now fully promoting the U-Prove identity management framework as CardSpace’s superior replacement. U-Prove offers greater privacy and anonymity than CardSpace in that it is based on a zero-knowledge protocol that reveals the veracity of a secret without revealing the secret itself to anyone involved in the transaction. U-Prove allows a user to selectively disclose only specific identity assertions, e.g. date of birth, member of a particular group. Microsoft has open-sourced U-Prove and made it freely available to developers under a BSD license. (Cameron, 2010)

The identity architecture of our Android prototype is based on the U-Prove technology, so we are excited to see that U-Prove is gaining more industry attention. U-Prove is important because it builds on the promises of public key cryptography (PKC). With PKC, in order to know that a piece of information was encrypted by a particular person, all the data must be revealed. But U-Prove allows a proof to take place without revealing all the data. (Bright, 2010) This is the core reason why U-Prove fits the Prop-ID project so well – its architecture allows for minimal, selective disclosure of personal information.