Conventional wisdom suggests that if you want to increase security, you need to sacrifice some privacy: if you took a flight in the last decade you know exactly what I mean. We are so used to that tradeoff that you consider it one of the many Heisenberg principles governing computer science.

But what if this status quo could be broken? What if you could have security AND privacy?

U-ProveFilm

Enter the U-Prove technology, a groundbreaking innovation that allows you to do just that. Introduced by cryptographer Dr. Stefan Brands in 2004, it took the industry by storm (12). In 2008 Microsoft acquired the technology and hired Stefan & his crew (Christian Paquin, Greg Thompson) in the identity and access division. They have been busy ever since to integrate U-Prove in the Identity Metasystem: today we can finally let the world give a first glance to their work.

Today, March 2, 2010, at the RSA Security Conference, Microsoft is taking a first step to make the U-Prove technology available to the public and interested parties:

  • First, we are opening up the U-Prove intellectual property with a cryptographic specification under the Microsoft Open Specification Promise (OSP).  Two open source software toolkits are being made available-- C# and Java editions-- so the broadest audience of commercial and open source software developers can access the technology.
  • Second, we are releasing a public Community Technology Preview (CTP), which integrates the U-Prove technology with the Microsoft identity platform technologies (Active Directory Federation Services 2.0, Windows Identity Foundation, and Windows CardSpace v2). A second specification (under the OSP) is available for integrating U-Prove into open source identity selectors. 

As it is customary by now, the IdElement is providing extensive coverage of the U-Prove CTP:

Announcing Microsoft’s U-Prove Community Technical Preview

Stefan describes U-Prove, some typical scenarios where traditional technologies fall short while U-Prove provides a solution, and a summary of what we are releasing.

 

image

image

U-Prove CTP: a Developers’ Perspective

Christian and Greg explore the CTP, clarifying U-Prove’s role in the Identity Metasystem and describing how ADFSv2, WIF and CardSpace have been extended in the CTP for accommodating U-Prove’s functionality.

Deep Dive into U-Prove Cryptographic protocols

A feast for cryptographers and mathematicians! in this video Stefan describes in details the cryptography behind U-Prove’s algorithm. Not for the faint of heart!

 

 

 image

I know that my good friend Felix felt strongly about U-Prove: I am so glad that we can finally share this! Congratulations to Stefan, Christian, Greg and everybody in the IDA division that made this happen :-)

Downloads & more

- U-Prove CTP

- U-Prove SDK C# edition or Java edition

- Stefan's presentation on U-Prove recording