this post was submitted on 29 Jul 2025
27 points (100.0% liked)

Privacy

2054 readers
102 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
27
Zero Knowledge Proofs Alone Are Not a Digital ID Solution to Protecting User Privacy (www.eff.org)
submitted 4 days ago by Blaze@piefed.zip to c/privacy@programming.dev
2 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] hendrik@palaver.p3x.de 7 points 4 days ago

I don't think this is true. We have mechanisms in authentication systems to prevent that. For example make requests valid for one use only. And I'd say if an attacker can ask about age every single day until a user turns 18, and by that gaining knowledge about their exact birthday, it's something like a side-channel attack and by definition not "zero" knowledge any more and needs to be handled/prevented by the implementation.