Unlinkability via secure enclaves for relying parties

[jurajsarinay]

It appears that the holders of the Swiss E-ID will have little choice when it comes to hard & software used. The reasons are typically phrased in terms of "security", where any device that is not under sole control of a major foreign "tech company" is considered insecure. For better or worse, those who opt for an E-ID may have to accept that the government prescribes what systems they run.

While you are at it, why not impose specific hard & software on the relying parties too? If they had to verify credentials within appropriately programmed secure enclaves, one might be able to achieve unlinkability of presentations even for credential formats from Scenario A. You would get all the benefits and almost none of the downsides of Scenario B. One could present the same credential in a linkable or unlinkable manner depending on whether a particular relying party supports an "upgrade" to privacy-friendly verification within an enclave.

Thanks to SGX, widely supported on Intel servers, we could gain considerable privacy without the need for a whole lot of advanced cryptography like zero-knowledge proofs or accumulators.

Maybe we could, after all, outperform the EU on privacy by simply bolting it on top of the ARF.