Topic-specific policies
ISO/IEC 27565


Search this site
 

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

 

ISO/IEC 27565 — Information technology — Security techniques — Guidelines on privacy preservation based on zero knowledge proofs [DRAFT]

 

Abstract

[TBA]

 

Introduction

Zero knowledge proofs are cryptographic techniques allowing someone to prove to someone else that they are in possession of a secret, without actually disclosing the secret to the other person. The secret may be a password or other authentication information (e.g. biometrics), a cryptographic key, electronic currency, or some other piece of sensitive information which must remain confidential during the entire process.

 

Scope of the standard

[TBA]

 

Content of the standard

[TBA]

 

Status

Drafting commenced in 2021.

The standard is due to be published in 2025.

 

Personal notes

This standard will (presumably!) apply ZKP techniques to the protection of personally identifiable information/personal data - perhaps proving that an authority holds someone’s personal details without them simply handing over those details (which may be legally prohibited if the data subject did not explicitly agree to such use of their details, and would increase the risk of improper disclosure by the recipient or during the data transfer).

Beyond that, I’m struggling to think of how this might be of any value in practice ... but then I’m not a privacy or crypto expert (and they are quite excited about this standard). Along with privacy, the NWI proposal mentions a substantial reduction in financial fraud and information theft by criminals, a compelling case if the standard leads to widespread adoption of ZKP.

 

 

< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2022 IsecT Ltd.