The privacy-enhancing cryptography project seeks to promote the use of communication protocols that do not reveal unneeded private information of the communicating parties.
There are many technical challenges in doing this, as it is typically hard to separate private data from general data (e.g. to convert a third-party-signed date-of-birth certificate into a certificate indicating that a person is of voting age). Zero-knowledge (ZK) proof techniques and their variants can be used to accomplish this for a large class of assertions. These techniques allow one party to prove to another party that a given statement is true, without conveying any additional information apart from the fact that the statement is indeed true. However, even though many such ZK protocols are practical, adoption by industry is slow.
The Computer Security Division's (CSD) Cryptographic Technology Group (CTG) is also following the progress of emerging technologies, such as fully homomorphic encryption (FHE). FHE could potentially solve a large class of problems by allowing computation on encrypted data without decryption. CTG has also shown that the NIST Randomness Beacon (discussed below) can be used as a primitive in secure multi-party computation, such as sealed-bid online auctions, in which losing bids are never opened.
Team members continue to work in collaboration with NIST's Trusted Identities Group (formerly the National Strategy for Trusted Identities in Cyberspace (NSTIC) program) and the Federal Cloud Credential Exchange (FCCX) project. In this context, CTG has served as evaluators and in technical support roles.
Current communication security standards are primarily designed for two-party communication. CTG believes that future protocols, such as those for identification, commercial transactions, and social media, will necessitate standards for three-party communications (e.g., two parties involved in a commercial transaction and a third party that serves as an enabler of some aspects of the transaction). This is particularly important if standards are to provide privacy protection. CTG has developed some basic protocols for this purpose. One such protocol allows for privacy-preserving identification with the aid of a mediator. In this protocol, the issuer of an assertion, such as “John Smith is an employee of the Department of Commerce,” does not need to know who the consumer of the assertion is, yet it can encrypt the assertion with a key only known to that consumer (i.e. the mediator cannot see the unencrypted assertion).