One of the recurring themes in my musings about identity management is my desire for unlinkability – if every transaction (in the broadest sense of that word) is independent of every other then it makes it difficult (I’d like to say impossible, but I’m a cynic) for anyone to build up a picture about you (for whatever value of “you” you’d like to choose).
But the thing that drives a coach and horses through this worthy goal is physical goods. All too often you end up wanting something delivered – a book, a CD, beer – and it has to go to somewhere linkable to you.
So, it occurred to me that you could arrange the physical equivalent of onion routing. Choose a friend, encrypt your address with his public key. Then choose another and encrypt friend one’s address and your encrypted address with his key, and a third and encrypt the second’s address, friend one’s encrypted address and your doubly-encrypted address to him. Give your provider of goods the third’s address and the encrypted package.
The provider then wraps your parcel up three times. On the outside of the third wrapper he puts the address of the third friend and the encrypted package. When it arrives at friend three, he decrypts the package, getting friend two’s address and a new encrypted package, which he then applies to the outside of the parcel and sends it on. Friends two and one repeat the process, the parcel arrives at your house, no-one knows where it came from and who it went to. Yes, friend one knows you got something, but has no idea where it came from. Friend three knows where it came from but not who it went to, and friend two separates them.