Enhancing Identity Credential Privacy with Zero-Knowledge Proofs
Christian Paquin
NorthSec 2025 · Day 2 · Ville-Marie
Mobile driver's licenses and digital identity credentials are rolling out across North America, but existing standards like SD-JWT and mDL still leave a critical gap: every credential presentation leaks a unique digital fingerprint that issuers and data brokers can use to track users across sites. Christian Paquin of Microsoft Research presents Crescent, an open-source zero-knowledge proof framework that layers on top of existing credential formats to let users prove specific claims — "I am over 18," "I reside in Virginia" — without revealing any additional data and without enabling issuer surveillance of where credentials are used. ---
AI review
Microsoft Research cryptographer presents Crescent, an open-source zero-knowledge proof framework that layers zk-SNARKs onto existing JWT and mDL credentials to enable unlinkable selective disclosure — solving the issuer-tracking correlation problem that SD-JWT and current mDL standards don't address.