alt Hacker NewsThe way that this is usually implemented is with some sort of HSM (eg. smart card, like on a e-id), that holds a private key that's shared with hundreds (or more) other HSMs. The HSM part ensures the key can't be copied out to forge infinite amounts of other identifies, and the shared private key ensures it's vaguely anonymous.
> - Belongs to exactly one real person.
I don't see how you can prevent multiple people sharing access to one HSM. Also, if the key is the same in hundreds of HSMs, this isn't fulfilled to begin with? Is this assuming the HSM holds multiple keys?
btw: "usually". Can you cite an implementation?