On Our First GDPR Christmas: How Do I Create Christmas Vouchers That Your Store Cannot Track?

Well, this is the first Christmas in a GDPR world, and perhaps little has changed. Companies are still doing things in the same old way…

How Do I Create Birthday Voucher That Your Store Cannot Track?

A demo of the method I will present is [here].

So how can Bob purchase 10 vouchers for presents for Carol, Trent and Faith, and then for Alice’s store to not be able to tell it was Bob who had bought them. For this, we can turn to obvious transfer, and zero-knowledge proof (ZPK) method. One of the best around uses the power of elliptic curve methods and is defined as EC-VOPRF (Elliptic Curve Verifiable Oblivious Pseudo-Random Function).

Now Bob wants to buy 10 vouchers from Alice, and he wants to give them to Carol, Trent and Faith. For this he generates 10 random numbers (x1, x2, … x10). He then matches these onto elliptic curve points (finding the nearest x-axis point). For these 10 vouchers, he then creates a random value for a blinding factor (b). Bob then multiplies each of the elliptic curve points with b, and hands these 10 elliptic curve points to Alice, and pays for 10 vouchers.

Alice then multiplies each of these points with her private key (k), and sends them back to Bob. When Bob receives these he now unblinds each voucher by dividing each of them by his blinding factor (b). The values he now has are kX1, kX2, … kX10.

Next, Bob gives Carol the values of X1 and kX1, X2 and kX2 to Trent, and X3 and kX3 to Faith. Each of them can then go to Alice’s shop and give Alice their values. For Carol, Alice then checks that the value of X1 multiplied by her private key (k) is the other value that Carol has given her (kX1). If this checks out, she will approve the purchase, but will not know where the voucher came from. For this only Bob is able to generate the values of X1 and kX1, as Alice only knows k.

And there you go. We have created a world where Alice cannot determine where the vouchers came from, and we have preserved the rights of Bob to privacy. We have also created purchase receipts which can be trusted, but which cannot be tracked. If an auditor wants to resolve, Bob can reveal his blinding factor.