Microsoft has introduced Crescent, its cryptographic privacy library to address the growing privacy challenge posed by digital identities. Hidden identifiers in mobile driver’s licenses or JSON Web Tokens (a widely used app login authentication standard) can be exploited to compile detailed user profiles, even when only minimal data is shared, by linking separate activities together. Crescent is an open-source cryptographic library that integrates with existing identity formats without requiring issuers to change their infrastructure. It ensures that every presentation is randomized cryptographically so that no hidden data beyond what the user explicitly reveals can link one interaction to another, the company claims. “Zero-knowledge proofs are not as efficient as the cryptographic algorithms used in today’s credentials,” says the post. “Crescent addresses this computational challenge through preprocessing, performing the most complex calculations once in advance so that later proof generation is quick and efficient for mobile devices.” To make zero-knowledge proofs practical for mobile devices, Crescent splits proof generation into a one-time preparation stage and a fast per-presentation stage. The preparation stage computes reusable cryptographic values and stores them on the device; the presentation stage randomizes those values and produces a compact proof revealing only the necessary attributes. Crescent uses the Groth16 zero-knowledge SNARK system, which produces small proofs that can be verified quickly in a single step. Shared cryptographic parameters based on credential templates allow multiple issuers — for instance, different state motor vehicle departments — to interoperate as long as they adhere to compatible data formats and security standards.