Privacy Pass is a project launched in 2017 to help make solving CAPTCHAs online less painful using zero-knowledge cryptography. The core of Privacy Pass is a 1-RTT cryptographic protocol (based on an implementation of an oblivious pseudorandom function) that allows users to receive a significant amount of anonymous tokens in exchange for solving a challenge. These tokens can be exchanged in the future for access to services without having to interact with a challenge and without the service knowing which specific challenge was originally solved.
Privacy Pass is now in use by over a hundred thousand monthly active users in the form of the Privacy Pass browser extension for Chrome and Firefox. In this talk I’ll explore both the mathematical underpinnings of this project and its future directions.
Joint work with Alex Davidson, Ian Goldberg, George Tankersley, and Filippo Valsorda