Privacy-preserving license plates using blind signatures
License plates are crazy from a privacy standpoint. We'd riot if the government made us wear a badge with our name on it every time we left the house. But bolting a permanent unique identifier to our car? Totally normal.
Now there are ALPR (automatic license plate reader) networks everywhere, public and private, logging everything. Check
DeFlock
Find license plate readers (LPRs) near you.
for the USA picture. From plate data + camera feeds (public or insecure private ones) you can infer where someone lives, works, when they're not home, who they meet. Some countries even let you query the vehicle registry directly from the plate.
I don't think accountability for cars is necessarily wrong. If you rear-end someone and flee, it's fair they can identify you. I just don't think we need to trade mass surveillance for that. Cryptography exists.
A basic scheme:
Every day you generate a random string r, compute H(r), and get it blind-signed by an issuing authority (they sign without learning what they're signing: Chaumian blind signatures, same as ecash). You put r on your e-ink plate as a QR code, along with the signature. Anyone can verify: hash the preimage, check the signature. If you cause an accident, the witness notes r and can prove they saw your plate. To find out who you are, they go to court, the authority looks up who requested the blind signature for H(r). No public link between your plate and identity. Already way better than today.
Problems and improvements:
Daily rotation is too slow: Cameras still build a full-day profile. Rotate every 5–10 minutes instead. Eric Rescorla arrived at a similar scheme:
Privacy for license plates
and explores the tradeoffs well, including how the authority can precompute a lookup table for all vehicles and time windows cheaply enough that de-anonymization doesn't require your cooperation.
The authority is still a chokepoint: Whoever registers you and creates the H(r) -> identity link already knows both sides. Threshold encryption of the stored record is a governance improvement (requires k-of-n parties to cooperate, auditable) but not a fundamental one. The registrar still has the information at creation time. The real protection is legal process + the fact that passive surveillance is broken. That's already a big deal compared to today, but it's not zero-trust.
The cryptography is production-ready. The gap between "solved" and "deployed" is almost entirely political.
Posted to
Stacker News
Privacy-preserving license plates using blind signatures \ stacker news
License plates are crazy from a privacy standpoint. We'd riot if the government made us wear a badge with our name on it every time we left the hou...
Speech Services provides fast, efficient, and high-quality text-to-speech for [GrapheneOS](https://grapheneos.org) using state-of-the-art models running completely on-device.
