50: De-identified authentication at scale

Meta Tech Podcast - Een podcast door Meta

Podcast artwork

Categorieën:

If you hear privacy and your first thought is laborious processes and access management, this interview may be just as mind-expanding for you as it was for our host Pascal. He is joined by Alex and Haozhi who talk about the Anonymous Credential Service (ACS), a highly available multitenant service that allows clients to authenticate in a de-identified manner. They discuss the cryptographic primitives powering the service and the various challenges they encountered scaling it to support Meta's products. Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/. Links How Meta enables de-identified authentication at scale - https://engineering.fb.com/2022/03/30/security/de-identified-authentication-at-scale/ Open-sourcing Anonymous Credential Service - https://engineering.fb.com/2022/12/12/security/anonymous-credential-service-acs-open-source/ ACS on GitHub - https://github.com/facebookresearch/acs ReactJS - The Documentary - https://www.youtube.com/watch?v=8pDqJVdNa44 Timestamps Intro 0:12 Alex and Haozhi Intro 1:22 Cryptography and Privacy 2:47 Team Mission 3:35 Data Minimisation 4:28 PETs 5:13 Why authenticate? 8:39 ACS under the hood 10:06 ACS Architecture 16:02 Challenges 21:03 ACS in Open Source 26:36 Key-Derivation Functions 29:22 How to get started 32:10 Outro 33:47 Bloopers 34:29

Visit the podcast's native language site