Imagine you could prove you were 21 without revealing your date of birth – or anything else about you, for that matter. Or qualify for a loan without disclosing your net worth. Or enjoy the benefits of e-commerce, e-health and e-government without a moment's fear that you are open to identity theft.

Sound impossible? It is. But it won’t be if cryptographer and entrepreneur Stefan Brands has his way.

Brands runs Credentica, a Montreal-based startup that is rolling out an encryption-and-authentication system called U-Prove that allows users to disclose the absolute minimum to complete digital transactions – and to do so in a way that ensures the information they need to reveal has no shelf life whatsoever.

"By protecting privacy, you can actually enhance security," Brands says. "My goal is to get the best of both worlds."

Maintaining digital privacy and security has never been more important. As more and more people trust their personal information to electronic databases, security and privacy are plummeting. More than 79 million personal electronic records containing data like credit card and Social Security numbers were compromised in the United States last year – almost four times the number reported in 2006, according to the San Diego-based Identity Theft Resource Center. And more than 162 million such records were compromised globally, more than three times 2006 levels, according to Attrition.org.

Here’s the problem: Every time you use a credit card, somebody you didn’t actually give it to could be squirreling the numbers away.

"If you walk through a shopping center, you don’t have your personal information pinned to your shirt in a way that anyone you deal with can just walk up and read it," says Kim Cameron, Microsoft's chief architect of identity and author of the Identity Weblog. "You control the information you release."

Over time, the problem compounds: Buy something here, provide an address there, use your driver’s license number somewhere else. "In the digital world, information leaks, and super-profiles can be assembled, just through continued use of the internet," Cameron says.

U-Prove promises security by revealing as little as possible and rendering what is disclosed useless for anything but the transaction at hand.

The technique employs secure multi-party computation, a branch of cryptography that can calculate meaningful answers about secret information by knowing only some nonrevealing clues about that secret. The underlying theory was demonstrated in 1982 by Andrew Yao in the so-called Millionaire's Problem: Alice and Bob want to find out who has more money without disclosing the amount of their fortunes to each other, or even to a mutually trusted third party. By applying special functions to their information that disguised it, Yao proved that each could know who was richer without either revealing their true holdings.

U-Prove employs an ID token, a special kind of digital certificate that allows for minimal selective disclosure. The tokens can store all kinds of information, but users can disclose only the minimum amount of data required in any given transaction. They leave no unwanted data trails and permit both anonymity and pseudonymity.

The tokens are also loaded with cryptographic protections that make them resistant to phishing, forgery and all manner of online security woes. They cannot be traced back to their issuers. Separate tokens used by the same person cannot be linked together.

As a result, neither the people who create the tokens nor those who accept them can track and correlate their use. And users need never reveal more than they would like.

Credentica VP of engineering Greg Thompson says that's not the case with certificates generated by public key infrastructure, the cryptographic system that has long been the most common means of authenticating identities and encrypting messages online.

In conventional public key cryptography, Thompson says, "the math itself gives you linking and tracing, whether you want it or not."

The U-Prove approach has been tried before, without commercial success. Most companies tried to sell privacy software to consumers, which was the wrong approach.

So Brands is flipping it around by developing a software developers kit that would appeal to businesses and government agencies that want to prevent costly and damaging data breaches on behalf of their customers.

In addition, Brands hopes that by providing a somewhat stripped-down version of his technology under a noncommercial license he can encourage developers to explore its potential applications -– just like RSA Data Security did in the 1980s when it offered free, noncommercial use of its public-key cryptosystem and went on to dominate the online security market.

"They were a small company," Brands says. "Now everybody knows who RSA is."

Credentica is in licensing talks with several large original equipment manufacturers, and Brands hopes to announce one or more deals shortly.

It can still be a tough sell. Most technical personnel continue to think of attacks from outsiders – not abuse or collusion by insiders – as the primary threat to personal data. And for nontechnical personnel, the theory underlying ID tokens can be daunting. Both Brands and Thompson tend to refer to the math behind U-Prove as "magic" rather than going too deep into the details.

In the meantime, U-Prove is generating some street cred.

"I think that U-Prove adds a really interesting dimension to the discussion around identity, by allowing people to make claims which are authenticated, but not associated with a person," says Adam Shostack, a former cypherpunk who worked with Brands at Zero Knowledge Systems and now works at Microsoft.

"I remember when I saw my first driver's license scanner at a bar in Boston," Shostack says. "I didn't want the bar capturing everything on my license so they could prove due diligence in not letting minors drink. U-Prove lets me prove my age, without providing anything else about me."