Anonymous Author Identity & Verification System

Proposal: Anonymous Author Identity and Verification System for AES-451

Overview

In repressive environments, writers risk harassment, arrest, and worse for publishing the truth.
Many are forced to abandon their work or publish anonymously — at the cost of legitimacy, recognition, and impact.

The AES-451 identity system aims to solve this by allowing writers to use assumed names while building the same trust, continuity, and authority typically granted to those who publish under their real identities.

This system will empower writers to:

  • Publish anonymously, yet credibly
  • Prove their authorship securely
  • Communicate with journalists and researchers
  • Protect themselves and their wider networks from exposure

Core Goals

  • Establish trust between anonymous writers and their audience
  • Ensure authenticity of content
  • Provide verifiable identity for journalists and researchers
  • Preserve anonymity even under device seizure or coercion
  • Enable writers to build a long-term pseudonymous presence with the authority of a real-name identity

System Summary

The AES-451 identity system is a lightweight, cryptography-based framework that lets writers:

  • Sign their work
  • Control who can view private identity details
  • Authenticate their authorship through a secure, browser-based or offline process

Key features:

  • Public/private key pairs generated client-side
  • Posts signed with a secure PIN (never stored)
  • Optional distress PINs trigger silent deauthorization
  • Profile sharing permissions embedded per recipient (via email-based access tokens)
  • Recipient verification through email confirmation
  • Manual or portal-based submission of content and authentication files
  • No server-side storage of private keys, metadata, or IP addresses

Each signature file (e.g., .a451) is uniquely tied to the specific content it accompanies.
The system creates a cryptographic hash of the content, digitally signed with the writer’s private key, ensuring:

  • The content has not been altered
  • The content was authored by the pseudonym holder
  • The recipient can verify the signature using the public key linked to the pseudonym

User Experience: Writers

  1. Sign into a secure local tool or web app
  2. Upload or paste content
  3. Enter pseudonym and secure PIN
  4. System generates a signature file (e.g., .a451) proving authorship and binding it to the content
  5. Optionally add a journalist’s email to allow profile access (one-time encrypted token)
  6. Either:
    • Download the signature + email it manually
    • Use a secure email tool built into the system

If under duress, a distress PIN creates a silent alert signature for backend monitoring.

User Experience: Journalists/Researchers

  • Receive a signed post and .a451 file
  • Visit a verification portal (or use offline verification tools)
  • Upload the signature file and original content
  • Log in or create an account, verifying their email

If granted access, they can view:

  • Writer’s pseudonym
  • Post authenticity
  • Profile details (if permissioned)

If access was granted via token, and email is verified, access is seamless.

Identity Verification Methods

While the core system uses cryptographic keys for consistency and verification, initial identity validation can happen through trusted methods:

Video verification (via Signal):

  • Writer sends a short video showing their face and holding ID to a trusted administrator
  • Video is immediately deleted after confirmation — never stored

Trusted authenticator system:

  • A verified individual (journalist, editor, project lead) vouches for the writer
  • Similar to a "web of trust" approach

These methods ensure that although the pseudonym is fabricated, the person behind it is real and in the situation they claim.

Case Examples

  • A writer in Afghanistan publishes an essay about life under Taliban rule. She signs it with her AES-451 ID, allowing journalists to verify that the content came from a consistent, trusted pseudonym. She also allows profile access to one specific journalist, who sees she has been verified through an authenticator.

  • A writer in Egypt shares leaked documents about surveillance abuses. He uploads them with a distress PIN, triggering a silent flag. A researcher authenticates the post and notes it was signed under duress. They contact a trusted liaison for safety follow-up.

  • A researcher receives three stories from different "unknown" pseudonyms. Two fail verification. One shows a long history of verified, signed posts under the same key, endorsed by two known writers. This is the one they trust.

Why We Need This

In regimes that criminalize truth-telling, anonymity is survival.
But anonymity without credibility leads to dismissal.

This system offers a way to preserve the protective layer of pseudonymity while restoring the legitimacy and continuity of a name.

It allows writers to:

  • Build careers
  • Collaborate
  • Publish without compromise

And it allows journalists and researchers to engage with their work without fear of deception.

[quote] Writers should not have to trust anyone with their real identity — not even us. [/quote]

Next Steps

We are seeking:

  • Cryptographers and developers to help build the client-side tools
  • Human rights technologists to stress-test threat models
  • Journalists and researchers to help design the verification UX
  • Writers and editors to test and refine the flow

We are building this for those who cannot afford mistakes.
It must be simple, strong, and silent.
But most of all, it must work.