This paper investigates the fundamental barriers impeding the practical deployment of privacy-enhancing cryptographic techniques—such as zero-knowledge proofs and anonymous signatures—in real-world identity authentication systems. Through systematic analysis of concrete deployments, including the European Union Digital Identity Wallet (EUDIW), it identifies, for the first time, six critical gaps between theoretical maturity and engineering feasibility: (1) standardization lag, (2) lack of cross-ecosystem interoperability, (3) disconnect between cryptographers and engineering practitioners, (4) complex key management, (5) substantial computational and latency overhead, and (6) unclear migration pathways to post-quantum cryptography. The study proposes cryptography-aware adaptation principles and a phased evolution roadmap tailored to national digital identity frameworks, advocating “incremental integration” over wholesale replacement. This approach delivers an actionable, governance-oriented technical strategy to transition privacy-preserving authentication from laboratory prototypes to large-scale, production-ready deployment.

With the increasing use of online services, the protection of the privacy of users becomes more and more important. This is particularly critical as authentication and authorization as realized on the Internet nowadays, typically relies on centralized identity management solutions. Although those are very convenient from a user's perspective, they are quite intrusive from a privacy perspective and are currently far from implementing the concept of data minimization. Fortunately, cryptography offers exciting primitives such as zero-knowledge proofs and advanced signature schemes to realize various forms of so-called anonymous credentials. Such primitives allow to realize online authentication and authorization with a high level of built-in privacy protection (what we call privacy-preserving authentication). Though these primitives have already been researched for various decades and are well understood in the research community, unfortunately, they lack widespread adoption. In this paper, we look at the problems, what cryptography can do, some deployment examples, and barriers to widespread adoption. Latter using the example of the EU Digital Identity Wallet (EUDIW) and the recent discussion and feedback from cryptography experts around this topic. We also briefly comment on the transition to post-quantum cryptography.