According to a general aspect, a computer-implemented method for a first user to verify an association with a second user through a secret handshake protocol includes maintaining information about a reusable identification handle for the first user, where the information about the reusable identification handle is provided by a trusted third party, maintaining information about a reusable credential for the first user, where the information about the reusable credential is provided by a trusted third party, and maintaining information about a matching reference for verifying an association with another user, where the information about the matching reference is provided by a trusted third party. Information based on the reusable identification handle and based on the reusable credential is transmitted to a potential peer. First information based on a reusable identification handle for the second user is received, and second information based on a reusable credential for the second user is received. A first comparison of a combination of the first information and the second information is performed with the matching reference to determine whether the second user's credentials match the first users matching reference. A second comparison of the first information with information published on a revocation list is performed to determine whether the second user's credentials have been revoked from usage. Based on the first comparison and the second comparison, a determination is made whether or not to verify the association of second user with the first user.