Establishing and verifying identity using action sequences while protecting user privacy

What is claimed is: 1. A method comprising: collecting, at a first device belonging to a user, during an account recovery service enrollment process of a user account maintained at a server, a first action data set representing a first performance of an action sequence by the user, wherein the first action data set is approximately reproducible by the user reperforming the action sequence, wherein the action sequence comprises traversing a route comprising a starting point geographic location and an ending point geographic location designated by the user during the account recovery service enrollment process at a predetermined speed; and preserving, by the first device, secrecy of the first action data set from any other device by capturing the first action data set at the first device. 2. The method of claim 1 wherein the first action data set includes data representing one or more of: a location of the route; a distance covered by the route; a turn take during the route; or a gait of the user while traversing at least a portion of the route. 3. The method of claim 1 wherein the action sequence includes the user intentionally moving the first device and the first action data set includes data representing one or more of: a motion path of the first device; a speed of a motion; a grip of the user on the first device; an impact force on the first device during the motion; or a location where the motion was performed. 4. The method of claim 1 wherein the action sequence includes the user presenting a biometric identifier to the first device and the first action data set includes data representing one or more of: an identifier type of the biometric identifier; biometric data for the biometric identifier; or a location where the biometric identifier was presented. 5. The method of claim 1 wherein the action sequence includes the user playing a song on the first device and the first action data set includes data representing one or more of: a song identifier of the song; an audio sample from the song; or a location where the user played the song. 6. The method of claim 1 wherein the action sequence includes the user taking a photo using a camera of the first device and the first action data set includes data representing one or more of: a device motion path associated with taking the photo; a number of photos taken; an orientation of the camera during taking the photo; image content information extracted from the photo; or a location where the photo was taken. 7. The method of claim 1 wherein the action sequence includes the user sending a communication to another person using the first device and the first action data set includes data representing one or more of: an identifier of the other person; content of the communication; or a location where the sending occurred. 8. The method of claim 1 wherein the action sequence includes the user interacting with an app the first device and the first action data set includes data representing one or more of: an identifier of the app; information indicating a specific operation within the app; or a location where an interaction occurred. 9. The method of claim 1 , wherein the method further comprises: generating, at the first device, a first set of N key pairs based on a first data set using a key generation algorithm, wherein a number N is greater than 1 and wherein each key pair in the first data set includes a public key and a private key; and sending, by the first device to the server, the public key of each of the first set of N key pairs to be stored by the server in a user account information record for the user account. 10. The method of claim 9 further comprising: destroying, by the first device, the private key of each of the N key pairs in the first set. 11. The method of claim 9 wherein collecting the first data set includes: prompting, by the first device, the user to perform an action; and operating a sensor to collect sensor data while the user performs the action. 12. The method of claim 11 wherein collecting the first data set further includes generating a portion of the first action data set based on the sensor data. 13. The method of claim 9 wherein collecting the first data set includes: prompting, by the first device, the user to perform at least two different actions; and operating a sensor to collect sensor data while the user performs the at least two different actions. 14. The method of claim 13 wherein an order in which the at least two different actions are performed is selected by the user. 15. The method of claim 13 , wherein the actions are selected by the user. 16. The method of claim 13 wherein the actions include at least two of: traversing the route; waving the first device in a user selected pattern; presenting a biometric identifier to a biometric sensor of the first device; playing a song on the first device; taking a photo using a camera of the first device; sending a text to someone using the first device; or interacting with an app installed on the first device. 17. The method of claim 9 , wherein the number N is at least 100. 18. The method of claim 9 further comprising, during a verification process subsequent to the enrollment process: collecting, at a second device, a second action data set representing a second performance of the action sequence by a person purporting to be the user; generating, at the second device, a second set of N key pairs based on the second action data set using the key generation algorithm, wherein each key pair in the second set includes a public key and a private key; and performing, at the second device, a zero knowledge probabilistic proof with the server using the private key of each of the N key pairs in the second set, wherein successful performance of the zero knowledge probabilistic proof establishes to the server that the second device has sufficient knowledge of the private keys corresponding to N public keys stored at the server. 19. The method of claim 18 wherein sufficient knowledge requires knowledge of at least a threshold fraction of the private keys. 20. The method of claim 18 wherein the N key pairs are divided into a plurality of subsets including a first subset of key pairs that are highly reproducible and a second subset of key pairs that are less reproducible and wherein sufficient knowledge requires knowledge of at least a first threshold fraction of the keys in the first subset and knowledge of at least a second threshold fraction of the keys in the second subset, wherein the first threshold fraction is higher than the second threshold fraction. 21. The method of claim 18 wherein each key pair is assigned a weight corresponding to its degree of reproducibility and wherein sufficient knowledge requires attaining at least a minimum score, the minimum score being computed based at least in part on the weights of the key pairs determined to be possessed by the second device. 22. The method of claim 18 wherein the verification process is an account recovery process, the method further comprising: recovering access to the user account information record in response to successful performance of the zero knowledge probabilistic proof. 23. The method of claim 22 wherein recovering access to the user account information record includes establishing a new account credential for the account. 24. The method of claim