Zero Knowledge Proof, blind trust
The digitization of many processes and the constant technological evolution bring with them many benefits, but also new possibilities for cyber-attacks. Many companies today collect a large mass of data that helps them to improve their marketing mechanisms, products and services, making them more prone to constant attacks. That is why in this article we will explain how Zero Knowledge Proof (ZKP) makes it possible to protect confidential data and increase privacy by using mathematics.
More security is needed
Data is becoming more and more important with the exponential increase of IoT devices in our world. That is why a security system that can ensure the safety of data transmission at all times is necessary. Industry 4.0 will lead to an unimaginable amount of devices connected to the Internet, such as sensors, smart cars, detection cameras, etc... All this is a big step for the Internet of Things (IoT) where the main goal is to improve the quality of our lives. The problem is that all the data will be exposed to another large number of threats if we are not able to use a secure data encryption mechanism.
In the IoT sector, machine-to-machine or machine-to-human transactions require speed and scalability at increasingly demanding levels and need to maintain the privacy of sensitive information. There are already several methods for scalability of IoT devices and methods to increase the speed of transactions and processing, however, not so much effort has been made to ensure the privacy of information.
The concept of Zero Knowledge Proof was originally published by MIT in 1985. Zero knowledge proof consists of a mathematical technique by which the truth can be verified without the need to reveal the information itself. This article will not go into detail in the mathematical explanation behind the mechanism, but it is interesting to clarify two very important concepts if you want to understand the mathematical part:
Elliptic curve cryptography
Elliptic curve cryptography consists of a set of points satisfying an elliptic curve equation, which is easy to compute but very difficult to reverse. It is a variant of asymmetric or public key cryptography and is based on elliptic curves.
An elliptic curve is a set of points that satisfy a specific mathematical equation. The equation for an elliptic curve looks like this:
So we can say that it is very easy to create an ECC key, but breaking it is practically impossible. The main difficulty lies in the infeasibility of calculating the discrete logarithm of a random elliptic curve element with respect to a publicly known base point. This is known as the "Elliptic Curve Discrete Logarithm Problem (ECDLP)".
Basically it is the existence of a private key and a public key. The private key is used to encrypt the data into a hash and that hash can be used to verify the owner. A very clear example is explained in the article published by ISA Manipal.
A quadratic remainder, in mathematics, is called the number that leaves the square of any other number when divided by another number called modulus. In a more formal way it can be said that 'The integer r is a quadratic remainder of a prime p if there exists an integer x such that x squared leaves a remainder r in the division x^2 / p. The equation is such that: x^2 ≡r (mod p)
Let's give an example to make it clearer: If we say that 3 is a quadratic remainder of modulus 22, it means that if we choose a number x such as x = 5, dividing the square of x (25) by the modulus (22), it should give a remainder of 3.
ZKP explanation for your children
Instead of giving a mathematical or theoretical explanation, it will be better to understand what this method consists of with an example published by Jean Jacques and Louis Guillou in a report called “How to Explain Zero-Knowledge Protocols to your children”.
Let's imagine that there are two people (A and B) in a cave, and inside the cave there is a door that communicates the way C and D. Person A knows the combination that must be entered in the door to open it and wants to demonstrate it to B, but without telling him the key, so:
- 1. First, person A starts walking toward either side of the cave (C or D).
- 2. Once person A is no longer seen, B goes to the position from where person A started and can see both paths.
- 3. Now person B can instruct A to go out of lane C or lane D.
- 4. Because A knows the key, he will use the same key to open the secret door and exit through the lane that B told him.
- 5. B may not be convinced because it could have been luck since he had a 50% chance of correctly guessing the key.
- 6. So person B decides to repeat it 25 times or any number. If this test is repeated several times, the probability of finally guessing the key would be very low.
- 7. This allows B to verify that A knows the key without revealing the information (the key).
|Integrity||If the information provided is true, the verifier will be able to verify the veracity of that information over and over again.|
|Solidity||In the event that the information is false or erroneous, the verifier will know that the information is false.|
|IZero knowledge:||In case the information is true, the verifier will not know the information itself, it will simply know if it is true or false, nothing else.|
Types of ZKP: zk-SNARKs vs zk-STARKs
Currently there are two types of ZKP that are highly recognized. Firstly zk-SNARKs which were the first and are used in projects such as Zcash, although they have come to cause problems such as "creating coins out of thin air" and secondly zk-STARK which is an improvement of SNARKs.
- zk-SNARK:‘Zero Knowledge Succinct Non-Interactive Argument of Knowledge' is a type of zero knowledge proof, so ZKP is not the same as zk-SNARK, but zk-SNARK is built on ZKP. By referring to the term "Non-interactive", it means that there is no constant exchange between the demonstrator and the verifier. This type of ZKP requires higher computational power, higher cost and higher vulnerability to quantum attacks.
- zk-STARK:‘ ‘Zero Knowledge Scalable Transparent Argument of Knowledge' is a major improvement of zk-SNARK and unlike SNARK, there is a constant trade-off to get the verifier to be convinced. The zk-SNARK required a trusted configuration phase, whereas zk-STARK does not rely on such a configuration but uses publicly verifiable randomness. In addition, they are more scalable both in terms of speed and computational size, i.e., they are not as complex as zk-SNARKs, which sometimes complexity can cause problems, and finally, they are more resistant to quantum attacks.
We are still on the road to privacy
It is clear that not everything can be perfect, and in some ways the use of zero-knowledge proof is not 100% perfect. Although the protocol allows high levels of anonymity, security and privacy to be achieved, it also has some drawbacks. For example the impossibility to guarantee that the information is 100% true. That is, as explained above, if the interactions between tester and verifier are repeated many times, there comes a point where the probability of a random hit is extremely low, but can never reach zero. On the other hand, the computational power required is greater than that of other protocols, as well as the size required to perform it.
However, encryption algorithms are continuously being improved to reach a turning point where they can be used in a consistent manner and bring with them a multitude of advantages for the transmission of data in a secure and anonymous way. It is already being used in cases such as the military field to secure communications to prevent enemies from deciphering them, or in the healthcare field for medical records, in projects such as ZCash and monero and IoT devices with protocols such as Crowdpatching to patch security updates and communications (IoT sensors).