Zero Knowledge Proofs – An Overview

Zero Knowledge Proofs – An Overview

Whenever you want to login into your social media account, say Twitter, you are expected to provide a secret passage – a password. The website checks if your password is correct and if it is, you are granted access.

This mechanism works because Twitter assumes that you are the only one who knows the password to your account and that you wouldn’t share your password with anybody else that you don’t want accessing your account.

However, imagine you find out that there is someone spying on you and wants to know your Twitter password so they can tweet something embarrassing and untrue about you; like ‘I don’t like pizza!’

Now, you want to use your Twitter account but you can’t reveal your password. You have to convince Twitter that it really is you who are trying to access this account without revealing your password and Twitter needs a mechanism to confirm that you are who you claim you are and it’s OK to let you in. This is where Zero Knowledge Proofs (ZKPs) come in handy.

Origins

Zero Knowledge Proofs is an encryption scheme, first proposed by MIT researchers Shafi Goldwasser, Silvio Micali, and Charles Rackoff in their paper "The Knowledge Complexity of Interactive Proof-Systems" in 1989.

An encryption scheme is responsible for changing the contents of a message in such a way that anyone listening in on the communication can’t make any sense of it. However, the receiver knows how to decipher the message and is able to understand it.

In their paper, the MIT researchers gave the first zero-knowledge proof for a concrete, real-world problem and won the Godel Prize for their work in 1993.

How it works

Zero-Knowledge Proofs allow some data to be verified without revealing that data. Each ‘transaction’ of data verification has a ‘verifier’ and a ‘prover’. The prover attempts to prove something to the verifier without telling the verifier anything else about that thing.

By providing only the final output, the prover proves that they know something without revealing the process by which they know it. Meanwhile, the verifier only learns about the output and that is enough.

The Issues at Hand

Data privacy is one of the most important subjects nowadays. People are becoming more and more aware of their right to privacy and the intrusive and exploitive practices of tech giants like Google and Facebook to collect, resell and probe through personal data, all for a profit.

Even if you are not a social media person and rarely go to those websites, your mobile network provider and even the OS in your smartphone (Android, iOS, etc.) is gathering data on you.

So, what is the solution? Do you just disconnect from the internet and go off the grid? Do you block out all companies from accessing any of your data forever?

You can’t do any of that because life without internet is not possible in this day and age. Furthermore, there are services that we depend on that require our data. Examples include insurance companies who need our medical data to provide us their health insurance and banks that need access to our credit score to give us a loan.

The Solution

With Zero-Knowledge Proofs, we can still enable insurance companies and banks to verify the parameters that they need to verify without revealing specific personal information.

We can exercise our right to privacy while continuing to enjoy the services that really do need our data to function and blocking intrusive companies who exploit their access to our data and violate our privacy.