We have been part of a great technological transformation since last few decades. When you’ll look back, you’ll experience a wave of nostalgia as some of the most used technologies of the current world were first released in the eighties. From gigantic hand-held mobile phones to today’s 5-inch smartphones; from cassette tapes to streaming online music; from 8 bit Nintendo video games to the Xbox One and numerous other technological pieces have evolved astoundingly since the 1980s. Among many, one of the technology is ZKP or “Zero Knowledge Proof”.
ZKP has constantly progressed over the years and has yet to become popular among ordinary human lives. Although, this technology has surfaced internet in recent years but the concept was first put forward in 1985 by Goldwasser and her team. They have discovered a way where people can possess secret information from bank details to military codes without any fear of hacking or data leak. It has a significant potential to increase the privacy and strengthen the security in various other domains including blockchain.
Yes, it is possible! Imagine a scenario where you don’t have to give your details to get access to anything. In this case, there won’t be any information to steal or hack as the 1st person isn’t sharing anything.
But, how the other person will verify the authenticity without sharing any information by the first person in first place?
“Everybody has secret information that he needs to show to somebody to identify himself”, and with Zero Knowledge Proof “instead of giving away the secret, a person proves that he has the secret” – Adi Shamir from Israel’s Weizmann Institute of Science
Let’s Dive Deep into Zero Knowledge Proof
Zero Knowledge Proof was the result of blending pure logic with computer technology by Mathematicians and Cryptologists. This concept is not new, as some cryptographers are working on the same for years.
In simple terms, it can be explained as a method where the authentication is done without using passwords or other sensitive information. So, the information can’t be stolen or leaked. Herein, authentication is done by verifying fact-like statements or statements about personal knowledge on certain randomness.
It is based on exceptionally sophisticated maths which was developed by Goldwasser, Rackoff and Micali in 1985. Because of this, they won the Gödel Prize in 1993 for advances in Theoretical Computer Science. In the forthcoming years, the development in Zero Knowledge Proof and its incorporation over internet protocols opened the door for sundry of applications. Jumping to this very day, it is finally used by several organizations and startups. Some even referred to it as a “crypto magic” after going by its potential and usability in cryptocurrencies.
You can read the original paper “The Knowledge Complexity of Interactive Proof-Systems” published by Goldwasser, Micali and Rackoff to understand the concepts and maths behind it.
As it is known for its privacy, authentication and lower interactive complexity; a Zero Knowledge Proof must satisfy three properties i.e. completeness, soundness and zero-knowledge.
- Completeness- if the statement is true then the verifier must accept it
- Soundness- if the statement is wrong then the verifier must reject it
- Zero-knowledge- in any case, verifier won’t know any extra information from the whole procedure except the correctness of the statement.
Zero Knowledge Types
As of now, two types of Zero Knowledge Encryption are being used:
- Interactive Zero Knowledge Proof
- Non-Interactive Zero Knowledge Proof
How Zero Knowledge Proof Works?
If you have read the paper published by the trio, then you would have understood that the concepts are really complex and are not something which a layman can understand at once. So to understand its working, you can read a non-digital example given below. It is way far from the complexity of ZKP but gives you the gist for the same.
Let’s assume that there is a blind person having two balls (one black and one white). Now you have to prove the different colors of the balls without revealing the colors to the blind person.
For this, you ask the blind person to keep both balls under a table and bring one ball in front of you each time. After which he must hide the ball again under the table and then either bring the same or the other ball next time. With each passing turn, you can prove to the blind person that each of the two balls differs in colors by saying whether he changed the balls or not under the table.
What if blind persons show the same color ball each time? This might have led others to assume that you were just lucky and still the blind person is not yet completely convinced. To tackle this, zero-knowledge proof repeats the same experiment over and over which significantly reduces the chance of successfully faking. However, there will always be a chance of error and absolute certainty will never be achieved.
This was one example of understanding the working of Zero Knowledge Proof. If you want to go through another example, then you can read “Explain Like I’m 5: Zero Knowledge Proof (Halloween Edition)”. It was written by Cossack Labs which explains its working both in detail and in simple words.
Where Zero Knowledge Proof can be Effective?
Zero Knowledge Authentication
It could be very useful in the authentication system. Zero Knowledge authentication can provide extra security by building a secure channel for the user. It can allow users to prove their identity to the second party without revealing sensitive information such as a password or any other details.
Sharing data over the internet always comes with certain risks no matter how secure they are. At any time someone can hack or intercept the information which can be easily avoided with zero knowledge proof.
Credit or debit card details, monthly statements or other such sensitive information always requires an extra level of security. Despite having an additional level of security, when you request for such information over the internet, the chances for data theft is very much possible. To tackle this Zero Knowledge Proof can come in handy.
Here, Zero Knowledge Proof can be used to guarantee that transactions are valid between the users while keeping their sensitive details hidden.
To understand Blockchain, you can read our blog on “Everything You Need To Know About Blockchain”. It explains everything from its concepts to the applications and benefits.
To your surprise, zero knowledge cryptography can also be used to enforce honest behavior within cryptographic protocols while maintaining privacy. In this scenario, a user has to prove that he/she is practicing an ethical behavior within the protocol without compromising privacy.
It is designed to provide protection and security to your storage devices by keeping hackers away. Zero Knowledge Systems keeps both the storage unit and the information in it encrypted.
Princeton University and Princeton Plasma Physics Laboratory in 2016 illustrated a technique which utilizes Zero Knowledge Proof for future nuclear disarmament talks. It has the potential to prove whether an object is a nuclear weapon or not without recording, sharing or revealing the workings or other secrets.
Who are Actually Using Zero Knowledge Proof?
Despite its potential in almost every industry which involves transactions, maintain records and other information, it is yet only used by a handful of organizations and startups. This is mostly because it’s more complex and is computationally expensive which we will discuss more in the limitation section.
Currently, the majority of the cryptocurrencies can reveal their user’s transaction history to the public. It’s one of the major disadvantages of cryptocurrencies which is also affecting its growth. Contrary to this, ZCash is the first open-source and permissionless blockchain platform. It has the ability to fully protect the privacy of the user’s transactions.
It utilizes the essence of zero knowledge cryptography where the transaction process is shielded. This hides the details of sender, recipient and the value of blockchain. ZCash was also one of the first few companies which successfully implemented zk-SNARKS, a novel form of zero knowledge cryptography.
It is an Israeli-based startup which uses Zero Knowledge Proof cryptography. It is known for providing privacy to your blockchain network. QED-it handles confidential and sensitive data without revealing it to any third party. Users can also integrate it into their systems for better data management.
Among several benefits, some notable ones are that it supports any blockchain infrastructure, allows scalability and robustness, and can be easily integrated into existing systems. Furthermore, it is widely used for private asset transfer, supply chain management and identity management.
It is another blockchain platform which utilizes Zero Knowledge Proof concepts. You can use Nuggets for making any transactions without sharing or storing any personal data. It is because Nuggets uses a simple biometric tool for payment, login and identity verification. Among its various benefits, the ones which Nuggets highlights on their website are simple login without any passwords, fast user verification, secure payments with no data storing or sharing and few others. Going by its potential, indeed “the future looks safer and simpler with Nuggets”- a message from Nuggets Homepage
A Netherlands-based bank, ING has launched a zero-knowledge system called zero-knowledge range proofs. It will be mainly used in the financial sector like mortgage value. Here, people can prove their salary range without revealing the actual figure. It is effective as it reduces the computational power making faster transactions. They have made their code open-source and is available on GitHub.
Private Instant Verified Transaction or PIVX for short is an MIT licensed and open-source blockchain-based cryptocurrency which follows zerocoin protocol. It is known for ultra-fast transactions, low fees and high anonymity. According to CoinMarketCap, PIVX has a 2-tier currency. It consists of regular coins for ordinary transactions and anonymous zPIV for private anonymous transactions.
With PIVX the only thing which will be public is the confirmation of the transactions. It means that you would know that someone has sent you the money but other details like address, time and others would be hidden.
It is another company which utilizes zero-knowledge cryptographic proofs for improving scalability and privacy in blockchains. Instead of using famous SNARKs protocol, StarkWare is using STARK technology. It is a more twisted version of SNARK. Many believe that the new STARK technology has the potential to be the next level of SNARKs.
I started writing this article with the hope of sharing a recent technological innovation but I ended up writing on something which was conceptualized way back in the eighties. What fascinates me about Zero Knowledge Proof is that when you’ll search the internet about its working principle, then you’ll find several simple examples which even a school going kid can understand. But at the same time, when you’ll read research papers on it or the mathematical formulas, Zero Knowledge Proof automatically become very complicated and sophisticated.
Indeed, it can be effective in numerous fields and are already implemented by a handful of companies. But just like a coin which has two sides, it also has few limitations as of now. Zero Knowledge Proof is computationally expensive, and the required compute power for supporting its trust setup can be an issue. As it is still in its early phase, all the users must show confidence in its cryptography. This can be strong enough to prevent malicious attacks.
It might be a technological revolution but who knows just like blockchain, it might also end up with certain limitations. Or contrary to the blockchain, Zero Knowledge Proof might even transform certain domains to its entirety by providing exceptionally good security. However, whether Zero Knowledge Proof will be the next big thing or not can only be deciphered in the near future.