Zero-Knowledge Proof

Aad, Imad

doi:10.1007/978-3-031-33386-6_6

Imad Aad⁵

6015 Accesses
3 Citations
4 Altmetric

Abstract

Zero-knowledge proofs are techniques to verify claims without revealing the information itself. In this process, a “prover” shares proof of their claim with a “verifier,” who then verifies the accuracy of the proof without learning any additional information. It does not prove things with certainty. Instead, the process is repeated as often as needed, eventually reaching near-certainty. Zero-knowledge proofs are still in their early days as open initiatives and standardization efforts involve industry, academia, and technical and non-technical specialist. There are different Zero-knowledge proof systems for different use cases, most of which are either being researched or open-source implementation.

You have full access to this open access chapter, Download chapter PDF

1 Introduction

Zero-knowledge proofs (ZKPs) are techniques to verify claims without revealing the information itself. In this process, a “prover” shares proof of their claim with a “verifier,” who then verifies the accuracy of the proof without learning any additional information. ZKPs can be either interactive, where multiple interactions are needed to reach near-certainty, or non-interactive, where the proof can be verified in a single shot. One example of a non-interactive ZKP is zkSNARK, which is succinct and efficient for storage cost and allows the result of a computation to be used as a statement. The key difference between interactive and non-interactive ZKPs is that the latter replaces the verifier’s random challenges with a common reference value, allowing the proof to be transferred to third parties.

2 Analysis

A conventional verification paradigm typically involves a “verifier” and a “prover,” where the former does not trust the latter prior to the verification process (for example, a user proving his age to a service provider). However, it is assumed that the user trusts that the service provider will not misuse the shared data, which often shows to be a flawed assumption (e.g. the service provider selling user data to third parties) [1,2,3]. With the massive proliferation of online services, and their providers tending to diversify their businesses and monetizing the data assets at hand, there is a need to rethink the trust the user puts in the service provider (i.e., how much the prover trusts the verifier). Optimally, the prover should share the proof of his claim with the verifier without revealing any additional information (e.g., sharing proof of adulthood instead of the date of birth).

2.1 Definition

Conceived in 1985, Zero-Knowledge Proofs (ZKP) are techniques to verify claims regarding some given information without revealing the information itself. Various “basic” examples can be found in the literature [1, 4]:

Alice needs to prove to Bob, who is color-blind, that two balls have different colors:

Bob conceals whether he should swap the balls before showing them to Alice. Alice then tells whether they were swapped or not. After repeating the experiment several times, Bob can get almost sure whether Alice is telling the truth (i.e., the balls have different colors) without learning any extra information (e.g., the colors of the balls)
Alice proves to Bob that she knows the code to open a hidden door connecting two tunnels without revealing the code itself:

Bob instructs Alice on which tunnel to go out from outside the tunnels. Then, after repeating the experiment several times, Bob can get almost sure whether Alice knows the code of the door connecting the tunnels without learning the code itself.

Note that ZKPs do not prove things with certainty. Instead, the process is repeated as often as needed, eventually reaching near-certainty [2].

A ZKP method must satisfy three criteria [2]:

Completeness: If the information provided by the prover is accurate, then a ZKP method must enable the verifier to verify that the prover is telling the truth.
Soundness: If the information provided by the prover is false, then a ZKP method must allow the verifier to refute that the prover is telling the truth.
Zero-knowledge: The method must reveal to the verifier nothing other than whether the prover is telling the truth.

Types of ZKPs: The “basic” examples described above are called “Interactive ZKPs”. They share two common properties:

Numerous interactions are needed between the prover and the verifier until the latter gets convinced.
The proof cannot be transferred to third parties (e.g. by recording) who would not trust that the verifier did not coordinate his choices with the prover [4].

Non-interactive ZKPs also exist where the proof delivered by the prover can be verified in a single shot [5]. This type of ZKPs requires more computational power than interactive ZKPs. Unlike interactive ZKPs, non-interactive ZKPs apply to large groups of verifiers since the proof can be transferred to third parties, which is a big advantage w.r.t. interactive ZKP solutions.

One non-interactive ZKP solution is called zkSNARK (zero-knowledge Succinct Non-interactive Argument of Knowledge) [4, 6, 7]. It has, besides zero-knowledge and non-interactiveness, the following properties:

Succinct: Regardless of the problem size, the proof is 288 bytes, which is convenient for storage cost (e.g., on a blockchain)
Argument (i.e., claim of the prover): The result of any execution of a computation can be used as a statement/argument.

In order to move from interactive to non-interactive, zkSNARK replaces the verifier’s random challenges to the prover with a “common reference value,” such as a random string commonly agreed upon and accessible to all. At the same time, no party influences the actual random choice. Based on the “common reference value,” the prover simulates the challenges and constructs the proof. The verifier then re-runs the experiment for verification.

2.2 Trends

ZKPs are still in their early days. Open initiatives and standardization efforts involve industry, academia, and technical and non-technical specialists. The potential impact is well beyond 2025.

3 Consequences for Switzerland

3.1 Public Sector

ZKPs also bring promising research in “zero knowledge treaty verification”. The most famous example is “nuclear warhead verification”, where ZKPs can give information about the nuclear warheads without revealing closed secret designs. The details of “nuclear warhead verification” are based on the comparison of physical properties of objects (thus the term “physical ZKP”) which is out of the scope of this article. However, this opens the door for a wide range of other applications in international treaties, controls, and mediations.

Being very active on the international level in treaties and mediations, Switzerland can benefit from ZKPs for specific checks without revealing additional secret information, which often hinders negotiations between opposing parties. Identifying the specific use cases and the corresponding ZKP solutions can be a potential collaboration between authorities and academia.

3.2 Private Sector

ZKP can have an impact in different areas:

ZKPs could revolutionize the current web usage in favor of Web3 projects [8]. Web3 (see Chap. 34) is the new iteration of the World Wide Web where decentralization and blockchain technologies are vital factors, compared to Web 2.0, where content is centralized in a small group of big tech companies [9]. In addition, Web3 is argued to provide more data security, user privacy, and scalability. However, Web3 is another debatable question [9].
SSI: in the context of electronic identities, Self-Sovereign IDs is a concept where the end-user is in control of what attributes (e.g the age) are shared and how (e.g. \(>\) 18, not the exact age nor date of birth), and where trust is decentralized. Many electronic identifiers and eWallets worldwide, including Switzerland, are planned to follow the SSI concept. Furthermore, one of the SSI principles is data minimization, which implicitly includes ZKPs where applicable. Therefore, we should expect to see ZKP increasingly used in specific use-cases [3].
PETs: ZKPs can be seen as privacy-enhancing technologies (PETs) applicable to various use cases, as previously described. However, they require personnel with good knowledge of the technology and non-negligible overhead for implementing them. Therefore, the incentive for using ZKPs must be strong enough to overcome the overhead. In addition, it is still early to say which factors would push for their adoption: security consideration (e.g, No data breaches because no data have been shared), marketing/reputation, and regulations (e.g., GDPR, which requires data minimization).

Internationally, the adoption of PETs in the private sector is often slower than desired and used as a marketing argument: differential privacy at Google and Apple, end-to-end encryption in messaging applications. ZKPs can be expected to have similar adoptions.

In the Swiss market, a couple of enterprises offer privacy-based digital services. For instance, Threema for messaging and Proton for a broader range of services. With the emergence of eID and eWallets, we can expect a similar small adoption of ZKPs, in the use cases where they apply. Similarly, with the emergence of new ZKPs use-cases, we can expect more privacy-based services. However, the market share of these privacy-based services is relatively small, with occasional boosts due to data leaks and scandals. This trend is likely to remain the same.

3.3 Civil Society

Like with end-to-end encrypted messaging or privacy-preserving Covid tracing, PETs help increase the trustworthiness of the applications, the companies, or the governments collecting the data, which benefits the economy and administrative efficiencies. ZKPs will play a similar role. However, as mentioned before, the market share of these privacy-based services is relatively small, with occasional boosts due to data leaks and scandals. This trend is likely to remain the same.

3.4 Implementation Possibilities: Make or Buy

There are different ZKPs for different use cases, and most of these are either being researched or open-source implementations. So far, Buying is not an option.

3.5 Variation and Recommendation

The most prominent implementation of ZKPs is Zcash for anonymous cryptocurrencies. However, there is a slight advantage for Switzerland to play a role there. However, the basic idea of ZKP, which is sharing the minimum necessary provable information without revealing anything else, can have high utility in the banking sector and in the mediation activities between conflicting parties, where Switzerland is well placed. Therefore, an interdisciplinary working group to investigate these potentials is worth establishing.

4 Conclusion

ZKPs are in their early stages, and research is still widening their application range and use cases.

For the industry (swiss or worldwide), this may bring new opportunities to:

Using the (new) PET as a differentiation factor (like Threema and Proton do for messaging and email)
Adopting ZKP where applicable, therefore improving the security of data sharing

For civil society, where ever ZKPs apply, this is an additional way to secure personal data, reducing the impacts of data breaches.

For the Swiss government and military, ZKPs may help improve controls and mediation between conflicting parties. Therefore it is recommended to investigate the potentials further here and keep observing the evolution of ZKPs.

References

Gwyneth Iredale. Example of A Good Zero Knowledge Proof, March 2021. 101 Blockchains.
Google Scholar
14 ZKP Clare Nelson. https://docs.google.com/presentation/d/19v3jjK0bMM_nYshblWbR8UBr0k8wNWSU2pGeQtM7Fn0, August 2022.
Vincent Tabora. Self-Sovereign Identity With Zero Knowledge Proof. https://medium.datadriveninvestor.com/self-sovereign-identity-with-zero-knowledge-proof-9a05f36f16da, December 2018. Medium.
Hasib Anwar. Zero Knowledge Proof: A Introductory Guide. https://101blockchains.com/zero-knowledge-proof/, November 2021. 101 Blockchains.
Zero-Knowledge Proof: How it Works, Use Cases & Applications. https://research.aimultiple.com/zero-knowledge-proofs/, August 2022.
Demonstrate how Zero-Knowledge Proofs work without using math. https://www.linkedin.com/pulse/demonstrate-how-zero-knowledge-proofs-work-without-using-chalkias, August 2022.
Introduction to zk-SNARKs (Part 1). https://blog.decentriq.com/zk-snarks-primer-part-one/, September 2018. Decentriq.
CoinYuppie. 2022 predictions: Zero-knowledge proofs (ZKPs) key to Web3 - CoinYuppie: Bitcoin, Ethereum, Metaverse, NFT, DAO, DeFi, Dogecoin, Crypto News. https://coinyuppie.com/2022-predictions-zero-knowledge-proofs-zkps-key-to-web3/, https://coinyuppie.com/2022-predictions-zero-knowledge-proofs-zkps-key-to-web3/, March 2022.
Wikipedia, Web3. https://en.wikipedia.org/w/index.php?title=Web3&oldid=1103656598, August 2022.

Download references

Author information

Authors and Affiliations

EPFL, Lausanne, Switzerland
Imad Aad

Authors

Imad Aad
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Imad Aad .

Editor information

Editors and Affiliations

Cyber-Defence Campus, armasuisse Science and Technology, Thun, Switzerland
Valentin Mulder
Cyber-Defence Campus, armasuisse Science and Technology, Thun, Switzerland
Alain Mermoud
Cyber-Defence Campus, armasuisse Science and Technology, Thun, Switzerland
Vincent Lenders
Cyber-Defence Campus, armasuisse Science and Technology, Thun, Switzerland
Bernhard Tellenbach

Rights and permissions

Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Aad, I. (2023). Zero-Knowledge Proof. In: Mulder, V., Mermoud, A., Lenders, V., Tellenbach, B. (eds) Trends in Data Protection and Encryption Technologies . Springer, Cham. https://doi.org/10.1007/978-3-031-33386-6_6

Download citation

DOI: https://doi.org/10.1007/978-3-031-33386-6_6
Published: 27 April 2023
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33385-9
Online ISBN: 978-3-031-33386-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics