- Sanchita wants to prove to Sachin that she knows value info such that y = g^’Witness’ to base g.
- Sanchita picks random value x from set of values Z, and computes t = g^x and sends t to Sachin.
- Sachin picks random value c from set Z and sends it to Sanchita.
- Sanchita computes r = x-c*’Witness’ and returns r to Sachin.
- Sachin checks if t= g^r * y^c holds or not ( since r= x-c*’Witness’, y= g^’Witness’ and by simple substitution, g^(x-c*’Witness’)* g ^ c*’Witness’ = g^x = t).
- Sachin doesn’t know value of ‘Witness’ but by checking if t = g^r * y^c he can verify that Sanchita does indeed know the value of ‘Witness’.
Problems with Interactive Zero Knowledge Proof :
- Limited transferability –
In order to prove same proof again to another verifier, entire process needs to be repeated.
- Unscalable –
Interactive ZKP’s require both verifier and prover to be online at same time which makes entire process unsaclable.
- Nuclear disarmament –
In 2016, Princeton Plasma Physics Laboratory and Princeton University demonstrated technique that may have applicability. It would allow inspectors to confirm if an object is nuclear weapon without recording, sharing, or revealing internal workings which might be secret.
- Authentication systems –
It can be used for user to verify its password without revealing it to system. A zero-knowledge password proof is special kind of zero-knowledge proof of knowledge that addresses limited size of passwords as most of protocols of ZKP require larger random inputs.
To counter problems faced with Interactive Zero Knowledge Proof, we further implement Non-Interactive Zero Knowledge Proofs to make it scalable in actual earth applications.
My Personal Notes
Read more: A Few Thoughts on Cryptographic Engineering