Zero-Knowledge Proof

What Zero-Knowledge Proof is

In cryptography, a Zero-Knowledge Proof (ZKP) is a protocol that allows one party (the prover) to demonstrate to another party (the verifier) the truth of a statement without disclosing any additional information beyond the fact that the statement is true. The core idea is that proving possession of certain information is straightforward by revealing it, but the challenge of ZKP lies in proving possession without disclosing any details of that information.

In privacy-preserving multi-party computation (MPC) or proxy modes, ZKP is often combined with selective disclosure (data redaction) to safeguard user data privacy.

Data Desensitization Process

Data desensitization involves protecting data privacy by concealing or replacing sensitive information while maintaining the data's utility. Below is an example of the data desensitization process:

  1. Sensitive Information Replacement:

    • User Alice desensitizes encrypted data containing sensitive information by replacing sensitive parts with placeholders (e.g., *).

    • Example:

      • Original plaintext: Hello Alice, your balance is 2,500USD

      • Redacted plaintext: Hello *****, your balance is 2,500USD

  2. Encrypted Data Processing:

    • Suppose the encrypted ciphertext is xyz1234567890.

    • Based on the redaction positions in the plaintext, the corresponding positions in the ciphertext are replaced with an equal number of * characters, resulting in the redacted ciphertext: xyz*****7890.

Generation and Verification of Zero-Knowledge Proof

The following outlines the process for Alice and Bob to use ZKP to verify redacted data:

  1. Generating the ZKP:

    • Alice generates a zero-knowledge proof to demonstrate that the redacted ciphertext (e.g., xyz*****7890) can be decrypted into content resembling Hello *****, your balance is 2,500 USD.

    • The decrypted plaintext may slightly differ from the original or redacted plaintext, which is expected.

  2. Sending the Proof:

    • Alice sends the ZKP proof, the redacted ciphertext (decryptedRedactedCiphertext), and the redacted plaintext (redactedPlaintext) to Bob.

  3. Verification Process:

    • Upon receiving the ZKP, Bob performs the following steps:

      1. Matching Check:

        • Verifies whether the redacted ciphertext matches the redacted plaintext provided by Alice (i.e., checks if characters correspond or are *).

      2. Applying Redaction Rules:

        • Bob applies the same redaction rules to his own copy of the ciphertext, based on the positions of * in the redacted plaintext.

      3. Verifying the ZKP:

        • Uses Bob’s redacted ciphertext and Alice’s provided redacted ciphertext as inputs to validate the zero-knowledge proof.

Through this process, Bob can confirm that Alice’s balance is 2,500 USD without learning her username or other sensitive information.

Summary

Zero-knowledge proofs, combined with data desensitization techniques, provide a method to verify data attributes while preserving privacy. In MPC or proxy scenarios, this approach ensures security and privacy by concealing sensitive information (e.g., usernames) and using ZKP to prove data correctness. This process is suitable for scenarios requiring high privacy protection, such as finance, healthcare, or legal applications.

PreviousProxy ModeNextUse in Orange Human Score

Last updated

Was this helpful?