Zero-knowledge Proof (ZKP) and Privacy Preserving
[Back] Many systems are design where the user must provide the plaintext version of their password. Unfortunately if Eve is listening, then she could determine the password. With ZKP we create a protocol where Alice can prove to Bob that she knows a secret, without actually revealing the secret. In this way Bob and Alice just need to negotiate their agreement of the secret, and there on Alice will not have to release the secret to Bob. We can also use this method when we do not trust anyone, such as where Bob and Alice want to play a game of toss coin over a telephone link. If they do not trust each other how can they toss a coin with cryptography, and then prove the result of the toss, so that neither Bob nor Alice can lie? There are many applications in proving things without actually revealing the information that you are proving. This could be to prove your identity or even your date of birth. Overall this is defined as Privacy Enhancing Technologies (PET), and where we can reveal information without reveal-ing our answer.
So ZKP is all about finding out something about a user or a device, without actu-ally revealing the actual data involved. For example we might want to know the num-ber of people who are using an App who are either under 18 years old, and who are over 18 years old, without actually asking for their age (or in storing it). Some com-mon methods are:
The following are some practical methods: