Back الإثبات بلا كشف Arabic Vidensløst bevis Danish Null-Wissen-Beweis German Prueba de conocimiento cero Spanish Teadmise puudumise protokoll Estonian اثبات هیچ‌آگاهی Persian Preuve à divulgation nulle de connaissance French הוכחה באפס ידיעה HE Dimostrazione a conoscenza zero Italian ゼロ知識証明 Japanese

Zero-knowledge proof

"ZKP" redirects here. For the airport in Russia, see Zyryanka Airport. For other uses, see Zero knowledge.

In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that some given statement is true, while avoiding conveying to the verifier any information beyond the mere fact of that statement's truth.[1] The intuition underlying zero-knowledge proofs is that it is trivial to prove possession of the relevant information simply by revealing it; the hard part is to prove this possession without revealing this information (or any aspect of it whatsoever).[2]

In light of the fact that one should be able to generate a proof of some statement only when in possession of certain secret information connected to the statement, the verifier, even after having become convinced of the statement's truth, should nonetheless remain unable to prove the statement to further third parties.

In the plain model, nontrivial zero-knowledge proofs (i.e., those for languages outside of BPP) demand interaction between the prover and the verifier.[3] This interaction usually entails the selection of one or more random challenges by the verifier; the random origin of these challenges, together with the prover's successful responses to them notwithstanding, jointly convince the verifier that the prover does possess the claimed knowledge. (If interaction were absent, then the verifier, having obtained the protocol's execution transcript—that is, the prover's one and only message—could replay that transcript to a third party, thereby convincing the third party that the verifier too possessed the secret information.)

In the common random string and random oracle models, non-interactive zero-knowledge proofs exist, in light of the Fiat–Shamir heuristic.[4][5][6] These proofs, in practice, rely on computational assumptions (typically the collision-resistance of a cryptographic hash function).

  1. ^ Aad, Imad (2023), Mulder, Valentin; Mermoud, Alain; Lenders, Vincent; Tellenbach, Bernhard (eds.), "Zero-Knowledge Proof", Trends in Data Protection and Encryption Technologies, Cham: Springer Nature Switzerland, pp. 25–30, doi:10.1007/978-3-031-33386-6_6, ISBN 978-3-031-33386-6
  2. ^ Goldreich, Oded (2001). Foundations of Cryptography Volume I. Cambridge University Press. p. 184. doi:10.1017/CBO9780511546891. ISBN 9780511546891.
  3. ^ Goldreich, Oded (2001). Foundations of Cryptography Volume I. Cambridge University Press. p. 247. doi:10.1017/CBO9780511546891. ISBN 9780511546891.
  4. ^ Goldreich, Oded (2001). Foundations of Cryptography Volume I. Cambridge University Press. p. 299. doi:10.1017/CBO9780511546891. ISBN 9780511546891.
  5. ^ Blum, Manuel; Feldman, Paul; Micali, Silvio (1988). "Non-interactive zero-knowledge and its applications". Proceedings of the twentieth annual ACM symposium on Theory of computing - STOC '88 (PDF). pp. 103–112. doi:10.1145/62212.62222. ISBN 978-0897912648. S2CID 7282320. Archived (PDF) from the original on December 14, 2018. Retrieved June 2, 2022.
  6. ^ Wu, Huixin; Wang, Feng (2014). "A Survey of Noninteractive Zero Knowledge Proof System and Its Applications". The Scientific World Journal. 2014: 560484. doi:10.1155/2014/560484. PMC 4032740. PMID 24883407.

Rich TVX News Network Site

Rich TVX News Network Info

© MMXXIII Rich X Search. We shall prevail. All rights reserved. Rich X Search