February 9, 2012

SEMINAR ON:

ZERO KNOWLEDGE PROOFS

Zero knowledge proofs

BY:- SARBANI ROY 0811012045 CSE-D, 7th SEM

TALK FLOW:February 9, 2012

BACKGROUND INTRODUCTION EXPLANATION REDUCING PROBABILITY OF CHEATING PROPERTIES OF ZKP ZERO KNOWLEDGE PROOFS & NP GRAPH ISOMORPHISM GRAPH 3-COLORING APPLICATIONS CONCLUSION

2

Zero knowledge proofs

BACKGROUND:February 9, 2012

The Fact:
Identifications and passwords are essential parts in a secured system in which they prevent unauthorized access to private materials.

The Problem:
Passwords are assigned to authorized personnel and are meant to be kept secret. But ironically, one often have to give out his/her password during authentication. Thats not very safe!

Zero knowledge proofs

The Solution:
Zero-Knowledge Protocol!
3

INTRODUCTION:February 9, 2012

Zero-knowledge proof protocol allows one party, usually called PROVER, to convince another party, called VERIFIER, that PROVER knows some facts (a secret, a proof of a theorem,...) without revealing to the VERIFIER ANY information about his knowledge (secret, proof,...). Zero Knowledge proof is a special type of Interactive Proof System.
4

Zero knowledge proofs

EXPLANATION:
February 9, 2012

Analogy of Ali babas Cave, also called as GuillouQuisquaters Protocol is used. Three characters mentioned for explanation viz: (a) PROVER (Peggy): He has to prove his secret without letting anyone know what it is.

Zero knowledge proofs

(b) VERIFIER (Victor): He has to verify whether Peggy knows the secret or not through series of experiments on him. (c) MALICE (Mike): Simply put, the bad guy who tries to cheat the security system.

EXPLANATION (CONT.)
February 9, 2012

Victor stands at point P Peggy chooses any path randomly & walks into the cave to point R or S. Now Victor walks to Q. Victor asks peggy to come out of the cave either from left. or from right. Peggy, using the magic words, comes out.

Zero knowledge proofs

REDUCING PROBABILITY OF CHEATING:

To reduce the probability of cheating: Run the protocol k times sequentially Verifier accepts if prover succeeds in all k runs

February 9, 2012 Zero knowledge proofs

Probability of cheating: 2-k With increase in number of iterations, the probability of cheating the verifier by the prover decreases
7

PROPERTIES OF ZKP:
February 9, 2012

Completeness:
The Verifier will always accept a proof from the Prover, given that they both follows the correct protocol.

Soundness:
The Verifier will not accept any incorrect proof from the Prover, given that the Verifier follows the correct protocol.
Zero knowledge proofs

Zero-Knowledge:
During the whole proving process, the Verifier will learn nothing about the Provers secret, nor will she be able to prove that secret to any other party.
8

ZERO KNOWLEDGE PROOF & NP

February 9, 2012

NP- Problems having no efficient algorithm. ZK used for demonstrating Proofs that yeild nothing but their validity

Zero knowledge proofs

All languages in NP have Zero Knowledge Proofs. Examples Illustrated:

Graph Isomorphism y Graph 3-coloring
y

1. GRAPH ISOMORPHISM:
February 9, 2012

Peggy has two isomorphic graphs : G1 = (V1, E1), & G2 = (V2, E2), related by isomorphism . Peggy wants to prove to Victor that G1 and G2 are isomorphic without giving away the isomorphism.

10

Zero knowledge proofs

GRAPH ISOMORPHISM (CONT.)

February 9, 2012 Zero knowledge proofs

Peggy produces H that is isomorphic to G1 & G2. Peggy sends H to Victor. Victor asks Peggy either to: (a) prove that H & G1 are isomorphic, or, (b) prove that H & G2 are isomorphic.

11

2. GRAPH 3-COLORING:February 9, 2012

Common Input: A Graph G(V,E). Prover can paint the vertices of the Graph in 3 colors. Prover must keep the coloring, a SECRET. But has to verify by the Verifier.

12

Zero knowledge proofs

GRAPH 3-COLORING (CONT.)

February 9, 2012

Prover chooses a random color permutation He puts all the nodes inside envelopes. And sends them to the verifier.

Zero knowledge proofs

13

GRAPH 3-COLORING (CONT.)

February 9, 2012

Verifier chooses an Edge at random & asks to open those 2 envelopes.

Prover opens the envelopes revealing the colors. Verifier accepts if the colors are different.

14

Zero knowledge proofs

February 9, 2012

APPLICATIONS:Zero Knowledge Proofs can be applied where secret knowledge too sensitive to reveal, needs to be verified: Key Authentication PIN numbers Smart cards Embedded systems

15

Zero knowledge proofs

PROS & CONS:February 9, 2012

Advantages of Zero-Knowledge Protocols: Secured Not requiring the revelation of ones secret. Simple Does not involve complex encryption methods. Disadvantages of Zero-Knowledge Protocols:

Zero knowledge proofs

Limited Secret must be numerical, otherwise a translation is needed. Lengthy There are 2k computations, each computation requires a certain amount of running time. Imperfect The Malice can still intercept the transmission (i.e. messages to the Verifier or the Prover might be modified or destroyed).

16

CONCLUSION:February 9, 2012

Special case of interactive proofs. Zero knowledge proofs offer a way to prove knowledge to someone without transferring any additional knowledge to that person. It Can be used to prove identity.

17

Zero knowledge proofs

REFERENCES:
February 9, 2012

Behrouz A. Forouzan, Cryptography And Network Security, The McGraw-Hill Companies

Zero knowledge proofs

Bruice Schneier, Applied Cryptography. http://ojs.pythonpapers.org/index.php/tppm/article/vie wFile/155/142

http://www.cs.princeton.edu/courses/archive/fall07/cos 433/lec15.pdf

http://www.wisdom.weizmann.ac.il/~oded/zktut02.html
18

http://www.wisdom.weizmann.ac.il/~oded/gmw1.html

19

February 9, 2012

Zero knowledge proofs