As new technological concepts come into public view, they are often viewed as a ‘new thing’, but much of what rises in our consciousness is not new. Take the concept of Zero-Knowledge Proofs (ZK Proofs) which are becoming prevalent with the rise of online buying, selling, trading, and using various types of cryptocurrencies.

Although ZK Proofs are forty years old, the concept and technology of the platform is currently the focus of a technological ‘gold-rush’. This is having a great impact on Cybersecurity, andITFirm.com is incorporating this into its own encryption standards – and keeping an eye on further development – as should the rest of  IT community worldwide.

While all IT Services firms that provide Cybersecurity can take advantage of this cryptology tool, the more astute and forward thinking Managed IT Services firms are already using it to provide more secure encryption for regular network applications such as email.

The most obvious recipient of the benefits of ZK Proofs is Blockchain, the database system which facilitates secure movements and verifications of data, especially in connection with cryptocurrencies. The vulnerabilities that have been discovered in Blockchain MUST be resolved by their IT support team before they begin to lose market share to more secure platforms.

What is the importance of zero-knowledge proof?

A ZK Proof is a valuable way to allow transactions to be consummated without either party giving up sensitive information. It is a cryptographic technique which enables online parties in a transaction to verify knowledge of a certain thing without revealing the thing itself, such as proof of a personal identity.

Example: Party A wants to prove their identity to Party B without revealing Personally Identifiable Information (PII), such as name, address or even a Social Security Number (SSN). The long, technical name of the application used by Blockchain and Zcash is ‘zk-SNARK’ (zero-knowledge, Succinct, Non-Interactive Argument of Knowledge).

This may sound like technobabble, or perhaps it’s hard to see at a glance how such a thing can be possible, but it is not smoke-and-mirrors ZK Proofs are already in use – the process just needs to be done faster.

Imagine that you watched the 1969 moon landing live, and somebody told you that in 30 years, you would be able to carry around more computing power than both the Columbia and Eagle combined in your hip pocket. That may have been hard to believe for some people.

Astute observers of scientific history would nod, but perhaps be in the dark as to the ultimate applications. Fast forward to the smart phone era and everyday folks are using it to do everything from banking to shopping to booking airline flights – and, of course, watching cat videos and arguing with strangers.

Online transactions often require divulging personal, medical, or financial information to complete a transaction. Who wants that type of information floating around cyberspace where anyone could grab it? A common scenario is that you need to prove you have sufficient funds to complete a large purchase -but you prefer not to show your bank statements. ZK Proofs allow the seller to be able to verify that you know you have the funds without revealing them.

This takes giant steps past the vulnerabilities of passwords, which are often the second weakest link in security – the weakest link being the end-users themselves. This is why ITFirm.com is a strong proponent of ongoing Security Awareness Training. IT services can only do so much – end users must learn not to fall into traps laid by cyber criminals.

How does a zero-knowledge proof work?

The best way to describe them without resorting to ‘Geek Speak’ is with a story or analogy. To illuminate the concept, cryptographer Jean-Jacques Quisquater created the story of ‘The Ali Baba Cave’ in his paper "How to Explain Zero-Knowledge Protocols to Your Children".

The premise: Peggy and Victor stand outside a cave which is shaped like a ring, with the entrance on one side, the exit on the other. Deep inside the cave is a ‘magic door’ blocking access to the opposite side – unless one has the password.

Peggy says she knows the password and Victor (who already knows the password) wants her to prove it. Peggy does not want to give Victor the password as proof in case he’s lying about having it himself. Victor devises a way to verify that she has it and ensure that no spying third party observer can watch and listen in, but Victor can verify that she knows the password. She must prove it by being able to use the password without revealing it.

In effect, if Peggy can enter the open access to the cave, negotiate the inner ring using the password to gain entry through the ’magic door’ to the other side and then emerge from the cave on the ‘exit side’, then Victor is assured that she has the real password.

No one reveals the password, but Peggy can prove that she knows it.

Frequently Asked Questions

Q: What problem does a Zero-knowledge proof best solve?

A: ZK Proof builds a secure channel for the users to employ their information without revealing it and facilitates transmitting sensitive information with better privacy and security. It circumvents the possibility of data leakage.

Q: Who invented zero knowledge proof?

A: Beginning in 1982, MIT professors Shafi Goldwasser and Silvio Mical along with Charles Rekkofom invented and developed ZK Proof and published the article "Knowledge and complexity of interactive proof systems" in 1985. Continuing with further development, all three were awarded the Gedel Prize; Goldwasser and Mical won the Association for Computing Machinery’s (ACM) A.M. Turing Award.

Q: How does zero knowledge protect my privacy?

A:  You have an ‘Encryption Key’ which no one else has access to, not even your service provider - depending on what software you use. ZK Proof enhances the end-to-end encryption process to ensure that no one can see your information in a readable format. It is the best Cybersecurity protection for your privacy online.

Q: What is a blockchain in simple terms?

A: Blockchain is a type of database system that records and stores information in a secure manner that makes it generally impossible to hack, alter or in any other way defraud the system. It is most notably used in transactions involving cryptocurrencies like Bitcoin and Ethereum.

The name derives from the fact that it stores data in ‘blocks’ which are then ‘chained’ together. As new data comes in, it is entered into a fresh block. Once the block is filled with data it is chained to the previous block, so that the data chained together is in chronological order, which maintains the integrity of the data sequence.

Q: What is Zero-knowledge proof and its role in the Blockchain world?

A: ZK proofs have been defined above, but its role in the Blockchain world is crucial. Although Blockchain is strongly protected, it has shown vulnerabilities which cyber criminals have successfully exploited. For any firm using Blockchain databases, it is crucial for either their in-house IT Department or their outsourced Managed IT Services company to be familiar with these vulnerabilities and take steps to secure them.

The ongoing implementation of ZK Proofs will allow Blockchain even more impenetrable Cybersecurity. There is a lot of money at stake.

How secure is your network?

As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and Cybersecurity assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our Managed IT Services.

The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.

We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.

Among the Managed IT Services we provide:

IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)

For more information, or to receive your FREE no-risk network and security assessment, just fill out the form on this page or call us at:
704-565-9705