Blog

Zero-Knowledge Proof: Protecting Your Personal Information Without Sacrificing Open Data 

Feb 23, 2022 | by Mikkel Schultz & Victor Shilo

The Open Data Initiative has helped fuel today’s digital economy and the many smart, personalized and connected experiences we all enjoy. Open data makes it easier to find information, removes time-consuming barriers, enables communication and innovation, boosts business and generally makes our lives easier. It also helps us build knowledge and discover new patterns.  

But how do we protect privacy if everything is open? No one wants open data at the expense of the sanctity of personal information. Indeed, the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) were implemented specifically to protect privacy in the age of open data. Fundamentally, the question is: Can identities be authenticated, and transactions completed, without sharing personal and sometimes sensitive information? 

Zero-Knowledge Proof 

A cryptographic method known as “zero-knowledge proof” (ZKP) could be the answer. Conceived in 1985 by three MIT researchers, ZKP enables authentication without revealing information that could be compromised. Essentially, ZKP revolves around one party (prover) convincing the other party (requester/verifier) that they know or are in possession of private information — e.g., a credit card number, PIN or password — without disclosing what that information is. The actual credentials are neither transmitted to, nor stored on, an authentication server. The verifier is able to confirm information or complete a transaction with “zero knowledge” or directly seeing the information requested. 

Notably, a ZKP assesses probability: It does not prove something with certainty, but the probability eventually reaches near-certainty because the process is repeated as many times as needed. 

How it Works 

There are multiple ways to complete a zero-knowledge authentication. One example: Using an asymmetric private-public key pair, with the private key acting as the verifier of the information requested. In this scenario, the verifier sends a challenge or request using the public key, and the prover responds using the private key to confirm the information. The public-private key “handshake” convinces the verifier that the prover’s key meets the criteria, resulting in successful authentication.  

That’s the basic theory behind ZKP. The prover – without ever revealing the secret – convinces the verifier that, with near-certain probability, she or he knows/is in possession of secret/private information. When applied to real-life use cases, there is often a third piece to the ZKP puzzle. As in the Corona Passport example below, personal information may be kept in a secure repository, such as a central health register, which the process taps into to complete authentication. But the “secret” information remains secret.  

There are several theoretical illustrations of how ZKP works – including this Find Waldo-themed example and a cutesy one featuring kids comparing Halloween candy haul – but here are some real-world use cases:   

Account login: Instead of typing your password into a potentially insecure website, you can prove that you have your password by answering a series of questions that would convince the website admin that you know the password. Without revealing it.  

Payment apps: A payment app on your phone could check whether you have enough money in your bank account — the bank providing the “private key” or proof — to complete a transaction without revealing anything else about your balance or requiring a password or PIN, only a “yes” or “no.”  

Authenticating your identity: Rather than giving your first pet’s name or city of birth — or sharing your PIN over the phone — you (prover) can send cryptographic proof that you are who you say you are. As in the public-private-key-handshake example above, the verifier would computationally request and authenticate the provided proof without obtaining information that would reveal anything about you.  

Or, here’s a timely example: Covid-19 vaccine passports. Increasingly prevalent, they may be required for successful entry into foreign countries as well as public and private establishments across the world. How can we get to a point where your vaccine passport 1) is easily and effectively verified, 2) is accepted everywhere and 3) only displays the information absolutely necessary to enable points one and two?  

Denmark’s “Coronapas” (i.e., “corona passport”) is universally accepted by Danish authorities and private businesses to verify that someone is vaccinated or tested, or immune through previous infection, without revealing specific information. The digital version is a phone app, which is linked to the Danish electronic ID system. When you wish to check in at the airport, board certain trains or enter a restaurant or another facility, a checker simply scans the QR code and immediately sees whether the passport is valid. Notably, the passport does not disclose why it is valid; there is no information about vaccine status, dates of tests or previous infections. The passport holder could allow the passport to display name and date of birth, but that is optional. The information in the passport is stored in the app on the phone itself. Health data is only stored in secure, central health registers.  

Another scenario:

It’s another busy morning. You’re feverishly trying to navigate the chaos of rush hour traffic while downing your coffee. So yes, you really did miss that STOP sign. The police officer pulls you over and asks for license, registration and insurance and then returns to the police cruiser carrying your documents. Each document includes personal information that you may prefer to keep private, including home address, age, insurance policy number and VIN.  All of this information is now in the hands of another person who – were that person a bad actor – could discreetly snap a photo of your papers. This could also happen when you show your ID when buying a bottle of wine or checking in at the airport.  

With ZKP, your ID could be contained in an app that keeps personal information under wraps. A scanned code would reveal only what’s necessary. Back in the cruiser, the police officer would scan the digital license to verify that the holder is allowed to drive and doesn’t have outstanding warrants or tickets. Similarly, the wine store clerk would run the minimal-information ID to verify that the buyer is over 21, without disclosing actual age or home address. The airline employee at the check-in counter would scan the code to verify the traveler’s identity, that there is an active reservation on the books and that the person is not on a no-fly list or flagged in any other way. Verifiable and minimal information allows officials to carry out their duties, allowing civilians to go about their respective days, navigating these interactions and verification points without risking personal or sensitive information being compromised or misused.   

It is not just that information could be at risk from a data security perspective; it’s that much more information is being disclosed than necessary. But if the police officer, wine store clerk, airline employee or any other applicable official could verify everything they need with only a scannable code revealing an absolute minimum of information, then the potential risk of shared personal data is minimized. Providing this “minimum viable verification” could even help limit racial and social profiling. In theory, implementing ZKP methodology could prevent officials from drawing conclusions, consciously or not, based on personal information.  

Conclusion   

Logging into an online account without a password. Completing a cryptocurrency transaction without revealing your balance. Verifying Covid-19 status without specifying vaccination, previous infections or test dates. Proving that you are old enough to buy liquor without disclosing your age. Verifying household income for a loan without disclosing your income. The concept of enabling verification of a statement without disclosing the actual information is at the very core of zero-knowledge proof.     

Zero-knowledge proof has the potential to protect privacy in a wide range of cases. By implementing ZKP, businesses and society can evolve to “open data 2.0” where daily transactions are completed in today’s digital economy but without disclosing unnecessary sensitive information. This was an introduction to Zero-knowledge proof and some of the fascinating potential of the technology. Stay tuned for the next installment in which I’ll delve into current and future implementations of ZKP and which industries are poised to lead adoption.  

An edited version of this blog post was also featured on Forbes.