October 3, 2018
Mike Lodder holds the position of Security Maven for the Sovrin Foundation and is responsible for writing protocols, developing security policies, implementing crypto, and assessing the strength of the Sovrin Network.
At a recent ‘Brown Bag Meetup’ hosted at Sovrin Foundation headquarters in Provo, Utah, Mike gave a fantastic presentation about Zero Knowledge Proofs. We asked Mike to tell us a bit about his presentation, why Zero Knowledge Proofs are valuable, and how the Sovrin Network uses them to provide identity holders with flexibility and privacy.
Q.What is a Zero Knowledge Proof?
Mike Lodder: Zero Knowledge Proofs (ZKPs) are cryptographic techniques that allow users to share information without relinquishing their security and privacy. ZKPs use cryptography to prove a statement from party A (known as a prover) to party B (known as a verifier) without revealing anything else.
Zero-knowledge proofs must have three properties to be usable:
A classic example is date of birth. Driver’s licenses/ID cards are often the primary means of proving age. However, this type of ID also contains other valuable, private information (such as a person’s home address) that is frequently used in identity theft. Selective disclosure uses ZKPs to turn (for example) a digital copy of a driver’s license into an abstract proof of itself. It’s as if you’re creating a carbon copy of your driver’s license that is every bit as reliable, and conveys the same personal identifiable information, as the real thing; but, based on who is asking, you control what information actually appears to them on that particular copy.
Using something as simple as a mobile app, you could create a ZKP for each situation where you need to prove your age. ZKP allows you to quickly, easily, and securely verify you are over 18, (or 21 or 65) without actually having to share your specific date of birth.
Q. How does Sovrin use ZKPs?
ML: Companies using the Sovrin Network can issue credentials that identity holders keep in the digital wallet of their choice. Pieces of personal information on that credential, such as an address or social security number, are called “attributes.” ZKPs are created using these attributes. Using the Sovrin Network, identity holders create ZKPs to prove one or more of the following things about their attributes.
1. Equality: if the attribute is equal to the value or an identity holder can just reveal the attribute itself in the proof
Example: [Are you employed?] = Sovrin ZKP: [Yes] or [Employer: IBM]
2. Inequality: if an attribute lies in a specific range without revealing the actual value. This is helpful when dealing with something that has a numerical attribute, like age or money.
Example: [Are you over 21] = Sovrin ZKP: [Age >= 21]
3. Set Membership: ZKPs can prove if a value is contained in a set without revealing with value.
Example: Do you live in Europe? = Sovrin ZKP: [Country of residence is: a European country] or [Country of residence is: not in a European country]
Q. Describe ZKP at it’s most basic level?
ML: Sure, the developer community often uses the classic Alice and Bob illustration to explain complex user scenarios in real world terms.
For this example, Alice and Bob want to know if they both make the same salary but don’t want to tell one another exactly how much they make. So, they agree to the following system:
Alice and Bob take 10 boxes that represent all the possible salaries ranging from $30,000 to $120,000, in increments of $10,000.
All of the boxes are locked and Alice and Bob can’t open any of them.
Alice, without Bob looking, chooses the key to the box that corresponds to her salary amount.
Bob, without Alice looking, puts a piece of paper into each of the boxes that indicates if his salary matches what the box represents or not. He puts an O on a piece of paper into the box matching his salary and an X on a piece of paper in the rest of the boxes. Bob then leaves.
Alice returns and uses her key to open the box that matches her salary. If the box she opens has a note with an O, Alice knows she has the same salary as Bob. If she sees a note with an X, it means they have different salaries, but has no idea how much Bob actually makes.
Once they are reunited, Bob only learns that Alice has the same or different salary by seeing if the slip of paper Alice has in her hands has an O or X.
This system makes it so Alice and Bob cannot learn if one makes more or less money than one another.
As contrived as this example is, the basic principle remains the same. ZKP allows for the control over individual pieces of private identifying information, with the ability to communicate and share that same information.
What makes Sovrin’s use of ZKPs unique?
The Sovrin Network is the only system that makes it feasible for identity holders to deploy ZKP for all of their verifiable identity claims. With a Sovrin identity, you can generate ZKPs from any of your digital credentials to verify who you are to any verifier operating within the Sovrin Network. Further, you can choose to selectively share different attributes from these identity credentials without showing the credential itself.
While there are other companies using ZKP technology, Sovrin was built from the ground up as a global public utility for identity with this privacy preserving technology. Thanks to the Sovrin Network, we are able to scale self-sovereign identity and ZKPs so that anyone using Sovrin to manage their credentials can use them to communicate and transact with other people, organizations, and even things.
###
The Sovrin Foundation sponsors brown bag meetups monthly onsite at its offices in Provo, Utah. For a complete listing of these events and other Sovrin sponsored events, check out our Press Page.
« Bringing blockchain to Grace Hopper Use case spotlight: Collaboration and interoperability on Sovrin »