[HN Gopher] Zero-Knowledge Proofs ___________________________________________________________________ Zero-Knowledge Proofs Author : eruleman Score : 48 points Date : 2021-06-20 21:06 UTC (1 hours ago) (HTM) web link (zkp.science) (TXT) w3m dump (zkp.science) | rocqua wrote: | I think ZKPs will find most of their use in proving MPC protocols | were correctly followed. In these protocols you often need | everyone to do certain steps correctly to prevent cheating or | deadlock. But sharing the information behind those steps reveals | way too much data. | | Often ZKP can be used to prove those steps were correctly | followed. | Ar-Curunir wrote: | For many existing MPC protocols, ZKPs are overkill for | achieving malicious security, and more efficient approaches | exist (eg: information-theoretic MACs) | maverick-iceman wrote: | ZK Snarks is where it's at for crypto. | | Every cryptography gives the cryptographer an immediate | asymmetrical advantage, and that's necessary given crypto's | adversaries. | | Said cryptography advantage cannot be wasted by centralizing the | social environment where people exchange the tokens | | Crypto exchanges are the singular main point of failure and that | is true for both centralized and de-centralized exchanges | throw2500 wrote: | The page seems a bit too heavily weighted towards SNARKs in | particular and crypto _currency_ applications in general. There | 's no mention of ZKPPs, for instance. | | Not all crypto is "crypto". | Ar-Curunir wrote: | What are "ZKPPs"? | Ar-Curunir wrote: | FWIW, this website is out of date; there's been enormous | improvements in zkp constructions and applications in the | intervening 2 years. | | (This is not a slight against the maintainers; the space is | moving incredibly quickly, so it's difficult to keep updating | regularly.) | eruleman wrote: | Do you have a more up-to-date link/source? | tylersmith wrote: | ZKPs are a really exciting crypto primitive. They're finally | getting serious development for the cryptocurrency space, but I | think we'll see them used in all sorts of protocols over the next | decade. | | One possibility I'm excited about is users being able to perform | computations locally without sending their data anywhere, and | then providing the results to a company, government, etc with a | proof that the results are faithful. | gjvc wrote: | http://srp.stanford.edu/ | teryyy wrote: | https://blog.cryptographyengineering.com/should-you-use-srp/ | SheinhardtWigCo wrote: | What sort of computations are you excited about? | Ar-Curunir wrote: | Eg: | | (1) This it my credit score, certified by XYZ agency, so | please don't ask for my SSN so that you can lose it in a | public database leak tmrw | | (2) Here's a bug in your program, please give me the bug | bounty and I will tell you the bug (can help stop sketchy bug | bounty programs. | | (3) Your Certificate Transparency Provider can prove that, | for the latest root, there was no change in your certificate. | (This has less to do with privacy and more to do with the | succinct verification properties of the latest zkps) | | (4) Construct postquantum-secure signatures (eg: the Picnic | signature scheme) | | Generally, ZKPs provide _selective disclosure_ : I can prove | to you that some fact about me or my accounts is true, | without revealing to you any other information. The SSN | example is one, you could generalize that to taxes, bank | statements, Keybase attestations, etc. ___________________________________________________________________ (page generated 2021-06-20 23:00 UTC)