[HN Gopher] Zero-Knowledge Proofs
___________________________________________________________________
Zero-Knowledge Proofs
Author : eruleman
Score : 48 points
Date : 2021-06-20 21:06 UTC (1 hours ago)
(HTM) web link (zkp.science)
(TXT) w3m dump (zkp.science)
| rocqua wrote:
| I think ZKPs will find most of their use in proving MPC protocols
| were correctly followed. In these protocols you often need
| everyone to do certain steps correctly to prevent cheating or
| deadlock. But sharing the information behind those steps reveals
| way too much data.
|
| Often ZKP can be used to prove those steps were correctly
| followed.
| Ar-Curunir wrote:
| For many existing MPC protocols, ZKPs are overkill for
| achieving malicious security, and more efficient approaches
| exist (eg: information-theoretic MACs)
| maverick-iceman wrote:
| ZK Snarks is where it's at for crypto.
|
| Every cryptography gives the cryptographer an immediate
| asymmetrical advantage, and that's necessary given crypto's
| adversaries.
|
| Said cryptography advantage cannot be wasted by centralizing the
| social environment where people exchange the tokens
|
| Crypto exchanges are the singular main point of failure and that
| is true for both centralized and de-centralized exchanges
| throw2500 wrote:
| The page seems a bit too heavily weighted towards SNARKs in
| particular and crypto _currency_ applications in general. There
| 's no mention of ZKPPs, for instance.
|
| Not all crypto is "crypto".
| Ar-Curunir wrote:
| What are "ZKPPs"?
| Ar-Curunir wrote:
| FWIW, this website is out of date; there's been enormous
| improvements in zkp constructions and applications in the
| intervening 2 years.
|
| (This is not a slight against the maintainers; the space is
| moving incredibly quickly, so it's difficult to keep updating
| regularly.)
| eruleman wrote:
| Do you have a more up-to-date link/source?
| tylersmith wrote:
| ZKPs are a really exciting crypto primitive. They're finally
| getting serious development for the cryptocurrency space, but I
| think we'll see them used in all sorts of protocols over the next
| decade.
|
| One possibility I'm excited about is users being able to perform
| computations locally without sending their data anywhere, and
| then providing the results to a company, government, etc with a
| proof that the results are faithful.
| gjvc wrote:
| http://srp.stanford.edu/
| teryyy wrote:
| https://blog.cryptographyengineering.com/should-you-use-srp/
| SheinhardtWigCo wrote:
| What sort of computations are you excited about?
| Ar-Curunir wrote:
| Eg:
|
| (1) This it my credit score, certified by XYZ agency, so
| please don't ask for my SSN so that you can lose it in a
| public database leak tmrw
|
| (2) Here's a bug in your program, please give me the bug
| bounty and I will tell you the bug (can help stop sketchy bug
| bounty programs.
|
| (3) Your Certificate Transparency Provider can prove that,
| for the latest root, there was no change in your certificate.
| (This has less to do with privacy and more to do with the
| succinct verification properties of the latest zkps)
|
| (4) Construct postquantum-secure signatures (eg: the Picnic
| signature scheme)
|
| Generally, ZKPs provide _selective disclosure_ : I can prove
| to you that some fact about me or my accounts is true,
| without revealing to you any other information. The SSN
| example is one, you could generalize that to taxes, bank
| statements, Keybase attestations, etc.
___________________________________________________________________
(page generated 2021-06-20 23:00 UTC)