Zero-Knowledge Proof to Support “True Zero Trust”

Kazumichi Moriyama (Science Writer)

Zero-Knowledge Proofs to Prove that You Know a Secret without Disclosing the Content.

A zero-knowledge proof (ZKP) is a cryptographic technique in which a prover verifies the fact that they “know a certain secret” without revealing the secret itself to a verifier. While the prover can prove that they “know the answer”, the verifier can’t get any information at all about “what the answer is”. In other words, a “ZKP” is a framework that proves the correctness of a statement without revealing the actual content (such as secret information).

Naganuma, who conducts research on ZKPs in Hitachi, describes, “ZKPs had been studied for many years in the context of cryptography and took off quickly after embedded in blockchains.” He says, “Especially in the past one to two years, a decade’s worth of rapid progress was observed in a year, and the practicality has improved significantly.”

Using ZKPs, the knowledge you have or a statement, for instance, “I’m 20 years old or above,” or “I have an encryption key,” can be proved to others without giving extra information.
For example, when you prove that you are 20 years old or above, you generally present appropriate ID cards such as your driver’s license or My Number Card. However, in doing so, even though you just want to prove that you are 20 years old or above, unnecessary information is revealed. ZKPs can be regarded as the technology to avoid this.

The Alibaba Cave

The concept of ZKPs is difficult to address. Nagamura often receives a response, “It’s hard to understand what you are saying.”

To understand the concept intuitively, there are a few analogies. One of them is “the Alibaba Cave.”
When you want to prove that “you know the encryption key”, the easiest method is to hand over the key. However, when you don’t want to do so, you just need to show that you can decrypt the encryption. This is illustrated in the analogy of finding an exit in the cave.

In “the Alibaba Cave” the assumption is that there are two exits. They are connected inside the cave. In the passage there is a door that opens only with a magic spell. In this situation, the verifier waits outside the cave. The prover enters the cave and comes out of one of the two exits. The verifier doubts that the prover knows the secret spell, asking them to come out of either of the exits at random.

If the prover fulfills the request any number of times, the verifier can confirm that the prover truly knows the magic spell. However, the verifier cannot get the knowledge on what the actual spell is. This is the analogy of a ZKP. To put it simply, the prover shows the evidence of knowing the secret while protecting the very secret. Because of this advantage, ZKPs are incorporated for blockchain-based crypt assets, authentication systems, privacy protection and so on.

Non-Interactive Zero-Knowledge Proofs

“The Alibaba Cave” is an “interactive ZKP” that requires repeated interactions between the prover and the verifier. However, this isn’t practical in many cases. Blockchains mainly use “Non-Interactive ZKPs (NIZK),” especially “zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge),” for their small data size.

Using zk-SNARKs, the prover generates and sends a short string of data called “proof”, and the verifier just checks it to verify the truth. In other words, one single interaction is enough. If ZKPs are used in blockchains on the P2P (Peer to Peer) network, where communication happens directly without going through servers, an unspecified number of parties would become verifiers, which means having interactions with provers is unrealistic. Thus, zk-SNAKs are essential to utilize ZKPs in blockchains.

Roles in Blockchains

Now let us look at how and where zk-SNARKs are used.

Blockchains are highly transparent as transaction information is recorded in distributed ledgers, which are shared with all the participants on the network. Everyone monitors each other mutually in blockchains, so to speak. However, transparency stands at odds with privacy. ZKPs, once employed here, can protect sensitive information that needs to be kept private such as transaction amounts and remittance destinations while the validity of transactions is properly proved. Whereas third parties can’t verify the validity of encrypted transactions, ZKPs can prove that encrypted data is legitimately created in conformance with protocols without revealing it.

Development of zk-SNARK Method that Even Quantum Computing Can’t Break

The biggest advantage of zk-SNARKs is that as the size of generated proof data is small, the verification is fast. When blockchains use ZKPs, proof data is added to the transaction data. But their block size is limited, and handling fees are proportional to the data size. To save costs, being small in data size also matters.

However, there is a challenge. The current mainstream of zk-SNARKs depends on elliptic curve cryptography and paring-based cryptography. These are considered secure because it is difficult to solve the mathematical problems which they are based on within a realistic timeframe. However, in the future, once quantum computers that can solve them quickly are put into practical use, cryptography could be broken. Thus, the Financial Services Agency and other authorities, too, point out the need to shift, targeting around 2030, from the current cryptography to “Post-Quantum Cryptography (PQC)”, which is based on mathematical structures hard to decipher even for quantum computers.

Hitachi addressed this challenge and in 2020 developed a “quantum safe” zk-SNARK method, which is expected that even quantum computers won’t decrypt. As an approach to becoming quantum safe, hash-based or lattice-based cryptographies are researched. Naganuma is conducting research and development on protocols having advantages such as a small proof data size while being quantum safe. The goal is to prevent cryptocurrency thefts and establish a safe ZKP technology.

The strength of Hitachi can be summarized that the company is driving both the development of the very quantum computers and the research of cryptography to address new vulnerabilities to be introduced by them.

“Reverse Import” from Blockchains

The research on ZKPs made progress dramatically after they were adopted in blockchains. Naganuma says that this ZKP technology is “wasted” if it is used only for blockchains. In fact, ZKPs have entered the phase of “reverse import” to other cryptographies and various information technologies beyond blockchains.

Naganuma and his team are focusing on a zkVM (Zero-Knowledge Virtual Machine), a generic technology. This is a virtual machine using ZKPs to verify that a program has been executed correctly. Instead of designing a dedicated ZKP circuit for certain computations, ZKPs are embedded in a virtual machine itself. This will make it possible to prove that the entire execution of programs written in commonly used languages has been correct. In the traditional ZKP technology, background knowledge of mathematics and cryptographic protocols was required. Meanwhile, the main advantage of zkVMs is that just running general programs on such VMs is enough to use ZKPs. Naganuma says that zkVMs, having been developed in the context of blockchains such as Ethereum, can be utilized in many fields going forward.

In the typical client-server model, where clients request servers for computation and receive the response, currently, clients only trust servers that they have done the computations as intended. On the other hand, a zkVM can prove that servers have correctly processed the requested computation and generated the output. In other words, the results of program execution and the validity of computation, which would have to be simply trusted, will become verifiable.

Also, in recent years, as My Number Card functions are mounted on smart phones, there are more opportunities to show digital certificates. But, when you just want to prove that you are a legal adult and hide your certificate partially, the digital signature becomes invalid because it is considered as data tampering. The use of ZKPs can prove that “the information is taken out from a digitally signed valid certificate without tampering”, satisfying both privacy and certificate’s authenticity.

Moreover, ZKPs can be used, for instance, to detect hallucination of generative AI, check whether routers and other hardware devices are working properly in line with protocols and prove that unauthorized data is not transmitted. This is extremely important to guarantee security of all kinds of edge devices. This will become a matter of international trust as well.

To Achieve “True Zero Trust”

Naganuma says, “The essence of security is to prove and verify that both parties haven’t done anything wrong.” ZKPs that enable this have a very wide range of potential applications.

For example, the advancement of methods like zkVMs, among others, has the potential to become a foundation for widespread social implementation. The challenge is that currently verifying programs with ZKPs is still slow as hashing alone takes 20 - 30 seconds. However, according to Naganuma, “There is no doubt that the speed will become much faster down the road.” Once the performance improves even to the level where the technology gets mounted onto, for instance, small IoT devices, there is a possibility to realize the concept of so-called “zero trust” in a true sense. This is a system where every entity mutually proves, verifies and can get convinced about correct operations under the assumption that “nothing, including platformers, is trusted.”

The day when ZKP-based social systems as a security platform become a reality will come in the not-too-distant future.

Kazumichi Moriyama (Science Writer)