How Does Zero-Knowledge Encryption Works?
What Does Zero-Knowledge Encryption Means
In simple terms, Zero-Knowledge Encryption means that even the service provider from whom you are using server space knows nothing about the data that you kept on your account using their servers.
Let's understand this with a real-life example.
Now consider when you try to log in to any of your web server accounts.
So to log in you are asked to enter your password. This is an obvious security measure that helps to make sure that it is you only who is getting access to your online account (well considering you haven't shared your password with anyone else).
Anyways, when you do enter the password, then the server, which also has an encoded version of your password key, checks if the two passwords match, if successful you get access to your account.
However, there’s a small problem, and it is that the server also has knowledge of your keys.
Hence in such cases, the security of your data depends on the server not being compromised.
This is where Zero-Knowledge Encryption comes in. In this method, forget about anyone else, even the server provider doesn't have any knowledge about your password key.
But Then How Can You Prove Who You Are To Access Your Account?
To understand this, let's consider, you as a 'Prover' and the online cloud service provider as the 'Verifier', the Zero-Knowledge Encryption must meet the following criteria:
The Three Fundamentals Of Zero-Knowledge Encryption
- Completeness: If the Prover demonstrates that he is able to complete the authorized process in the required way, the verifier will have the confirmation that he actually possesses the right password.
- Soundness: The Verifier will get the assurance, if and only if the Prover is entering the right password.
- Zero-Knowledge: The verifier must not learn or get to know the password in any way.
But how can a 'Prover' prove that he has the right password if the 'Verifier' himself doesn't have any record of it to match? And also considering he never will?
Understanding The Working Process Of Zero-Knowledge Encryption
Let me explain to you this process with an example of Alibaba & the Cave in which he enters with a magical spell. Remember that magical spell "Open Sesame"?
However, since it's a high-tech world now, so this time we'll be taking an example of some new Cave, which has two entrances/exits respectively named “A” and “B”, internally connected by a magic door.
Now Alibaba wants to enter this new Cave & only he knows the new magical spell (password) to open that hidden passage and to be able to exit from both ways.
Now Understand Carefully How The Verifier (in this case Mr. Khan) will check whether Alibaba knows the spell or not, without learning the spell himself.
Mr. Khan closes his eyes and Alibaba enters the cave.
Mr. Khan doesn’t know from where he entered, he now opens his eyes and shouts him to exit from “A”
Since our Alibaba knew the secret spell, he can exit from “A” without any problem at all, even if he entered from “B”. Thus verifying that he does know the Magical Spell to Mr. Khan.
But wait! What if he entered from “A” itself in the first place? and that it was just a matter of luck, i.e., 50% probability.
However, just think what if this process is repeated multiple times, and Mr. Khan asks him to exit from “A” or “B” at random?
For sure in such repetition, Mr. Khan can certainly verify if Alibaba knows the secret spell without actually learning what the actual “magic word” was himself.
The whole basic idea here is for Alibaba (the Prover), to demonstrate that he knows the Magical Spell (i.e., Password) to Mr. Khan (the Verifier), without actually showing or telling him the real Magical Spell.
In this example, Mr. Khan has the power to choose from which exit Alibaba should come out, but only Alibaba knows how to pass through the magic door.
In this whole process, Mr. Khan does not get to know the magic spell while Alibaba used it, but in the end, he was sure 100% that Alibaba knew the secret spell.
So, as you can see this is how the Zero-Knowledge Encryption works at the backend.
Let me know if you understood the concept in the comments below. Also, make sure to bookmark this website to always be updated with all the latest upcoming knowledgeable content.