What are Zero-Knowledge Proofs?
At a high level, a zero-knowledge proof (ZKP) works by having the verifier ask the prover to perform a series of actions that can only be performed accurately if the prover knows the underlying information. If the prover is only guessing as to the result of these actions, then they will eventually be proven wrong by the verifier’s test with a high degree of probability.
Zero-knowledge proofs were first described in a 1985 MIT paper from Shafi Goldwasser and Silvio Micali called “The Knowledge Complexity of Interactive Proof-Systems.” In this paper, the authors demonstrated that it is possible for a prover to convince a verifier that a specific statement about a data point is true without disclosing any additional information about the data.
ZKPs can either be interactive—where a prover convinces a specific verifier but needs to repeat this process for each individual verifier—or non-interactive—where a prover generates a proof that can be verified by anyone using the same proof.
ZKPs for National Defense
Current approaches to exchanging classified and other private information involve centralized services deployed in disconnected environments. These private and permissioned networks exist to securely store and exchange private information, including files, images, data, and communications. As noted in the Dept. of the Air Force (DAF) Operational Imperative OI-7, any information system dependency or critical node may become a significant vulnerability in the event of a conflict with a peer adversary.
By combining the inherently transparent nature of blockchain networks with the privacy-preserving design of zero-knowledge proofs, DAF can benefit from the best of both worlds: They can keep their internal datasets secure while still leveraging them in the reliable execution environments of publicly available blockchain networks.
A Real-World Use Case
DAF information and communications technology is not designed to survive the complexity of a future high-end fight. These technologies are currently highly centralized, and brittle, and serve as a single point of failure to non-kinetic and kinetic disruption. Existing security protocols (HTTPS, SSH, TLS, SMTPS, IPSec, VPNs, etc.) depend on centralized services and infrastructure and are not adequately survivable against emerging threats.
CSEngineering is working closely with AFWERX and 309th SWEG at Hill AFB to perform applied research to address this problem under an STTR contract. Our internally developed product is called “StealthComms” and was designed for DOD missions that need resiliency to maintain high availability in communications degraded or denied environments and support secure information sharing.
- StealthComms provides the ability to leverage privacy-preserving datasets within transparent systems such as public blockchain networks like Ethereum.
- It is a generic zero-knowledge signaling protocol with a concrete efficient and secure instantiation on public EVM networks and an easy-to-use and easy-to-extend implementation.
- Allows a user to broadcast their support of an arbitrary string without revealing who they are to anyone besides being approved to do so.
- It can be used as a base layer for signaling-based applications – data sharing, text communications, security cooperation, building partner capacity, and providing subject matter expertise on airpower capabilities, etc.
Under the Hood
StealthComms is built on the zk-SNARK (zero-knowledge succinct non-interactive argument of knowledge) protocol which uses cryptography and mathematical algorithms to create a proof that is both verifiable and non-interactive, meaning that the verifier does not need to interact with the prover at all in order to verify the proof.
Distributed ledger technologies, particularly blockchain technology, have made ZKPs practical by providing an immutable and distributed ledger system, allowing the two parties to interact without needing a trusted third party.
StealthComms uses off-chain computation and on-chain verification. Off-chain computation means that the app is run on the client-side (web app), and only the resulting ZKP is sent to the smart contract on a blockchain network. This maintains the user’s privacy since users only disclose the required information, and the smart contract can generate the proof without revealing the data itself.
StealthComms addresses the DAF Operational Imperative OI-2 requirement to ensure redundant, resilient, low-latency communication pathways for communications-limited environments. Our solution protects intelligence sources and data to ensure the Air Force “remains mission-focused and data secure.”
Distributed ledger technology, such as cryptographic user accounts and peer-to-peer protocols, can simplify application development, enhance security, and decrease the administrative overhead of managing communication systems.
StealthComms provides a simple malleable solution to a complex capability that can adapt to emergent requirements of the forthcoming Joint Warfighting Concept. Most critical is the interoperability capability it can provide in talking between Airmen and between services, allies, partners, and locals.
If you would like to learn more or participate in our pilot deployment of StealthComms, send a message to firstname.lastname@example.org