More Related Content

Similar to [Cryptica 22] Personal data protection using Zero-Knowledge proofs - Marija Mikic(20)

More from DataScienceConferenc1(20)


[Cryptica 22] Personal data protection using Zero-Knowledge proofs - Marija Mikic

  1. Personal data protection using Zero-Knowledge proofs Speaker: Marija Mikic Team and company: 3327; MVP Workshop
  2. // Personal data Personal data is any information that relates to an identified or identifiable living individual. An examples of personal data: ● a name and surname; ● a home address; ● an email address such as; ● an identification card number; ● an Internet Protocol (IP) address.
  3. // Blockchain Blockchain ensures a high level of security, anonymity and integrity of data and all this without the interference of a third party. One of the areas of use of blockchain is the protection of personal data.
  4. // Blockchain vs centralized systems ● In a centralized system, users cannot fully control their personal data. ● Blockchain enables complete data control. It is more secure than centralized systems.
  5. // Zero-Knowledge proofs Blockchains provide security, but not privacy. A typical type of blockchain is transparent and not fully anonymized. Zero-Knowledge proofs (ZKP) ensures privacy for blockchains. With ZKP we can anonymize not only the transactions but also the sender, recipient and other details.
  6. // Intro: Zero-Knowledge proofs ZKP is a cryptographic method by which we can prove that any information we have without revealing it: proof without knowledge (Zero-Knowledge proof). Examples: The Ali Baba cave Colour-blind friend
  7. // Intro: Zero-Knowledge proofs In this method, there are two people: the prover and the verifier. The prover can prove the verifier that the given statement is true, while the prover avoids conveying any additional information other than the fact that the statement is indeed true.
  8. // One more ZKP example Storing hash of passwords in the database: Users can prove that they know the password entering their password as an input. The system compares the hash of input with information stored in the database. This means the verifier does not know the password but the hash of it.
  9. // ZKP and Personal Data Protection In this part, we will present the results of some researches of the team 3327, which are directly related to this topic: ● DID (Decentralized IDentifiers) and VC (Verifiable Credentials); ● ID card and passport using ZKP; ● Anonymity in MACI (MACI - Minimal Anti-Collusion Infrastructure; Ethereum project)
  10. // DID and VC ● DID (Decentralized IDentifiers) and VC (Verifiable Credentials) play an important role in creating and standardizing digital personas. ● The issue with the verifiable credentials is that they reveal the entire identity document to the other party, even if the requirements are only bound to specific fields. ● There are suggestions on using zero-knowledge proofs for creating privacy- keeping verifiable credential presentations.
  11. // ID card and passport using ZKP It is often the case where we have to show our identity card to prove to someone that our unique identity number is indeed the valid one. By showing the ID card, we also show additional private information that the requester did not require. The reason for this is that multiple private information is located on the same document, which cannot be separated, as the parts of the document would be unverifiable without the original document. Extracting verifiable pieces of information while hiding the unwanted parts is a perfect use case for using zero- knowledge proofs.
  12. // MACI The initial idea related to the MACI project came from Vitalik Buterin, the co-founder of Ethereum. MACI reduces bribery and disables censored voting. This means that no one can vote on behalf of another while making it impossible for someone to falsify the outcome and the number of votes.
  13. // Intro: MACI ● So how exactly does MACI work? ● Who can see how voters voted? ● Is it possible to cancel the vote (if, for example, the voter was blackmailed)?
  14. // Intro: MACI At MACI, we can distinguish between voters and voting coordinators. Users vote on the blockchain via MACI smart contracts. It is necessary for voters to sign up first by sending the public key they wish to vote for a MACI smart contract. Their public key plays a role in their identity.
  15. // Intro: MACI
  16. // A problem that MACI does not solve The downside is that the coordinator can see how someone voted, so if they are dishonest they can pass on the information. The upside is that the coordinator can't add an extra vote or change someone's vote.
  17. // Anonymity in MACI In order to create the perfect voting system we: ● used one more type of encryption and re-randomization; ● allowed two more types of messages; ● defined two more sets; ● proposed a protocol change.
  18. // Anonymity in MACI In this way, it was shown that it is possible to create a voting system that is completely resistant to blackmail of any kind, censoring of votes, manipulation of votes and the outcome of the vote itself, and at the same time complete privacy and anonymity of voting has been achieved.
  19. Thank you!