In this era of advanced networks, personal privacy has become a sensitive and common issue. As more and more people join the blockchain, incidents such as private wallets being stolen or privacy exposures emerge in an endless stream, which makes everyone's demand for privacy protection gradually increase. The most admirable thing about blockchain technology is that it has the attributes of anonymity, non-tampering, and traceability. It has inherent advantages in privacy. For users at this stage, this kind of protection must also become a "just-needed existence". It can protect users and expand the encryption market.
Based on the current situation, I will introduce four main privacy solutions, namely zero-knowledge proof , trusted execution environment , secure multi-party computation , and homomorphic encryption .
Zero-Knowledge Proof
The first zero-knowledge proof, abbreviated as ZKP (Zero-Knowledge Proof) . It has three basic characteristics: completeness , reliability , and zero-knowledge . In a word, to establish a zero-knowledge proof, the verifier needs to let the prover perform a series of operations, and the prover can only execute correctly when he knows the underlying information. If the prover messes up a result, the verifier is very likely to find and prove his mistake during the verification. It doesn’t matter if you don’t understand this list. Let me give a simple example to let everyone understand. Suppose I was caught by a robber today. In order to save my life, I made a condition that I have the ability to open the bank’s vault, so that the robber would not kill me because I was valuable. First of all, I had to prove that I had the password of the vault, but at the same time, I couldn’t tell the password to the robber. So I thought about it and finally came up with a solution. First, let the robber take me to the bank’s vault. Run, then the whole process is a zero-knowledge proof.
The prover is that I can convince the verifier that a certain assertion is correct without providing any useful information (password) to the verifier. There are currently many implementations of zero-knowledge proofs. Each method has its advantages and disadvantages in terms of proof size, prover time, and verification time. Here are a few popular projects that are currently using zero-knowledge proofs, such as Zcash, IdentDiFi, and Aleo.
The second Trusted Execution Environment, the English abbreviation is TEE (Trusted Execution Environment) . TEE is an independent processing environment with computing and storage functions, and can provide security and integrity protection. It is an area on the CPU. The function of this area is to provide a more secure space for the execution of data and program codes, and to ensure their confidentiality and integrity. Currently, the system execution environment of the mobile terminal is called REE (Rich Execution Environment), and the system executed on REE is called Rich OS (Operating System). Rich OS can provide devices for applications on REE. All functions, such as the lens of the mobile phone or the touchpad, have many security risks on Rich OS, because it can obtain all the data of the application, but it is difficult to verify whether these data have been tampered with and it is relatively vulnerable to various attacks.
TEE needs help at this time. TEE provides an environment isolated from REE, and can directly obtain REE information, but REE cannot obtain TEE information. When users use the payment interface, they can verify through the interface provided by TEE to ensure that payment information will not be tampered with, passwords will not be leaked, and fingerprint information will not be stolen. Compared with the REE operating system, it has stronger security. eeChan uses TEE.
The third is MPC (Multi-Party Computation). This picture shows the principle of MPC. Its purpose is to realize the sharing of private data while protecting personal privacy information. Currently, key technologies such as secret sharing, inadvertent transmission, confusing circuits, homomorphic encryption, and zero-knowledge proof are mainly used in the MPC field. In fact, you can think of MPC as a collection of protocols. MIT Engima is currently an application using MPC.
The last one is homomorphic encryption, the English abbreviation is HE (Homomorphic Encryption) . HE focuses on data processing security. It provides a function to process encrypted data, which means that others can process encrypted data, but the original content will not be revealed during the processing. At the same time, the user who has the private key decrypts the processed data and gets exactly the processed result. It sounds a bit abstract, so here is a practical example in life.
Suppose I bought a large piece of gold today, and I want the worker to make this piece of gold into a gold necklace, but the worker may steal the gold during the forging process. After all, a gram of gold is quite valuable, so I began to wonder if there is a way for the worker to process the gold piece, but prevent him from getting any gold? Of course there is a way to do this. I can lock the gold in an airtight box, and then install a glove inside the box. The worker can wear the glove to handle the gold inside the box, but the box is locked, so the worker can't get the gold nuggets, and even any gold that falls during the process. After the processing, I take the box back and open the lock to get the gold. The process of handling the box is roughly like this picture.
The relationship here is: the box is like an encryption algorithm, and the lock on the box represents the user's private key. Putting the gold nugget in the box and locking it with a lock means encrypting the data with a homomorphic encryption scheme. Processing means applying homomorphic features, directly processing the encrypted result under the condition that the data cannot be obtained, and finally unlocking the lock means decrypting the result and directly obtaining the processed result. Although the method of homomorphic encryption seems to be perfect, such a good feature will definitely bring some shortcomings. At present, the most important problem that needs to be solved in homomorphic encryption is efficiency. One is the processing speed of encrypted data, and the other is the data storage capacity of this encryption scheme.
We can think about this problem intuitively. When a worker wears gloves to process gold, it is definitely not as fast as direct processing. That is to say, the accuracy of processing through gloves will be worse, and the processing time will become longer and longer. And the worker needs to operate through a box, which means that he needs more professional skills. In order to operate gold in a box, he must make a slightly larger box (storage space problem), or when the hand operation is not available, there will be some small tools inside. These also need space, right?
As for how to apply HE in the blockchain, in order to protect the privacy of information on the chain and at the same time realize the computability of related information by blockchain nodes, data can be homomorphically encrypted, and the calculation process can be transformed into a homomorphic operation process. Nodes can implement encrypted calculations without knowing the clear data. In summary, privacy issues are one of the most exciting fields in cryptography research at present.
But from an objective point of view, capital has been very active in laying out the privacy track in the past few years. It can be seen that the underlying infrastructure privacy solution is an underlying architecture that must be completed in the future, because it plays a key role in ensuring that financial information and business secrets are not leaked. Therefore, privacy will inevitably become an important infrastructure for the next wave of outbreaks in the encryption ecosystem.
Judging from the large inflow of developers and capital, the privacy track is still in the early stage, with sufficient time and funds. At present, most privacy infrastructure and applications are still under development and construction. Whether they can form a strong competition against the general smart contract platform in the future and win more users in a wide range of data usage scenarios is still worth our observation. I hope today’s sharing can help you understand encryption privacy solutions better.