Your source for the latest science & space news

Monday, 15 November 2021

Einstein’s theory of relativity could help stop bank account hackers

Having to hand over your PIN to access your bank account puts you at risk of hackers, but the fact that information can’t travel faster than light, as laid out by Albert Einstein, could offer a solution.

Albert Einstein’s special theory of relativity tells us that information cannot travel faster than the speed of light, an immutable fact of the universe that researchers now want to exploit to stop hackers from accessing your bank account.

When you enter your PIN at an unfamiliar cash machine, you need to trust that its operator will protect that sensitive information and that someone hasn’t interfered with the machine to steal your details. This need for trust is a weak link that security experts aim to eradicate.

One way to do so is a zero-knowledge proof (ZKP), a mathematical concept that lets you verify your identify without actually sharing a PIN or password. One person, the prover, can demonstrate to another, the verifier, that they have a certain piece of information without actually revealing it.

Since their invention in the 1980s, ZKPs have relied on mathematical concepts. One example is the three-colour problem, where a map of thousands of areas is filled in with just three colours so that no two touching areas have the same colour.

It is extremely computationally intensive to create such a map from scratch, so a prover could create a map in advance to serve as their proof of identity, and the verifier could ask for the colours of two random regions that touch and check they are different. By repeatedly asking for pairs of random regions, with a short time between questions, the verifier can become increasingly confident that the prover has access to a properly coloured map, but never gets access to the whole map.

A hacker without access to the original map could give random answers to the verifier, but with each additional check, the chances increase that their answers become inconsistent, revealing that they don’t have the original map. Yet this too relies on an element of trust: you have to assume that someone with a secret supercomputer or publicly unknown algorithm isn’t able to quickly create a map fast enough to trick the verifier.

Ideally, a ZKP would have the backing of an unchangeable constant of the universe, and now Sébastien Designolle at the University of Geneva in Switzerland and his colleagues have found a way to ensure this using Einstein’s special theory of relativity to remove even that risk. “You want to be as paranoid as possible, and drop as many assumptions as possible,” he says.

The team proposes having two provers that must each respond to one of two verifiers within a given time frame. The provers are placed too far apart to be able to confer on their responses, because even sending information at the speed of light would take too long. Once the provers have submitted their answers, the verifiers can confer and check they match, allowing them to spot any fake guesses.

In an experiment, the team used GPS clocks to synchronise two computers, serving as the provers, at a distance of 400 metres, which would take a signal travelling at the speed of light 1.3 microseconds to cover. Two verifying computers then each asked one of the provers to confirm the colour of two regions within 0.84 microseconds, which is less than the quickest possible conferring time between the proving computers. To establish with certainty that the proving computers weren’t just making lucky guesses, the verifying computers asked half a million questions.

Matthew Green at Johns Hopkins University in Maryland says the concept could provide a way to solve some of the fundamental problems with existing ZKPs – that you can attack them if you have computers that are powerful enough.

“What they’re saying is there’s a way around this, we can make proofs that are perfectly secure. No matter how much time you spend trying to break them, you won’t break them,” he says. “But the cost of that is you have to use this new model with two computers. The speed of light is what it is.”


Alikhani, P., Brunner, N., Crépeau, C. et al. Experimental relativistic zero-knowledge proofs. Nature 599, 47–50 (2021). DOI: 10.1038/s41586-021-03998-y

No comments:

Post a Comment