Having to hand over your PIN to access your bank account puts you at risk of
hackers, but the fact that information can’t travel faster than light, as laid
out by Albert Einstein, could offer a solution.
Albert Einstein’s special theory of relativity tells us that information
cannot travel faster than the speed of light, an immutable fact of the
universe that researchers now want to exploit to stop hackers from accessing
your bank account.
When you enter your PIN at an unfamiliar cash machine, you need to trust
that its operator will protect that sensitive information and that someone
hasn’t interfered with the machine to steal your details. This need for
trust is a weak link that security experts aim to eradicate.
One way to do so is a zero-knowledge proof (ZKP), a mathematical concept
that lets you verify your identify without actually sharing a PIN or
password. One person, the prover, can demonstrate to another, the verifier,
that they have a certain piece of information without actually revealing it.
Since their invention in the 1980s, ZKPs have relied on mathematical
concepts. One example is the three-colour problem, where a map of thousands
of areas is filled in with just three colours so that no two touching areas
have the same colour.
It is extremely computationally intensive to create such a map from scratch,
so a prover could create a map in advance to serve as their proof of
identity, and the verifier could ask for the colours of two random regions
that touch and check they are different. By repeatedly asking for pairs of
random regions, with a short time between questions, the verifier can become
increasingly confident that the prover has access to a properly coloured
map, but never gets access to the whole map.
A hacker without access to the original map could give random answers to the
verifier, but with each additional check, the chances increase that their
answers become inconsistent, revealing that they don’t have the original
map. Yet this too relies on an element of trust: you have to assume that
someone with a secret supercomputer or publicly unknown algorithm isn’t able
to quickly create a map fast enough to trick the verifier.
Ideally, a ZKP would have the backing of an unchangeable constant of the
universe, and now Sébastien Designolle at the University of Geneva in
Switzerland and his colleagues have found a way to ensure this using
Einstein’s special theory of relativity to remove even that risk. “You want
to be as paranoid as possible, and drop as many assumptions as possible,” he
says.
The team proposes having two provers that must each respond to one of two
verifiers within a given time frame. The provers are placed too far apart to
be able to confer on their responses, because even sending information at
the speed of light would take too long. Once the provers have submitted
their answers, the verifiers can confer and check they match, allowing them
to spot any fake guesses.
In an experiment, the team used GPS clocks to synchronise two computers,
serving as the provers, at a distance of 400 metres, which would take a
signal travelling at the speed of light 1.3 microseconds to cover. Two
verifying computers then each asked one of the provers to confirm the colour
of two regions within 0.84 microseconds, which is less than the quickest
possible conferring time between the proving computers. To establish with
certainty that the proving computers weren’t just making lucky guesses, the
verifying computers asked half a million questions.
Matthew Green at Johns Hopkins University in Maryland says the concept could
provide a way to solve some of the fundamental problems with existing ZKPs –
that you can attack them if you have computers that are powerful enough.
“What they’re saying is there’s a way around this, we can make proofs that
are perfectly secure. No matter how much time you spend trying to break
them, you won’t break them,” he says. “But the cost of that is you have to
use this new model with two computers. The speed of light is what it is.”
Reference:
Alikhani, P., Brunner, N., Crépeau, C. et al. Experimental relativistic
zero-knowledge proofs. Nature 599, 47–50 (2021).
DOI: 10.1038/s41586-021-03998-y
Tags:
Physics