Communications of the ACM
'zero Knowledge' May Answer Computer Security Question
Researchers have developed a new protocol to create a "zero-knowledge proof," which could vastly improve the security of electronic messaging.
Credit: Spideroak.com
Cornell University researchers have developed a new protocol to create what is known as a "zero-knowledge proof," which involves answering questions that depend on having a secret bit of knowledge.
"I think zero-knowledge proofs are one of the most amazing notions in computer science," says Cornell professor Rafael Pass. "What we have done is to combine it with another notion--that it's easier to prove that a computation can be done correctly than it is to actually compute it."
The concept was first developed in 1985, and early versions required only a few messages being passed back and forth, but were insecure if an attacker participated in many proofs at the same time. The new protocol completes the job in as few as 10 exchanges while remaining secure over many simultaneous exchanges, according to Pass.
The next step is to apply the idea to the "man-in-the-middle" attack, in which an intruder slips in between two parties to a conversation, making them think they are talking directly to each other, in order to change messages as they pass through.
From Cornell Chronicle
View Full Article
Abstracts Copyright © 2013 Information Inc., Bethesda, Maryland, USA
No entries found