In my last column I wrote about the frustration of managing passwords. The software industry is moving to password-less authentication, relying instead on biometric data such as a fingerprint or a facial image. In consequence the “big tech” companies could collect personal information on a large scale, which potentially could be exploited to have oversight over entire populations. Is there any other alternative to biometric harvesting, for password-less systems?
A classic password is intended to be a secret known only to you and a service which you want to use, such as your bank or email. In theory the service could simply remember your password when you first create it, and then on each subsequent attempted use verify that you are quoting the original password. However a hacker could potentially break into the service and immediately see all the various client passwords.
An encrypted password would obviously be better, but this requires a secret key known only to you and the service you want to use. The key is necessary both to encrypt the password in the first place, and subsequently to decrypt the encoded text back to a readable password. The challenge then becomes ensuring that hackers can never discover the secret keys.
Most systems today instead use some form of “one way” encryption, in which each password is encrypted but never ever decrypted, thus avoiding the need to share a secret key. The approach assumes that it is highly unlikely that two different passwords would ever produce an identical encoded text. Furthermore, the strategy relies on it being almost impossible – taking too much computing power – to be able to decrypt an encoded text, even though the steps of the encryption algorithm are fully disclosed for anyone interested, including hackers.
Each time you use a service, your device sends your password to the service. The service encrypts your password and verifies that the result matches what the service expects as the encoded form of your password. If a hacker ever broke into the service, the stored encoded passwords might be discovered but it would be virtually impossible to recover the original passwords which led to those encoded forms. This protects the authentication system against theft of password data stored by a service. However, standard encryption and decryption techniques must still be used to transmit passwords across the internet.
When and if quantum computers become viable, it is probable that the considerable leap in computing power could mean that one-way systems previously considered as unbreakable would now be successfully decrypted. Because of this threat, and the drawbacks of large scale biometric harvesting, some start-ups are now promoting an entirely different approach to authentication based on “zero knowledge proofs”.
The basic idea is that little or no information at all about a secret password needs to be exchanged between your device and a service. Instead, to verify that a party – for example, your device – has a particular secret known only to itself and not anyone else, the verifier poses a set of challenge questions whose answers increasingly confirm that the candidate does indeed know the secret.
For example, say you challenge a friend to predict the outcome of a coin flip. There would be a 50 per cent chance that your friend would be successful. But if you repeated the challenge, your friend would only have a 25 per cent chance of successfully guessing both outcomes. If you repeated the challenge say 20 times, there would only be a one in about a million chance that your friend could successfully predict all 20 outcomes. However, if your friend did achieve this, you would probably conclude that your friend had a remarkable secret that enabled them to predict the future.
Rather than predicting the future, zero knowledge systems instead rely on a class of mathematical problems, each of which if successfully verified over a collection of challenges, make it extremely likely that a secret solution is indeed known. The entire process of challenges and checking is fast, and can typically be done in under a second. It works because the verifier asks the claimed holder of a secret to do things that can only be achieved if the claimant definitely knows the secret. If instead the claimant guesses, the verifier will reasonably quickly conclude over a series of trials that the other party does not actually know the secret.
Zero knowledge authentication is still in its infancy, subject to both research and innovation. Intriguingly, there are prototypes derived from the approach that would allow two or more parties to collaborate on a joint problem without ever having to share their private data with each other. A practical example might be two financial institutions, for example, a bank and an insurance company, being able to conclude that they had a customer in common and so offer additional services or discounts to that customer, but without sharing any data whatsoever about what each knew about that particular customer. This in turn may raise interesting issues for privacy legislation: how much collaboration could be valid using only partial knowledge of a person, without sharing or exposing that partial information to collaborators?















