In the Internet age, data privacy has become a sensitive and common issue. With the frequent occurrence of data breaches, the demand for privacy protection is gradually increasing. Due to its anonymous, non-tamperable, traceable and other attributes, blockchain technology has natural advantages in the direction of privacy computing. Once a landing-level application appears, it will generate a trillion-level market demand, which is very suitable for the early optimal layout.
As a “just-needed existence”, privacy protection can protect users and expand the encryption market, and is one of the important directions of Web 3.0. Now more and more leading VCs and developers are entering the privacy track, the competition is becoming more and more fierce, and different solutions have emerged for privacy protection.
Based on the current situation, Password Geek has sorted out the current privacy solutions. The current privacy solutions are mainly divided into four categories:
- Zero Knowledge Proof (ZKP)
- Trusted Execution Environment (TEE)
- Secure Multi-Party Computation (MPC)
- Homomorphic Encryption (HE)
The following password geeks elaborate on these four types of privacy solutions.
Zero Knowledge Proof (ZKP)
Zero-knowledge proofs provide a way to cryptographically prove knowledge of a specific set of information or data without revealing the specific details of the set of information or data. Take a simple example to understand:
Ali Baba was caught by the robber. In order to save his life, he needed to prove to the robber that he had the password to open the stone gate, and at the same time he could not tell the password to the robber. He came up with a solution by getting the robber a stone’s throw away from him, far enough that the robber couldn’t hear the password, and close enough that Ali Baba couldn’t escape from the robber’s bow. It was at this distance that Ali Baba showed the robber the opening and closing of the stone gate.
This whole process is a zero-knowledge proof, where the prover can convince the verifier that a certain assertion (Alibaba knows how to open Shimen) is correct without providing the verifier with any useful information (Shimen’s password).
There are various implementations of zero-knowledge proofs, such as zk-SNARKS, zk-STARKS, PLONK, and Bulletproofs. Each approach has its own advantages and disadvantages in terms of proof size, prover time, and verification time.
- Integrity : If the statement is true, an honest verifier can trust that an honest prover does have the correct information.
- Reliability : If the statement is false, no dishonest prover can convince an honest verifier that he has correct information.
- Zero-knowledge : If the statement is true, the verifier knows nothing but from the prover that the statement is true.
Zcash runs using Bitcoin’s underlying software and protocol. It has gone to zero-knowledge proofs, which can create private transactions that hide the user’s transaction amount and the recipient’s and recipient’s addresses. Zero-knowledge proofs can be applied to prove off-chain data while hiding data content on-chain.
IdentDeFi is a start-up project at the Ethereum Denver conference. It uses ZK proofs to maintain user anonymity and identify compliant users, focusing on open, secure, and privacy-preserving compliance checks. It can identify KYC users. In the running process, the user performs a KYC and mints a non-transferable NFT after verification, and then the protocol can check whether the user holds the KYC NFT, thereby helping the protocol screen qualified users to use its platform.
Aleo is the first platform to offer completely private applications. Aleo utilizes a decentralized system and zero-knowledge proofs to provide users with unlimited computing with absolute privacy. By building a blockchain that is private by default, open source, and built for the web, Aleo is uniquely positioned to address the shortcomings of blockchain adoption. With Aleo, users can access a world of personalized web services without giving up control over their private data.
Trusted Execution Environment (TEE)
A TEE is an independent processing environment with computing and storage capabilities that provides security and integrity protection. It is an area on the CPU, the role of this area is to provide a more secure space for the execution of data and code, and to ensure their confidentiality and integrity.
For example, the current system operating environment of the mobile terminal is called REE (Rich Execution Environment), and the system running in it is called Rich OS (Operating System), which can provide upper-layer applications with all the functions of the device, such as cameras, touch screens, etc. There are many security risks. It can obtain all the data of the application, but it is difficult to verify whether it has been tampered with, and it will be subject to various attacks. At this time, it needs the help of TEE.
The TEE provides an environment isolated from the REE to store the user’s sensitive information. The TEE can directly obtain the information of the REE, but the REE cannot obtain the information of the TEE. When the user pays, it is verified through the interface provided by TEE to ensure that the payment information will not be tampered with, the password will not be hijacked, and the fingerprint information will not be stolen.
- Security mechanism of software and hardware collaboration : isolation is its essential attribute. Isolation can be realized by software or hardware. More security mechanisms that integrate software, hardware, IP, and bus
- Computing power sharing : can use the same computing power and hardware resources of the CPU
- Openness : TEE is necessary only when there is a corresponding REE side, and the protection of trusted execution environment is only required in openness
The ChainLink oracle project is based on Town Crier, a contract trusted data source. A trusted communication channel is established between the trusted execution environment and the trusted data source in the real world, and the reliable data source sends the data to the oracle system in the trusted execution environment, and then sends the data to the blockchain . After passing the remote verification (Remote Attestation), the program in the trusted execution environment will be executed strictly according to the set logic, so the data obtained through this oracle machine is credible.
Ekiden is a smart contract platform developed by Oasis Lab, which mainly uses a trusted execution environment to execute smart contracts in a privacy-preserving form. In Ekiden’s network, nodes are divided into computing nodes and contract nodes. Contract nodes are used for the management and maintenance of the blockchain itself, and computing nodes are used to execute user transactions. The user’s transaction is directly sent to the execution node of the contract, and then runs in the TEE, and the execution result will be saved on the blockchain in the form of ciphertext. One of the biggest contributions of the Ekiden model is its decoupling from the consensus of contract computation, which allows for higher levels of concurrency while maintaining the integrity of the blockchain.
From an architectural point of view, Ekiden combines the underlying blockchain system with TEE-based execution. The TEE-blockchain combination enables secure and scalable execution of smart contracts, while also retaining strong confidentiality, integrity, and availability guarantees. The following diagram provides an overview of the Ekiden architecture:
TeeChan is a payment channel. Payment channel is one of the solutions to improve the scalability of Bitcoin payment, which can solve the problems of data storage, consensus waiting, high handling fee and scalability of the blockchain itself. In the TeeChan system, users without payment channels can directly create payment channels offline. Due to the isolation of the TEE environment, even users themselves cannot use the assets in the TEE account at will, so as long as there is a payment channel in the other party’s TEE Create, then you don’t need to worry about the other party using that money elsewhere without your permission.
Secure Multi-Party Computation (MPC)
MPC was proposed by Yao Qizhi in 1982, which means that participants use private data to participate in confidential computing without revealing their own private data, and jointly complete a certain computing task.
This technology can meet the needs of people to use private data for confidential computing, and effectively solve the contradiction between “confidentiality” and “sharing” of data. Secure multi-party computing includes multiple technical branches. At present, in the field of MPC, the main technologies used are secret sharing, inadvertent transmission, obfuscated circuits, homomorphic encryption, zero-knowledge proof and other key technologies. You can think that secure multi-party computing is a Heap protocol set.
- Input privacy : Secure multi-party computing studies how each participant protects the private data of each party during collaborative computing, focusing on the privacy and security issues between the participants, that is, in the process of secure multi-party computing, all parties must be guaranteed. The private input is independent, and no local data is leaked during the calculation.
- Computational correctness : All parties involved in secure multi-party computing perform collaborative computing on an agreed computing task through the agreed MPC protocol. After the calculation is completed, all parties receive correct data feedback.
- Decentralization : In traditional distributed computing, the central node coordinates the computing process of each user and collects the input information of each user. In secure multi-party computing, the status of each participant is equal, and there is no privileged participant or third party. Provide a decentralized computing model.
MIT Engima ‘s design in the medical field combines secure multi-party computation and blockchain. They plan to use blockchain for medical data sharing and private computing. They divide the system into 3 layers, the bottom layer is the blockchain network; the middle layer is the encryption facility layer provided by Engima, which provides functions of secret sharing and secure computing; the upper layer is the data warehouse layer, which provides data warehouses for traditional medical data, and some smart contracts, etc.
Homomorphic Encryption (HE)
HE focuses on data processing security , and it provides a function for processing encrypted data . That is, someone else can process the encrypted data, but the process doesn’t reveal any of the original content. At the same time, the user who has the key decrypts the processed data and gets exactly the processed result.
• Flexibility : Sharing of information can be initiated or cancelled at any time, eg by granting or revoking access to information to committee members.
• Security : There will be more security in the protection of personal information, for example, it can help individuals submit genomic data or other health information to screen themselves for cancer without revealing any actual identifying information.
• Comprehensive : Homomorphic encryption supports next-generation network security and functionality. For example, we can use succinct, non-interactive, and quickly verifiable cryptographic proofs, known as zero-knowledge proofs, to ensure that the code does not contain any errors.
Application in blockchain
The basic logic of blockchain application is to upload the information that needs to be stored on the chain, and through the verification and storage of many blockchain nodes, to ensure the validity and immutability of the data on the chain. For example, in Bitcoin, the user broadcasts the transfer information, and the blockchain node packs it on the chain after verification to ensure the legitimacy of the transaction; in Ethereum, it is necessary to rely on the blockchain node to correct the smart contract. Execute to achieve the unity and correctness of information on the chain. However, whether it is a public chain or a consortium chain, publishing a blockchain directly based on plaintext information usually leaks certain sensitive data.
In order to protect the privacy of the information on the chain, and at the same time realize the computability of the relevant information of the blockchain nodes, the data can be homomorphically encrypted, and the calculation process can be transformed into a homomorphic operation process, so that the nodes can be In the case of plaintext data, the ciphertext calculation is realized.
Overall, privacy issues are one of the most exciting areas of research in cryptography right now. However, due to the high technical threshold of the privacy track, it can be used in the real world, and there is still a lot of work to be done in terms of the efficiency of theoretical technology. Although in the past few years, the encryption industry has ushered in many discussions about the upcoming outbreak of the Web3 privacy track, but at present, the privacy track is still relatively small, and the number of users and usage is not very high, and many people even think that privacy is a false proposition.
From an objective point of view, the capital has been very active in the layout of the privacy track in the past few years. It can be seen that as the underlying infrastructure, the privacy solution is an underlying architecture that must be completed in the future. It is responsible for ensuring that financial data and business secrets are not leaked. key role. Therefore, privacy will inevitably become an important infrastructure for the encryption ecology to usher in the next wave of outbreaks.
Judging from the large inflow of developers and capital, the privacy track is still in its early stages, with sufficient time and funds. At present, most privacy infrastructure and applications are still under development and construction. In the future, whether they can form a strong competition for general smart contract platforms and win more users in a wide range of data usage scenarios is still worthy of attention and observation.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/how-much-do-you-know-about-the-four-pillars-of-the-privacy-track/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.