Have you ever thought about the sheer amount of your data that is out there, or the ways that it could be misused? I have, and let me tell you, it’s a scary scenario.
As a college student and aspiring tech entrepreneur, this was one of my primary motivators in co-founding the KU Blockchain Institute with my colleagues Jack Schraad and Nathan Nichols. Finding a way to protect consumer data while making the world a more trustworthy place is what drives my passion for this positive disruption — so building an organization focused around the research, education, and development of blockchain technology at our university was quickly transformed from a fun past time to an insatiable hunger for knowledge and progress.
In a world where we are willing to sacrifice anything for convenience, it is more important than ever to consider the implications of what we agree to. The “terms and service” agreements that we blindly accept have drastically changed the way we define “privacy” — and the damage was done before we even realized what was happening.
With the rapid evolution of technology over the course of the last twenty years, we’re seeing lawmakers struggle to regulate even the most basic of internet processes — much less the cutting-edge technological innovations that are transforming how our global society functions. As more data becomes available about consumer behavior, internal business processes, and government services, there are detrimental cybersecurity vulnerabilities for both commercial and household data.
A zero-knowledge society
Enter the concept of zero-knowledge proofs, which are a way to verify a claim about a piece of information is true, without knowing specifically what that piece of information is. This is achieved through applied mathematics and cryptography.
One of the best analogies that I’ve studied is the color-blind test.
Imagine that I am holding two marbles in my hands, a red one in my left hand and a green one in my right hand — but you are completely color blind and can’t distinguish between any colors.
My claim is that one of the marbles is red and the other is green, but you don’t know what colors are — you don’t have that piece of information — so you can’t verify that my claim is true.
To test my claim, I give you the marbles and you put them behind your back. You switch hands repeatedly and ask me which color is in each hand, and I can tell you with 100 percent accuracy which color is in which hand simply because I am not colorblind and can distinguish between the two — I have the piece of information.
But maybe I got a lucky guess the first time, and you think I’m just lying to you with my claim. It’s convincing that I could be lying, as I have a 50 percent chance of just getting lucky the first time. But what if we repeated the process a hundred times, or even a million?
The result is asymptotic, as the probability of me lying or getting lucky is halved for every time we repeat the process. As the probability of my claim being inaccurate approaches zero, we could agree with nearly 100 percent certainty that my claim about the colors is true — even though you don’t know what colors are. This same concept can be applied in real life and, if we are creative, in potentially endless scenarios.
If our personal information, or claims about our personal information, were loaded on a blockchain we could create a zero-knowledge proof backed software system that could be used to verify information while protecting personal data.
Let’s take a straightforward example, like buying a six-pack at a gas station. To verify that I am above 21 years old, I need to show the clerk my drivers license (or ID).
By giving the clerk my ID, I sacrifice all the personal information that my license contains including the driver’s license number, address, and other personal information, when all they need to know is if I am above the age of 21.
If this theoretical software system were enabled, our government issued IDs could be loaded onto a blockchain and we could be given a unique identifier that corresponds to the personal data on our ID.
When we go to the cash register to purchase our six-pack, we could use an individualized QR code on a smartphone or communicate our unique ID identifier to the cashier rather than present a physical ID. Theoretically this could then load our driver’s license picture (to prove that we are who we say we are), along with a “YES” or “NO” field to indicate if our claim to being over 21 is true.
A theoretical future
While this is a long-winded explanation of an unnecessary system, the concept remains relevant and could be applied to our internet usage, banking information, citizenship, or any other sensitive information that an individual may be uncomfortable sharing.
With the current state of society where we sacrifice our data for convenience, we could even use a similar system to be compensated when a company uses our data without our explicit permission.
Though many blockchain conversations begin with “blockchain is not bitcoin”, we are optimistic that zero-knowledge proofs can change the world and we aim to be a driving force in the education of these technologies.
In building our organization, we focus on technological innovations that have the potential to liberate our society while wresting institutional power from establishments that misuse our data daily. We endeavor to make our global society secure, trustworthy, and protected from malicious actors — and have fun doing it.
Although the current status quo is to sacrifice our privacy and not think twice about it, I invite you to join our discord and help us to make the world a more trustworthy place.
From time to time, we invite industry thought leaders, academic experts and partners, to share their opinions and insights on current trends in blockchain to the Blockchain Pulse blog. While the opinions in these blog posts are their own, and do not necessarily reflect the views of IBM, this blog strives to welcome all points of view to the conversation.