The only way is zero … Can you get past the Troll?
With GDPR well under way, companies will have to invest in new ways of authenticating systems, and the storing and revealing of passwords, even in a hashed form. Overall the usage of passwords and a login ID is an archaic method and which needs to be replaced by ever-changing challenges. A key element of this is the concept of NP-complete — a problem which can be solved in polynomial times (eg x²) with a non-deterministic method. This article outlines one of the basic methods which can be used for zero-knowledge proof — and where someone knows something, but does not reveal their core knowledge, and proves that they know it instead.
A demonstration of the method used in this article is here.
Into the maze
I want you to pick my secret treasure which is in a maze, and which is guarded by a troll. I’ve told the troll that I will send someone to pick up the treasure, and that they can tell whom I send because the will find their way through the maze.
So I show you the maze, and you set off. When you get there, there are a whole lot of people there who also say I have sent them, and want to get into the maze. But how do the troll know I sent you, as others are listening? Let’s say you are Victor and the troll is named Peggy (which is a nice name for a troll!), and that Eve, the…