When Fiat and Shamir Changed The World of Cybersecurity and Privacy

With Zero-Knowledge Proofs (ZKPs), I can prove I have knowledge of my data, without revealing it. This might relate to my password, my face biometrics, or even any digital data that I want to keep secret. So, let’s take an example of doing with the Schnorr methods and which implement a Fiat-Shamir approach [1]:

The approach is where Peggy will register a secret (such as a password), and then create her own proof whenever required (such as logging into a system). Victor will then prove that she knows the secret without Peggy ever revealing it to her. As Peggy generates her own proof, we define this as a Non-Interactive ZKP (NI-ZKP).

Method

The orginal Fiat-Shamir paper uses discrete logs, but these days we use elliptic curve methods. With this we have a base point (G), and then create a scalar value of x, and where the resultant point is x.G, and which is G+G+…+G.

Peggy first creates her secret (x), and then calculates xG, and where G is a two random point on an elliptic curve. She sends this to Victor.