Feeds

Zero-knowledge proof crypto scheme divines truths from nothing

Boffins scheme to help blow up nukes could also be handy for electronic voting

Providing a secure and efficient Helpdesk

Princeton University scientists have applied a cryptographic proof to verify if nuclear weapons have been disarmed, in a move that could reduce global nuke stockpiles and even help verify electronic voting.

The cryptographic scheme is a form of zero-knowledge proof first developed in the 1980s. Such proofs allow a party to prove something to a second party without the need to convey sensitive information or even answer yes or no to questions. In the case of nuclear disarmament that's handy because it means shy states can participate in nuke nullification efforts without giving away other secrets.

The sceheme is detailed in paper published by Nature by Microsoft Research's Boaz Barak and Robert J. Goldston, who write that "The verification of nuclear warheads for arms control involves a paradox: international inspectors will have to gain high confidence in the authenticity of submitted items while learning nothing about them."

"Proposed inspection systems featuring information barriers, designed to hide measurements stored in electronic systems, are at risk of tampering and snooping."

The research fused cryptography with physics to produce a "fundamentally new system" that could help verify other forms of data without the need to manually inspect it.

Glaser told the LA Times the work could be applied to verification of electronic voting, big data and DNA tests.

E-voting schemes used various crypto platforms to help a citizen verify their vote, that the election outcome matched the votes cast, and that only eligible people participated.

Their work was a complex neutron-soaked spin on the classic zero-proof crypto marbles game in which a verifier - or the nuke holder - could prove to an inspector that they held an equal number of marbles.

They would set up two buckets containing for example 100 marbles minus the quantity they claimed to hold in two cups. The inspector could tip either cup into either bucket to verify the claim which would check out if the final quantity added up to 100.

The latest research used high-energy neutron radiography that fired neutrons through warheads to paint a picture of the plutonium within. That image could be balanced against a disarmed warhead template similar to the marble game to prove a nuke had been neutralised without the risk of revealing state secrets. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.