15. Is this it? Next-generation cryptography

This chapter covers:

  • How cryptography can help get rid of trusted third parties via secure multi-party computation (MPC).
  • How untrusted third parties can still compute useful programs on encrypted data via fully homomorphic encryption (FHE).
  • How zero-knowledge proofs (ZKPs) can be used to hide parts of a program’s execution to compress or add confidentiality to a protocol.

I started this book with the idea that readers who would get through most of the chapters would also be interested in the future of real-world cryptography. While you’re reading an applied and practical book, with a focus on what is in use today, the field of cryptography is rapidly changing (as we’ve seen in recent years with cryptocurrencies, for example). A number of theoretical cryptographic primitives and protocols are making their ways into the applied cryptography world. Maybe because these theoretical primitives are finally finding a use case, or maybe because they’re finally becoming efficient enough to be used in real-world applications. Whatever the reason, the real-world of cryptography is definitely growing and getting more exciting. So in this section, to leave you with a taste of what the future of real-world cryptography might look like (perhaps in the next 10 to 20 years), I will briefly survey three primitives:

15.1 The more the merrier: secure multi-party computation (MPC)

15.1.1 Private set intersection (PSI)

15.1.2 General-purpose MPC

15.1.3 The state of MPC

15.2 Fully homomorphic encryption (FHE) and the promises of an encrypted cloud

15.2.1 An example of homomorphic encryption with RSA encryption

15.2.2 The different types of homomorphic encryption

15.2.3 Bootstrapping, the key to fully homomorphic encryption

15.2.4 An FHE scheme based on the learning with errors problem

15.2.5 Where is it used?

15.3 General-purpose zero-knowledge proofs

15.3.1 How zk-SNARKs work

15.3.2 Homomorphic commitments to hide parts of the proof

15.3.3 Bilinear pairings to improve our homomorphic commitments

15.3.4 Where does the succinctness come from? Polynomials

15.3.5 From programs to polynomials

15.3.6 Program are for computers, we need arithmetic circuits instead

15.3.7 An arithmetic circuit to an rank-1 constraint system (R1CS)

15.3.8 From R1CS to a polynomial

15.3.9 It takes two to evaluate a polynomial hiding in the exponent