Hello, I would like to implement a zk-SNARKs scenario using jsnark but I can't figure out if it is indeed possible and how to approach the implementation in practice.
This library seems too technical for me at the moment. I would really appreciate it if there was anyone able to tell me if the following is possible and how to approach the implementation problem in practice, meaning how can I reach a point in which a prover can actually produce a proof file and then a verifier can simply take that file and verify it.
I would like to implement a scenario in which a prover P wants to prove the knowledge of the decrypted version of a file to a verifier V using zk-SNARKs. (The set-up phase to produce the proving and verification keys is done by a trusted third party of course.)
In this scenario there is a file f and its encrypted version is fE = Enc(f, k). Here Enc is a strong symmetric encryption algorithm such as AES and k is the key used to encrypt the file f.
The hash of the file f is Hf = SHA256(f)
In this scenario, I want the prover to be able to prove that:
SHA256(Dec(fE, k)) == Hf AND SHA256(k) == Hk
where obviously Dec( fE, k ) will produce the original file f.
The prover P will send to the verifier V the following elements, and V will be then able to verify the proof:
the proof itself just produced by P
the encrypted file fE
the hash of the file Hf
the hash of the key Hk
If the verification output is true (the proof is valid) the verifier V will be sure of the following:
Hf is the hash of a file f and the encrypted version of this file is fE (note that V doesn't have/know the original file f)
Hk is the hash of the key k used to encrypt the file f to obtain fE
Hello, I would like to implement a zk-SNARKs scenario using
jsnarkbut I can't figure out if it is indeed possible and how to approach the implementation in practice.This library seems too technical for me at the moment. I would really appreciate it if there was anyone able to tell me if the following is possible and how to approach the implementation problem in practice, meaning how can I reach a point in which a prover can actually produce a proof file and then a verifier can simply take that file and verify it.
I would like to implement a scenario in which a prover
Pwants to prove the knowledge of the decrypted version of a file to a verifierVusing zk-SNARKs. (The set-up phase to produce the proving and verification keys is done by a trusted third party of course.)In this scenario there is a file
fand its encrypted version isfE = Enc(f, k). HereEncis a strong symmetric encryption algorithm such as AES andkis the key used to encrypt the filef.The hash of the file
fisHf = SHA256(f)In this scenario, I want the prover to be able to prove that:
SHA256(Dec(fE, k)) == Hf AND SHA256(k) == Hkwhere obviouslyDec( fE, k )will produce the original filef.The prover
Pwill send to the verifierVthe following elements, andVwill be then able to verify the proof:PfEHfHkIf the verification output is true (the proof is valid) the verifier
Vwill be sure of the following:Hfis the hash of a filefand the encrypted version of this file isfE(note thatVdoesn't have/know the original filef)Hkis the hash of the keykused to encrypt the filefto obtainfEMany thanks to anyone who takes the time to read!