Poor Bradley lol I can imagine its something to do with difficulty of solving a problem? Make it so difficult to solve, that if one solves it then it's a validated case. Something like private and public asymetric keys being used to guard a transaction and give the user a challenge to de encrypt the TX. Or am I speaking rubbish?
I remember learning how ZKPs work from a fanfiction back when I was in highschool. Kudos to that author for getting teenage me into cryptography. They and all their work have since disappeared off the face of the internet, but I still remember their stories fondly.
How do you afford making that high quality videos? They are so good but you have only about 30k-40k views on many videos and that will make only about a 60-$100$
Here's my solution: To prove you have a piece of information, you could manipulate that information down, or encrypt it and send to the receiver to check if they can get the same result from their information(like a hash). i.e. if I have a string and you have a string, I could encrypt the string in a predetermined way, and give you the encrypted string. If you can encrypt it and get the same result, you know I have the string, and if you use secure enough encryption(like a one-time-pad) then its virtually impossible to crack.
That would be a good way if the information is case sensitive and something concrete. An abstact idea cant be proven in this case. Since a slight change of the input would make the output entirely different.
@@louiskusno hashing are one way function so there is no way to get the same hash of encrypted message by guessing. The receiver must need to have the exact message encrypted to get the exact hash. The send the hash of the encrypted message to the sender. The sender can verify the hash without reading the message.
@@kac5527 In Tim Gs example you (as an attacker) do not need to have the actual information, you just need to have the hash and input it to the receiver. If you have managed to capture one transmission of the hash by intercepting the traffic you (as an attacker) have won. The only way of preventing this attack would be to ensure that the transmitted hash is constantly changing with every transaction. This is called a Salt. For example you could use the date and time and hash it, but then the sender and the receiver has to be syncronized good enough to fit the resolution of the time measurement. If, for example, you take the milliseconds since 1970 as the salt and a fixed string as the secret then you need to ensure that the receiver's and the sender's clock are synchronized exactly to the millisecond. But this solution has flaws: If the clock does not match, the senders correct solution will be seen as incorrect by the receiver. Also the attack still would work if the attacker has a really fast connection and PC that can capture the traffic within microseconds, manipulate it and then resend it with the captured hash before the millisecond has passed. Another solution that comes into my mind to solve this would make this attack a bit harder would be to use the sequence number of the transmitted message as a salt as long as the communication channel is live. The problem to this would be that sender and receiver will get desynchronized if at least one package is getting lost while it is on its way to the receiver. Then the receiver will reject all following packages of the sender as invalid, so the connection has to be rebuild. But this might could open another attack vector: The intercepting attacker could force the sender to reconnect after every package (for example the attacker could block the network traffic of the sender to force a connection timeout or send packages with the wrong hashes on purpose to the sender to make him think that the client got desynchronized to force the receiver to close the channel), so he could reuse the hash he captured before the connection close and send it as the solution to the receiver and the receiver would accept it if there are no further security measurements present, because the hash of the attacker exactly matches the expected hash (the attacker still does not need to know the secret - having the hash is enough to fool the receiver into thinking that he is the legitimate sender). A second attack vector for this solution would be for the attacker to make sure he captures the first package in the channel (so that he knows the sequence number) and then with knowing the Salt running a Bruteforce or Dictionary Attack against the captured hash. If the attacker has enough computing power and enough time he will find out the secret (or at least a matching secret - Hash functions always cause collisions) by comparing the computed hashes with the captured one until he has found an input that generates the captured hash as output. Then he can manipulate all remaining traffic without making noise on the network by spamming reconnects.
If only you know what the future says, you'll know that indeed cryptocurrency is the future, investing in it now will be the wisest thing to do. Hold!!! And you"'ll thank yourself
How does this whole bitcoin thing works, I'm interested in it and willing and ready to invest heavily but I need an assistant to properly guide me through on how to make a good startup and be successful in it without making mistakes.
Keep it simple stupid. --> You need to exchange information about you knowing the secret but not the secret. Being on a list of people who know the secret , means anyone can see if you know the secret but not the secret! ANother solution may be shor's algorithm? Not quite there yet as my quantum mechanics are a bit rusty lmao
I suppose using a mathematical way, the person could have a number or formula referring to the 'secret'. A 'challenge' number could be sent and via a calculation ie. 'Challenge' X 'Secret', a number could be returned. By undoing the calculation, you could see whether they had the secret. Anyway, I'll watch and see 😁
No, once the "challenge" and retuned number is known in this case, the secret can be found. And that's not the goal. Youre supposed to prove without revealing the secret.
I was going to say through actions, that would display a knowledge of something, something that people can see, then reconcile that with an unknown or desired information.
I'm not completely sold on using zkp's for digital voting. It solves some of the issues but not all. How does the voter know their vote was recorded correctly? If they can check via a password then they can prove how they voted to others, making paying/threatening for votes easier.
I would say they mostly are. The voter crosses a ballot, which is placed in a sealed guarded box, then counted by representatives from all sides. Electronic voting is less transparent, and whilst not perfect physical voting requires far more effort and conspiracy to fake.
@Marek Kobra Not the best example of a functioning voting system it's true... However the fact everyone knows it was unfair is in favor of physical voting. The observers reported the tampering with ballots, something far harder to do using a electronic system. And regardless of the voting system very little can stop a government seizing power through force.
Can't Alice just tell Bob to enter the cave by path A and exit by path B? Alice won't know what the secret code is and the experiment is repeated only once.
This is the solution to the problem of minors on the Internet. I wish for a ID card that uses this technology and is also encrypted and uses the fingerprint system That you can only Enter it by the official authorities in the country.
On the Bob & Alice example, what guaranty is there that Bod kept only one Key? Can´t he keep all the keys and open all the boxes to see where the "+" is?
You make a riddle on the subject of the secret that is good enough to not be figured out and later forgotten. Also, with this type of anonymous voting, it seems you can only verify whether a vote happened, not the subject you have given the vote to, since it's anonymous. This seems prone to being misused; if you can't verify that what you voted for is indeed what the vote processed for, it may make the voting system meaningless and I hope I'm wrong.
I'm really tired of the colored balls and colored cards and other silly abstractions when the real application involves passing numeric messages in order to prove someones identity or password over a communication channel. Now how can you prove that you know a password without revealing any part of that password or providing any information that could be reused in a replay attack?
Perform a hash algorithm on the secret and then share the resultant hash. If another person has that secret they can hash it and compare their hash with mine.
Is it possible to create an algorithm that would combine all our personal data into a key? Basically take height, age, date born, social, etc etc etc and then create a key. Then whatever algorithm is being used would be able to allow the checker to know all these facts based off of the number the key generates. Something like an evolving algorithm based on our characteristics and potentially data we choose to input.
@@JR-mp9wu you can still get hacked, and it would probably be much easier since you don’t have the resources of a tech giant. The reason that bundling all of your data together is dangerous is because you’re putting all of your eggs in one basket, regardless of where that basket is. Interesting idea though.
Well, one solution is to use hash algorithms. Basically complicated math formulas done to the raw bits. In fact it's supposed to be used in database design with passwords and other sensitive data that isn't directly used, say an SSN for identifying people, not records like with the IRS. Those shouldn't be stored in the DB, ever. Just a hash generated by the algorithm, and the hash from the user logging in are compared. Of course the hash being sent is encrypted using HTTPS protocols (public/private key).
Hacking is like cooking. You have your tools to make food, the ingredients, and the recipe. Then your goal is some type of dish. You use your tools and ingredients to work around a recipe to get your dish!
Actually? I only ask because I'm curious. I question how I feel about it quite a bit and am always a little shocked when people say they don't care or just accept it is being lost.
I understood nothing. I just like hearing Bradley's voice when he explains something technical haha
why i watch half the things i watch
facts lol
Yessss, agreed...
I am sorry, but this one is a) too fast and b) too short to understand. I'd appreciate a more detailed version to get the concept. Thanks in advance
Poor Bradley lol I can imagine its something to do with difficulty of solving a problem? Make it so difficult to solve, that if one solves it then it's a validated case. Something like private and public asymetric keys being used to guard a transaction and give the user a challenge to de encrypt the TX. Or am I speaking rubbish?
I remember learning how ZKPs work from a fanfiction back when I was in highschool. Kudos to that author for getting teenage me into cryptography. They and all their work have since disappeared off the face of the internet, but I still remember their stories fondly.
The timing of when a person might have shared a secret with a friend. A rough idea of what the secret is.
For example, "last night... your mom"
This one was a little harder to understand and follow, but appreciate your work always!
Still convinced you're a secret agent
How do you afford making that high quality videos? They are so good but you have only about 30k-40k views on many videos and that will make only about a 60-$100$
It's a company!
One can reasonably assume they have strong support from a backer of some kind
Sum sub is a company of kyc verification
No ig posts 👀
Watched for a long time, they will defiantly be a top RUclips channel in the next few years
Wow, I love this channel. I have learned so much!
Спасибо, товарищ Бредли, за интересный рассказ. Примем к сведению.
Please, I think that i speak for many and we need a longer video of this topic.
Here's my solution:
To prove you have a piece of information, you could manipulate that information down, or encrypt it and send to the receiver to check if they can get the same result from their information(like a hash). i.e. if I have a string and you have a string, I could encrypt the string in a predetermined way, and give you the encrypted string. If you can encrypt it and get the same result, you know I have the string, and if you use secure enough encryption(like a one-time-pad) then its virtually impossible to crack.
That would be a good way if the information is case sensitive and something concrete. An abstact idea cant be proven in this case. Since a slight change of the input would make the output entirely different.
Strange enough I thought of the same.
@@louiskusno hashing are one way function so there is no way to get the same hash of encrypted message by guessing. The receiver must need to have the exact message encrypted to get the exact hash. The send the hash of the encrypted message to the sender. The sender can verify the hash without reading the message.
@@kac5527 In Tim Gs example you (as an attacker) do not need to have the actual information, you just need to have the hash and input it to the receiver. If you have managed to capture one transmission of the hash by intercepting the traffic you (as an attacker) have won. The only way of preventing this attack would be to ensure that the transmitted hash is constantly changing with every transaction. This is called a Salt. For example you could use the date and time and hash it, but then the sender and the receiver has to be syncronized good enough to fit the resolution of the time measurement. If, for example, you take the milliseconds since 1970 as the salt and a fixed string as the secret then you need to ensure that the receiver's and the sender's clock are synchronized exactly to the millisecond. But this solution has flaws: If the clock does not match, the senders correct solution will be seen as incorrect by the receiver. Also the attack still would work if the attacker has a really fast connection and PC that can capture the traffic within microseconds, manipulate it and then resend it with the captured hash before the millisecond has passed.
Another solution that comes into my mind to solve this would make this attack a bit harder would be to use the sequence number of the transmitted message as a salt as long as the communication channel is live. The problem to this would be that sender and receiver will get desynchronized if at least one package is getting lost while it is on its way to the receiver. Then the receiver will reject all following packages of the sender as invalid, so the connection has to be rebuild.
But this might could open another attack vector: The intercepting attacker could force the sender to reconnect after every package (for example the attacker could block the network traffic of the sender to force a connection timeout or send packages with the wrong hashes on purpose to the sender to make him think that the client got desynchronized to force the receiver to close the channel), so he could reuse the hash he captured before the connection close and send it as the solution to the receiver and the receiver would accept it if there are no further security measurements present, because the hash of the attacker exactly matches the expected hash (the attacker still does not need to know the secret - having the hash is enough to fool the receiver into thinking that he is the legitimate sender). A second attack vector for this solution would be for the attacker to make sure he captures the first package in the channel (so that he knows the sequence number) and then with knowing the Salt running a Bruteforce or Dictionary Attack against the captured hash. If the attacker has enough computing power and enough time he will find out the secret (or at least a matching secret - Hash functions always cause collisions) by comparing the computed hashes with the captured one until he has found an input that generates the captured hash as output. Then he can manipulate all remaining traffic without making noise on the network by spamming reconnects.
ого он по русски шпрэхает
If only you know what the future says, you'll know that indeed cryptocurrency is the future, investing in it now will be the wisest thing to do. Hold!!! And you"'ll thank yourself
Crypto trading is very profitable when you trade well.
Many of us don't know where to invest our money so We
invest it in wrong places and to the wrong people
How does this whole bitcoin thing works, I'm interested in it and willing and ready to invest heavily but I need an assistant to properly guide me through on how to make a good startup and be successful in it without making mistakes.
Just bought $7K Ethereum and $14k bitcoin with the recent dump in crypto I was told it's the right time to buy and get ready for a skyrocket.
@@louishansell8765 The only safe reliable,genuine and highly experienced expert I can refer you to is Mrs Pamela Morgan
Beep the secret like you do swear words with required context and both party will know what you are speaking off.
Keep it simple stupid. --> You need to exchange information about you knowing the secret but not the secret. Being on a list of people who know the secret , means anyone can see if you know the secret but not the secret! ANother solution may be shor's algorithm? Not quite there yet as my quantum mechanics are a bit rusty lmao
Bradley is the best
His voice is so soothing. Thank you for the ASMR content!
I suppose using a mathematical way, the person could have a number or formula referring to the 'secret'. A 'challenge' number could be sent and via a calculation ie. 'Challenge' X 'Secret', a number could be returned. By undoing the calculation, you could see whether they had the secret.
Anyway, I'll watch and see 😁
No, once the "challenge" and retuned number is known in this case, the secret can be found. And that's not the goal. Youre supposed to prove without revealing the secret.
hurry up and get some strings on that guitar
I was going to say through actions, that would display a knowledge of something, something that people can see, then reconcile that with an unknown or desired information.
You have choosen a perfect thing to make a video on , love you videos , dont stop making videos ever
Idk its just me or bradly is speaking so fast today. had to check if the video was playing on 1.25x
Lol right now, there are 5,000 views, 555 likes and 5 dislikes on this video.
I'm not completely sold on using zkp's for digital voting. It solves some of the issues but not all. How does the voter know their vote was recorded correctly? If they can check via a password then they can prove how they voted to others, making paying/threatening for votes easier.
As if these problems could be solved with existing voting mechanisms
I would say they mostly are.
The voter crosses a ballot, which is placed in a sealed guarded box, then counted by representatives from all sides.
Electronic voting is less transparent, and whilst not perfect physical voting requires far more effort and conspiracy to fake.
@Marek Kobra Not the best example of a functioning voting system it's true...
However the fact everyone knows it was unfair is in favor of physical voting. The observers reported the tampering with ballots, something far harder to do using a electronic system.
And regardless of the voting system very little can stop a government seizing power through force.
ITS BEEN WEEKS AAAA FINALLY A NEW VID
you should check out the mina protocol project.
This channel needs a Tom Scott collab.
Oh 100%. I loved that they both released videos right after each other too x)
Can't Alice just tell Bob to enter the cave by path A and exit by path B? Alice won't know what the secret code is and the experiment is repeated only once.
Orwell would like this
Im writing an essay on Marrakech right now!
This is the solution to the problem of minors on the Internet. I wish for a ID card that uses this technology and is also encrypted and uses the fingerprint system That you can only Enter it by the official authorities in the country.
bright future???😉
Is it Utopia Ecosystem?! Safe and anonymous!
On the Bob & Alice example, what guaranty is there that Bod kept only one Key?
Can´t he keep all the keys and open all the boxes to see where the "+" is?
@Marek Kobra HE’S EVEN MORE POWERFUL
You make a riddle on the subject of the secret that is good enough to not be figured out and later forgotten. Also, with this type of anonymous voting, it seems you can only verify whether a vote happened, not the subject you have given the vote to, since it's anonymous. This seems prone to being misused; if you can't verify that what you voted for is indeed what the vote processed for, it may make the voting system meaningless and I hope I'm wrong.
I'm really tired of the colored balls and colored cards and other silly abstractions when the real application involves passing numeric messages in order to prove someones identity or password over a communication channel. Now how can you prove that you know a password without revealing any part of that password or providing any information that could be reused in a replay attack?
The fact that you are watching this video from RUclips proves that will be no privacy awareness in the future.
Nothing says "I know all your secrets" like not being able to look you in the eyes anymore.....
If I didn't have a social media addiction, i would certainly disappear off the internet
This being posted 25 mins ago is the earliest i will ever be
maybe via some pgp, where they pgp sign it or something and the person who wants proof check if it is valid
Perform a hash algorithm on the secret and then share the resultant hash. If another person has that secret they can hash it and compare their hash with mine.
Is it possible to create an algorithm that would combine all our personal data into a key? Basically take height, age, date born, social, etc etc etc and then create a key. Then whatever algorithm is being used would be able to allow the checker to know all these facts based off of the number the key generates. Something like an evolving algorithm based on our characteristics and potentially data we choose to input.
Well this doesnt sound dangerous at all-
You wouldn't want to bundle all your data, it's way safer to give only what's reasonably needed in that situation
@@agentnine3973 I'm sure 20 years ago they would say the same thing about the problems/solutions we are creating today.
@@asronome But what if you are the one in control of all of it?
@@JR-mp9wu you can still get hacked, and it would probably be much easier since you don’t have the resources of a tech giant. The reason that bundling all of your data together is dangerous is because you’re putting all of your eggs in one basket, regardless of where that basket is. Interesting idea though.
Findora Whitepaper will not disappoint
Damn that's cool! A video looking into /imagining the future of local governance through DAOs and using NFTs would be very interesting!
ayy you're back
Well, one solution is to use hash algorithms. Basically complicated math formulas done to the raw bits. In fact it's supposed to be used in database design with passwords and other sensitive data that isn't directly used, say an SSN for identifying people, not records like with the IRS. Those shouldn't be stored in the DB, ever. Just a hash generated by the algorithm, and the hash from the user logging in are compared. Of course the hash being sent is encrypted using HTTPS protocols (public/private key).
algo comment, very nice
Бредли, ты правда живёшь в Питере?
why no strings on that guitar
i know one of your secret, and from now on let's act like we never know each other. *stop talking to him, forever*
Loopring ftw
hash it!
ibir nitawareshi, what does it mean?
Мои верные товарищи. Moi vernye tovarischi. My loyal comrades
Left me with more questions than answers lol
Riddle answer: I would just say it's a secret and me telling the person would not make it a secret anymore 😈.
9999 iq move right there
😉
but why not just use the “trust me bro” protocol?
I am glad you feeling better.
why is the guitar not stringed up
My back hurts😭
992th
tuf one
You are my hero
can you teach us how to hack?
Hacking is like cooking. You have your tools to make food, the ingredients, and the recipe. Then your goal is some type of dish. You use your tools and ingredients to work around a recipe to get your dish!
☺️
Claim your "here within an hour" ticket here!
I think the name for the video needs improvement, though video is pretty good
2:47 "he or she" 💀 I'm starting to take physical damage
Where's lucas?
I don't really mind about privacies anymore, because I'm gen Z
Actually? I only ask because I'm curious. I question how I feel about it quite a bit and am always a little shocked when people say they don't care or just accept it is being lost.
@@JR-mp9wu not all gen z feel this way.....
@@JR-mp9wu that because they dont understand the implications of loss of privacy
Second
No-one cares
@@good-sofa i do