I've realised that one important piece of information is missing in our whitepapers: the proof of delivery.
To put you into context: when author creates a new content package, as part of the registration, she encrypts this content. This encryption/decryption key can't be, for obvious reasons, sent to the network as it is. So the author splits the key into several parts (called key particles), and send them to different seeders. In order to re-create the decryption key, the seeders must cooperate, and deliver their particles to the consumer. The particles are in both cases sent over the network encrypted with public keys of the receivers.
Since the particles are sent encrypted, how to prove that the seeder has sent to the consumer REALLY the particle - and not some random data? Here comes one of our zero-knowledge proofs - the proof of delivery.
The basic schema is as follows:
- Seeders and Customers generate key pairs
(h, x)
using El-Gamal schema in groupG
and generatorg
. The public partsh
are published in operations “ready_to_publish” and “request_to_buy" so everybody can see them - Author encrypts key particle
K
to some seeder using seeders public keyh_seed
and sends out, as part of content publishing, this ciphertext:c1=(g^r1, K*h_seed^r1) = (C_1, D_1)
for a randomr1
. - Seeder decrypts
K
and stores it. - Later, after receiving request to buy, the seeder encrypts
K
again using public key of the customerh_cus
into this ciphertext:c2=(g^r2, K*h_cus^r2) = (C_2, D_2)
for a random r2. - Also, publisher generates two random members of the group
b1
andb2
. Then he provides a ZKP in the form of tuple(g^b1, g^b2, g^(r1*b1)/h_cus^b2, x_seed*hash+b1, r2*hash+b2) = (A1, A2, A3, A4, A4)
. - Miners verify proof from the publisher by checking that
a.g^A4 == h_seed^hash * A1
, akag^(x_seed * hash + b1) == h_seed^hash * g^b2
b.g^A5 == C_2^hash * A2
, akag^(r2*hash+b2) == (g^r2)^hash * g^b2
c.(D2^x * C1 ^ A4) / (D1^x * h_cus^A5 ) == A3
.
Congratulations @ejossev! You have received a personal award!
2 Years on Steemit
Click on the badge to view your Board of Honor.
Congratulations @ejossev! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!