Zero-knowledge proofs and the total-knowledge status quo

There are also sorts of processes out there that are really about proof but rarely stated this way.  When you call the bank and verify your identity your mother's maiden name, they are not interested in the name per se but the proof that you know it.  Record linkage processes behind the scenes essentially operate on proof, done in the CPU of a computer, that a collection of records all refers to the same person in real life - just what a person's name is doesn't matter, but how it corresponds to other names in other records.  It's not a term in wide circulation, but you might call these total-knowledge proofs in that the information about the names is exposed.

There is a cryptographic technique called a zero-knowledge proof that allows these linkages and verifications to be performed without giving away anything about the data in question.  They are a natural fit for the P.I.I. (personally identifiable information) held by businesses about consumers, as this information is rarely of interest in it's own right but is instead used for the sort of matching and identification mentioned.  Capnion's position is that these zero-knowledge methods should replace their total-knowledge counterparts throughout the economy, eliminating the need for many businesses to ever hold unencrypted data on consumers.  

How can Ghost PII improve the security of what I am building?

Capnion's API is intended to permit developers to enhance the security of the applications using the Ghost PII protocol.  Below I will walk through one, hopefully familiar, example of a transaction involving personal information and explain how its security can be improve with Ghost PII.

We've all had to tell a bank website our mother's maiden name, or pass on some similar private information, to prove our identity at some point.  This is an unfortunate situation as protecting privacy requires moving around more information that jeopardizes privacy.  Capnion's technology has the power to fix this situation - in particular, it can ensure that no computer needs to ever hold your unencrypted response in memory ever at any time.

Here's how it works: software integrated to your browser encrypts your response (your mother's maiden name) when you type it in and this encrypted response is all that is ever sent to the bank.  It is all that sent when you open your account and establish your security questions, just as it is all that is sent when you prove your identity later.  The bank only holds encrypted data and never has the ability to decrypt it.  When the bank needs to check your answer, you can grant them permission to request a special key from Capnion's API that they can use to compare the two ciphertexts you gave them.  This special key lets the bank know whether you gave the same answer both times and nothing else.  

This transaction is an example of what is called a zero-knowledge proof.  You have proven to the bank that you are who you say, and 'zero-knowledge' refers to the fact that the bank has learned nothing about your mother's maiden name.