When we discuss blockchain, we are usually focused on the core of cryptography: Data confidentiality, data integrity, and user authentication. But cryptography can do so much more. So, let’s briefly discusses more advanced capabilities, some of which can seem like magic. Some are ready for use and are being deployed, whereas others are further out.

Zero-Knowledge Proofs. Let one party, Alice, prove that a certain fact is true without revealing anything else about that fact. Anyone can verify the proof and be convinced. As a simple example, suppose Alice encrypts a number between zero and five under Bob’s public key. Let ct be the resulting ciphertext. She wants to prove to Claire that ct is indeed an encryption of a number between zero and five but without telling Claire what the number is. She can do so by giving Claire a zero-knowledge proof that confirms this fact. Claire can verify the proof and be convinced, without learning anything about the decryption of ct, other than it is a number between zero and five. One of the most surprising results in cryptography is that any fact that Alice can prove to Claire, she can also prove to Claire in zero knowledge. This result has far-reaching implications to data privacy; Alice can convince anyone that some data satisfies a certain property without revealing anything else about the data.

Multiparty Computation. Reduces the need for trusted parties. A simple example is a sealed bid auction. Usually bidders submit their votes privately to a trusted third party, an auctioneer, who declares the winner. But how can the bidders trust the auctioneer to keep their bids private and honestly declare the winner? Multiparty computation is a technique that converts any problem that can be solved using a trusted third party into an interactive protocol among the participants that eliminates the trusted party. At the end of the protocol, the participants learn the final outcome, but nothing else is revealed about their initial inputs. In particular, they can run the sealed bid auction as an interactive protocol among the participants. The winner is declared, but nothing else about the bids is disclosed.

Functional Encryption. Shows that decryption is not an all-or-nothing proposition. It is possible to provide someone with a “functional” secret key that reveals certain information about the plaintext and nothing else. As an example, consider a service that filters spam email. If an email for Bob is encrypted under Bob’s public key, then the service cannot do its job unless Bob gives it the secret decryption key. The trouble is that the service can then read the entire email in the clear. Bob could instead give the service a functional secret key that computes the “is this spam” predicate and outputs yes or no. The spam filter could use this functional secret key to test whether the decrypted email is spam without learning anything else about the contents of the email. Although functional encryption has some remarkable applications, we do not yet have a general-purpose scheme that is efficient enough to be used in practice. This is still an active area of research.

Post-Quantum Cryptography. Ensures that cryptography continues to be strong for many years to come. Quantum computers use the laws of quantum physics to solve certain problems that are believed to be intractable for classical computers. One such problem is breaking existing public key schemes. This has significant implications for the security of encrypted data; data that is encrypted today using a public key encryption scheme, such as ElGamal encryption, will be decrypted once a large enough quantum computer (with enough qbits) is built. We do not know when such a quantum computer will be available, if ever, but some expect one to be ready in a few decades. This means that data encrypted today may become exposed at that time, and this worries organizations that deal with highly sensitive long-term data. To address this risk, we can update our public key encryption algorithms so that they remain secure even if the attacker is equipped with a large quantum computer. There are currently a number of known techniques that resist these attacks, as far as we know, and we expect them to be standardized by the National Institute of Standards and Technology (NIST) in the coming years. At that time, organizations that are concerned with long-term confidentiality can double-encrypt their data with both classically secure encryption and post-quantum secure encryption. Hence, quantum computers are only a short-term risk. Once post-quantum cryptography is used widely, they will no longer pose a risk. Cryptography will survive.