A zero-knowledge protocol, as in other types of interactive proofs, is a protocol between two parties in which one party (the prover), tries to prove a fact to the other party (the verifier). The fact is typically secret information such as a password or, in cryptographic applications, the private key of a public key encryption algorithm. In zero-knowledge protocols, the prover can convince the verifier that he is in possession of the secret without revealing the secret itself. In particular, zero-knowledge protocols are cryptographic protocols in which: 1) the verifier cannot learn anything from the protocol—no knowledge is transferred; 2) the prover cannot cheat the verifier and vice versa; and 3) the verifier cannot pretend to be the prover to any third party. Thus in a zero-knowledge protocol the fact or secret itself, or any other useful information, is not revealed to the other party during the protocol, nor to any eavesdropper. The Fiat-Shamir protocol was the first practical zero-knowledge cryptographic protocol.
Hash functions are commonly used in cryptography. A one-way hash function is a function that takes a variable-length input string and converts it into a fixed-length output string. An example of such a hash function is the SHA-1 function. It is impossible to determine the input string from the hashed string.
In some situations where A and B are two distrustful parties, it may be necessary for the parties to learn whether two documents which are possessed by the respective parties are the same or substantially the same. For example, B may claim to have a copy of A's secret document and A's course of action may hinge on whether B's claim is true. Neither party however can disclose their respective document to the other in order to verify B's claim without destroying their secrecy. While the use of zero-knowledge protocols is known for exchanging secret keys it has not been used for comparing documents.
There is a need therefore a strong zero-knowledge document comparison method between mutually distrustful parties.