Secure Custody Dictionary
Professional & easy to read glossaries, we arm you with know-how in digital asset custody
Note: Relatively more relevant terms are located in the same place as possible for your convenience.
In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity, and availability of data). An adversary's efforts might take the form of attempting to discover secret data, corrupting some of the data in the system, spoofing the identity of a message sender or receiver, or forcing system downtime.
In malicious adversary mode, a malicious (also known as active) adversary may cause corrupted parties to deviate arbitrarily from the prescribed protocol in an attempt to violate security. A malicious adversary has all the powers of a semi-honest one in analyzing the protocol execution, but may also take any actions it wants during protocol execution. Note that this subsumes an adversary that can control, manipulate, and arbitrarily inject messages on the network.
A semi-honest adversary (also known as passive) is one who corrupts parties but follows the protocol as specified. In this mode, the corrupt parties run the protocol honestly but they may try to learn as much as possible from the messages they receive from other parties. Note that this may involve several colluding corrupt parties pooling their views together in order to learn information. That’s to say, the corrupt parties have the needs to acquire raw data from their counterparties and the involved parties have certain trust on each other.
ARM TrustZone is a hardware security extension technology, which aims to provide secure execution environment by splitting computer resources between two execution worlds, namely normal world and secure world. Two words are totally segregated by hardware that they have different permissions. The applications or operating systems in normal world will be strictly limited to access resources in secure world, while in contrast, programs in secure world can access resources in normal world normally. These qualities, such as hardware isolation and different permissions all make up an effective mechanism for protecting code and data of applications. Generally, normal world is used for product operating system (such as Android, iOS) which provides REE (Rich Execution Environment), and in secure world, TEE-kernel is used to create TEE (Trusted Execution Environment) that confidential data can be stored and accessed in TEE.
ARM TrustZone 是硬件安全扩展技术，旨在通过在两个执行世界（即正常世界和安全世界）之间分置计算机资源来提供安全的执行环境。两个世界做到完全硬件隔离，并具有不同的权限，正常世界中运行的应用程序或操作系统访问安全世界的资源受到严格的限制，反过来安全世界中运行的程序可以正常访问正常世界中的资源。这种两个世界之间的硬件隔离和不同权限等属性为保护应用程序的代码和数据提供了有效的机制：通常正常世界用于运行商品操作系统（例如Android、iOS等），该操作系统提供了正常执行环境（Rich Execution Environment，REE）；安全世界则始终使用安全的小内核（TEE-kernel）提供可信执行环境（Trusted Execution Environment，TEE），机密数据可以在TEE中被存储和访问。
Chain of Trust
The main function of chain of trust is to extend the trust relationship to the whole computing platform. Based on root of trust (RoT), the chain of trust will acquire various data that influence platform trustworthiness via trust measurement mechanism, and then it will judge the trustworthiness for the platform after comparing the acquired data to expected data.
信任链的主要作用是将信任关系扩展到整个计算机平台，它建立在信任根（RoT，root of trust）的基础上。信任链可以通过可信度量机制来获取各种各样影响平台可信性的数据，并通过将这些数据与预期数据进行比较，来判断平台的可信性。
A consensus algorithm is a fault-tolerant mechanism/algorithm that allows users or machines to coordinate in a distributed setting. It achieves the necessary agreement on a single data value or a single state of the network among distributed processes or multi-agent system (even if some agents fail).
Cryptography is the study of securing communications from outside observers that converts ordinary plain text into ciphertext and vice-versa. Encryption algorithms take the original message, or plain text, and converts it into ciphertext. The key allows the user to decrypt the message, thus ensuring on they can read the message. Cryptography focuses on four different objectives which are confidentiality, non-repudiation, integrity and authenticity. And, cryptography can be subdivided into symmetric cryptography, asymmetric cryptography and hash functions.
密码学是保护来自外部的通信的研究，将普 通纯文本转换为密文，反之亦然。 加密算法将原始消息或纯文本转换为密文。密钥允许用户解密消息，确保他们可以阅读消息。密码学注重四方面，即机密性、不可否认性、完整性和真实性。 密码学可以细分为对称密码学、非对称密码学和哈希函数。
Asymmetric cryptography, or public key cryptography, uses two keys to encrypt data. One is used for encryption, while the other key can decrypts the message. One key is kept private, and is called the “private key”, while the other is shared publicly and can be used by anyone, hence it is known as the “public key”. The mathematical relation of the keys is such that the private key cannot be derived from the public key, but the public key can be derived from the private. The private key should not be distributed and should remain with the owner only. The public key can be given to any other entity.
非对称加密技术，又称公钥加密技术，双密钥来加密数据。一个用于加密，而另一个用于解密数据。一个必须保持私有，称为“私钥”，而另一个可以公开分享，且任何人都可以使用，称为“公钥”。双密钥的数学关系是私钥不能从公钥导出，但公钥可以从私钥导出。 私钥不能分发，并且应该只由所有者保管。 公钥可以提供给任何其他个体。
Symmetric cryptography, or secret key cryptography, uses a single key to encrypt data. Both encryption and decryption in symmetric cryptography use the same key, making this the easiest form of cryptography. The cryptographic algorithm utilizes the key in a cipher to encrypt the data, and when the data must be accessed again, a person entrusted with the secret key can decrypt the data.
As a part of distributed computing architecture, a distributed network is a type of computer network that is spread over different networks. This provides a shared data communication network, which can be managed jointly or separately by each network. Along with distributed processing, different users work together to deliver specialized applications.
Two millionaires, A and B, both want to know who's richer while not to have anyone else know the exact fortune they have. So, they will break, mix and encrypt data to get the output only and decrypt it only. This is where garbled circuit can be applied. Computation can be transformed into circuits. Each circuit is made up of gates who has input wire and output wire. Also, for each gate, it has one truth table. Garbled circuit will conceal the truth table by encryption and garbling. A will use key to encrypt truth table and garble it , then send it to B. B will receive encrypted truth table, key for the inputs given by A and B-related key. All the keys received by B are random numbers. B will use keys to decrypt information and get the result, then send the result back to A. A will compare with information and get to know the result. The whole process is communicated via ciphertext or random numbers with no disclosure of valid information.
两个百万富翁 A 和 B，都想知道谁更富有，但不想让任何人知道自己的真实资产额，于是便将数据拆散、打乱并加密，输出结果并只解密该结果。那么，混淆电路便可以运用。计算可以转换为电路，一个电路由一个个门组成，每个门包含输入线和输出线，同时，每个门都有一张真值表，混淆电路就要通过加密和扰乱来掩盖真值表信息，A 通过密钥加密真值表并将其打乱发送给 B，B 收到加密后的真值表、A 所给的其输入对应的密钥以及与 B 相关的密钥，其中，B 所收到的密钥都是随机数，B 用收到的密钥进行解密得到输出结果，再将输出结果发给A，A来进行比较得知输出结果。整个过程都是密文或随机数进行 往来，不泄露任何有效信息。
Hardware wallet is a cold wallet that uses a hardware device — typically in the shape of a USB stick — to store the wallet’s private keys. It provides full isolation making them de facto unreachable to hackers or other malicious parties, such as like Trezor, Ledger and SafePal. To store crypto in the hardware wallet, owner sends it from a hot wallet to the hardware wallet’s public address. Conversely, if owner wants to send crypto from the hardware wallet to a friend or an exchange address, the owner connects the hardware wallet to the internet via the wallet’s dedicated software and then sign the transaction with private key.
硬件钱包是一种冷钱包，使用硬件设备，通常是外观类似USB的设备来储存钱包的私钥。硬件钱包提供完全隔离，使得真正做到黑客或其他作恶方无法触及，比如 Trezor、Ledger 和 SafePal。为了将加密货币储存在硬件钱包中，所有者将货币从热钱包发送至硬件钱包的公开地址。反之，如果所有者想从硬件钱包发送加密货币给朋友或交易所地址，所有者就会通过硬件钱包的专有软件将钱包联网，并使用私钥签署交易。
Hash functions are irreversible, one-way functions which protect the data, at the cost of not being able to recover the original message. Hashing is a way to transform a given string into a fixed length string. A good hashing algorithm will produce unique outputs for each input given. It can also act like digital fingerprints for any data that’s been encrypted being used to verify and secure against any unauthorized modifications during transport through networks. The only way to crack a hash is by trying every input possible, until you get the exact same hash.
哈希函数是不可逆的单向函数，它保护数据，但无法恢复原始消息。哈希是一种将给定字符串转换为固定长度字符串的方式。一个好的哈希算法将为给定的每个输入产生唯一的输出。 它还可以充当任何已加密数据的数字指纹，用于验证和防御网络传输过程中的任何未经授权的修改。 破解哈希的唯一方法是尝试所有可能的输入，直到获得完全相同的哈希。
Homomorphic Encryption (HE)
Homomorphic Encryption (HE) refers to a special type of encryption technique that allows for computations to be done on encrypted data, without requiring access to a secret key (for decryption). The results of the computations are encrypted, and can be revealed only by the owner of the secret key. There are 3 types of homomorphic encryption, partially homomorphic encryption, somewhat homomorphic encryption and fully homomorphic encryption, which their primary difference is majorly related to the types and frequency of mathematical operations.
同态加密 (HE) 是一种特殊的加密技术，它允许对加密数据进行计算，而无需访问密钥（用于解密）。计算结果被加密，并且只能由密钥的所有者披露。同态加密有部分同态加密、微同态加密和全同态加密三种，它们的主要区别主要与数学运算的类型和频率有关。
Identity and Access Management (IAM)
Identity and access management (IAM) is a framework that enables the right individuals to access the right resources at the right times for the right reasons. It defines and manages the roles and access privileges of individual network entities (users and devices) to a variety of cloud and on-premises applications. IAM addresses the mission-critical need to ensure appropriate access to resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.
Key Shard/ Private Key Shard
A key shard is a split or piece of private key that is for asset transactions or other decision making. Certain amount of shard keys will be required to execute the respective matter.
Micro-segmentation is a network security technique that enables security architects to logically divide the data center into distinct security segments down to the individual workload level, and then define security controls and deliver services for each unique segment. It expressly allows particular application traffic and, by default, denying all other traffic.
Secure Multi-Party Computation (MPC)
Two millionaires, A and B, both want to know who's richer while never have anyone else know the amount of fortune they have. Then, without any trusted parties, how to compare their wealth and let the 2 parties know the result? This is the famous Yao's millionaire question and that's the beginning of secure multi-party computation. Multi-party computation is a set of protocols based on modern cryptography to realize distributed computation in a coordinated manner without any third parties and data disclosure involved on the premise that multiple parties do not trust each other. Secure multi-party computation designs the protocol to let the algorithm be the middleman. Invovled multiple parties will execute the algorithm protocol to jointly acquire the desired output.
Multi-signature (Multisig) is a digital signing process that enables two or more users to sign transactions as a group, that’s to require multiple keys to verify a transaction.
Native MultiSig is a multisig mechanism supported by public blockchains represented by Bitcoin. Generally, it's M-of-N wallet whose address is jointly generated by N private keys, and when a transaction is being made, M private keys are required to sign it.
原生多签通常是以比特币为代表的公链上所支持的多签机制，一般为 m-n 模式，n 个单签私钥共同生成钱包地址，进行交易时，则由 m 个私钥进行签名。
Contract MultiSig is a multisig mechanism realized by smart contracts on public blockchains which do not support native multisig. That is, through deploying multisig contracts, multisig wallet address is generated, thus, M-of-N multisig can be realized.
合约多签通常指在不支持原生多签的公链上通过智能合约实现的多签机制，即通过部署合约，得到多签钱包地址，实现 m-n 多签机制。
Oblivious Transfer (OT)
Oblivious transfer is a cryptographic protocol in which a message sender sends one message among messages to be sent to message receiver. First introduced in 1981 by Michael O. Rabin, sender Alice sends a message to receiver, Bob, and there’s 50% probability for Bob to receive the message. Alice will not know if Bob gets the message or not, while Bob can be sure if he receives or not. Another more pragmatic form is 1-out-2 oblivious transfer. Alice sends 2 messages to Bob, and Bob gives one input to get the output that Bob will get what he wants in the end and Alice still doesn’t know which one Bob got. And, there has been extension from 1-out-2 which is 1-out-n mode.
不经意传输是一个密码学协议，在这个协议中，消息发送者从一些待发送的消息中发送一条给接收者，但事后对发送了哪一条消息仍然未知。1981年由 Michael O. Rabin 首先提出，发送者 Alice 给接收者 Bob 发送一条消息，而Bob右50%机率收到消息。Alice 不会得知 Bob 是否收到消息，而 Bob 可以明确知道。另一个更实用的不经意传输是2选1不经意传输。Alice 给 Bob 发送两条消息，Bob 给一个输入来获得输出信息。最后，Bob 会得到他想要的信息而 Alice 不会知道 Bob 是否有收到。另外，还对二选一进行了延伸，有 n 选一不经意传输。
A private key is a sophisticated form of cryptography that allows a user to access their cryptocurrency. Unlike the publicly accessible public key, the private key is a secret key known only by its owner and cryptocurrency owners are usually given a public address and a private key to send and receive coins or tokens.
A public key is a cryptographic code that allows users to receive cryptocurrencies into their accounts which is published for all the world to see.
Rich Execution Environment (REE)
Rich Execution Environment (REE) is a system operating environment for mobile devices whose operating system is called Rich OS (Operating System). The Rich OS is open and universal for all devices which can provides all functions for applications. Typical systems are Android, IOS and Linux etc. Meanwhile, Rich OS also faces lots of security vulnerabilities prone to be attacked by hacking.
正常执行环境是移动终端的系统运行环境，其中运行的系统称为Rich OS（Operating System），开放、通用且可以给上层应用提供设备的所有功能，典型的系统有Android、IOS、Linux等，同时，Rich OS 存在诸多安全漏洞，且易受黑客攻击。
Root of Trust (RoT)
According to TCG, a Root of Trust (RoT) is a component that performs one or more security-specific functions, such as measurement, storage, reporting, verification, and/or update. It is trusted always to behave in the expected manner, because its misbehavior cannot be detected (such as by measurement) under normal operation.
根据 TCG 定义，信任根 (RoT) 是执行一个或多个安全特定功能的组件，例如测量、存储、报告、验证和/或更新。 它总是以预期的方式运行，进而值得信赖的，因为在正常操作下无法检测到它的不当行为（例如通过测量）。
Root of Trust for Confidentiality (RTC)
According to TCG, a Root of Trust for Confidentiality (RTC) is an RoT providing confidentiality for data stored in TPM Shielded Locations.
根据 TCG 定义，可信保密根（RTC）是一种为存储于TPM被隔离位置的数据提供保密性的信任根。
Root of Trust for Integrity (RTI)
According to TCG, a Root of Trust for Integrity (RTI) is an RoT providing integrity for data stored in TPM Shielded Locations.
根据 TCG 定义，可信完整根（RTI）是一种为存储于TPM被隔离位置的数据提供完整性的信任根。
Root of Trust for Measurement (RTM)
According to TCG, a Root of Trust for Measurement (RTM) is an RoT that makes the initial integrity measurement, and adds it to a tamper-resistant log.
根据 TCG 定义，可信度量根（RTM）是进行初始完整性测量并将其添加到防篡改日志的信任根。
Root of Trust for Reporting (RTR)
According to TCG, a Root of Trust for Reporting (RTR) an RoT that reliably provides authenticity and non-repudiation services for the purposes of attesting to the origin and integrity of platform characteristics.
根据 TCG 定义，可信报告根（RTR）是一种提供可靠真实性和不可否认性以证明平台特征的来源和完整性的信任根。
Root of Trust for Storage (RTS)
According to TCG, a Root of Trust for Storage (RTS) is the combination of an RTC and an RTI.
根据 TCG 定义，可信存储根（RTS）是一种结合可信保密根（RTC）和可信完整根（RTI）的信任根。
Shamir's Secret Sharing
Shamir's secret sharing, or key sharding, is a process by which a private crypto key is split into separate pieces, or shards, rendering each shard useless unless enough are assembled to reconstruct the original key.
Single Point of Failure
A single point of failure is any non-redundant part of a system that, if dysfunctional, would cause the entire system to fail. Essentially, it’s a flaw in the design, configuration, or implementation of a system, circuit, or component. It poses a potential risk as it can lead to a total system break-down. In a system or network, such as server hardware, single private key or network switch all can be single point of failure.
A single signature wallet is a type of wallet that typically only needs one signature to sign the transaction.
Software Defined Perimeter (SDP)
A software-defined perimeter (SDP) is a way to hide Internet-connected infrastructure (servers, routers, etc.) so that external parties and attackers cannot see it, whether it is hosted on-premises or in the cloud. The goal of the SDP approach is to base the network perimeter on software instead of hardware. It forms a virtual boundary around company assets at the network layer, not the application layer. This separates it from other access-based controls that restrict user privileges but allow wide network access.
TCG Software Stack (TSS)
TCG Software Stack (TSS) are untrusted software services that facilitate the use of the TPM and do not require the protections afforded to the TPM. As a software stack designed to isolate TPM application programmers from the low level details of interfacing to the TPM, it provides a standard API for accessing the functions of the TPM, for operation systems and applications.
可信软件栈（TSS）是不受信任的软件服务，便利TPM 的使用，并且不需要为 TPM 提供保护。 作为将 TPM 应用软件程序员与 TPM 接口的低端细节隔离开来的软件堆栈，它为操作系统和应用程序提供了用于访问 TPM 功能的标准 API。
Threshold Signature Scheme (TSS)
Threshold Signature Scheme (TSS) is, based on MPC, a signing protocol which combines Shamir's secret sharing and multi-signature. TSS requires multiple shard keys to sign transactions in turns and then generate the final valid signature. During the signing process, all shard keys held by multiple parties are not disclosed nor shared. The only public output is the final signature.
门限多签方案是基于 MPC，将秘密共享和多签结合起来，使用多个私钥分片轮流进行交易签名，生成最终有效签名的签名协议。而在整个签名过程中，各方所用的私钥分片不公开、不共享， 公开的输出就是最终生成的签名。
Trusted Computing (TC)
Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. In the computing platform, first, one root of trust will be created, then to build up a chain of trust from hardware platform, operating system to application system. In this chain, starting from the root, to verify and trust next one in a hierarchical manner, so that the trust is extended to the whole level and a secure and trusted computing environment is built up. One trusted computing system consists of root of trust, trusted hardware platform, trusted operating system and trusted application. The ultimate goal is to enhance the security of computing platform.
可信计算（TrustedComputing，简称TC）是一项由 TCG (可信计算组)推动和开发的技术。在计算平台中，首先创建一个安全信任根，再建立从硬件平台、操作系统到应用系统的信任链，在这条信任链上从根开始一级测量认证一级，一级信任一级，以此实现信任的逐级扩展，从而构建一个安全可信的计算环境。一个可信计算系统由信任根、可信硬件平台、可信操作系统和可信应用组成，其目标是提高计算平台的安全性。
Trusted Computing Platform
A Trusted Computing Platform is a computing platform that can be trusted to report its properties.
Trusted Execution Environment (TEE)
A Trusted Execution Environment (TEE) is a secure area inside a main processor. It runs in parallel of the operating system (OS), in an isolated environment. It guarantees that the code and data loaded in the TEE are protected with respect to confidentiality and integrity. That is, executed code and the data that is accessed are physically isolated and confidentially protected so that no one without integrity can access the data or change the code or its behavior.
可信执行环境（TEE）是主处理器内的安全区域。它在隔离环境中与操作系统 (OS) 并行运行。它保证在 TEE 中加载的代码和数据在机密性和完整性上均受到保护，也就是说，执行的代码和被访问的数据是物理隔离的并受到机密保护，因此没有完整性的人员无法访问数据或更改代码或进行其行为。
Trusted Platform Module （TPM)
A trusted platform module(TPM) is a computer chip (microcontroller) that can securely store artifacts used to authenticate the platform (your PC or laptop). These artifacts can include passwords, certificates, or encryption keys. A TPM can also be used to store platform measurements that help ensure that the platform remains trustworthy. TPM provides a hardware-based tamper-resistant environment.
可信平台模块 (TPM) 是一种计算机芯片（微控制器），可以安全地存储用于验证平台（PC 或笔记本）的工件。 这些工件可以包括密码、证书或加密密钥。 TPM 还可用于存储有助于确保平台保持可信的平台测量值。 TPM 提供了一个基于硬件的防篡改环境。
A zero-knowledge proof is a method by which one party (the prover) can prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x. A zero-knowledge proof must satisfy three parameters, completeness (true statement will be true), soundness (false statement cannot be true) and zero knowledge (only the result of proving is revealed to verifier). Take an example, a cave is shaped like a ring and, Alice and Bob are at the entrance on the left side, which is also the exit. In the cave, there is a magic door getting in the way for going back to the exit. When they get into the cave at the entrance, as Bob says that he knows the spell to open the door and wants to prove himself to Alice. Then, Alice waits at the exit, Bob gets into the cave and uses the spell to open the door and returns. This process can be repeated till Alice believes that Bob tells truth. This is a simple process for zero knowledge proof that Alice still doesn’t know the spell except the proving result and Bob proves his statement true.
零知识证明是一方（证明方）向另一方（验证方）证明他们知道某一事实/值 X ，而出了验证结果外，不用透露任何其他信息的方法。零信任证明需要有3个性质，完备性（真的假不了）、可靠性（假的真不了）和零知识性（验证方仅知道验证结果）。举一个例子，在一个呈环形的洞穴里，Alice 和 Bob 都在左侧的入口处，也是出口处。洞穴里有一个魔法门挡住去路。当他们进入山东入口时，Bob 表示他知道魔法门咒语并想向 Alice 证明。随后，Alice 等在出口处，Bob 进入洞穴，用咒语打开魔法门并返回。这一过程可以重复多次直到 Alice 相信 Bob 说的是真的。这是零信任证明的简单过程，Alice 除了验证结果，依旧不知道咒语，Bob 已 经证明他的说法是真的。
Zero Trust Architecture
A zero trust architecture is an approach/ a framework to system design where inherent trust in the network is removed. Instead, the network is assumed hostile and each access request is verified, based on an access policy. It requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter.
零信任架构是一种系统设计方法/框架，摒弃了对网络的固有信任。 相反，零信任架构假设网络是敌对的，并且每个访问请求都通过访问策略进行验证。 它要求，无论个人或设备是在网络边界之内还是之外，对试图访问私有网络上资源的每个人和设备都要进行严格的身份验证。
According to Zcash, the first widespread application of zk-SNARKs, the acronym zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge,” and refers to a proof construction where one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and verifier. “Zero-knowledge” proofs allow one party (the prover) to prove to another (the verifier) that a statement is true, without revealing any information beyond the validity of the statement itself. In a zero-knowledge “Proof of Knowledge” the prover can convince the verifier not only that the number exists, but that they in fact know such a number – again, without revealing any information about the number. “Succinct” zero-knowledge proofs can be verified within a few milliseconds, with a proof length of only a few hundred bytes even for statements about programs that are very large. In the first zero-knowledge protocols, the prover and verifier had to communicate back and forth for multiple rounds, but in “non-interactive” constructions, the proof consists of a single message sent from prover to verifier. Currently, the most efficient known way to produce zero-knowledge proofs that are non-interactive and short enough to publish to a block chain is to have an initial setup phase that generates a common reference string shared between prover and verifier.
根据 Zcash, 最早广泛应用的 zk-SNARK，zk-SNARK 的全称是零知识简洁非交互式知识论证（Zero-Knowledge Succinct Non-Interactive Argument of Knowledge），是一种证据构造，在不用披露信息内容，证明方和验证方无互动的情况下证明持有该信息，如私钥。“零知识”证明允许一方（证明方）向另一方（验证方）证明陈述是真实的，而不用泄露超出陈述本身有效性的任何信息。在零知识的“知识证明”中，证明方不仅可以使验证方相信该数字存在，而且实际上他们知道这样的数字，同时也不会泄露有关该数字的任何信息。“简洁”的零知识证明可以在几毫秒内得到验证，证据长度只有几百字节，就算是对非常大的程序的陈述也是如此。在第一个零知识协议中，证明方和验证方必须来回传递多轮，但在“非交互式”构造中，证明包括从证明方发送给验证方的单个消息。目前，向一区块链生成非交互足够简短的零知识证明的最有效已知方式是具有初始设置阶段生成在证明方和验证方间共享的公共参考串。