Triangular Verification Protocol

• Triangular Verification Protocol is a three-prover relativistic zero-knowledge proof system that verifies a valid 3-coloring of a graph while ensuring no color information is leaked.
• It employs simultaneous challenge-response rounds, random permutation masking, and distance-bounding constraints to achieve enhanced soundness (1 - 1/(3m) per round) against quantum adversaries.
• The protocol is designed for scalable, quantum-safe identity verification, with practical implementations demonstrated using GPS-disciplined clocks and FPGA-based schedulers in multi-site networks.

The Triangular Verification Protocol is a three-prover relativistic zero-knowledge proof (RZKP) system designed for quantum-safe, spatially-constrained identity and property verification, most notably applied to demonstrating knowledge of a valid 3-coloring of a public graph without revealing the coloring or leaking information about it. By leveraging simultaneous challenge–response rounds among spatially separated provers and verifiers, the protocol achieves strong security, even against malicious collaborators sharing arbitrary quantum entanglement, while incorporating explicit distance-bounding constraints to guarantee physical separation and rule out relay attacks. The protocol significantly improves soundness per round over earlier two-prover frameworks, making it suitable for scalable, multi-site identity verification scenarios (Ma et al., 18 Jul 2025).

1. Conceptual Foundations and Security Objectives

The primary objective is to allow a verifier to be convinced that three spatially separated provers possess a valid 3-coloring $\varphi$ of a given graph %%%%1%%%%, without learning the coloring itself. The security model considers provers that are unbounded in computational and quantum power, possibly sharing an arbitrary entangled state $\Psi$, but strictly forbidden to communicate between challenge reception and response emission. Verifier stations $V_1, V_2, V_3$ are arranged with mutual spacelike separation, so that the response window $\tau$ is less than the light-travel time between any two stations, enforcing a relativistic no-signalling condition. The protocol is thus robust against "mafia-fraud" or relay attacks and remains secure in quantum adversarial settings. The system also serves as a physical distance-bounding mechanism, confirming the geographical separation of provers (Ma et al., 18 Jul 2025).

2. Protocol Specification

Fix a public graph $G = (V, E)$ with $n = |V|$ vertices and $m = |E|$ edges. The secret witness is a 3-coloring $\varphi : V \to \mathbb{Z}_3$ such that $\varphi(u) \neq \varphi(v)$ for all $(u, v) \in E$. Let $S_3$ denote the symmetric group on three elements.

Each protocol round proceeds as follows:

• Verifier Sampling: Randomly select $e = (u, v) \in E$, a permutation $\pi \in S_3$, and challenge-type $t \in \{0, 1, 2\}$.
• Distribution of Challenges:

| Verifier $V_i$ | Prover $P_i$ | Message Contents | |:--------------:|:------------:|:-------------------------| | $V_1$ | $P_1$ | $(t, u, \pi)$ | | $V_2$ | $P_2$ | $(t, v, \pi)$ | | $V_3$ | $P_3$ | $(t, e, \pi)$ |

All challenges are sent simultaneously within the designated timing slot, with responses required within $\tau$.

• Responses and Checks (modulo 3 arithmetic):
  • If $t = 0$ (vertex-color test): $P_1$ returns $a_1 = \varphi(u)$, $P_2$ returns $a_2 = \varphi(v)$, $P_3$ returns $\perp$. Verifier checks $a_1 \neq a_2$.
  • If $t = 1$ (random-permutation test): $P_1$ returns $a_1 = \pi(0)$, $P_2$ returns $a_2 = \pi(1)$, $P_3$ returns $a_3 = \pi(2)$. Verifier checks $(a_1, a_2, a_3)$ is a permutation of $\{0,1,2\}$.
  • If $t = 2$ (consistency test): $P_1$ returns $a_1 = \pi(\varphi(u))$, $P_2$ returns $a_2 = \pi(\varphi(v))$, $P_3$ returns $\perp$. Verifier checks $a_1 \neq a_2$.

A round passes if all checks succeed; the proof as a whole is accepted if all $R$ rounds succeed.

3. Formalism and Mathematical Guarantees

The protocol employs the following notation and bounds:

• Challenge–response windows: For $d_{ij}$ the Euclidean distance between $V_i$ and $V_j$, $\forall i \ne j: \tau < d_{ij}/c$ (with $c$ the speed of light).
• Soundness error per round: For cheating provers (with or without quantum entanglement), the probability of passing is bounded by

$\epsilon_{\text{round}} \leq 1 - \frac{1}{3m}\;.$

The overall error after $R$ rounds is

$\epsilon \leq \left(1 - \frac{1}{3m}\right)^R\;.$

• The protocol is zero-knowledge: A simulator can sample all answer distributions without accessing the secret $\varphi$, as the application of a random $\pi$ perfectly hides color labels.

4. Security Properties and Proof Techniques

The soundness for quantum-safe security leverages:

• No-signalling Lemma: With spacelike-separated provers and tight response windows, any collusion is confined to strategies consistent with physical causality.
• Monogamy of Nonlocal Correlations: Even with entangled quantum states, provers cannot maximize success across all challenge types simultaneously beyond the stated bounds.
• Hybrid Argument: No strategy absent genuine knowledge of a valid $\varphi$ exceeds random success thresholds for enough rounds to circumvent the security bounds.

The zero-knowledge property is ensured by the fact that, for any issued challenge, the response distribution is independent of the actual coloring due to random permutation masking.

5. Implementation Aspects and Physical Parameters

Demonstrations have realized verifiers at the vertices of an equilateral triangle with $d \approx 300$ m and $\tau \approx 0.9\,\mu$s, which satisfies the relativistic constraint $$\tau < d/(3 \cdot 10^8\,\mathrm{m/s}) \approx 1\,\mu$$s. GPS-disciplined $10\,\mathrm{MHz}$ clocks and FPGA-based schedulers ensure alignment within sub-nanosecond precision.

Per round, each message from a verifier to a prover encodes $(t, \pi)$ and a vertex or edge of $G$ in $O(1) + O(\log n)$ bits; replies require 2 bits each (over $\mathbb{Z}_3$ plus $\perp$). Computation per round is limited to table lookup, trivial permutation, and wire-speed communications.

6. Comparative Analysis with Two-Prover Protocols

In standard two-prover relativistic ZK systems for 3-colorability, one prover provides coloring commitments while the other opens one color, with per-round soundness error $1 - 1/m$. The three-prover (triangular) protocol distributes roles across three agents and incorporates a distinct permutation-consistency check, enhancing per-round soundness to $1 - 1/(3m)$. Consequently, for a fixed soundness target, the required number of rounds is reduced by a factor of three. The protocol increases infrastructure requirements by one extra prover and verifier station, but this is offset by gains in efficiency and the simplicity of zero-knowledge simulation. In architectures where multiple verifier locations already exist (e.g., ATM or distributed access environments), the overhead is relatively modest (Ma et al., 18 Jul 2025).

7. Application Domains and Prospective Directions

Triangular RZKP protocols enable quantum- and relay-resistant authentication and property proofs in scenarios with geographically distributed verifiers and cooperating, but spatially and physically constrained, provers. Immediate application domains include scalable quantum-safe identity verification, ATM networks, and distributed access control. The protocol's design facilitates integration into existing infrastructure and may be adapted for further cryptographic tasks that benefit from multi-party, relativistic, and zero-knowledge properties. A plausible implication is that further protocol generalizations could reduce interaction or enhance robustness at scale, particularly as multi-location identity and blockchain-inspired verification architectures emerge (Ma et al., 18 Jul 2025).