Cryptographic protocol zero-knowledge proof on elliptic curves using one-way hash-function

We propose a cryptographic protocol with zero-knowledge proof (ZKP) on elliptic curves (EC) using public keys and random messages, allowing to establish the truth of a statement not conveying any additional information about the statement itself. The cryptographic protocols based on zero-knowledge proof allow identification, key exchange and other cryptographic operations to be performed without leakage of sensitive information during the information exchange. The implementation of the cryptographic protocol of the zero-knowledge proof on the basis of the mathematical apparatus of elliptic curves allows to significantly reduce the size of the protocol parameters and increase its cryptographic strength (computational complexity of the breaking). The security of cryptosystems involving elliptic curves is based on the difficulty of solving the elliptic curve discrete logarithm problem. We determine the completeness and correctness of the protocol and give an example of the calculation is given. The cryptographic protocol was modeled in the High-Level Protocol Specification Language, the model validation and verification of the protocol were also performed. The software verification of the cryptographic protocol was performed using the software modules On the Fly Model Checker and Constraint Logic based Attack Searcher. In order to validate the cryptographic protocol resistance to intruder attacks, we used the Security Protocol Animator package for Automated Validation of Internet Security Protocols and Applications. The security of the proposed cryptographic protocol ZKP EC is based on the difficulty of solving the elliptic curve discrete logarithm problem). The recommended elliptical curves according to DSTU 4145-2002 may be used to implement such cryptographic protocol.

Download Full-text

Side-Channel Protections for Picnic Signatures

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2021.i4.239-282 ◽

2021 ◽

pp. 239-282

Author(s):

Diego F. Aranha ◽

Sebastian Berndt ◽

Thomas Eisenbarth ◽

Okan Seker ◽

Akira Takahashi ◽

...

Keyword(s):

Hash Function ◽

Proof System ◽

Side Channel ◽

Side Channel Attacks ◽

Zero Knowledge ◽

Signature Schemes ◽

First Order ◽

The Third ◽

Zero Knowledge Proof

We study masking countermeasures for side-channel attacks against signature schemes constructed from the MPC-in-the-head paradigm, specifically when the MPC protocol uses preprocessing. This class of signature schemes includes Picnic, an alternate candidate in the third round of the NIST post-quantum standardization project. The only previously known approach to masking MPC-in-the-head signatures suffers from interoperability issues and increased signature sizes. Further, we present a new attack to demonstrate that known countermeasures are not sufficient when the MPC protocol uses a preprocessing phase, as in Picnic3.We overcome these challenges by showing how to mask the underlying zero-knowledge proof system due to Katz–Kolesnikov–Wang (CCS 2018) for any masking order, and by formally proving that our approach meets the standard security notions of non-interference for masking countermeasures. As a case study, we apply our masking technique to Picnic. We then implement different masked versions of Picnic signing providing first order protection for the ARM Cortex M4 platform, and quantify the overhead of these different masking approaches. We carefully analyze the side-channel risk of hashing operations, and give optimizations that reduce the CPU cost of protecting hashing in Picnic by a factor of five. The performance penalties of the masking countermeasures ranged from 1.8 to 5.5, depending on the degree of masking applied to hash function invocations.

Download Full-text

Zero-Knowledge Proof Based Authentication Over Untrusted Networks

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i6917.079920 ◽

2020 ◽

Vol 9 (9) ◽

pp. 238-241

Keyword(s):

Data Security ◽

User Anonymity ◽

The Other ◽

Cryptographic Protocol ◽

Zero Knowledge ◽

Ip Spoofing ◽

Authentication Schemes ◽

Zero Knowledge Proof

Zero knowledge proof is a powerful cryptographic protocol that is utilized to establish data security whilst ensuring and maintaining user anonymity. ZKP has relatively less complex computational requirements as compared to the other protocols for authentication. Conventional authentication schemes are susceptible to attacks such as MiTM, IP spoofing, DoS, replay and other eavesdropping based attacks, when the data is shared across an untrusted network. This paper shows an approach to ensure authentication of a device over an untrusted network whilst maintaining and safeguarding user credentials, by using the concepts of ZKP protocol.

Download Full-text

Non-interactive zero-knowledge proof scheme from RLWE-based key exchange

PLoS ONE ◽

10.1371/journal.pone.0256372 ◽

2021 ◽

Vol 16 (8) ◽

pp. e0256372

Author(s):

Shaofen Xie ◽

Wang Yao ◽

Faguo Wu ◽

Zhiming Zheng

Keyword(s):

Hash Function ◽

Key Exchange ◽

Public Key ◽

Public Key Encryption ◽

Zero Knowledge ◽

Proof Schemes ◽

Proof Scheme ◽

Verification Time ◽

Public Verification ◽

Zero Knowledge Proof

Lattice-based non-interactive zero-knowledge proof has been widely used in one-way communication and can be effectively applied to resist quantum attacks. However, lattice-based non-interactive zero-knowledge proof schemes have long faced and paid more attention to some efficiency issues, such as proof size and verification time. In this paper, we propose the non-interactive zero-knowledge proof schemes from RLWE-based key exchange by making use of the Hash function and public-key encryption. We then show how to apply the proposed schemes to achieve the fixed proof size and rapid public verification. Compared with previous approaches, our schemes can realize better effectiveness in proof size and verification time. In addition, the proposed schemes are secure from completeness, soundness, and zero-knowledge.

Download Full-text

Designated-Verifier Anonymous Credential for Identity Management in Decentralized Systems

Mobile Information Systems ◽

10.1155/2021/2807395 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Xudong Deng ◽

Chengliang Tian ◽

Fei Chen ◽

Hequn Xian

Keyword(s):

Hash Function ◽

Identity Management ◽

Single Point ◽

Proof System ◽

Public Concern ◽

Decentralized Systems ◽

Zero Knowledge ◽

Designated Verifier ◽

Anonymous Credential ◽

Zero Knowledge Proof

Most of the existing identity management is the centralized architecture that has to validate, certify, and manage identity in a centralized approach by trusted authorities. Decentralized identity is causing widespread public concern because it enables to give back control of identity to clients, and the client then has the ability to control when, where, and with whom they share their credentials. A decentralized solution atop on blockchain will bypass the centralized architecture and address the single point of the failure problem. To our knowledge, blockchain is an inherited pseudonym but it cannot achieve anonymity and auditability directly. In this paper, we approach the problem of decentralized identity management starting from the designated-verifier anonymous credential (DVAC in short). DVAC would assist to build a new practical decentralized identity management with anonymity and auditability. Apart from the advantages of the conventional anonymous credential, the main advantage of the proposed DVAC atop blockchain is that the issued cryptographic token will be divided into shares at the issue phase and will be combined at the showing credential phase. Further, the smooth projective hash function ( SPHF in short) is regarded as a designated-verifier zero-knowledge proof system. Thus, we introduce the SPHF to achieve the designated verifiability without compromising the privacy of clients. Finally, the security of the proposed DVAC is proved along with theoretical and experimental evaluations.

Download Full-text

Exploiting Pairing-Based Zero Knowledge Proof (ZKP) for Tactical Network Authentication

10.21236/ada558415 ◽

2012 ◽

Author(s):

Kui Ren

Keyword(s):

Zero Knowledge ◽

Network Authentication ◽

Zero Knowledge Proof

Download Full-text

Zero-Knowledge Proof-of-Identity: Sybil-Resistant, Anonymous Authentication on Permissionless Blockchains and Incentive Compatible, Strictly Dominant Cryptocurrencies

SSRN Electronic Journal ◽

10.2139/ssrn.3392331 ◽

2019 ◽

Author(s):

David Cerezo Sánchez

Keyword(s):

Zero Knowledge ◽

Anonymous Authentication ◽

Incentive Compatible ◽

Zero Knowledge Proof

Download Full-text

An access control model for the Internet of Things based on zero-knowledge token and blockchain

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01986-4 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Lihua Song ◽

Xinran Ju ◽

Zongke Zhu ◽

Mengchen Li

Keyword(s):

Internet Of Things ◽

Access Control ◽

Single Point ◽

Control Model ◽

Third Party ◽

Security Level ◽

Zero Knowledge ◽

Access Control Model ◽

Test Analysis ◽

Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Download Full-text