You are on page 1of 9

Secure Authentication Based On

Zero –Knowledge Protocols


Agenda :
Introduction

ModuLes

Design of Modules

ZKP Mechanism

conclusion
Introduction

 Zero Knowledge Proofs :


Ø To Prove the knowledge of a secret without revealing it.
Ø Special form of interactive proofs between two parties : Prover and Verifier.
Ø An interactive proof usually takes the form of a challenge-response protocol.
Ø A common use of a zero-knowledge password proof is in Authentication.
Modules
Ø Customer Authentication :
 1. Registration
 2. Login
 3. Hashing
Ø Random Seed Generation
 1. Transaction Details
Ø Zero-Knowledge Protocol
 1.Sending Message
Ø Verifying the Secret

Ø
Design of Modules

Customer Authentication
ZKP Mechanism

Commo Commo
n Random Value n
Inputs Inputs

P Challenge V

Prove Verifi
r er
Response
Repeats t
number
of rounds

• Prover and verifier share common inputs (functions or values)


• The protocol yields Accept if every Response is accepted by the Verifier
• Otherwise, the protocol yields Reject

Example Ali Baba’s Cave

The Magic door can only be opened with a


magic word. Alice claims that she knows the
word and that she can open the door. Bob and
Alice are at point 1. Alice enters each case and
reaches the point 2.

1.Alice chooses to go either right or left. After Alice disappears, Bob comes to the
entrance of the room and asks Alice to come up from either the right or left.
2.if Alice knows the magic word, she will come up from the right direction. If she
does not know the word, she comes up from the right direction with ½
probability.
3.The game will be repeated many times.
Conclusion

Ø Zero knowledge proof (ZKP) is an interactive method to prove the possession of a secret
without actually revealing it.
Ø Zero Knowledge proofs exist for any NP-set, provided, One way functions exist for that
set.
Ø Existing ZKPs are iterative in nature, their protocols require multiple communication
rounds.
Ø The proposed one-round ZKP overcomes the iteration problem.
Ø We can provide strong privacy protection with little or no cost to a service provider for a
broad class of problems in e-commerce and knowledge work.
Ø

Ø
THANK YOU !