Wolfram Language Paclet Repository
Community-contributed installable additions to the Wolfram Language
ZeroKnowledge Authentication
Authentication server using Mathematica ZeroKnowledgeProofs package.
Introduction
Zero knowledge authentication is an authentication protocol based on ZeroKnowledgeProofs intended to protect against man in the middle attacks. This tech note will guide you in the setup of a local Zero knowledge authentication server.
Classical vs ZeroKnowledgeAuthentication
Classical vs ZeroKnowledgeAuthentication
Authentication is the process of verifying whether a person (or a program) is who (or what) it declares to be. This can be achieved by different means such as setting passwords, keys or using biometrics.
Al of the previously mentioned methods require for the client and the server to share a secret at the beginning of their interaction, a bit sequence that can only be reproduce by the current user. Later when the user request login into the server, it will present this sequence to the server and will be compared to the original registration sequence.
The following diagram illustrates the password authentication protocol:
With Zero knowledge authentication there is no need for both the server and client to share a secret, but to share the ZeroKnowledgePublicProblem for which the user has a ZeroKnowledgePrivateSolution at the moment of registration. The authentication server can verify that the user is who it declares to be by proving that it has a solution to the public problem without knowing the solution. This ensures that even if a malicious agent were to act as the authentication server and try to learn the password, it wont be able to learn the solution.
The following diagram illustrates the zero knowledge authentication protocol:
Run the server
Prerequisites
Prerequisites
◼
Python 2.5 or higher.
◼
Mathematica 13.1 or higher.
Installation
Installation
>>> pip3 install wolframwebengine
>>> git clone https://github.com/Aleph-GORY/ZeroKnowledgeAuthentication.git
Start the server
Start the server
Start the demo server by running:
>>> cd ZeroKnowledgeAuthenticator
>>> python3 -m wolframwebengine authentication_server --initfile authentication_server/init.wl
>>> python3 -m wolframwebengine authentication_server --initfile authentication_server/init.wl
Open a web browser and enter the authentication demo running in the address http://localhost:18000/zero_knowledge_authentication
Register a new user
Registration
Registration
Generate a ZeroKnowledgeProof based on a secret:
In[3]:=
zkProof=
["Isomorphism","Seed""SecretSeed"]
 | GenerateZeroKnowledgeProof |
Register a new user in the server by sharing the ZeroKnowledgePublicProblem:
Now that the user is registered refresh the server webpage to see the user data stored.
LogIn
LogIn
Generate a witness for the ZeroKnowledgeProof that will cipher the public problem and private solution into a list of 3 homomorphic cipher problems:
Compress the cipher problem and split it in packages for the server:
Send the homomorphic cipher problem to the verifier server and get a query:
Answer the query using the knowledge og the cipher solution:
Send the answer to the server for the final verification: