CN117155577A - Authentication method and equipment based on zero knowledge proof - Google Patents

Authentication method and equipment based on zero knowledge proof Download PDF

Info

Publication number
CN117155577A
CN117155577A CN202311050065.2A CN202311050065A CN117155577A CN 117155577 A CN117155577 A CN 117155577A CN 202311050065 A CN202311050065 A CN 202311050065A CN 117155577 A CN117155577 A CN 117155577A
Authority
CN
China
Prior art keywords
server
client
verification
user
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311050065.2A
Other languages
Chinese (zh)
Inventor
颜宇辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Kunyao Network Technology Co ltd
Original Assignee
Shanghai Kunyao Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Kunyao Network Technology Co ltd filed Critical Shanghai Kunyao Network Technology Co ltd
Priority to CN202311050065.2A priority Critical patent/CN117155577A/en
Publication of CN117155577A publication Critical patent/CN117155577A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application aims to provide an authentication method and equipment based on zero knowledge proof, which are characterized in that a zero knowledge proof circuit between a client and a server is built by initializing the client and the server; the client generates a certification key, and obtains the number of times of the current input operation and the interface calling parameters; operating a zero knowledge proof circuit to generate a proof; the client initiates a verification request to the server; the server side calls the verification key and the request count, and when the request count is consistent with the number of the current input operation, the zero knowledge proof circuit is operated to verify the verification, and response information which is returned when the verification is passed and used for indicating that the verification is passed is returned. The application can provide powerful evidence that the request comes from the client through the data transmission based on zero knowledge proof without carrying out data interaction through token certificates or continuously inputting user passwords and the like, avoids the situation that the request is forged, and jointly ensures the safety of the client and the server in the authentication process.

Description

Authentication method and equipment based on zero knowledge proof
Technical Field
The application relates to the technical field of computers, in particular to an identity verification method and equipment based on zero knowledge proof.
Background
At present, when a client and a server perform data transmission, the client sends a user name and a password to the server after receiving the operation of inputting the user name and the password by a user; when the server receives the user name and the password from the client, the user name and the password are checked, and an instruction for a subsequent operation request of the client and a token credential for proving the identity of the user of the client are returned under the condition that the check is successful.
However, in the conventional data transmission mode, the server must acquire the client input password in a direct or indirect manner, so that the client password is unsafe; in addition, once the token credential is leaked, which is equivalent to directly leaking the client password, not only harm is brought to the client, but also the server is in an unsafe state, and meanwhile, the server cannot provide any evidence to indicate that the client is subjected to data modification according to the requirements of the client, namely, the operation of the client can be forged, and loss is brought to the client and the server.
Disclosure of Invention
The application aims to provide an authentication method and equipment based on zero knowledge proof, which solve the problems that user information is unsafe and easy to forge and the like in the traditional data transmission process, realize the safe and stable data interaction between a client and a server based on the zero knowledge proof and build a good environment for authentication.
According to one aspect of the present application, there is provided an authentication method based on zero knowledge proof, wherein the method is applied to a client, and comprises:
initializing and constructing a zero knowledge proof circuit between the client and the server;
acquiring an input password of a current input operation of a user corresponding to the client, generating a certification key based on the input password, and acquiring the number of times of the current input operation and interface calling parameters;
operating the zero knowledge proof circuit by using the proof key, the number of times of the current input operation and the interface call parameter to generate the proof of the client;
the user identification of the user, the number of times of the current input operation, the interface calling parameter and the certification are carried, a verification request is initiated to the server so that the server can call a verification key and a request count of the user which are stored by the server and correspond to the user identification, and when the request count is consistent with the number of times of the current input operation, the zero knowledge certification circuit is operated to verify the certification by using the verification key, the request count and the interface calling parameter;
and if the verification is passed, receiving response information which is returned by the server and is used for indicating that the verification is passed.
Further, in the authentication method based on zero knowledge proof, the generating a proof key based on the input password includes:
and calculating a corresponding hash value of the input password by utilizing a hash function to obtain a certification key.
Further, in the authentication method based on zero knowledge proof, the method further includes:
acquiring an initial password of a user initial setting operation or a modification password of a modification operation corresponding to the client, and generating a verification key for user identity verification of the server based on the initial password or the modification password;
and carrying the user identifier and the verification key, and initiating an initialization request to the server so that the server stores the user identifier and the verification key and initializes a request count.
Further, in the authentication method based on zero knowledge proof, the generating an authentication key for user authentication of the server based on the initial password or the modified password includes:
and carrying out hash calculation on the initial password or the modified password by utilizing a hash function to obtain a verification key for user identity verification of the server.
Further, in the authentication method based on zero knowledge proof, the generating a proof key based on the input password includes:
and carrying out hash calculation on the input password by adopting a hash function to obtain the certification key.
Further, in the authentication method based on zero knowledge proof, the method further includes:
and if the verification is not passed, receiving response information returned by the server side and used for indicating that the verification is not passed.
According to another aspect of the present application, there is also provided an authentication method based on zero knowledge proof, wherein the method is applied to a server, and the method includes:
initializing and constructing a zero knowledge proof circuit between the client and the server;
receiving a verification request initiated to the server by the client carrying a user identifier, the number of current input operations, an interface call parameter and a certificate, wherein the certificate is generated by the client by using a certification key, the number of current input operations and the interface call parameter and running the zero knowledge certification circuit, and the certification key is generated by the client based on an input password of the current input operation of a user corresponding to the user identifier;
invoking a verification key and a request count of a user which are stored by the server and correspond to the user identifier;
if the request count is consistent with the number of times of the current input operation, using the verification key, the request count and the interface call parameter to operate the zero knowledge proof circuit to verify the proof;
and if the verification is passed, returning response information for indicating the pass of the verification to the client.
Further, in the authentication method based on zero knowledge proof, after the step of calling the authentication key and the request count of the user stored in the server and corresponding to the user identifier, the method further includes:
determining whether the request count is consistent with the number of current input operations,
if the verification key is consistent with the interface call parameter, executing the step of using the verification key, the request count and the interface call parameter to operate the zero knowledge proof circuit to verify the proof;
and if the request is inconsistent, returning response information for indicating that the request is invalid to the client.
Further, in the authentication method based on zero knowledge proof, the method further includes:
receiving an initialization request initiated by the client carrying the user identifier and the verification key;
and correspondingly storing the user identification and the verification key, and initializing a request count.
Further, in the authentication method based on zero knowledge proof, the method further includes:
if the verification is not passed, returning response information for indicating that the verification is not passed to the client
According to another aspect of the present application, there is also provided a non-volatile storage medium having stored thereon computer readable instructions which, when executed by a processor, cause the processor to implement an authentication method based on zero knowledge proof as described above.
According to another aspect of the present application, there is also provided a client for authentication based on zero knowledge proof, wherein the client includes:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement a zero-knowledge proof-based authentication method for a client as described above.
According to another aspect of the present application, there is also provided a server for authentication based on zero knowledge proof, wherein the server includes:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement an authentication method based on zero knowledge proof as described above for the server.
Compared with the prior art, the application constructs the zero knowledge proof circuit between the client and the server through the initialization of the client and the server; the client acquires an input password of a current input operation of a user corresponding to the client, generates a certification key based on the input password, and acquires the number of times of the current input operation and interface calling parameters; operating the zero knowledge proof circuit by using the proof key, the number of times of the current input operation and the interface call parameter to generate the proof of the client; the client initiates a verification request to the server with the user identifier of the user, the number of times of the current input operation, the interface calling parameter and the proof, so that the server calls a verification key and a request count of the user corresponding to the user identifier stored by the server, and when the request count is consistent with the number of times of the current input operation, the zero knowledge proof circuit is operated to verify the proof by using the verification key, the request count and the interface calling parameter; and if the verification is passed, receiving response information which is returned by the server and is used for indicating that the verification is passed. When the user identity authentication is performed, data interaction is not required by means of token certificates or continuous input of user passwords and the like, powerful evidence can be provided for proving that a request comes from a client through data transmission based on zero knowledge proof, the situation that the request is forged is avoided, the safety of the client and the server in the identity authentication process is jointly ensured, the data transmission is more convenient and stable, double-end information leakage or forging is avoided, and a double-end safe and stable data interaction environment is formed.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the detailed description of non-limiting embodiments, made with reference to the accompanying drawings in which:
FIG. 1 illustrates a schematic interactive flow diagram of an authentication method based on zero knowledge proof in accordance with an aspect of the present application;
fig. 2 is a schematic flow diagram of initializing a zero knowledge proof circuit in an actual application scenario according to an authentication method based on zero knowledge proof according to an aspect of the present application;
fig. 3 is a schematic diagram illustrating operation flows of a client and a server in an actual application scenario according to an authentication method based on zero knowledge proof according to an aspect of the present application;
FIG. 4 is a schematic diagram of an interaction flow of a primary setup operation or a modify password operation in a zero knowledge proof based authentication method according to an aspect of the present application;
fig. 5 illustrates a schematic registration flow diagram of an authentication method based on zero knowledge proof in an actual application scenario according to an aspect of the present application.
The same or similar reference numbers in the drawings refer to the same or similar parts.
Detailed Description
The application is described in further detail below with reference to the accompanying drawings.
In one exemplary configuration of the application, the terminal, the device of the service network, and the trusted party each include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer readable media, as defined herein, does not include non-transitory computer readable media (transmission media), such as modulated data signals and carrier waves.
In an embodiment of the present application, as shown in fig. 1, an interaction flow diagram of an authentication method based on zero knowledge proof in one aspect, the method includes a client and a server, where the method includes steps S11, S12, S13, S14 and S15 executed by the client, and steps S21, S22, S23, S24 and S25 executed by the server, specifically includes the following steps:
step S11 and step S21, a zero knowledge proof circuit between the client and the server is respectively initialized and built for the client and the server.
Here, the zero knowledge Proof means verifying the authenticity of a proposition without leakage of knowledge, which generates a corresponding zero knowledge Proof circuit by mainly converting a proposition into a form of a program or mathematical expression, and then generates a corresponding Proof key ProvingKey and a verification key VerifyingKey, wherein the ProvingKey is a Prover (Prover) for generating a Proof (Proof), which corresponds to Client in the present application; verifyingKey is a Verifier (Verifier) used to verify whether a Proof (Proof) is legal, and corresponds to a Server (Server) in the present application, and the zero knowledge Proof circuit only needs to be created once in an initialization mode, and after the creation is completed, the ProvingKey and the VerifyingKey are disclosed, so that different clients can generate the corresponding Proof by using the ProvingKey.
That is, in the present application, based on the zero knowledge proof circuit constructed by the client and the server, the client uses the zero knowledge proof circuit to send the proof to the server, so as to achieve the purpose that the request generated by the client completes whether the request is legal or not under the premise that the corresponding user password is not revealed, and when the client and the server operate the zero knowledge proof circuit, the method can specifically be completed by calculating the target, wherein the target formula can be preferably target=hash (Hash (Password), nonce, parameters), wherein Hash (password) can perform the replacement of different Hash functions according to different operation environments of the client and the server, and of course, the calculation of the target is not limited to the functions described above, and the calculation of the target can be performed according to specific applications.
In a preferred embodiment of the present application, fig. 2 is a schematic flow diagram of initializing a zero-knowledge proof circuit in an actual application scenario according to an authentication method based on zero-knowledge proof in an aspect of the present application, wherein propositional preference in the zero-knowledge proof is converted into the following functional representation:
after the function is constructed, the function is converted into a corresponding circuit through zero knowledge Proof, a provingKey and a verifyingKey are generated, the provingKey and the verifyingKey are disclosed, and the conversion of propositions in the zero knowledge Proof into corresponding circuits only can be executed correctly, and the corresponding Proof is generated, so that the validity of the request can be verified.
The Prover, i.e. the client (Prover), can generate Propof through the published ProvingKey and input parameters, which include but are not limited to the number of input operations, interface call parameters, prover password, etc., to indicate that it is correctly running the function; verifiers, i.e., servers (verifiers), can verify the validity of Proof by means of published verifyingkeys, input parameters including, but not limited to, the number of input operations, interface call parameters, etc.
Step S12, the client acquires an input password of the current input operation of the user corresponding to the client, generates a certification key based on the input password, and acquires the number of times of the current input operation and the interface calling parameters.
The certification key is a key generated for protecting the user input password, and of course, the actual application includes, but is not limited to, taking the input password as a parameter, and obtaining the input password by running a certain function, a certain proposition or a certain logic relationship, in a preferred embodiment of the present application, the preferred certification key is obtained by a hash function, and at the same time, when the user inputs an error password, a legal certification key cannot be generated, and when the subsequent verification of the server is performed, the verification of the illegal certification key will also fail, so as to ensure the true identity of the client; the interface calling parameters are parameters (such as 'logic' and the like) of the API call from the client to the server, so that the input password is hidden by generating the proving key, and the password is not directly exposed in the data interaction information flow.
And step S13, the client runs the zero-knowledge proving circuit by using the proving key, the number of times of the current input operation and the interface calling parameter, and generates the proving of the client.
Step S14, the client carries the user identification of the user, the number of times of the current input operation, the interface calling parameter and the certification, and initiates a verification request to the server; here, the user identifier includes, but is not limited to, a user name, a user number, a user character string, and the like, and in actual application, in order to facilitate the client to send the verification request, the user identifier, the number of times of the current input operation, the interface call parameter, and the proof may be formed into a tuple to be sent to the server; the number of the current input operation is updated according to the request of the client, so that the same request cannot be subjected to replay attack, the safety of the client and the server in transmission overshoot is protected, and the stability of the whole environment is improved.
Step S22, the server receives the user identification carried by the client, the number of times of the current input operation, the interface calling parameter and the verification request initiated to the server by proving.
Step S23, the server calls the verification key and the request count of the user corresponding to the user identifier, which are stored by the server; here, the server side store is invoked.
After step S23 calls the verification key and the request count of the user corresponding to the user identifier stored in the server, the server determines whether the request count is consistent with the number of times of the current input operation, if so, the step of using the verification key, the request count and the interface call parameter to run the zero knowledge proof circuit and verify the proof is performed; and if the request is inconsistent, returning response information for indicating that the request is invalid to the client.
The verification key is a key stored by the server for hiding the password for protecting the password when the user inputs the password to verify the identity for the first time, such as initial password input or registration account number input, and the like.
And step S24, if the server side judges that the request count is consistent with the number of times of the current input operation, the zero knowledge proof circuit is operated to verify the proof by using the verification key, the request count and the interface call parameter.
Step S25, if the verification is passed, the server returns response information for indicating the pass of the verification to the client; it should be noted that, after the verification is passed, the client request is executed according to the interface call parameter, and the stored request count is updated correspondingly.
Step S15, if the verification is passed, the client receives response information which is returned by the server and is used for indicating that the verification is passed.
Through the steps S11 to S15 and the steps S21 to S25, based on the zero knowledge proof circuit, the client and the server realize the protection of the user password safety and ensure the identity of the client and the server each other, and the protection of the counterfeiting request, thereby meeting the requirement that the client and the server complete safe data interaction and effectively removing the danger of direct verification using token or the user password by generating a proof and verifying the proof.
In a preferred embodiment of the present application, as shown in fig. 3, a schematic operation flow of a client and a server in an actual application scenario is shown in an authentication method based on zero knowledge proof in an aspect of the present application, wherein after a zero knowledge proof circuit between the client and the server is initialized and constructed, first, password, nonce and parameters (interface call parameters) of a current input operation of a user a are obtained at the client, and a proof key is obtained through SHA256 (in a preferred embodiment of the present application, a hash function is preferably SHA256 () hash function); SHA256 (password), nonce, and parameters are entered, and ProvingKey is run. Specifically, target is calculated by using a hash function according to SHA256 (password), nonce, and parameters, and Proof1 is generated based on Nonce, parameters, and Target; carry a (user identification), nonce, parameters and Proof1 make up a tuple request a, initiate an authentication request to the server (i.e. the authentication request comprises a= [ a, nonce, parameters, proof1 ]).
Secondly, after receiving a verification request (wherein the verification request comprises a= [ a, nonce, parameters, proof1 ]) from a client, extracting a stored verification key Hash1 (password) corresponding to a according to a (here, the Hash1 () function may be an SHA256 () function or other Hash functions) and the stored Nonce1, judging whether the Nonce1 is consistent with the Nonce, and if not, returning response information indicating that the request is invalid or directly ignoring the request; if the parameters are consistent, executing a request of the user end according to the parameters of the parameters, updating the Nonce value by one, and returning response information passing verification to the client end.
And finally, the client receives response information returned by the server and passing verification, and authentication in the data interaction process between the client and the server is completed.
Next to the above embodiment of the present application, the client in step S12 generates a certification key based on the input password, which specifically includes:
calculating a corresponding hash value of the input password by utilizing a hash function to obtain a certification key; the hash function can be set in the zero knowledge proof circuit or according to actual requirements.
Next, as shown in fig. 4, the above embodiment of the present application is an interactive flow diagram of a primary setup operation or a password modification operation in an authentication method based on zero knowledge proof according to an aspect of the present application, which specifically includes a step S16 and a step S17 executed by a client, and a step S26 and a step S27 executed by a server, specifically includes the following detailed steps:
step S16, the client acquires an initial password of a user initial setting operation or a modified password of a modified operation corresponding to the client, and generates a verification key for user identity verification of the server based on the initial password or the modified password.
Step S17, the client carries the user identifier and the verification key and initiates an initialization request to the server.
Step S26, the server receives an initialization request initiated by the client carrying the user identifier and the verification key.
Step S27, the server stores the user identification and the verification key correspondingly, and initializes request count; here, when the client user is the initial setting operation, the operation of initializing the request count is to set the request count to 0; when the user is a modification operation, the operation of initializing the request count is to update the request count.
Through the steps S15 to S17 and the steps S26 to S27, when the password is set and modified for the first time by the user terminal, the data is stored for the subsequent data transmission interactive operation correspondingly to the receiving and storing of the server terminal, and in the process, even if the verification key is leaked, the security of the user password is not affected, the stability of the client terminal and the server terminal is further ensured while the data interactive operation flow is perfected.
In a preferred embodiment of the present application, as shown in fig. 5, a schematic registration flow diagram of an authentication method based on zero knowledge proof in an actual application scenario is shown in an aspect of the present application. Firstly, acquiring an initial password of a first setting operation of a user A at a client, and calculating a Hash1 (password) according to the initial password of the user A (wherein the Hash1 () function can be an SHA256 () function or other Hash functions) to obtain a verification key; then, carrying A and Hash1 (password) to send an initialization request to a server; finally, after receiving the initialization request, the server stores a corresponding to the initialization request and a corresponding Hash1 (password), and sets nonce to 0.
Next, in the foregoing embodiment of the present application, the client in step S16 generates an authentication key for user authentication of the server based on the initial password or the modified password, and specifically includes:
carrying out hash calculation on the initial password or the modified password by utilizing a hash function to obtain a verification key for user identity verification of the server; the hash function can be set in the zero knowledge proof circuit or according to actual requirements.
The following embodiments of the present application provide an authentication method based on zero knowledge proof, where the authentication method is applied to a client, and the authentication method further includes:
if the verification fails, receiving response information returned by the server side and used for indicating that the verification fails, wherein the verification fails comprises but is not limited to a verification key error condition, a verification key error condition and the like.
The following embodiments of the present application are described, in which the authentication method based on zero knowledge proof is applied to a server, and further includes:
if the verification is not passed, returning response information for indicating that the verification is not passed to the client, and rejecting the request when the verification is not established.
For example, in practical applications, the method can be divided into a certification initialization stage, a registration stage and an operation stage, wherein the certification initialization stage: converting the proposition into a functional representation as follows:
then the function is converted into a corresponding circuit through zero knowledge proof, a ProvingKey and a VerifyingKey are generated, a corresponding Prover inputs a user password through the ProvingKey and secrets, the number of times of inputting the current input operation and interface calling parameters are disclosed, and a proof is generated through calculating a target, so that the function is correctly operated, and the fact that a legal proof cannot be generated under the condition that the user password is not known is noted; verifiers verify the validity of the proof by VerifyingKey, and disclosing the number of times of inputting the current input operation and the interface call parameters, and by calculating the target.
Registration: the user inputs a user name and a user password at the client, and the client calculates an authentication key. The user name and the verification key are sent to a server; the server stores the user name, verifies the key, and initializes the request count to 0.
The operation stage is as follows: the client inputs a user password by using the ProvingKey and the secret, publicly inputs the number of times of the current input operation and interface calling parameters, calculates a certification key and a target, and operates a circuit to generate a certification; and (5) transmitting the user name, the number of the current input operation, the interface calling parameter and the proof to the server.
After receiving an operation request from a client [ user name, the number of times of current input operation, interface call parameters and proof ], the server side takes out a corresponding verification key and a stored request count according to the user name, and if the stored request count is not matched with the number of times of current input operation from the client side, ignores the request; if matching, calculating a target, using the VerifyingKey and the number of times of publicly inputting the current input operation, calling parameters by an interface, calculating the target, and performing verification, if verification is successful, executing a user request according to the parameters of the interface calling parameters, adding one to a request count value, realizing that the operation request of the client will not carry token information, and simultaneously, reserving a corresponding stub for each operation request by the server, wherein the stub can prove that the operation is indeed and only possibly from the client, cannot be forged, and can be used as evidence of third party arbitration if disputes exist.
According to another aspect of the present application, there is also provided a non-volatile storage medium having stored thereon computer readable instructions which, when executed by a processor, cause the processor to implement an authentication method based on zero knowledge proof as described above.
According to another aspect of the present application, there is also provided a client for authentication based on zero knowledge proof, wherein the client includes:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement the zero-knowledge proof-based authentication method as applied to a client as described above.
For details of each embodiment of the authentication client based on zero knowledge proof, refer to the corresponding parts of the above embodiment of the authentication method based on zero knowledge proof, and will not be described herein.
According to another aspect of the present application, there is also provided a server for authentication based on zero knowledge proof, wherein the server includes:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement the zero-knowledge proof-based authentication method as applied to a server as described above.
For details of each embodiment of the authentication server based on zero knowledge proof, refer to the corresponding parts of the above embodiment of the authentication method based on zero knowledge proof, and will not be described herein.
In summary, the application constructs the zero knowledge proof circuit between the client and the server through the initialization of the client and the server; the client acquires an input password of a current input operation of a user corresponding to the client, generates a certification key based on the input password, and acquires the number of times of the current input operation and interface calling parameters; operating the zero knowledge proof circuit by using the proof key, the number of times of the current input operation and the interface call parameter to generate the proof of the client; the client initiates a verification request to the server with the user identifier of the user, the number of times of the current input operation, the interface calling parameter and the proof, so that the server calls a verification key and a request count of the user corresponding to the user identifier stored by the server, and when the request count is consistent with the number of times of the current input operation, the zero knowledge proof circuit is operated to verify the proof by using the verification key, the request count and the interface calling parameter; and if the verification is passed, receiving response information which is returned by the server and is used for indicating that the verification is passed. When the user identity authentication is performed, data interaction is not required by means of token certificates or continuous input of user passwords, and the like, and through data transmission based on zero knowledge proof, the server can provide powerful evidence that the request comes from the client, so that the situation that the request is forged is avoided, the safety of the client and the server in the identity authentication process is ensured together, double-end information leakage or forging is avoided, and a double-end safe and stable data interaction environment is formed.
It should be noted that the present application may be implemented in software and/or a combination of software and hardware, e.g., using Application Specific Integrated Circuits (ASIC), a general purpose computer or any other similar hardware device. In one embodiment, the software program of the present application may be executed by a processor to perform the steps or functions described above. Likewise, the software programs of the present application (including associated data structures) may be stored on a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. In addition, some steps or functions of the present application may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions.
Furthermore, portions of the present application may be implemented as a computer program product, such as computer program instructions, which when executed by a computer, may invoke or provide methods and/or techniques in accordance with the present application by way of operation of the computer. Program instructions for invoking the inventive methods may be stored in fixed or removable recording media and/or transmitted via a data stream in a broadcast or other signal bearing medium and/or stored within a working memory of a computer device operating according to the program instructions. An embodiment according to the application comprises an apparatus comprising a memory for storing computer program instructions and a processor for executing the program instructions, wherein the computer program instructions, when executed by the processor, trigger the apparatus to operate a method and/or a solution according to the embodiments of the application as described above.
It will be evident to those skilled in the art that the application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is evident that the word "comprising" does not exclude other elements or steps, and that the singular does not exclude a plurality. A plurality of units or means recited in the apparatus claims can also be implemented by means of one unit or means in software or hardware. The terms first, second, etc. are used to denote a name, but not any particular order.

Claims (12)

1. An authentication method based on zero knowledge proof, wherein the method is applied to a client, the method comprising:
initializing and constructing a zero knowledge proof circuit between the client and the server;
acquiring an input password of a current input operation of a user corresponding to the client, generating a certification key based on the input password, and acquiring the number of times of the current input operation and interface calling parameters;
operating the zero knowledge proof circuit by using the proof key, the number of times of the current input operation and the interface call parameter to generate the proof of the client;
the user identification of the user, the number of times of the current input operation, the interface calling parameter and the certification are carried, a verification request is initiated to the server so that the server can call a verification key and a request count of the user which are stored by the server and correspond to the user identification, and when the request count is consistent with the number of times of the current input operation, the zero knowledge certification circuit is operated to verify the certification by using the verification key, the request count and the interface calling parameter;
and if the verification is passed, receiving response information which is returned by the server and is used for indicating that the verification is passed.
2. The method of claim 1, wherein the generating a attestation key based on the input password comprises:
and calculating a corresponding hash value of the input password by utilizing a hash function to obtain a certification key.
3. The method of claim 1, wherein the method further comprises:
acquiring an initial password of a user initial setting operation or a modification password of a modification operation corresponding to the client, and generating a verification key for user identity verification of the server based on the initial password or the modification password;
and carrying the user identifier and the verification key, and initiating an initialization request to the server so that the server stores the user identifier and the verification key and initializes a request count.
4. A method according to claim 3, wherein the generating an authentication key for user authentication at the server based on the initial password or the modified password comprises:
and carrying out hash calculation on the initial password or the modified password by utilizing a hash function to obtain a verification key for user identity verification of the server.
5. The method of claim 1, wherein the method further comprises:
and if the verification is not passed, receiving response information returned by the server side and used for indicating that the verification is not passed.
6. An authentication method based on zero knowledge proof, wherein the method is applied to a server, and the method comprises the following steps:
initializing and constructing a zero knowledge proof circuit between the client and the server;
receiving a verification request initiated to the server by the client carrying a user identifier, the number of current input operations, an interface call parameter and a certificate, wherein the certificate is generated by the client by using a certification key, the number of current input operations and the interface call parameter and running the zero knowledge certification circuit, and the certification key is generated by the client based on an input password of the current input operation of a user corresponding to the user identifier;
invoking a verification key and a request count of a user which are stored by the server and correspond to the user identifier;
if the request count is consistent with the number of times of the current input operation, using the verification key, the request count and the interface call parameter to operate the zero knowledge proof circuit to verify the proof;
and if the verification is passed, returning response information for indicating the pass of the verification to the client.
7. The method of claim 6, wherein after the invoking the authentication key and the request count of the user stored by the server and corresponding to the user identifier, further comprises:
determining whether the request count is consistent with the number of current input operations,
if the verification key is consistent with the interface call parameter, executing the step of using the verification key, the request count and the interface call parameter to operate the zero knowledge proof circuit to verify the proof;
and if the request is inconsistent, returning response information for indicating that the request is invalid to the client.
8. The method of claim 6, wherein the method further comprises:
receiving an initialization request initiated by the client carrying the user identifier and the verification key;
and correspondingly storing the user identification and the verification key, and initializing a request count.
9. The method of claim 6, wherein the method further comprises:
and if the verification is not passed, returning response information for indicating that the verification is not passed to the client.
10. A non-volatile storage medium having stored thereon computer readable instructions which, when executed by a processor, cause the processor to implement the method of any of claims 1 to 9.
11. A zero-knowledge proof-based authentication client, wherein the client comprises:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement the method of claims 1-5.
12. A server for authentication based on zero knowledge proof, wherein the server comprises:
one or more processors;
a computer readable medium for storing one or more computer readable instructions,
the one or more computer-readable instructions, when executed by the one or more processors, cause the one or more processors to implement the method of claims 6 to 9.
CN202311050065.2A 2023-08-18 2023-08-18 Authentication method and equipment based on zero knowledge proof Pending CN117155577A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311050065.2A CN117155577A (en) 2023-08-18 2023-08-18 Authentication method and equipment based on zero knowledge proof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311050065.2A CN117155577A (en) 2023-08-18 2023-08-18 Authentication method and equipment based on zero knowledge proof

Publications (1)

Publication Number Publication Date
CN117155577A true CN117155577A (en) 2023-12-01

Family

ID=88899838

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311050065.2A Pending CN117155577A (en) 2023-08-18 2023-08-18 Authentication method and equipment based on zero knowledge proof

Country Status (1)

Country Link
CN (1) CN117155577A (en)

Similar Documents

Publication Publication Date Title
Yavari et al. An improved blockchain-based authentication protocol for IoT network management
US8595142B2 (en) Maintaining privacy for transactions performable by a user device having a security module
US9998438B2 (en) Verifying the security of a remote server
US7882359B2 (en) Method and system for user attestation-signatures with attributes
WO2020258837A1 (en) Unlocking method, device for realizing unlocking, and computer readable medium
US20060242405A1 (en) Peer-to-peer authentication and authorization
WO2020103557A1 (en) Transaction processing method and device
US11909889B2 (en) Secure digital signing
US11275865B2 (en) Privacy friendly decentralized ledger based identity management system and methods
US20210241270A1 (en) System and method of blockchain transaction verification
CN111835514A (en) Method and system for realizing safe interaction of front-end and back-end separated data
CN109995776A (en) A kind of internet data verification method and system
WO2019178763A1 (en) Certificate importing method and terminal
KR101890584B1 (en) Method for providing certificate service based on m of n multiple signatures and server using the same
WO2022206433A1 (en) Method and apparatus for pre-executing chaincode in fabric blockchain
KR102157695B1 (en) Method for Establishing Anonymous Digital Identity
CN113132363A (en) Front-end and back-end security verification method and equipment
CN116170144B (en) Smart power grid anonymous authentication method, electronic equipment and storage medium
KR101849908B1 (en) Method for providing certificate service based on m of n multiple signatures and server using the same
CN112347516A (en) Asset certification method and device based on block chain
CN117155577A (en) Authentication method and equipment based on zero knowledge proof
CN115357866A (en) Application program execution method, device, equipment and storage medium
CN115001714A (en) Resource access method and device, electronic equipment and storage medium
KR20180041052A (en) Method for providing certificate service based on m of n multiple signatures and server using the same
Yavari et al. Research Article An Improved Blockchain-Based Authentication Protocol for IoT Network Management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination