Implementation and Security Test of Zero-Knowledge Protocols on SSI Blockchain

Abstract

The problem of digital identity acquires more relevance every day in the eyes of a society that spends more and more time connected to the Internet. It has evolved throughout its history to reach a decentralized model known as Self-Sovereign Identity (SSI), which finds its natural tools in the blockchain technology and Zero-Knowledge Proofs (ZKPs). ZKPs, in this context, allow users to prove that their credentials are legitimate without revealing more information than is strictly necessary, and constitute one of the most promising areas of applied cryptography. In this work, an application is developed for the study of Zero-Knowledge Proof methods and, specifically, in their application for authentication in public-private key encryption systems. It focuses on the study of three ZKP protocols (Feige-Fiat-Shamir, Guillou-Quisquater, and Schnorr, which rely on the problems of large number factorizations and discrete logarithms for security) in the practical use-case where a prover wants to demonstrate knowledge of a private key for a public key without revealing the key itself. The application allows the user to modify the necessary parameters in each method to achieve a better understanding of their role in their safety and efficiency. Several types of attacks are carried out against the above-mentioned protocols to analyze their degree of security and what recommendations can be made to improve it.