通过轻量级的零知识证明身份验证扩展web应用程序

International Conference on Soft Computing as Transdisciplinary Science and Technology Pub Date : 2008-10-28 DOI:10.1145/1456223.1456241

S. Grzonkowski, Wojciech Zaremba, Maciej Zaremba, B. McDaniel

{"title":"通过轻量级的零知识证明身份验证扩展web应用程序","authors":"S. Grzonkowski, Wojciech Zaremba, Maciej Zaremba, B. McDaniel","doi":"10.1145/1456223.1456241","DOIUrl":null,"url":null,"abstract":"User authentication is a crucial requirement for secure transactions and access to the sensitive resources on the Web. We propose, implement and evaluate a Zero-Knowledge Proof Authentication (ZKP) algorithm based on isomorphic graphs. The proposed mechanism allows for authentication with varying confidence and security levels.\n We suggest that most of the computations should be carried out by the user's web browser without revealing password or login at any point in time; instead generated random isomorphic graphs and permutation functions based on the user login/password can be exchanged.\n Our experimental evaluation shows that by combining the asynchronous web with ZKP protocols, it is feasible to satisfy existing usability standards on the web.","PeriodicalId":309453,"journal":{"name":"International Conference on Soft Computing as Transdisciplinary Science and Technology","volume":"20 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-10-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Extending web applications with a lightweight zero knowledge proof authentication\",\"authors\":\"S. Grzonkowski, Wojciech Zaremba, Maciej Zaremba, B. McDaniel\",\"doi\":\"10.1145/1456223.1456241\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"User authentication is a crucial requirement for secure transactions and access to the sensitive resources on the Web. We propose, implement and evaluate a Zero-Knowledge Proof Authentication (ZKP) algorithm based on isomorphic graphs. The proposed mechanism allows for authentication with varying confidence and security levels.\\n We suggest that most of the computations should be carried out by the user's web browser without revealing password or login at any point in time; instead generated random isomorphic graphs and permutation functions based on the user login/password can be exchanged.\\n Our experimental evaluation shows that by combining the asynchronous web with ZKP protocols, it is feasible to satisfy existing usability standards on the web.\",\"PeriodicalId\":309453,\"journal\":{\"name\":\"International Conference on Soft Computing as Transdisciplinary Science and Technology\",\"volume\":\"20 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-10-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Conference on Soft Computing as Transdisciplinary Science and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1456223.1456241\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Soft Computing as Transdisciplinary Science and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1456223.1456241","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 18

摘要

用户身份验证是安全事务和访问Web上敏感资源的关键需求。我们提出、实现并评估了一种基于同构图的零知识证明认证(ZKP)算法。提议的机制允许使用不同的置信度和安全级别进行身份验证。我们建议大多数计算应由用户的web浏览器执行，而无需在任何时间点透露密码或登录;相反，可以交换基于用户登录/密码生成的随机同构图和置换函数。我们的实验评估表明，通过将异步web与ZKP协议相结合，可以满足现有的web可用性标准。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Extending web applications with a lightweight zero knowledge proof authentication

User authentication is a crucial requirement for secure transactions and access to the sensitive resources on the Web. We propose, implement and evaluate a Zero-Knowledge Proof Authentication (ZKP) algorithm based on isomorphic graphs. The proposed mechanism allows for authentication with varying confidence and security levels. We suggest that most of the computations should be carried out by the user's web browser without revealing password or login at any point in time; instead generated random isomorphic graphs and permutation functions based on the user login/password can be exchanged. Our experimental evaluation shows that by combining the asynchronous web with ZKP protocols, it is feasible to satisfy existing usability standards on the web.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Conference on Soft Computing as Transdisciplinary Science and Technology

自引率

0.00%

发文量