A robust implementation of the Chaum-Pedersen zero-knowledge proof protocol in Rust, providing cryptographically secure authentication without revealing user secrets. This project demonstrates how users can prove knowledge of a secret to a server without ever transmitting that secret.
- Zero-Knowledge Authentication: Prove secret knowledge without revealing the secret
- Chaum-Pedersen Protocol: Industry-standard discrete logarithm equality proof
- gRPC Interface: Modern, efficient client-server communication
- RFC 5114 Compliance: Uses standardized 2048-bit cryptographic parameters
- Multiple Storage Backends: In-memory and Redis-backed implementations
- Production Ready: Comprehensive error handling and security considerations
- Mathematical Background
- Protocol Overview
- Installation
- Quick Start
- Usage Examples
- API Documentation
- Security Considerations
- Docker Support
- Contributing
- License
The Chaum-Pedersen protocol allows a prover to demonstrate knowledge of a discrete logarithm x such that:
y1 = Ξ±^x (mod p)
y2 = Ξ²^x (mod p)
Where:
Ξ±andΞ²are generators of a prime-order subgrouppis a large prime modulusqis the prime order of the subgroupxis the secret known only to the prover
- Completeness: Honest provers can always convince honest verifiers
- Soundness: Malicious provers cannot convince verifiers without knowing the secret
- Zero-Knowledge: Verifiers learn nothing about the secret beyond its existence
The authentication process consists of three phases:
Client β Server: username, y1 = Ξ±^x mod p, y2 = Ξ²^x mod p
Client β Server: r1 = Ξ±^k mod p, r2 = Ξ²^k mod p (where k is random)
Server β Client: challenge c, auth_id
Client β Server: s = k - cΒ·x mod q
Server β Client: session_id (if verification succeeds)
The server verifies by checking:
r1 β Ξ±^s Β· y1^c mod p
r2 β Ξ²^s Β· y2^c mod p
- Rust (1.70 or later): Install Rust
- Protocol Buffers Compiler: Required for gRPC code generation
# macOS brew install protobuf # Ubuntu/Debian sudo apt install protobuf-compiler # Arch Linux sudo pacman -S protobuf
# Clone the repository
git clone https://github.com/robby1012/RBY-RUST-ZKP.git
cd RBY-RUST-ZKP
# Build the project
cargo build --release
# Run tests
cargo testFor the Redis-backed server:
# Install Redis
brew install redis # macOS
sudo apt install redis-server # Ubuntu/Debian
# Start Redis
redis-server-
Start the server:
cargo run --bin server
-
Run the client (in a new terminal):
cargo run --bin client
-
Follow the interactive prompts to register and authenticate.
# Build and start services
docker-compose up -d --build
# Access the container
docker exec -it zkp-server bash
cd /zkp-server/target/release
# Run the client
./clientuse zkp_chaum_pedersen::ZKP;
use num_bigint::BigUint;
// Initialize cryptographic parameters
let (alpha, beta, p, q) = ZKP::get_constants();
let zkp = ZKP { alpha, beta, p, q: q.clone() };
// Generate a secret
let secret = ZKP::generate_random_number_below(&q);
// Registration: compute public values
let (y1, y2) = zkp.compute_pair(&secret);
// Authentication: generate commitment
let k = ZKP::generate_random_number_below(&q);
let (r1, r2) = zkp.compute_pair(&k);
// Receive challenge 'c' from server, then compute response
let response = zkp.solve(&k, &challenge, &secret);
// Server verifies the proof
let is_valid = zkp.verify(&r1, &r2, &y1, &y2, &challenge, &response);use zkp_auth::auth_client::AuthClient;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut client = AuthClient::connect("http://localhost:50051").await?;
// Registration
let request = RegisterRequest {
user: "alice".to_string(),
y1: y1.to_bytes_be(),
y2: y2.to_bytes_be(),
};
client.register(request).await?;
// Authentication challenge
let request = AuthenticationChallengeRequest {
user: "alice".to_string(),
r1: r1.to_bytes_be(),
r2: r2.to_bytes_be(),
};
let response = client.create_authentication_challenge(request).await?;
// Submit proof
let request = AuthenticationAnswerRequest {
auth_id: response.auth_id,
s: s.to_bytes_be(),
};
let session = client.verify_authentication(request).await?;
println!("Session ID: {}", session.session_id);
Ok(())
}| Function | Description | Usage |
|---|---|---|
ZKP::get_constants() |
Returns RFC 5114 standardized parameters | Initialization |
zkp.compute_pair(exp) |
Computes (Ξ±^exp mod p, Ξ²^exp mod p) | Registration & Challenge |
zkp.solve(k, c, x) |
Computes s = k - cΒ·x mod q | Response generation |
zkp.verify(...) |
Verifies zero-knowledge proof | Server-side verification |
ZKP::generate_random_number_below(bound) |
Secure random generation | Nonce & challenge creation |
| Method | Phase | Purpose |
|---|---|---|
Register |
Registration | Store user's public commitment values |
CreateAuthenticationChallenge |
Challenge | Generate and return cryptographic challenge |
VerifyAuthentication |
Verification | Verify proof and return session ID |
| Binary | Purpose | Use Case |
|---|---|---|
server |
In-memory authentication server | Development, testing |
server_redis |
Redis-backed authentication server | Production, scalability |
client |
Complete registration + login flow | New user onboarding |
login |
Authentication-only client | Existing user login |
client_debug |
Detailed protocol debugging | Development, troubleshooting |
- Parameters: RFC 5114 standardized 2048-bit MODP group
- Security Level: ~112 bits (resistant to current computational capabilities)
- Random Generation: Cryptographically secure randomness for all nonces and challenges
- Memory Safety: Rust's ownership system prevents buffer overflows and memory corruption
- Side-Channel Resistance: Uses constant-time operations where possible
- Network Security: gRPC provides TLS encryption (configure for production)
- TLS Termination: Always use TLS in production environments
- Rate Limiting: Implement authentication attempt rate limiting
- Audit Logging: Log all authentication attempts for security monitoring
- Key Rotation: Consider periodic rotation of system parameters
- Quantum Resistance: Not quantum-secure (like all discrete log systems)
- Forward Secrecy: Sessions don't provide forward secrecy
- Replay Protection: Implement timestamp-based replay protection for production
# Start all services
docker-compose up -d --build
# View logs
docker-compose logs -f
# Stop services
docker-compose downThe docker-compose.yaml includes:
- ZKP authentication server
- Redis instance (for server_redis variant)
- Configured networking between services
# Access the main container
docker exec -it zkp-server bash
# Navigate to built binaries
cd /zkp-server/target/release
# Run any client
./client # Full registration + login
./login # Login only
./client_debug # Debug client# Run all tests
cargo test
# Run tests with output
cargo test -- --nocapture
# Run specific test
cargo test test_toy_example# Start server
cargo run --bin server &
# Test with client
cargo run --bin client
# Clean up
pkill serverThe test suite includes:
- β Toy examples with small parameters
- β RFC 5114 parameter validation
- β Random number generation
- β Complete protocol flows
- β Error case handling
Use gRPC Clicker VS Code extension:
- Install the extension
- Open
proto/zkp_auth.proto - Set server URL to
localhost:50051 - Test all three RPC methods interactively
The service definition in proto/zkp_auth.proto includes:
- Request/response message definitions
- Service method signatures
- Comprehensive documentation comments
| Operation | Time Complexity | Description |
|---|---|---|
| Registration | O(log p) | Two modular exponentiations |
| Challenge Generation | O(log p) | Two modular exponentiations |
| Response Computation | O(log q) | Modular arithmetic |
| Verification | O(log p) | Four modular exponentiations |
On modern hardware (2023 MacBook Pro M2):
- Registration: ~2ms
- Challenge: ~2ms
- Verification: ~4ms
- Memory usage: ~50MB (server)
We welcome contributions! Please see our Contributing Guidelines for details.
- Fork the repository
- Create a feature branch:
git checkout -b feature/amazing-feature - Make your changes and add tests
- Run the test suite:
cargo test - Run the linter:
cargo clippy - Format code:
cargo fmt - Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
- Follow Rust standard formatting (
cargo fmt) - Add comprehensive documentation for public APIs
- Include unit tests for new functionality
- Use meaningful commit messages
This project is licensed under the MIT License - see the LICENSE file for details.
- Chaum-Pedersen Protocol Paper
- RFC 5114: Additional Diffie-Hellman Groups
- Zero-Knowledge Proofs: An Introduction
- Quantum-resistant protocol variants
- Batch verification support
- Mobile client libraries
- Hardware security module (HSM) integration
- Formal security proofs
- Performance optimizations
Disclaimer: This implementation is for educational and research purposes. For production use, please conduct thorough security audits and consider professional cryptographic review.