Introduction # Zero-knowledge protocols # ZKDocs provides comprehensive, detailed, and interactive documentation on zero-knowledge proof systems and related primitives. At Trail of Bits, we audit many implementations of non-standardized cryptographic protocols and often find the same issues. As we discovered more instances of these bugs, we wanted to find a way to prevent them in the future. Unfortunately, for these protocols, the burden is on the developers to figure out all of the low-level...| ZKDocs
Common notation and definitions used in the documentation.| Introduction on ZKDocs
The zero-knowledge proof for a discrete-logarithm in a prime modulo.| Introduction on ZKDocs
Common variants of Schnorr’s protocol.| Introduction on ZKDocs
Here, we describe what the Fiat-Shamir transformation is, its goals, its pitfalls, and its different versions.| Introduction on ZKDocs
Proves that a number is square-free.| Introduction on ZKDocs
Proves that a number has two prime divisors.| Introduction on ZKDocs
Generic, honest, and deterministic method to sample elements.| Introduction on ZKDocs
Proves that a number is the product of two distinct primes: in parallel, run the square-freeness proof together with the two-prime-divisors proof.| Introduction on ZKDocs
Potential attacks when honest verifier zero-knowledge proofs are used in the context of a malicious verifier.| Introduction on ZKDocs
An efficient proof that shows a number is the product of two primes congruent with 3 mod 4.| Introduction on ZKDocs
Proof of knowledge of the factorization of an integer.| Introduction on ZKDocs
Proving the knowledge of vectors for a public inner product| Introduction on ZKDocs
An overview of the Pedersen commitment scheme and its applications| Introduction on ZKDocs
An overview of Shamir’s Secret Sharing scheme and potential security pitfalls.| Introduction on ZKDocs
A verifiable version of Shamir’s secret sharing scheme due to Feldman.| Introduction on ZKDocs
Kate et. al’s Pairing-Based Polynomial Commitments| Introduction on ZKDocs
An overview of the Inner Product Argument polynomial commitment scheme| Introduction on ZKDocs
Secret sharing alternatives which do not hide the secret in the constant term of the polynomial.| Introduction on ZKDocs
All references| ZKDocs
ZKDocs # Zero-knowledge protocols # ZKDocs provides comprehensive, detailed, and interactive documentation on zero-knowledge proof systems and related primitives. At Trail of Bits, we audit many implementations of non-standardized cryptographic protocols and often find the same issues. As we discovered more instances of these bugs, we wanted to find a way to prevent them in the future. Unfortunately, for these protocols, the burden is on the developers to figure out all of the low-level imple...| ZKDocs
A statistical zero-knowledge proof for discrete-logarithm in a composite modulo.| ZKDocs