zkdocs
zkdocs copied to clipboard
trailofbits
Interactive documentation on zero-knowledge proof systems and related primitives.
HACSpec
Thanks for the nice project! There are some overlaps in goals with the [hacspec](https://github.com/hacspec/hacspec/) project. Cryptographic primitives have been specified there, and some work on ZK proofs is underway. There...
In the article "[Short factoring proofs](https://www.zkdocs.com/docs/zkdocs/zero-knowledge-protocols/short-factoring-proofs/)" under "Security parameters:" you list among others "$m$, and $K$". However, $K$ is never used in the rest of the article. Instead, $m$ takes...
I don't know to which extent you plan to document less well known algorithms, but here is one that is crucial for designing cryptographic formats that do not reveal that...
> In practice, p should be reasonably large. Breaking S into multiple parts introduces complexity and opportunities for malicious actors. Also, in some verifiable secret sharing schemes, a large p...
In the short factoring proof, there is the line $y = r + (N - \varphi(N))e$. In the vanilla protocol, the verifier checks $x \overset{?}{\equiv} z^{y - eN} \mod N$....
In the bad example, $h$ seems to be missing from the final message sent to the verifier. Without it, the verifier does not have access to $h$. So, I added...
Metadata
Owner
Metadata
Interactive documentation on zero-knowledge proof systems and related primitives.