creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5f3fa32486ea335db802d68fe2147fa2da69583
Anthropic-Cybersecurity-Skills/skills/implementing-zero-knowledge-proof-for-authentication/SKILL.md
T
mukul975 efca3ec611 feat: add NIST CSF 2.0 nist_csf field to all 754 cybersecurity skills 
Mapped every skill to NIST CSF 2.0 subcategory IDs (GV/ID/PR/DE/RS/RC functions)
based on subdomain and content analysis. Restores 11 skills corrupted during
prior rebase, re-enriching with ATLAS, D3FEND, NIST AI RMF, and CSF 2.0 fields.

All 754 skills now carry structured mappings for all 5 security frameworks:
- MITRE ATT&CK (in tags)
- MITRE ATLAS v5.5 (atlas_techniques)
- MITRE D3FEND v1.3 (d3fend_techniques)
- NIST AI RMF 1.0 (nist_ai_rmf)
- NIST CSF 2.0 (nist_csf)
2026-04-06 11:17:40 +02:00

84 lines
3.1 KiB
Markdown
Raw Blame History

---
name: implementing-zero-knowledge-proof-for-authentication
description: Zero-Knowledge Proofs (ZKPs) allow a prover to demonstrate knowledge of a secret (such as a password or private
key) without revealing the secret itself. This skill implements the Schnorr identificati
domain: cybersecurity
subdomain: cryptography
tags:
- cryptography
- zero-knowledge-proof
- authentication
- privacy
- zkp
version: '1.0'
author: mahipal
license: Apache-2.0
nist_csf:
- PR.DS-01
- PR.DS-02
- PR.DS-10
---
# Implementing Zero-Knowledge Proof for Authentication
## Overview
Zero-Knowledge Proofs (ZKPs) allow a prover to demonstrate knowledge of a secret (such as a password or private key) without revealing the secret itself. This skill implements the Schnorr identification protocol and a simplified ZKPP (Zero-Knowledge Password Proof) using the discrete logarithm problem, enabling authentication where the server never learns the user's password.
## When to Use
- When deploying or configuring implementing zero knowledge proof for authentication capabilities in your environment
- When establishing security controls aligned to compliance requirements
- When building or improving security architecture for this domain
- When conducting security assessments that require this implementation
## Prerequisites
- Familiarity with cryptography concepts and tools
- Access to a test or lab environment for safe execution
- Python 3.8+ with required dependencies installed
- Appropriate authorization for any testing activities
## Objectives
- Implement Schnorr's identification protocol for ZKP authentication
- Build a non-interactive ZKP using Fiat-Shamir heuristic
- Implement zero-knowledge password proof (ZKPP)
- Demonstrate completeness, soundness, and zero-knowledge properties
- Compare ZKP authentication with traditional password verification
## Key Concepts
### ZKP Properties
| Property | Description |
|----------|------------|
| Completeness | Honest prover always convinces honest verifier |
| Soundness | Dishonest prover cannot convince verifier (except negligible probability) |
| Zero-Knowledge | Verifier learns nothing beyond the statement's truth |
### Schnorr Protocol
1. **Setup**: Public generator g, prime p, q (order of g)
2. **Registration**: Prover computes y = g^x mod p (public key from secret x)
3. **Commitment**: Prover sends t = g^r mod p (random r)
4. **Challenge**: Verifier sends random c
5. **Response**: Prover sends s = r + c*x mod q
6. **Verify**: Check g^s == t * y^c mod p
## Security Considerations
- Use cryptographically secure random number generators
- Challenge must be unpredictable (from verifier's perspective)
- For non-interactive proofs, use Fiat-Shamir with collision-resistant hash
- ZKP alone does not provide forward secrecy; combine with TLS
## Validation Criteria
- [ ] Honest prover always verifies successfully (completeness)
- [ ] Random response without secret does not verify (soundness)
- [ ] Server never receives the secret value
- [ ] Non-interactive proof is verifiable offline
- [ ] Multiple authentications produce different transcripts
- [ ] Protocol resists replay attacks
Reference in New Issue View Git Blame Copy Permalink