2. - Hyperledger-Indy provides a software ecosystem for private, secure, and
powerful identity, and libindy enables clients for it.
- Hyperledger Indy has tools, libraries, and reusable components for
providing digital identities rooted on blockchains or other distributed
ledgers.
- They are interoperable across administrative domains, applications, and
any other silo.
- Indy is interoperable with other blockchains or can be used standalone
powering the decentralization of identity.
- Indy uses open-source, distributed ledger technology. These ledgers are a
form of database that is provided cooperatively by a pool of participants
What is Hyperledger-Indy?
3. Hyperledger Indy’s approach to privacy includes
- Elliptic curve cryptography,
- Semi-trusted agents,
- Agent-to-agent communication
- Pairwise DIDs
Using techniques such as
- Zero-knowledge proofs,
- Libsodium’s sealed box
- Authenticated encryption,
- Privacy-preserving credential revocation features.
Hyperledger-indy approach to priavcy
4. Elliptic Curve Cryptography
- Elliptic curve cryptography is a powerful approach to cryptography and
an alternative method from the well known RSA.
- It is an approach used for public key encryption by utilizing the
mathematics behind elliptic curves in order to generate security between
key pairs.
- ECC has been slowly gaining in popularity over the past few years due to
its ability to provide the same level of security as RSA with a much smaller
key size.
5. How does elliptic curve cryptography work?
- An elliptical curve can simply illustrated as a set of points defined by the following
equation: y2 = x3 + ax + b
6. How does elliptic curve cryptography work?
- Based on the values given to points a and b, an elliptic curve is drawn.
- A line can then be drawn through these points until it reaches a third intersection
point on the curve which we can call point c.
- At this stage, when the line reaches its third intersect point, we can reflect that point
onto the other side of the x-axis.
- Continuing from point c, we can then draw a line through from point a to point c
which intersects with another part of the curve, point d. This point is also reflected to
the other side of the x-axis and this process continues until an end point is defined.
- Each intersection point is defined in terms of a "dot". In the example below, the
intersection points would be described as:
A dot A = B
A dot B = C
A dot C = D
A dot D = E
7. Zero Knowledge proof
- A zero-knowledge proof or zero-knowledge protocol is a method by
which one party (the prover) can prove to another party (the verifier)
that they know value x, without conveying any information apart from
the fact that they know value x.
- The essence of a zero-knowledge proof is that it is trivial to prove
that someone possesses knowledge of certain information by simply
revealing it. The challenge is to justify such possession without
revealing the information itself or any additional information.
8. Zero Knowledge proof
A zero-knowledge proof must satisfy the following three parameters:
1. Completeness. If the statement is true, the honest verifier—the one that is
following the protocol properly will be convinced of this fact by an honest
prover.
1. Soundness. If the statement is false, no cheating prover can convince the
honest verifier that it is true, except for some small probability.
1. Zero knowledge. If the statement is true, no verifier learns anything,
except the fact that the statement is true.
9. Zero Knowledge proof
To illustrate how ZKP works in practice, Wikipedia refers to the Ali Baba cave story, which was
first published by Jean-Jacques Quisquater.
- In this example, Peggy acts as the prover and Victor acts as the verifier.
- In the story, the cave is shaped like a ring. The entrance is on the left side, and there’s a
magic door blocking the right side.
- Peggy wants to prove to Victor that she knows the secret word to open the magic door.
However, she does not want to reveal the secret word.
10. The general structure of a ZKP
- The general structure of a ZKP consists of three sequential actions between participants
A and B.
- These actions are called as Witness ,Challenge ,response.
1. Witness : The fact that manish(prover) knows the secret determines some set of the questions,
which always can be answered by manish(prover) correctly. At first, manish(prover) randomly
chooses any question from the set and calculates a proof. Then, manish(prover) sends the
proof to Abhishek(verifier).
11. The general structure of a ZKP
2. Challenge : After that, Abhishek(verifier) chooses a question from the set and asks
manish(prover) to answer it.
3. Response. Manish(prover) calculates the answer and sends it back to Abhishek(verifier
12. Zero-knowledge succinct non interactive argument of knowledge
- The concept (also known as zk-SNARK) enables transactions to be verified in a
single message from a prover to a verifier without interaction between them
- Zero-knowledge succinct non interactive argument of knowledge (zk-SNARK) is
a ZKP-based protocol with the following additional features:
1. Succinct. The size of the proof is small enough to be verified in a few
milliseconds.
2. Noninteractive. The proof transcript consists of a single message—from the
prover to the verifier.
3. Argument of knowledge. A computationally sound proof: soundness holds
against the prover that leverages polynomial-time—i.e., a bounded
computation.
13. Zero-knowledge succinct non interactive argument of knowledge
zk-SNARK consists of the three functions:
1. A key generator (G) takes a secret parameter (λ) and generates two publicly
available keys—a proving key (pk) and a verification key (vk).
.
2. The prover function (PF) takes pk as an input, x as a common input, and w
as a private input. The function generates a proof . prf = PF(pk, x, w).
14. Zero-knowledge succinct non interactive argument of knowledge
3. The verifier function (VF) computes VF(vk, x, prf), which returns Accept if the
proof is correct and Reject if it is not.
15. Zero-knowledge succinct non interactive argument of knowledge
Fig : In a Non-interactive ZKP, A & B interact only once
16. ZK-Snark Approach for privacy of Hyperledger-Indy
- Identity Mixer (Idemix) is a ZKP-based cryptographic protocol
suite developed by IBM Research for privacy-preserving
authentication and transfer of certified attributes.
- Idemix works in a similar way as client certificates in a classical
public-key infrastructure (PKI), but with two important differences:
1. Flexible public keys.
1. Flexible credentials.
17. ZK-Snark Approach for privacy of Hyperledger-Indy
- Indy-anoncreds, a ZKP based on the Idemix protocol, to cryptographically
secure credentials.
- The workflow of Indy-annoncreds begins with the prover creating a master key.
- This master key is used to guarantee that a credential uniquely belongs to the
prover.
21. ZK-Snark Approach for privacy of Hyperledger-Indy
Zero-knowledge proof paradigm works
22. Libsodium’s sealed box Approach for privacy of Hyperledger-Indy
- Sodium is a modern, easy-to-use software library for encryption, decryption,
signatures, password hashing and more.
- Its goal is to provide all of the core operations needed to build higher-level
cryptographic tools.
- Sodium is cross-platforms and cross-languages.
- The design choices emphasize security and ease of use. But despite the
emphasis on high security, primitives are faster across-the-board than most
implementations.
23. Libsodium’s sealed box Approach for privacy of Hyperledger-Indy
- Sealed boxes are designed to anonymously send messages to a recipient
given its public key.
- Only the recipient can decrypt these messages, using its private key. While
the recipient can verify the integrity of the message, it cannot verify the
identity of the sender.
- A message is encrypted using an ephemeral key pair, whose secret part is
destroyed right after the encryption process.
- Without knowing the secret key used for a given message, the sender
cannot decrypt its own message later. And without additional data, a
message cannot be correlated with the identity of its sender.
24. Libsodium’s sealed box Approach for privacy of Hyperledger-Indy
- The crypto_box_seal() function encrypts a message m of length mlen for a
recipient whose public key is pk. It puts the ciphertext whose length is
crypto_box_SEALBYTES + mlen into c.
Ex - int crypto_box_seal(unsigned char *c, const unsigned char *m,
unsigned long long mlen, const unsigned char *pk);
- The function creates a new key pair for each message, and attaches the
public key to the ciphertext.
- The secret key is overwritten and is not accessible after this function
returns.
25. Libsodium’s sealed box Approach for privacy of Hyperledger-Indy
Ex- int crypto_box_seal_open(unsigned char *m, const unsigned char *c,
unsigned long long clen, const unsigned char *pk, const unsigned char *sk);
- The crypto_box_seal_open() function decrypts the ciphertext c whose length
is clen, using the key pair (pk, sk), and puts the decrypted message into m
(clen - crypto_box_SEALBYTES bytes).
- Key pairs are compatible with other crypto_box_* operations and can be
created using crypto_box_keypair() or crypto_box_seed_keypair().
- This function doesn't require passing the public key of the sender, as the
ciphertext already includes this information.
26. Authenticated encryption Approach for privacy of Hyperledger-Indy
- Using public-key authenticated encryption, Bob can encrypt a
confidential message specifically for Alice, using Alice's public key.
- Using Bob's public key, Alice can compute a shared secret key.
Using Alice's public key and his secret key, Bob can compute the
exact same shared secret key. That shared secret key can be used
to verify that the encrypted message was not tampered with, before
eventually decrypting it.
- Alice only needs Bob's public key, the nonce and the ciphertext. Bob
should never ever share his secret key, even with Alice.
27. Authenticated encryption Approach for privacy of Hyperledger-Indy
- And in order to send messages to Alice, Bob only needs Alice's public key.
Alice should never ever share her secret key either, even with Bob.key-pair
generation
Ex- int crypto_box_keypair(unsigned char *pk, unsigned char *sk);
- Alice can reply to Bob using the same system, without having to generate a
distinct key pair.
Ex- int crypto_box_seed_keypair(unsigned char *pk, unsigned char *sk,
const unsigned char *seed);
- The nonce doesn't have to be confidential.