this post was submitted on 21 Mar 2025
22 points (100.0% liked)

Programming

19098 readers
105 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
22
Zero knowledge authentication (lemm.ee)
submitted 1 day ago by tauren@lemm.ee to c/programming@programming.dev
13 comments fedilink hide all child comments
 

Hi, !programming@programming.dev. I'm curious about zero-knowledge encryption, and I would like to use it in my CS50x final project. My goal is to authenticate users and store their encrypted data on the server so that only the users can decrypt it.

I understand the general concepts of public and private keys, as well as symmetric keys, and how to use them to protect data. However, I don't understand how to authenticate users. I have searched online for information on implementing the zero proof knowledge authentication flow, but I found either vague high-level descriptions or research papers that require a strong background in mathematics and cryptography to understand and implement.

Could you maybe suggest some resources on this topic? When your search for "how to implement jwt authentication", you can find many articles that describe the flow with code examples. I'm looking for something similar.

Or should I choose a simpler project?

you are viewing a single comment's thread
view the rest of the comments
[–] MajorHavoc@programming.dev 1 points 1 day ago (1 children)

research papers that require a strong background in mathematics and cryptography to understand and implement.

Lol. I guess that makes sense. Outside of school, we hope that all authentication will be implemented only cryptography experts anyway.

Could you maybe suggest some resources on this topic?

Not really, sorry. I'm not aware of anyone creating resources for your situation.

Or should I choose a simpler project?

For some context, cryptography isn't even usually implemented "completely correctly" by experts. That's part of why we have constant software security patches.

If I were in your shoes, I guess it would depend on my instructor and advisors.

If I felt like they have the skills to catch mistakes and no time to help correct mistakes, then I would just choose a simpler project. If they're cool with awarding a good grade for a functional demo, I might just go for it.

I guess I would take this one to an advisor and get some feedback on practicality.

[–] tauren@lemm.ee 3 points 1 day ago

For some context, cryptography isn’t even usually implemented “completely correctly” by experts. That’s part of why we have constant software security patches.

Yeah, I totally agree, and I don't expect to implement it properly or go public with this. I just got this idea for the final project. When it comes to password hashing, we have libraries in all popular languages that handle this, and we have open-source tools to generate keys. So, I was hoping to find something ready to use for my project. Unfortunately, it seems this area isn't very popular.