Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A Privacy-preserving key transmission protocol to distribute QRNG keys using zk-SNARKs

David Soler, Carlos Dafonte, Manuel Fernández-Veiga, Ana Fernández Vilas, Francisco J. Nóvoa

TL;DR

The paper addresses the challenge of providing high-entropy QRNG-derived keys without enabling the server to track which user receives which key. It introduces a privacy-preserving Key Transmission Protocol that decouples authentication from key delivery and uses zk-SNARKs together with a Merkle Tree to prove membership in a valid set while preserving user anonymity; a KEM-based key delivery layer ensures Confidentiality. The implementation demonstrates NFC-based key transfer and analyzes performance, showing that offline zk-SNARK proof generation and NFC bandwidth are critical factors, with practical viability on contemporary hardware. This approach enables private, auditable access to quantum-grade entropy and could support secure communications and future quantum-key distribution networks.

Abstract

High-entropy random numbers are an essential part of cryptography, and Quantum Random Number Generators (QRNG) are an emergent technology that can provide high-quality keys for cryptographic algorithms but unfortunately are currently difficult to access. Existing Entropy-as-a-Service solutions require users to trust the central authority distributing the key material, which is not desirable in a high-privacy environment. In this paper, we present a novel key transmission protocol that allows users to obtain cryptographic material generated by a QRNG in such a way that the server is unable to identify which user is receiving each key. This is achieved with the inclusion of Zero Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARK), a cryptographic primitive that allow users to prove knowledge of some value without needing to reveal it. The security analysis of the protocol proves that it satisfies the properties of Anonymity, Unforgeability and Confidentiality, as defined in this document. We also provide an implementation of the protocol demonstrating its functionality and performance, using NFC as the transmission channel for the QRNG key.

A Privacy-preserving key transmission protocol to distribute QRNG keys using zk-SNARKs

TL;DR

The paper addresses the challenge of providing high-entropy QRNG-derived keys without enabling the server to track which user receives which key. It introduces a privacy-preserving Key Transmission Protocol that decouples authentication from key delivery and uses zk-SNARKs together with a Merkle Tree to prove membership in a valid set while preserving user anonymity; a KEM-based key delivery layer ensures Confidentiality. The implementation demonstrates NFC-based key transfer and analyzes performance, showing that offline zk-SNARK proof generation and NFC bandwidth are critical factors, with practical viability on contemporary hardware. This approach enables private, auditable access to quantum-grade entropy and could support secure communications and future quantum-key distribution networks.

Abstract

High-entropy random numbers are an essential part of cryptography, and Quantum Random Number Generators (QRNG) are an emergent technology that can provide high-quality keys for cryptographic algorithms but unfortunately are currently difficult to access. Existing Entropy-as-a-Service solutions require users to trust the central authority distributing the key material, which is not desirable in a high-privacy environment. In this paper, we present a novel key transmission protocol that allows users to obtain cryptographic material generated by a QRNG in such a way that the server is unable to identify which user is receiving each key. This is achieved with the inclusion of Zero Knowledge Succinct Non-interactive Arguments of Knowledge (zk-SNARK), a cryptographic primitive that allow users to prove knowledge of some value without needing to reveal it. The security analysis of the protocol proves that it satisfies the properties of Anonymity, Unforgeability and Confidentiality, as defined in this document. We also provide an implementation of the protocol demonstrating its functionality and performance, using NFC as the transmission channel for the QRNG key.
Paper Structure (26 sections, 3 theorems, 4 equations, 6 figures, 3 tables, 4 algorithms)

This paper contains 26 sections, 3 theorems, 4 equations, 6 figures, 3 tables, 4 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Background
  4. zk-SNARKs
  5. Merkle Tree
  6. Key Encapsulation Mechanism
  7. Privacy-Preserving Key Transmission Protocol
  8. Outline
  9. Architecture
  10. Protocol Definition
  11. Initial Setup
  12. Step 1: Authentication
  13. Step 2: Proof Generation
  14. Step 3: Key Request
  15. Security
  16. ...and 11 more sections

Key Result

Theorem 1

If the hash function H is a one-way function, and the zk-SNARK scheme satisfies the Zero-Knowledge property, the proposed system provides Anonymity.

Figures (6)

  • Figure 1: Diagram of the proposed protocol.
  • Figure 2: Diagram of the relationship between Commitments and Nullifiers.
  • Figure 3: Sequence diagram of the NFC Tunnel.
  • Figure 4: Proof generation times for different Merkle Tree depths.
  • Figure 5: Key Request Step time, with QRNG key transmission being also shown for comparison.
  • ...and 1 more figures

Theorems & Definitions (9)

  • Definition 5.1
  • Theorem 1
  • proof
  • Definition 5.2
  • Theorem 2
  • proof
  • Definition 5.3
  • Theorem 3
  • proof