Zero-knowledge password proof

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

In cryptography, a zero-knowledge password proof (ZKPP) is an interactive method for one party (the prover) to prove to another party (the verifier) that it knows a value of a password, without revealing anything other than the fact that it knows that password to the verifier. The term is defined in IEEE P1363.2, in reference to one of the benefits of using a password-authenticated key exchange (PAKE) protocol that is secure against off-line dictionary attacks. A ZKPP prevents any party from verifying guesses for the password without interacting with a party that knows it and, in the optimal case, provides exactly one guess in each interaction.

Technically speaking, a ZKPP is different from a zero-knowledge proof. This is because a ZKPP is defined more narrowly than the more general zero-knowledge proof. ZKPP is defined in IEEE 1363.2 as "An interactive zero knowledge proof of knowledge of password-derived data shared between a prover and the corresponding verifier." Notice, that the definition is concerned further with password-derived data.[how?]

A common use of a zero-knowledge password proof is in authentication systems where one party wants to prove its identity to a second party using a password but doesn't want the second party or anybody else to learn anything about the password. For example, apps can validate a password without processing it and a payment app can check the balance of an account without touching or learning anything about the amount.[1]


The first methods to demonstrate a ZKPP were the encrypted key exchange methods (EKE) described by Steven M. Bellovin and Michael Merritt in 1992.[2][page needed] A considerable number of refinements, alternatives, and variations in the growing class of password-authenticated key agreement methods were developed in subsequent years. Standards for these methods include IETF RFC 2945, IEEE P1363.2, and ISO-IEC 11770-4.[3]

See also[edit]

Further reading[edit]


  1. ^ "What Are Zero-Knowledge Proofs?". Wired. ISSN 1059-1028. Retrieved 2020-12-01.
  2. ^ Bellovin & Merritt 1992.
  3. ^ IEEE P1363.2: Proposed Standard for Password-Based Public-Key Cryptography

Works cited[edit]

External links[edit]