Developing zero-knowledge solutions with JavaScript

Who am I


Jose Aguinaga / @ jjperezaguinaga


Web Engineer

Startups / Fintech / Privacy



Crypto stuff ahead, handle with caution, errata might occur

What are zero-knowledge solutions?

Trust based solutions

I have nothing on ya, trust me.

Zero-knowledge solutions

I have nothing on ya, you know.




Zero-knowledge (proved) solutions

I have nothing on ya, you know, but you know I know.

SHA256(      )

SHA256(      )

Where does the Web fit in all this?

Server-side cryptography

SSL, bcrypt, HMACs

//NOTE: This prompts the user to enter a password.
        name: "PBKDF2",
    false, //whether the key is extractable
    ["deriveKey", "deriveBits"] //can be any combination
    //returns a key object

Deniable encryption

Ya ain't know what I got, or if I got something.

E(A | E(B | ... E(N, pk.n), pk.b) pk.a)

What are some use cases for zero-knowledge solutions?


Further reading, libraries and links

Solid introduction to cryptography from a computer science perspective by Stanford University teacher Dan Boneh

Moar examples on Web crypto

Thank you