A cutting-edge Zero-Knowledge Proof Authentication System for high-mobility IoT devices with AI-enhanced predictive token learning and Byzantine fault tolerance.
ZKPAS is a revolutionary authentication system specifically designed for high-mobility IoT environments. It combines zero-knowledge proofs with machine learning to provide secure, efficient, and scalable authentication for resource-constrained devices in dynamic network conditions.
- Zero-Knowledge Authentication: Devices authenticate without revealing sensitive information
- AI-Powered Mobility Prediction: LSTM neural networks predict device movement patterns
- Byzantine Fault Tolerance: Resilient operation in untrusted environments
- Lightweight Design: Optimized for resource-constrained IoT devices (<100MB RAM)
- ECC secp256r1 cryptography with digital signatures
- Zero-knowledge proof protocols for privacy-preserving authentication
- Constant-time operations to prevent timing attacks
- Post-quantum algorithm stubs for future-proofing
- LSTM neural networks for movement pattern analysis
- Lightweight predictor fallback for resource-constrained scenarios
- Real-time adaptation to changing mobility patterns
- Accuracy: 40-45% prediction accuracy (realistic for GPS-based systems)
- Threshold cryptography for cross-domain authentication
- Graceful degradation when trusted authorities are unavailable
- Sliding window tokens to reduce authentication overhead
- Distributed consensus mechanisms
- Authentication latency: <200ms per device
- Memory footprint: <100MB total system usage
- LSTM training: ~1.3s on synthetic data
- Scalability: Supports 100+ concurrent IoT devices
- Python 3.7 or higher
- 4GB+ RAM (recommended)
- Network connectivity for distributed scenarios
-
Clone the repository
git clone https://github.com/shafiqahmed/zkpas.git cd zkpas -
Setup the system (one-time setup)
cd zkpas python setup_zkpas.py -
Run the system (every time)
python run_zkpas.py
That's it! The system provides an interactive menu to explore all features.
python run_zkpas.py
# Interactive menu with options:
# 1. Basic Authentication Demo
# 2. LSTM Mobility Prediction
# 3. Security Stress Testing
# 4. Complete Integration Test# Run specific demonstrations
python run_zkpas.py --demo basic # Basic ZKP authentication
python run_zkpas.py --demo lstm # LSTM prediction system
python run_zkpas.py --demo security # Security testing
python run_zkpas.py --demo all # Complete system test
# System utilities
python run_zkpas.py --health # Health check
python run_zkpas.py --test # Run unit tests# Direct demo access
python demos/demo_zkpas_basic.py # Basic authentication
python demos/demo_lstm_system.py # LSTM prediction
python demos/demo_security_stress_testing.py # Security testing
# Standalone components
python app/lightweight_predictor.py # Lightweight ML predictor
python app/mobility_predictor.py # Full LSTM predictorzkpas/
โโโ app/ # Core application modules
โ โโโ mobility_predictor.py # LSTM-based mobility prediction
โ โโโ lightweight_predictor.py # Fallback predictor
โ โโโ state_machine.py # Protocol state management
โ โโโ events.py # Event-driven architecture
โโโ demos/ # Example demonstrations
โ โโโ demo_zkpas_basic.py # Basic authentication
โ โโโ demo_lstm_system.py # LSTM prediction
โ โโโ demo_security_stress_testing.py # Security testing
โโโ shared/ # Shared utilities
โ โโโ crypto_utils.py # Cryptographic primitives
โ โโโ config.py # Configuration management
โโโ tests/ # Comprehensive test suite
- Event-Driven Design: Asynchronous event processing for scalability
- Microservices Pattern: Modular components for flexibility
- Graceful Degradation: Fallback mechanisms for reliability
- Plugin Architecture: Extensible design for new features
- Latency: <200ms per device authentication
- Throughput: 100+ concurrent authentications
- Memory Usage: <100MB total system footprint
- CPU Usage: <10% on modern hardware
- LSTM Accuracy: 40-45% within 100m threshold
- Prediction Error: ~127m average error (realistic for GPS)
- Training Time: 1.3s on synthetic trajectory data
- Inference Time: <10ms per prediction
- Bandwidth: <1KB per authentication request
- Packet Overhead: Minimal protocol overhead
- Network Resilience: Operates in high-latency environments
The system automatically detects available dependencies and gracefully falls back to lightweight implementations when needed. No manual configuration is required for basic usage.
# Environment variables for customization
export ZKPAS_MAX_DEVICES=100
export ZKPAS_MEMORY_LIMIT=6GB
export ZKPAS_BATCH_SIZE=32
export ZKPAS_LOG_LEVEL=INFOpython run_zkpas.py --test# Unit tests
python -m pytest tests/test_trusted_authority.py -v
python -m pytest tests/test_gateway_node.py -v
python -m pytest tests/test_iot_device.py -v
# Integration tests
python -m pytest tests/test_phase4_integration.py -v
python -m pytest tests/test_security_stress.py -v- Required: Python 3.7+, hashlib, secrets, hmac
- Recommended: numpy, scikit-learn, cryptography
- Optional: TensorFlow, PyTorch (for advanced ML features)
# Install development dependencies
pip install -r requirements.txt
# Run code quality checks
python -m flake8 .
python -m black .
python -m mypy .
# Run comprehensive tests
python -m pytest --cov=app --cov=shared- Custom ZKP protocols optimized for IoT constraints
- Privacy-preserving authentication without credential exposure
- Efficient proof generation and verification
- LSTM neural networks for trajectory prediction
- Adaptive learning from device movement patterns
- Lightweight fallback for resource-constrained devices
- Threshold cryptography for distributed trust
- Graceful degradation in untrusted environments
- Cross-domain authentication protocols
- Memory-conscious design for IoT devices
- Efficient cryptographic operations
- Scalable architecture for large deployments
- Technical Documentation: See
zkpas/docs/directory - API Reference: Comprehensive inline documentation
- Architecture Decisions: See
zkpas/adr/directory - Implementation Guide: Detailed setup and usage instructions
This project is actively maintained and welcomes contributions from the research community. Areas of interest include:
- Performance optimization for resource-constrained devices
- Advanced ML models for mobility prediction
- Post-quantum cryptography integration
- Real-world deployment case studies
This project is licensed under the MIT License - see the LICENSE file for details.
Shafiq Ahmed
- Email: s.ahmed@essex.ac.uk
- Affiliation: University of Essex
- Research Focus: IoT Security, Zero-Knowledge Proofs, Machine Learning
This work represents cutting-edge research in:
- IoT Security: Novel approaches to device authentication
- Zero-Knowledge Proofs: Practical applications in mobile environments
- Machine Learning: AI-enhanced security systems
- Distributed Systems: Byzantine fault tolerance in IoT networks
- Real-world deployment testing with industrial IoT systems
- Post-quantum cryptography integration for future security
- Edge computing optimization for 5G/6G networks
- Federated learning for privacy-preserving ML training
Built with โค๏ธ for the future of IoT security
ZKPAS - Where Zero-Knowledge meets Artificial Intelligence