pith. sign in
Pith Number

pith:UY3BLCPI

pith:2026:UY3BLCPI3YYNKM7NGC57MESCD4
not attested not anchored not stored refs resolved

A Lightweight QR-assisted Zero-knowledge Identification Protocol For Secure Authentication

H\"useyin Bodur

The QR-assisted Schnorr protocol verifies secret key knowledge without revealing it, with millisecond proof times and constant 0.5 KB size.

arxiv:2605.16912 v1 · 2026-05-16 · cs.CR

Open paper page JSON Open Graph Bundle Merged state Verified badge What is a Pith Number?
Add to your LaTeX paper 
\usepackage{pith}
\pithnumber{UY3BLCPI3YYNKM7NGC57MESCD4}

Prints a linked badge after your title and injects PDF metadata. Compiles on arXiv. Learn more · Embed verified badge

Record completeness

1 Bitcoin timestamp
2 Internet Archive
3 Author claim open · sign in to claim
4 Citations open
5 Replications open
Portable graph bundle live · download bundle · merged state
The bundle contains the canonical record plus signed events. A mirror can host it anywhere and recompute the same current state with the deterministic merge algorithm.

Claims

C1strongest claim

The proposed model enables verification of knowledge of the secret key without revealing it, with proof generation and verification times in the millisecond range and constant proof size of approximately 0.5 KB under 256-bit security, making it suitable for mobile and low-resource systems.

C2weakest assumption

The security and practicality claims rest on the assumption that the Schnorr protocol combined with nonce and timestamp mechanisms provides sufficient protection against replay and other attacks in real deployments, as the abstract provides no formal security reduction or implementation details beyond simulation timing.

C3one line summary

A Schnorr-based zero-knowledge protocol embeds constant-size proofs in QR codes for replay-resistant authentication with millisecond generation and verification times.

References

17 extracted · 17 resolved · 0 Pith anchors

[1] C., & Stajano, F 2012
[2] Nie, Y. (2025). WAScope: Detecting privacy data leakage with web application -specific API analysis. Journal of Web Systems and Security (Elsevier) 2025
[3] Alotaibi, A. (2025). A review of authentication techniques for Internet of Things (IoT) in smart cities. Sensors, 25(6) 2025
[4] Goldwasser, S., Micali, S., & Rackoff, C. (1985). The knowledge complexity of interactive proof systems. SIAM Journal on Computing, 18(1), 186–208 1985
[5] Fiat, A., & Shamir, A. (1986). How to prove yourself: Practical solutions to identification and signature problems. Advances in Cryptology — CRYPTO ’86, 186–194 1986
Receipt and verification
First computed 2026-05-20T00:03:29.818386Z
Builder pith-number-builder-2026-05-17-v1
Signature Pith Ed25519 (pith-v1-2026-05) · public key
Schema pith-number/v1.0

Canonical hash

a6361589e8de30d533ed30bbf612421f10b2d8848ab12cce15c0381bffa1a8cc

Aliases

arxiv: 2605.16912 · arxiv_version: 2605.16912v1 · doi: 10.48550/arxiv.2605.16912 · pith_short_12: UY3BLCPI3YYN · pith_short_16: UY3BLCPI3YYNKM7N · pith_short_8: UY3BLCPI
Agent API
Resolver JSON Graph JSON Events JSON Schema Signing key
Verify this Pith Number yourself 
curl -sH 'Accept: application/ld+json' https://pith.science/pith/UY3BLCPI3YYNKM7NGC57MESCD4 \
  | jq -c '.canonical_record' \
  | python3 -c "import sys,json,hashlib; b=json.dumps(json.loads(sys.stdin.read()), sort_keys=True, separators=(',',':'), ensure_ascii=False).encode(); print(hashlib.sha256(b).hexdigest())"
# expect: a6361589e8de30d533ed30bbf612421f10b2d8848ab12cce15c0381bffa1a8cc
Canonical record JSON 
{
  "metadata": {
    "abstract_canon_sha256": "2468623e480c16b45ed6877c478f3b73a8aa43cabae9e6c0163ef0a3b0139055",
    "cross_cats_sorted": [],
    "license": "http://creativecommons.org/licenses/by/4.0/",
    "primary_cat": "cs.CR",
    "submitted_at": "2026-05-16T09:58:54Z",
    "title_canon_sha256": "28fb8515a95174e5e16d844f45d933c0c2c1b8c40ff740fe5d18f823007957be"
  },
  "schema_version": "1.0",
  "source": {
    "id": "2605.16912",
    "kind": "arxiv",
    "version": 1
  }
}