secubox-openwrt/package/secubox/zkp-hamiltonian

ZKP Hamiltonian

Zero-Knowledge Proof library based on the Hamiltonian Cycle problem (Blum 1986) with NIZK transformation via Fiat-Shamir heuristic.

CyberMind.FR / SecuBox — Version 0.1.0

Overview

This library implements a Zero-Knowledge Proof (ZKP) protocol that allows a Prover to convince a Verifier that they know a Hamiltonian cycle in a graph, without revealing the cycle itself.

Security Properties

• Completeness: An honest prover with knowledge of H always convinces the verifier
• Soundness: A cheater fails with probability ≥ 1 - 2^(-128)
• Zero-Knowledge: The verifier learns nothing about H

Building

Prerequisites

• CMake ≥ 3.16
• OpenSSL (for SHA3-256)
• C99 compiler

Build Commands

mkdir build && cd build
cmake ..
make

# Run tests
ctest --output-on-failure

# Or run individual tests
./test_crypto
./test_graph
./test_protocol
./test_nizk

OpenWrt Build

make package/zkp-hamiltonian/compile V=s

Usage

CLI Tools

Generate Key Pair

zkp_keygen -n 50 -r 1.0 -o identity
# Creates: identity.graph (public), identity.key (SECRET!)

Generate Proof

zkp_prover -g identity.graph -k identity.key -o auth.proof

Verify Proof

zkp_verifier -g identity.graph -p auth.proof
# Exit code: 0=ACCEPT, 1=REJECT, 2=ERROR

C API

#include "zkp_hamiltonian.h"

// Generate key pair
Graph G;
HamiltonianCycle H;
zkp_generate_graph(50, 1.0, &G, &H);

// Prover: generate proof
NIZKProof proof;
zkp_prove(&G, &H, &proof);

// Verifier: verify proof
ZKPResult result = zkp_verify(&G, &proof);
if (result == ZKP_ACCEPT) {
    // Authenticated!
}

Protocol Overview

1. Setup: Prover generates (G, H) where H is a Hamiltonian cycle in G
2. Proof Generation:
   • Generate random permutation π
   • Compute G' = π(G)
   • Commit to each edge in G' using SHA3-256
   • Compute challenge via Fiat-Shamir: c = H(G, G', commits)
   • If c=0: reveal π and all nonces (isomorphism proof)
   • If c=1: reveal π(H) and cycle edge nonces (Hamiltonian proof)
3. Verification:
   • Recompute Fiat-Shamir challenge
   • Verify response matches commitments

Files

zkp-hamiltonian/
├── include/
│   ├── zkp_types.h       # Type definitions
│   ├── zkp_crypto.h      # Cryptographic primitives
│   ├── zkp_graph.h       # Graph operations
│   └── zkp_hamiltonian.h # Main API
├── src/
│   ├── zkp_crypto.c      # SHA3-256, commitments, RNG
│   ├── zkp_graph.c       # Graph manipulation
│   ├── zkp_prove.c       # NIZK proof generation
│   ├── zkp_verify.c      # NIZK proof verification
│   └── zkp_serialize.c   # Binary serialization
├── tests/
│   ├── test_crypto.c     # Crypto primitive tests
│   ├── test_graph.c      # Graph operation tests
│   ├── test_protocol.c   # Protocol completeness/soundness
│   └── test_nizk.c       # Full NIZK tests + benchmarks
├── tools/
│   ├── zkp_keygen.c      # Key generation CLI
│   ├── zkp_prover.c      # Proof generation CLI
│   └── zkp_verifier.c    # Proof verification CLI
├── CMakeLists.txt
└── README.md

Configuration

Build Options (CMake)

Option	Default	Description
OPENWRT_BUILD	OFF	Enable OpenWrt optimizations
BUILD_TESTS	ON	Build test executables
BUILD_TOOLS	ON	Build CLI tools
BUILD_SHARED_LIBS	OFF	Build shared library
ZKP_MAX_N	128	Maximum graph nodes

Recommended Parameters

Parameter	Recommended	Description
n (nodes)	50-80	Graph size
extra_ratio	0.5-1.5	Decoy edge ratio

SecuBox Integration

See SECUBOX_INTEGRATION.md for details on:

• Integration with secubox-auth
• Network protocol (ZKP_HELLO, ZKP_PROOF, etc.)
• UCI configuration
• LuCI dashboard

License

GPL-2.0-or-later

Copyright (C) 2026 CyberMind.FR / SecuBox