Hey! I'm Serhat, a software engineer based in Munich🇩🇪, with a Master's in Informatics from the Technical University of Munich. I'm deeply interested in distributed networks, especially blockchain and backend development, and I enjoy exploring web security. This blog is where I'll share my insights on technology and personal life, talk about programming and security, and occasionally review books, tech tools & services that catch my attention.
You can catch my latest musings and tech explorations on my blog. You can also find me on other platforms:
- For my random thoughts follow me on Twitter: @jrkb6
- Explore my professional journey on my Linkedin Profile
- Check out my projects on GitHub: @jrkb6
Publications
Portal: Time-Bound and Replay-Resistant Zero-Knowledge Proofs for Single Sign-On
Latest identity systems rely on public blockchains to enhance user autonomy and reduce tracking from conventional identity providers. At the same time, identity systems integrate novel technologies such as zero-knowledge proofs (ZKPs) to improve data privacy and data compliance. We show that a naive verification of ZKPs at smart contracts enables replay attacks: Attackers can replay ZKPs at arbitrary times without having access to the private inputs that are required for the computation of the ZKP. To solve this problem, we construct a transaction sequence which verifies time-bound and replay-resistant ZKPs at smart contracts. Our construction introduces an additional but constant fee of 0.14${\$}$ per verification of a ZKP on the public blockchain Ethereum. With our new construction, we propose Portal, a novel identity system for decentralized single sign-on.
