研究零知识证明和隐私保护

In the context of the digital age, data privacy and security issues are increasingly prominent. Blockchain technology plays an important role in data sharing due to its transparency and immutability, but it also brings the risk of privacy leakage. Zero knowledge proof technology provides a solution for verifying data correctness without exposing data content, which is particularly important for blockchain as it can ensure the validity and compliance of transactions while protecting user privacy. Although zero knowledge proof is quite mature in theory, its application in blockchain systems still faces challenges such as computational efficiency, complexity of smart contracts, and system compatibility. This study aims to propose a privacy protection scheme that supports interactive zero knowledge proof by improving the homomorphic encryption Paillier algorithm, in order to enhance the privacy protection capability of blockchain systems and maintain system efficiency and security. The study will adopt an interdisciplinary approach, combining cryptography, computer science, and network security theory, to deeply analyze the application effect of zero knowledge proof technology in blockchain, explore its optimization space and applicability.

The vast number of IoT devices is distributed across multiple trust domains, each with distinct security policies, trust models, and permission management methods. This diversity increases the risk of privacy exposure during cross-domain communications. At the same time, traditional authentication methods have problems, such as complex certificate management, high risk of key escrow, and reliance on trusted third parties. To address the above problems, this article proposes a novel method, enhancing device privacy through certificateless encryption and zero-knowledge proof (DPCZK). DPCZK achieves decentralization by leveraging a consortium blockchain as a trust bridge across different domains. The adoption of certificateless encryption mitigates the incomplete trust issues associated with the key generation center. Furthermore, DPCZK incorporates an identity-hiding mechanism based on zero-knowledge proof, enabling devices to authenticate and interact with resources anonymously during cross-domain operations, thereby safeguarding their privacy. Additionally, through threshold technology, the target domain can reveal the true identities of malicious devices and revoke their access rights, ensuring a balanced approach to security and privacy protection. The proposed scheme has been experimentally validated in a virtual environment and compared with existing solutions. Results demonstrate that DPCZK offers significant improvements in both effectiveness and efficiency.

With the rapid expansion of the digital economy ecosystem, blockchain has become the core technology and theoretical path to support data interaction and trusted transactions. However, it still faces significant challenges in terms of privacy protection, transaction traceability and anti-attack capabilities. To address the above challenges, this study proposes a dynamic trust-aware blockchain security algorithm (DTBCSA) based on differential privacy and zero-knowledge proof. This algorithm is used to improve the system robustness and privacy protection capabilities in multiple scenarios. The core design of the algorithm includes: (1) introducing a dynamic trust evaluation mechanism. This mechanism dynamically adjusts the trust level of the node by analyzing its behavioral characteristics and historical interactions. At the same time, the secondary authentication mechanism is activated when the risk threshold is triggered; (2) embedding a differential privacy mechanism in the computing power transaction and model training process. This mechanism protects sensitive data and model parameters through Laplace noise; (3) using zero-knowledge proof to ensure the non-repudiation of transactions. At the same time, the aggregation and parallel optimization strategies are adopted to significantly reduce the computational overhead of proof and verification. In the experimental part, DTBCSA reduced the acceptance rate of malicious transactions from 70% of the baseline to 8% in the computing power trading market simulation. At the same time, it reduced the reputation distribution imbalance (Gini) from 0.42 to 0.20. In the federated learning collaborative training experiment, DTBCSA reduced the success rate of member inference attacks from 81% to 38% under the condition of privacy budget ε=1. While maintaining privacy protection, it improved the model accuracy by about 1.8 percentage points compared to FedDP. In addition, in the zero-knowledge proof verification performance test, DTBCSA reduced the proof size and generation time through aggregation optimization.

The rise of digital healthcare has intensified concerns over data privacy, particularly in cross-institutional medical data exchanges. This study introduces a blockchain-based protocol leveraging Zero-Knowledge Proofs (ZKP), specifically zk-SNARK, to enable verifiable yet privacy-preserving health data sharing. Built on a permissioned Ethereum blockchain, the protocol ensures that medical data validity can be confirmed without disclosing sensitive content. System implementation involves Python-based zk-circuits, smart contracts in Solidity, and RESTful APIs supporting HL7 FHIR formats for interoperability. Performance evaluations show promising results: proof verification times remained under 100 ms, with average proof sizes below 2 KB, even under complex transaction scenarios. Gas consumption analysis indicates a trade-off—ZKP-enabled transactions consumed approximately 93,000 gas units, compared to 52,800 in baseline cases. Interoperability testing across 10 FHIR-based scenarios resulted in 100% parsing success and an average data integration time of 1.7 seconds. Security assessments under white-box threat models confirmed that sensitive information remains unreconstructable, preserving patient confidentiality. Compared to previous implementations using zk-STARK, this protocol offers a 30% improvement in verification efficiency and a 45% reduction in proof size. The novelty lies in combining lightweight ZKP mechanisms with an interoperability-focused design, tailored for realistic hospital infrastructures. This research delivers a scalable, standards-compliant architecture poised to advance secure digital healthcare ecosystems while complying with regulations like GDPR

This article presents a minimal viable product (MVP) architecture and proof-of-concept implementation that leverages zero-knowledge proofs to conduct essential KYC checks on a blockchain network without disclosing sensitive user information. The design employs a trusted off-chain KYC provider to validate user credentials, then uses succinct cryptographic proofs, compiled and verified with Groth16, Circom, and snarkjs, to guarantee compliance on-chain. A single smart contract deployed on a test network (Sepolia) verifies these proofs while insulating personal data from public exposure. The article outlines a practical off-chain/on-chain data flow, discusses essential performance metrics such as proof generation time and gas costs, and describes limited user testing for qualitative feedback. By integrating regulated AML checks with privacy-oriented ZKP protocols, this work demonstrates that decentralized applications can satisfy stringent compliance standards while upholding the confidentiality of user identities.

Connected and Autonomous Vehicles (CAVs) are pivotal to advancing Intelligent Transportation Systems (ITS) but introduce significant security and privacy challenges, particularly in dynamic environments requiring real-time data exchange. The existing security measures and consensus mechanisms, such as Practical Byzantine Fault Tolerance (PBFT), are susceptible to various attacks, including identity forgery, unauthorized access, and compromised safety testing, and suffer from scalability and latency issues. This study addresses these challenges by proposing a Dynamic Reputation Grouping-based PBFT (DRG-PBFT) approach, integrated with Simulation Extractable Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (SE-ZK-SNARKS). The proposed framework leverages reputation-based dynamic grouping to enhance consensus efficiency and reduce communication overhead. SE-ZK-SNARKS provide anonymity and privacy-preserving identity authentication, enabling CAVs to prove their legitimacy without revealing sensitive information. The proposed framework has been validated through extensive simulations using the NS-3 network simulator integrated with blockchain. The simulation results demonstrate that our proposed approach outperforms existing methods, achieving reduced consensus latency, communication overhead, authentication time and improved throughput. Overall, the findings and methodologies presented in this study address critical challenges in securing CAV communications while maintaining scalability and efficiency and can serve as a valuable reference for researchers and practitioners aiming to improve the safety and reliability of CAVs in real-time environments.

The increasing deployment of Unmanned Aerial Vehicles (UAVs) for military, commercial, and logistics applications has raised significant concerns regarding flight path privacy. Conventional UAV communication systems often expose flight path data to third parties, making them vulnerable to tracking, surveillance, and location inference attacks. Existing encryption techniques provide security but fail to ensure complete privacy, as adversaries can still infer movement patterns through metadata analysis. To address these challenges, we propose a zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge)-based privacy preserving flight path authentication and verification framework. Our approach ensures that a UAV can prove its authorisation, validate its flight path with a control centre, and comply with regulatory constraints without revealing any sensitive trajectory information. By leveraging zk-SNARKs, the UAV can generate cryptographic proofs that verify compliance with predefined flight policies while keeping the exact path and location undisclosed. This method mitigates risks associated with real-time tracking, identity exposure, and unauthorised interception, thereby enhancing UAV operational security in adversarial environments. Our proposed solution balances privacy, security, and computational efficiency, making it suitable for resource-constrained UAVs in both civilian and military applications.

Aiming at the existing problems of insufficient security and poor scalability of existing blockchain data management solutions for the Internet of Vehicles, we use IPFS distributed technology to design a data privacy protection method for the Internet of Vehicles based on zero-knowledge proof. First, we use the Schnorr identity authentication protocol, a classic non-interactive zero-knowledge proof scheme, to complete the authentication and authorization of vehicles by RSU under the premise of protecting vehicle privacy. Secondly, we store encrypted data on IPFS-based edge distributed servers, and use Hyperledger Fabric to store authentication records and data indexes, which solves the problem of insufficient blockchain scalability. Finally, in order to improve the controllability and security of the data, we use the proxy re-encryption mechanism to manage the Symmetric-key of the data, and let RSU act as a proxy to perform re-encryption. Compared with the existing schemes, the proposed scheme reduces the communication overhead of the vehicle identity authentication phase, which is only 1728 bits. And while improving the scalability of the blockchain, it also enhances the privacy protection of the data of the Internet of Vehicles.

Authentication in low-latency Internet of Things (IoT) networks must satisfy three requirements, namely, high security and privacy preservation, high scalability, and low authentication time. These requirements arise because devices in IoT networks must operate in a secure and scalable manner despite being limited in computational resources. Existing authentication mechanisms focus on the security and privacy of IoT networks but neglect the importance of scalability and authentication time. Therefore, existing authentication mechanisms are unscalable and unsuited to low-latency IoT networks. With a focus on increasing scalability and reducing the authentication time while providing high security and privacy preservation in low-latency IoT networks, we propose a mutual authentication mechanism called Zero-Knowledge Proof-based Privacy-Preserving Mutual Authentication (Z-PMA) for IoT networks. The Z-PMA mechanism utilizes a combination of a zero-knowledge proof, an incentive mechanism, and a permissioned blockchain to provide secure, privacy-preserving, scalable, low-latency authentication for IoT networks. We develop a new approach to address the trade-off between the three requirements for authentication mechanisms for low-latency IoT networks that has the potential to improve the overall performance of these networks. A permissioned blockchain is incorporated in the approach to provide secure and immutable data storage using its distributed and unforgeable ledger. Our experimental results show that the Z-PMA mechanism reduces authentication time than existing state-of-the-art authentication mechanisms, while providing high security and privacy preservation as well as high scalability.

No abstract available

In virtual power plants, diverse business scenarios involving user data, such as queries, transactions, and sharing, pose significant privacy risks. Traditional attribute-based encryption (ABE) methods, while supporting fine-grained access, fall short of fully protecting user privacy as they require attribute input, leading to potential data leaks. Addressing these limitations, our research introduces a novel privacy protection scheme using zero-knowledge proof and distributed attribute-based encryption (DABE). This method innovatively employs Merkel trees for aggregating user attributes and constructing commitments for zero-knowledge proof verification, ensuring that user attributes and access policies remain confidential. Our solution not only enhances privacy but also fortifies security against man-in-the-middle and replay attacks, offering attribute indistinguishability and tamper resistance. A comparative performance analysis demonstrates that our approach outperforms existing methods in efficiency, reducing time, cost, and space requirements. These advancements mark a significant step forward in ensuring robust user privacy and data security in virtual power plants.

No abstract available

In today’s digital landscape, there is an increasing demand for scalable solutions that can handle vast amounts of data while ensuring robust security and privacy. A challenge arises when offloading data storage and query tasks to powerful yet untrusted servers in cloud computing and decentralized systems. To address this issue, we propose zk-Database, which leverages zero-knowledge proof (ZKP) and blockchain to guarantee the integrity and privacy of data. zk-Database represents a significant advancement in secure data management and offers a framework where computational tasks can be outsourced without compromising trustworthiness. We investigate various commitment schemes, including Merkle trees and Pedersen commitments. We apply ZKP methods such as Halo2, Risc Zero, and Lasso&Jolt to prove the data storage and query operations in the database. Our performance evaluation indicates that database queries are executed in 11 ms with Halo2, which outperforms Risc Zero and Lasso&Jolt, requiring 17.56 ms and 158 ms, respectively. The performance difference is primarily due to Risc Zero’s and Lasso&Jolt’s use of a virtual machine approach, which translates programs into RISC-V before generating a ZKP. Although Risc Zero and Lasso&Jolt are less efficient for individual query operations, they offer greater capability in handling complex database queries. Specifically, Lasso&Jolt performs database store operations approximately six times faster than Risc Zero. However, Risc Zero’s write operation is 3.5 times slower compared to Halo2.

Zero-Knowledge Proof (ZKP) is a useful tools for proving that a prover possesses a secret without revealing it to the verifier. Designated Verifier Proof (DVP) is a special type of ZKP that adds the ability to restrict the identity of verifiers so that only pre-determined authorized verifiers can verify. However, DVP and other similar schemes do not work if the verifier provides some additional information to indicate the provenance of the proof. Since this information may be stored on the blockchain, the proof can be accepted by third parties even if the verifier is willing to protect the privacy of the prover. In this paper, we propose the concept of Blockchain Designated Verifier Proof (BDVP), and design a BDVP scheme suitable for blockchain applications. The key technique behind our BDVP scheme is that the verifier can forge a fake secret to simulate the proof. Therefore, a third party cannot determine whether the prover possesses the secret. This enables the verifier to protect the privacy of the prover, which is required by law or regulation. We also address the quantum attack problem and propose a post-quantum solution. We evaluate and compare the performances of the proposed protocol with other related protocols.

Zero-knowledge proof (ZKP) mixers are one of the most widely-used blockchain privacy solutions, operating on top of smart contract-enabled blockchains. We find that ZKP mixers are tightly intertwined with the growing number of Decentralized Finance (DeFi) attacks and Blockchain Extractable Value (BEV) extractions. Through coin flow tracing, we discover that 205 blockchain attackers and 2, 595 BEV extractors leverage mixers as their source of funds, while depositing a total attack revenue of 412.87M USD. Moreover, the US OFAC sanctions against the largest ZKP mixer, Tornado.Cash, have reduced the mixer’s daily deposits by more than . Further, ZKP mixers advertise their level of privacy through a so-called anonymity set size, which similarly to k-anonymity allows a user to hide among a set of k other users. Through empirical measurements, we, however, find that these anonymity set claims are mostly inaccurate. For the most popular mixers on Ethereum (ETH) and Binance Smart Chain (BSC), we show how to reduce the anonymity set size on average by and respectively. Our empirical evidence is also the first to suggest a differing privacy-predilection of users on ETH and BSC. State-of-the-art ZKP mixers are moreover interwoven with the DeFi ecosystem by offering anonymity mining (AM) incentives, i.e., users receive monetary rewards for mixing coins. However, contrary to the claims of related work, we find that AM does not necessarily improve the quality of a mixer’s anonymity set. Our findings indicate that AM attracts privacy-ignorant users, who then do not contribute to improving the privacy of other mixer users.

The explosive growth of Large-Language Models (LLMs), particularly Generative Pre-trained Transformer (GPT) models, has revolutionised fields ranging from natural language processing to creative writing. Yet, their reliance on vast, often unverified data sources introduces a critical vulnerability: unreliability and security concerns. Traditional GPT models, while impressive in their capabilities, struggle with limited factual accuracy and susceptibility to manipulation by biased or malicious data. This poses a significant risk in professional and personal environments where sensitive or mission-critical data is paramount. This work tackles this challenge head-on by proposing a novel approach to enhance GPT security and reliability: leveraging Zero-Knowledge Proofs (ZKPs). Unlike traditional cryptographic methods that require sensitive data exchange, ZKPs allow one party to convincingly prove the truth of a statement, without revealing the underlying information. In the context of GPTs, ZKPs can validate the legitimacy and quality of data sources used in GPT computations, combating data manipulation and misinformation. This ensures trustworthy outputs, even when incorporating third-party data (TPD). ZKPs can securely verify user identities and access privileges, preventing unauthorised access to sensitive data and functionality. This protects critical information and promotes responsible LLM usage. ZKPs can identify and filter out manipulative prompts designed to elicit harmful or biased responses from GPTs. This safeguards against malicious actors and promotes ethical LLM development. ZKPs facilitate training specialised GPT models on targeted datasets, resulting in deeper understanding and more accurate outputs within specific domains. This allows the creation of ‘expert-GPT’ applications in specialised fields like healthcare, finance, and legal services. The integration of ZKPs into GPT models represents a crucial step towards overcoming trust and security barriers. Our research demonstrates the viability and efficacy of this approach, with our ZKP-based authentication system achieving promising results in data verification, user control, and malicious prompt detection. These findings lay the groundwork for a future where GPTs, empowered by ZKPs, operate with unwavering integrity, fostering trust and accelerating ethical AI development across diverse domains.

No abstract available

In today’s era, over 90 percent of the population is involved in digital transactions. This increased adoption of digital payments has raised concerns about security problems, such as insecure and fraudulent transactions, phishing, replay attacks, and password attacks. Authentication and data privacy play a major role in addressing these security challenges.This paper proposes a secure mechanism to perform authentication using the Zero Knowledge Proof (ZKP) algorithm in Blockchain. Zero Knowledge Proof (ZKP) allows users to prove that they possess certain knowledge or information without revealing that knowledge or information to the verifier. This makes Zero Knowledge Proof (ZKP) ideal for privacy-preserving authentication, which is essential for protecting sensitive user data. This enables storing the record of all the payment history keeping transaction tracking and makes the record storage immutable and tamper-proof. With added features of better payment authentication and payment tracking, the system mitigates any chances of corruption, unauthorized transactions, and payment discrepancies. This leads to a faster and more transparent end-to-end process. The scheme is demonstrated using a funds flow process between vendors by implementing a smart contract. The system accuracy is tested by performing audit analysis using the SolidityScan tool achieving a 94.44 score. The overall implementation shows that the proposed scheme outperforms several attacks preventing unauthorized access and providing data privacy.

Federated leaning (FL) has been frequently used in various field of studies and businesses. Traditional centralized FL systems suffer from serious issues. To address these concerns, decentralized federated learning (DFL) systems have been introduced in recent years in which with the help of blockchains, try to achieve more integrity and efficiency. On the other hand, privacy-preserving is an uncovered part of these systems. To address this, and also scaling the blockchain-based computations, we propose a zero knowledge proof (ZKP) based aggregator (zkDFL) that allows clients to share their large-scale model parameters with a trusted centralized server without revealing their individual data to other clients. We utilize blockchain technology to manage the aggregation algorithm via smart contracts. The server performs a ZKP algorithm to prove to the clients that the aggregation is done according to the accepted algorithm. The server can also prove that all inputs of clients have been used. We evaluate our measure through a public dataset about wearable internet of things. As demonstrated by numerical evaluations, zkDFL introduces verifiability of correctness of aggregation process and enhances the privacy protection and scalability of DFL systems, while the gas cost has declined significantly.

Blockchain-enabled IoT Access Control (BIAC) is a promising paradigm to achieve reliable and automatic access control management for IoT systems. Due to the involvement of blockchain which is transparent, account privacy is easily violated in BIAC. Motivated by the recent progress of utilizing Zero Knowledge Proof (ZKP) to protect account privacy in cryptocurrencies, this article systematically investigates a ZKP-based privacy-enhancing BIAC architecture. We summarize the design principles as authenticating transactions with ZKP proofs instead of digital signatures so that permissions are linked to off-chain secrets rather than on-chain accounts. However, since the ZKP proofs are stored on the blockchain, an adversary may launch replay attacks to access resources illegally. To tackle this challenge, we carefully design two account-hiding transactions as well as validation rules for the classical capability-based AC (CBAC) model, where all ZKP proofs expire once used. The enhanced system preserves all necessary functions of CBAC while achieving permission invisibility and requester anonymity. We implement the designed ZKP operations, where the evaluation results demonstrate our solution incurs low overheads.

No abstract available

No abstract available

All users have access to the details of all transactions through the public ledger thanks to the distributed characteristics of the blockchain. However, attackers may infer the identities of the parties through detailed transaction data, and impair the privacy of users. Among these data, the transaction value is one of the most important transaction data. Therefore, for the privacy protection during blockchain transactions, this paper, based on the homomorphic encryption technology, enabled the committer peer to update the ledger during the transaction without knowing the balance of the parties’ accounts and the transaction value. Meanwhile, the zero-knowledge proof scheme was introduced. It was proved by interval range that the committer peer can verify the validity of the transaction without knowing the transaction value.

Biometric authentication is, over time, becoming an indispensable complementary component to traditional authentication methods that use passwords and tokens. As a result, the research interest in the protection techniques for the biometric template has also grown considerably. In this paper, we present a light-weight AI-based biometric authentication that operates based on the binary representation of a biometric instance. In details, a binary classifier will be trained using the binary strings that represent the intraclass and interclass biometric subjects. The Support Vector Machine and Multi-layer Perceptron Neural Network are chosen as the classifier to evaluate the fingerprint-based and iris-based authentication capability. Afterward, the authenticated biometric string is fed to a hash function to produce a hash value, which is to be used in a Zero-Knowledge-Proof Protocol for the purpose of privacy preservation. In order to improve the recognition of the classifier, we devise a simple yet efficient strategy to enhance the discriminativeness of the binary strings and name it the Composite Features Retrieval. We evaluated the proposed method with the four publicly available fingerprint datasets FVC2002-DB1, FVC2002-DB2, FVC2002-DB3, and FVC2004-DB2 and the iris dataset UBIRISv1. The promising performance shows this method's capability.

Academic credential fraud presents a significant challenge to the global academic and labor markets, undermining the credibility of legitimate qualifications. In this paper, we introduce ZKBAR-V, a Zero-Knowledge Proof-Enabled Blockchain-Based Academic Record Verification System. This system is designed to provide a privacy-preserving, immutable, and secure framework for managing academic credentials. The proposed system leverages zkEVM smart contracts on a blockchain-based infrastructure that enables credential verification without exposing underlying data. The approach integrates Decentralized Identifiers (DIDs) to standardize identity management while eliminating reliance on centralized authorities. We have used dual-blockchain, which separates public and private information, which can enhance both efficiency and privacy. In addition, this approach employs the Interplanetary File System (IPFS) for decentralized and secure document storage. ZKBAR-V is designed as an open-source, interoperable solution with a standardized Application Programming Interface (API) for seamless integration. We implemented the system and conducted comprehensive testing, which demonstrates its capability to manage transactions securely, maintain privacy, and reduce costs compared to traditional Ethereum mainnet-based solutions. By combining advanced blockchain technologies, decentralized storage, and globally unique identifiers, ZKBAR-V offers a scalable, adaptable, and robust solution for academic credential management. This strategy can significantly enhance credential integrity, promote global student mobility, and provide institutions worldwide with a trustworthy and efficient verification system.

In recent years, the Internet of Things (IoT) has been contemplated as the next technological advancement in the era of data communication and networking. However, although hundreds of new IoT platforms are introduced to the market every few months, the security of IoT ecosystems is still not fully understood. This paper discloses the architecture of a multilayer, multimode security system for the IoT. The proposed system is capable of providing multiple security solutions that support anonymous authentication, device privacy, data integrity, device sybil attack detection and IoT server spoofing attack detection. For IoT access control and authentication, our system can support two modes of operations, with one mode endorsing device privacy protection over the network and the second mode relinquishing device identity to establish data tracing during safety-critical IoT events. The new security system includes two innovative crypto approaches, zero knowledge proof (ZKP) and blockchains. IoT device anonymity was achieved via the multimode ZKP protocol, while data integrity and protection against sybil and IoT spoofing attacks were maintained via blockchains. Our threat analysis models showed that data modification and data injection attacks are not feasible. Probabilistic modeling of an IoT spoofing attack was performed in this paper, and the results show that our security system provides high resiliency against such attacks, with a probability approaching 1.

No abstract available

No abstract available

Microgrid research and construction effectively use distributed energy resources to stimulate clean energy devel-opment. Peer-to-peer (P2P) energy trading in microgrids helps create a fully competitive and autonomous energy trading market. Blockchain technology is employed to realize a P2P energy trading framework. However, while public blockchain is generally transparent, energy trading information is sensitive and thus requires a privacy-preserving mechanism. In this paper, we design a privacy-preserving energy trading mechanism by using blockchain and zero-knowledge proofs. A user uploads a commitment to the blockchain instead of the original bid amount, and the zero-knowledge proof of commitment is uploaded into the blockchain. Other participants can verify the correctness of energy trading in each auction match. Our experiments show the design is feasible and efficient in Ethereum although there are more gas consumptions.

Cooperative perception is crucial for connected automated vehicles in intelligent transportation systems (ITSs); however, ensuring the authenticity of perception data remains a challenge as the vehicles cannot verify events that they do not witness independently. Various studies have been conducted on establishing the authenticity of data, such as trust-based statistical methods and plausibility-based methods. However, these methods are limited as they require prior knowledge such as previous sender behaviors or predefined rules to evaluate the authenticity. To overcome this limitation, this study proposes a novel approach called zero-knowledge Proof of Traffic (zk-PoT), which involves generating cryptographic proofs to the traffic observations. Multiple independent proofs regarding the same vehicle can be deterministically cross-verified by any receivers without relying on ground truth, probabilistic, or plausibility evaluations. Additionally, no private information is compromised during the entire procedure. A full on-board unit software stack that reflects the behavior of zk-PoT is implemented within a specifically designed simulator called Flowsim. A comprehensive experimental analysis is then conducted using synthesized city-scale simulations, which demonstrates that zk-PoT’s cross-verification ratio ranges between 80 % to 96 %, and 80 % of the verification is achieved in 2 s, with a protocol overhead of approximately 25 %. Furthermore, the analyses of various attacks indicate that most of the attacks could be prevented, and some, such as collusion attacks, can be mitigated. The proposed approach can be incorporated into existing works, including the European Telecommunications Standards Institute (ETSI) and the International Organization for Standardization (ISO) ITS standards, without disrupting the backward compatibility.

Blockchains are decentralized and immutable databases that are shared among the nodes of the network. Although blockchains have attracted a great scale of attention in the recent years by disrupting the traditional financial systems, the transaction privacy is still a challenging issue that needs to be addressed and analysed. We propose a Private Token Transfer System (PTTS) for the Ethereum public blockchain in the first part of this paper. For the proposed framework, zero-knowledge based protocol has been designed using Zokrates and integrated into our private token smart contract. With the help of web user interface designed, the end users can interact with the smart contract without any third-party setup. In the second part of the paper, we provide security and privacy analysis including the replay attack and the balance range privacy attack which has been modelled as a network flow problem. It is shown that in case some balance ranges are deliberately leaked out to particular organizations or adversial entities, it is possible to extract meaningful information about the user balances by employing minimum cost flow network algorithms that have polynomial complexity. The experimental study reports the Ethereum gas consumption and proof generation times for the proposed framework. It also reports network solution times and goodness rates for a subset of addresses under the balance range privacy attack with respect to number of addresses, number of transactions and ratio of leaked transfer transaction amounts.

ABSTRACT The rapid digital revolution in recent decades has resulted in an overwhelming amount of information, particularly in the realm of modern education systems and related materials. This phenomenon, often referred to as information overload, necessitates the development of educational systems that can effectively search, classify, and categorize this vast amount of available information. Of utmost importance for such educational information systems is the safeguarding of personal data, which refers to information that can identify an individual or their family. School records, for example, contain various types of personal data such as the individual’s name, address, contact details, disciplinary history, as well as their grades and progress checks. Even if individuals choose to make this data public, it remains inherently personal. Another category of data involves more sensitive topics such as student biometrics (e.g. fingerprints, photographs), religious beliefs, health information (e.g. allergies), or dietary restrictions, which may imply religious or health-related aspects. Processing data in this category can pose risks to individuals; hence, strict rules and appropriate consent are necessary to ensure their protection. To address these challenges, this research paper proposes a zero-knowledge proof intelligent recommendation system designed to protect students’ data privacy in the digital age. The proposed method incorporates an Intelligent Recommendation System (IRS) that utilizes an optimized version of the Matrix Factorization technique, calculated as an Eulerian Walk chart. Furthermore, the Schnorr Zero-Knowledge Proof format, based on the discrete logarithm problem, ensures the privacy of personal data during message exchange between educational entities.

Non-fungible tokens (NFTs) have huge potential to be included in metaverse-related applications such as digital ownership management and asset trading. However, existing research identified that privacy-preserving techniques and methods are essential for NFTs for large-scale adoption in the metaverse. This paper conducted an analysis of several existing research works that mainly use zero-knowledge proofs (ZKPs) and/or commitments to protect privacy for blockchain applications. Based on the results of this comparative analysis, we deducted several assumptions. This paper identifies the potential next steps to design new privacy-preserving techniques that will enable privacy-aware metaverse users to leverage the maximal benefits of the NFTs.

The role of digital identity systems in today’s cyber infrastructure is pivotal to providing secure access to online services. Privacy-preserving mechanisms, however, are becoming more important as cyber threats develop. Especially in large networks, zero-knowledge proofs (ZKPs) are an effective way to enhance privacy in digital identity systems. When used during authentication, they protect the privacy of user data by verifying knowledge to another entity without unveiling the actual data. A ZKP can also reduce identity theft risks, mitigate man-in-the-middle attacks, and enhance security when integrated into privacy-preserving networks. In this paper, we examine the role that ZKPs play in privacy-preserving networks and the possibility of using them in this regard, in order to gain insight into their application in digital identity systems.

The application of Internet of Vehicles (IoV) technology has greatly improved users’ driving experience, but it also faces some challenges: 1) the central server is not powerful enough to support the rapid growth of IoV identity authentication requests and 2) there is a privacy leakage issue during vehicle authentication. To address these issues, we propose an anonymous authentication scheme based on trustworthy roadside unit group (TRUG)-PBFT main secondary chains and zero-knowledge proof (ZKP). First, to enhance authentication efficiency, we propose the TRUG-PBFT consensus algorithm. It improves the traditional PBFT by optimizing the PBFT consensus process, reducing the number of consensus nodes using fractional grouping, and selecting main node using verifiable random functions (VRFs). Second, we use a lattice-based ZKP scheme to achieve anonymous authentication of vehicles, and important data in the vehicle authentication process is stored by the main chain maintained by the base station group and the secondary chain maintained by the roadside unit group. Finally, experimental results demonstrate that compared to PBFT consensus, TRUG-PBFT in terms of consensus efficiency is improved by approximately 33%, and the authentication scheme’s computational cost is only 7.08 ms, superior to existing authentication schemes.

ETC systems today use technology that can be exploited to track toll users. This work develops a GPS-free toll collection that uses a zero-knowledge proof to verify V2X On-board units (OBU) in a way that prioritizes security and privacy while accommodating resource limitations of the embedded technology. Our privacy preserving ETC protocol consists of three parts: a mutual authentication handshake, a zero-knowledge proof challenge, and a verification for toll-payment processing. Bench analysis evaluates embedded systems' limitations of algorithmic operations, and field tests of challenges are conducted in a real-life scenario to show proof-of-concept among V2X interference.

The adaption of the NFT to the mainstream web3 marketplace has led to the rise of challenges like authenticity and verification. On the other hand, privacy-preserving is one of the important research topics in the data-driven metaverse due to its anonymity while maintaining transparency and security. As the traditional method does not preserve privacy, there is a dire need for a novel privacy-preserving method for NFT authentication while preserving anonymity, transparency, and security. This paper proposes a smart card-based approach for privacy preservation authentication of Non-Fungible Tokens using Non-Interactive Zero Knowledge Proof (NIZKP). The paper presents a Novel NIZKP response with the integration of challenge and proof with the encapsulation of a time-based one-time password (TOTP) solution to address the most critical problem of the proof of the source of the NFT and its rightful owner. The proposed solution is a lightweight mechanism for preventing unauthorized and hostile agents from the accessibility of the system while maintaining privacy and anonymity along with the verification and authenticity of the NFT. We have implemented our approach and compared the communication overhead and functional security features with related work and its precedence over them. The results show that the proposed approach has less communication overhead than the existing work and fulfills all the functional security and privacy-preserving features. It indicates that the proposed method can be an ideal solution for NFT authentication and transaction among users.

The current humanitarian health crisis popularized the debate on data privacy. At the same time, several cities, states, and even countries put the mandatory presentation of health pass to access services into practice. In this article, we explore the concepts of self-sovereign identity, blockchain, and zero-knowledge proofs to propose a solution to the problem of presenting proof of vaccination. This solution allows users to prove that they are vaccinated for different pathogens without revealing their identity. The architecture is loosely coupled, allowing components to be exchanged, which we discuss when we present the implementation of a working prototype.

The applications of Radio Frequency Identification (RFID) technology has been rapidly developed to be used in different fields that require automatic identification of objects and managing information. The advantage of employing RFID systems is to facilitate automatic identification of objects from distance without any interaction with tagged objects and without using a line of sight as compared with barcode. However, security and privacy constitute a challenge to RFID system as RFID systems use the wireless communication. Many researchers have introduced elliptical curve cryptographic (ECC) solutions to the security and privacy in RFID system as an ideal cryptosystem to be implemented with RFID technology. However, most of these solutions do not have provide adequate protection. Moreover, in terms of integrity and confidentiality level, most of these authentication protocols still vulnerable to some of security and privacy attacks. Based on these facts, this paper proposes a mutual authentication protocol that aims at enhancing an existing RFID authentication protocol that suffers from tracking attack and man-in-the-middle attack (MITM). The enhancement is accomplished by improving the security and privacy level against MITM, tracking attack and other related attacks. The proposed protocol is dependent on use the elliptical curve version of Schnorr identification protocol in combination with Keccak hash function. This combination leads to enhance the confidentiality and integrity level of the RFID authentication system and increase the privacy protection.

The complexity of cross-border regulatory compliance in the MedTech sector imposes significant administrative and financial burdens on manufacturers, characterized by manual processes, data redundancy, and country-specific, cross-border heterogeneous regulations. To address this, we present EireLedger, a decentralized framework that automates and cryptographically enforces regulatory compliance verification. EireLedger utilizes a novel dual-purpose zero-knowledge proof (ZKP) scheme, instantiated with Groth16 zk-SNARKs, which allows a manufacturer to prove a device dossier's compliance to a jurisdiction-specific regulator in a privacy-preserving manner, while simultaneously generating a verifiable ZKP-based access grant for the regulator. This cryptographic proof is immutably anchored to a permissioned Hyperledger Fabric blockchain, which orchestrates the protocol and maintains a minimal, auditable record. The corresponding encrypted dossier artefacts are stored off-chain in a private IPFS cluster. Our comprehensive evaluation demonstrates that on-chain proof verification is highly efficient with a median latency of 12.3 ms, and our integrated ZKP-as-access-control model reduces end-to-end audit latency by 40% compared to traditional attribute-based access control (ABAC) by eliminating external authorization calls. The on-chain storage footprint is constant at ~2.1 KB per audit, ensuring data minimization. The framework also supports right to erasure in compliance with GDPR, cryptographically unpinning a 5 GB dossier in under 90 s. These results establish EireLedger as a novel, privacy-preserving, and practical solution for cross-border regulatory compliance in the MedTech supply chains.

In 5G/6G networks, Device-to-Device (D2D) Salvage Transmission (ST) ensures communication continuity when Unreachable User Equipment (X) loses access to the base station. However, securing authentication between X and Salvage User Equipment (S) while maintaining privacy presents a challenge. Traditional authentication methods depend on key exchanges or centralised servers, heightening vulnerability to impersonation and replay attacks. This paper proposes a Zero-Knowledge Proof (ZKP)-based authentication protocol that enables lightweight, privacy-preserving authentication without disclosing private credentials. The approach utilises modular exponentiation and cryptographic hashing, allowing X to demonstrate its legitimacy without revealing its private key. Simulation results indicate that the proposed method achieves low authentication latency ( 1–10 ms), minimal communication overhead ( 80 bytes per session), and high scalability under heavy authentication loads. The scheme provides resistance against man-in-the-middle (MITM), impersonation, and replay attacks, making it highly secure for real-time applications.

In the context of Vehicular Ad hoc Networks (VANETs), ensuring fast, secure, and privacy-preserving identity verification is a growing challenge due to the dynamic and distributed nature of such environments for VANETs. This paper proposes a novel enhancement to Self-Sovereign Identity (SSI) protocols by integrating Zero-Knowledge Proofs (ZKPs), Galois group structures, and homomorphic encryption. The approach takes advantage of the Frobenius morphism and polynomial constructions to enable efficient certificate management, while preventing data leakage.Our protocol is designed to support repeated, low-latency authentication operations without exposing sensitive cryptographic material, thereby mitigating the risk of replay and impersonation attacks. The use of algebraic and number-theoretic primitives enables secure, scalable identity management suitable for both vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communications.These improvements are particularly relevant for VANETs, where rapid mobility and real-time decision-making demand authentication mechanisms that are both resilient and lightweight. By embedding zero-knowledge and homomorphic constructs into SSI, this work contributes a cryptographically robust framework tailored for decentralized, privacy-respecting identity verification in intelligent transportation systems.

Analysis of repeated attack signatures is important because of the rapid evolution of the Social Internet of Vehicles (SIoV). However, threats such as replay attacks, session hijacking, and key reuse make secure communication between vehicles, roadside units (RSUs), and the fog node difficult. Traditional models for authentication are limited by computational overhead and lack quick key revocation. In response to these challenges, we propose a hybrid cryptographic authentication scheme that combines a Zero-Knowledge Proof (ZKP) with AES-GCM encryption. Our protocol implements a dynamic key revocation mechanism to avoid rogue and session key migration, minimizing re-authentication delay. Security analysis in the Real-Oracle Random (ROR) model shows that it is not vulnerable to impersonation or replay attacks. Evaluations demonstrate decreases of 58% in authentication latency while achieving 45% and 72% improvements in communication and computation efficiency, respectively. Our approach is also scalable and secure, providing SIoV with higher reliability for automotive applications in the vehicular networks of the future.

The proliferation of autonomous AI agents marks a paradigm shift toward complex, emergent multi-agent systems. This transition introduces systemic security risks, including control-flow hijacking and cascading failures, that traditional cybersecurity paradigms are ill-equipped to address. This paper introduces the Aegis Protocol, a layered security framework designed to provide strong security guarantees for open agentic ecosystems. The protocol integrates three technological pillars: (1) non-spoofable agent identity via W3C Decentralized Identifiers (DIDs); (2) communication integrity via NIST-standardized post-quantum cryptography (PQC); and (3) verifiable, privacy-preserving policy compliance using the Halo2 zero-knowledge proof (ZKP) system. We formalize an adversary model extending Dolev-Yao for agentic threats and validate the protocol against the STRIDE framework. Our quantitative evaluation used a discrete-event simulation, calibrated against cryptographic benchmarks, to model 1,000 agents. The simulation showed a 0 percent success rate across 20,000 attack trials. For policy verification, analysis of the simulation logs reported a median proof-generation latency of 2.79 seconds, establishing a performance baseline for this class of security. While the evaluation is simulation-based and early-stage, it offers a reproducible baseline for future empirical studies and positions Aegis as a foundation for safe, scalable autonomous AI.

As end-to-end encryption (E2EE) becomes the standard for secure communication, ensuring message authenticity while maintaining user privacy poses significant challenges. This paper introduces the BL0K-ME protocol, a novel cryptographic solution that combines Zero-Knowledge Proofs (ZKP), RSA encryption, and Bloom filters to authenticate individual messages within E2EE conversations. RSA encryption is employed to secure the transmission of messages between users, ensuring that only the intended recipient can decrypt the content, while ZKP enables third-party verification of specific message content without exposing the entire conversation. By leveraging Bloom filters, the protocol provides efficient logging and verification of message existence, balancing privacy protection with legal and regulatory requirements for digital evidence. BL0K-ME addresses a critical gap in current messaging systems by allowing service providers to verify message authenticity for legal investigations without compromising the confidentiality of unrelated communications. This research demonstrates the potential of integrating RSA encryption, ZKP, and Bloom filters to offer a scalable, secure solution for message authentication in E2EE systems, safeguarding both user privacy and the integrity of digital evidence.

This paper presents a cryptographic ZeroKnowledge Proof (ZKP) protocol that allows the prover (P) to convince the verifier (V) that they know a secret number X, which is consistent with k residues in a Redundant Residue Number System (RRNS), without revealing the number X itself. The use of RRNS in this protocol provides enhanced efficiency and computational parallelism by splitting operations across independent moduli. This approach combines zero-knowledge properties with high performance, addressing the simultaneous need for security, privacy, and scalability - particularly in authentication and secure transactions.

No abstract available

There is an increasing conflict between business incentives to hide models and data as trade secrets, and the societal need for algorithmic transparency. For example, a rightsholder wishing to know whether their copyrighted works have been used during training must convince the model provider to allow a third party to audit the model and data. Finding a mutually agreeable third party is difficult, and the associated costs often make this approach impractical. In this work, we show that it is possible to simultaneously allow model providers to keep their model weights (but not architecture) and data secret while allowing other parties to trustlessly audit model and data properties. We do this by designing a protocol called ZkAudit in which model providers publish cryptographic commitments of datasets and model weights, alongside a zero-knowledge proof (ZKP) certifying that published commitments are derived from training the model. Model providers can then respond to audit requests by privately computing any function F of the dataset (or model) and releasing the output of F alongside another ZKP certifying the correct execution of F. To enable ZkAudit, we develop new methods of computing ZKPs for SGD on modern neural nets for simple recommender systems and image classification models capable of high accuracies on ImageNet. Empirically, we show it is possible to provide trustless audits of DNNs, including copyright, censorship, and counterfactual audits with little to no loss in accuracy.

Data protection laws and regulations such as GDPR and HIPAA are drafted to give patients more control over their personal health records. Nevertheless, patients today are still presented with vulnerable hospital systems and data harvesting applications that put them at risk and reduces their quality of healthcare. A major driver of this outcome is the absence of guidelines to support in building solutions compliant with the regulatory requirements. Additionally, modern cryptographic techniques such as zero-knowledge proofs (ZKP) lack analysis frameworks that can assist developers with the proper use of the technologies. In this paper, we systematically analyze the requirements imposed by GDPR and HIPAA on health records management applications. We study areas and processes that most benefit from ZKP to attain the desired characteristics of this technology. Finally, we propose a framework for analyzing ZKP protocols and offer recommendations for how to choose the most suitable protocol depending on the application component.

Zero Knowledge Proof (ZKP) is a cryptographic method that allows a prover to demonstrate to a verifier that a statement is true without revealing any additional information. This is highly relevant in healthcare, where data privacy is critical. By integrating ZKP into healthcare applications, sensitive patient data can be securely verified without exposing unnecessary information. In healthcare, protecting sensitive data while enabling seamless collaboration between doctors, laboratories, and other entities is crucial. Sharing or verifying data often leads to privacy risks. The project aims to develop a ZKP protocol for a healthcare system, allowing secure and private verification of sensitive medical data between doctors and laboratories. The ZKP protocol is implemented using a hybrid system with cloud services and local machines for secure computation. AWS Key Management Service (KMS) handles encryption and decryption. The protocol creates cryptographic proof for verifiers to confirm data validity without accessing the data itself. Established cryptographic libraries and healthcare test data are used in the implementation. The system ensures scalability and security by leveraging AWS infrastructure and MySQL database integration for proof storage. The ZKP protocol successfully verified health care data without exposing sensitive information, reducing the risk of data breaches. This approach improves data security without compromising functionality, setting new privacy standards in healthcare data management.

The Border Gateway Protocol (BGP) experiences multiple security threats during inter-domain routing such as prefix hijacking and route leaks and man-in-the-middle attacks. Resource Public Key Infrastructure (RPKI) and BGPsec along with other security solutions authenticate networks better but lack protection of network privacy and exhibit weaknesses due to concentration of authority. This paper introduces an integrated ZKP-based Route Verification Framework which uses blockchain technology to establish tamper-resistant privacy-preserving route validation. The framework includes five fundamental elements that provide ZKP proof generation for route credentials and blockchain-based proof storage and automated proof verification with BGP extension and off-chain IPFS-based proof management systems. The system architecture uses zk-SNARKs for cryptographic verifications while it relies on Hyperledger Fabric for decentralized proof validation. The proposed solution achieved superior routing security because it maintains both efficient storage scalability and minimal computational overhead according to performance testing results. The system results show that this framework provides adequate capabilities for actual Internet Service Provider deployments which support decentralized routing across domains while maintaining privacy protection.

SSI is a quickly appearing paradigm to secure and user-sovereign digital identity management. Nevertheless, existing implementations of SSI still have privacyprotection, interoperability, anti-fraud, and anti-cryptographic resiliency weaknesses. To tackle these issues, this paper presents a proposal of an AI-enhanced, blockchain-based protocol incorporating the use of Zero Knowledge Proofs (ZKP), Multiple Layer Decentralization (MLD) as well as quantumresistant cryptography. The framework uses AI to do dynamic Identity verification and real-time fraud detection, risk-based authentication and provides great advantage to traditional SSI models. The system proposed will utilize ZKPs to provide its users with privacy-preserving authentication so that one can confirm attributes but not reveal sensitive personal data. Multi-layer decentralized identity validation structure is developed to enhance the level of trust, reduce dependence on centralized authorities and enhances/supported interoperability across homogeneous systems. Ancillary, postquantum cryptographic schemes will also be incorporated to protect identities by mitigating the possible quantum computing attacks. Experimental evidence shows that our framework significantly enhances the accuracy of verification, the authentication latency and increases security in comparison to centralised and federated identity management solutions. The scheme is very flexible in financing sector, cross boundaries identity, e-governance portals and Web3 online portals. In the end, this study leads to an increment of a scaleable and privacy-sensitive digital identity system because it bridges existing security, usability and compliance gaps and opens pathways to robust and resilient SSI implementations into the future.

Zero-knowledge proof (ZKP) is a cryptographic protocol that allows a prover to convince verifiers that a computation is correctly executed without disclosing the prover’s secret. ZKP has been deployed in various privacy-preserving applications. However, the proof generation is notably inefficient on general-purpose processors. Multi-scalar multiplication (MSM) and polynomial computation (POLY), including number theoretic transform (NTT), are two of the most computation-intensive parts in proof generation. Recently, separate accelerators for MSM and POLY (mostly NTT) have been proposed. Unfortunately, separate accelerators may have poor resource utilization since MSM and POLY cannot be performed concurrently. To address this challenge, we propose Exa, a unified hardware architecture for MSM and POLY. It enables MSM and POLY to share computational resources and memory resources through decoupling dataflow control, computation, and memory. We design a novel unified functional unit (FU) array that can support both POLY operation and point addition (PADD) for MSM. In addition, we propose a 3-D NTT implementation and an adaptive MSM implementation on the FU array using a domain-specific instruction set architecture (ISA). Exa is scalable and can be efficiently orchestrated by our proposed runtime system. Compared with the separate accelerators for MSM and NTT, Exa occupies 47% less chip area. Compared to state-of-the-art accelerator PipeZK, Exa achieves up to <inline-formula> <tex-math notation="LaTeX">$20.68 \times $ </tex-math></inline-formula> and <inline-formula> <tex-math notation="LaTeX">$4.58 \times $ </tex-math></inline-formula> improvement for NTT and MSM, respectively, while occupying a chip area that is <inline-formula> <tex-math notation="LaTeX">$2.6 \times $ </tex-math></inline-formula> smaller. For end-to-end applications, Exa can achieve a speedup of <inline-formula> <tex-math notation="LaTeX">$6.5 \times $ </tex-math></inline-formula> on average than software implementation.

Gradient boosted decision trees, particularly XGBoost, are among the most effective methods for tabular data. As deployment in sensitive settings increases, cryptographic guarantees of model integrity become essential. We present ZKBoost, the first zero-knowledge proof of training (zkPoT) protocol for XGBoost, enabling model owners to prove correct training on a committed dataset without revealing data or parameters. We make three key contributions: (1) a fixed-point XGBoost implementation compatible with arithmetic circuits, enabling instantiation of efficient zkPoT, (2) a generic template of zkPoT for XGBoost, which can be instantiated with any general-purpose ZKP backend, and (3) vector oblivious linear evaluation (VOLE)-based instantiation resolving challenges in proving nonlinear fixed-point operations. Our fixed-point implementation matches standard XGBoost accuracy within 1\% while enabling practical zkPoT on real-world datasets.

No abstract available

Zero-knowledge proof (ZKP) is a cryptographic protocol that allows one party to prove the correctness of a statement to another party without revealing any information beyond the correctness of the statement itself. It guarantees computation integrity and confidentiality, and is therefore increasingly adopted in industry for a variety of privacy-preserving applications, such as verifiable outsource computing and digital currency. A significant obstacle in using ZKP for online applications is the performance overhead of its proof generation. We develop GZKP, a GPU accelerated zero-knowledge proof system that supports different levels of security requirements and brings significant speedup toward making ZKP truly usable. For polynomial computation over a large finite field, GZKP promotes a cache-friendly memory access pattern while eliminating the costly external shuffle in existing solutions. For multi-scalar multiplication, GZKP adopts a new parallelization strategy, which aggressively combines integer elliptic curve point operations and exploits fine-grained task parallelism with load balancing for sparse integer distribution. GZKP outperforms the state-of-the-art ZKP systems by an order of magnitude, achieving up to 48.1× and 17.6× speedup with standard cryptographic benchmarks and a real-world application workload, respectively.

Zero-knowledge proof (ZKP) is a promising cryptographic protocol for both computation integrity and privacy. It can be used in many privacy-preserving applications including verifiable cloud outsourcing and blockchains. The major obstacle of using ZKP in practice is its time-consuming step for proof generation, which consists of large-size polynomial computations and multi-scalar multiplications on elliptic curves. To efficiently and practically support ZKP in real-world applications, we propose PipeZK, a pipelined accelerator with two subsystems to handle the aforementioned two intensive compute tasks, respectively. The first subsystem uses a novel dataflow to decompose large kernels into smaller ones that execute on bandwidth-efficient hardware modules, with optimized off-chip memory accesses and on-chip compute resources. The second subsystem adopts a lightweight dynamic work dispatch mechanism to share the heavy processing units, with minimized resource underutilization and load imbalance. When evaluated in 28 nm, PipeZK can achieve 10x speedup on standard cryptographic benchmarks, and 5x on a widely-used cryptocurrency application, Zcash.

Data privacy has become a severe concern due to the substantial growth in data gathering and processing, driven by the widespread adoption of cloud computing and cryptocurrency. Zero-Knowledge Proof (ZKP) has emerged as a promising cryptographic protocol for ensuring data privacy. However, ZKP suffers from high computational costs, making it excessively slow when implemented in software. To identify performance bottlenecks in the ZKP protocol, existing research has focused on CPU performance evaluation at the architecture level, considering factors such as execution time and memory consumption. Nevertheless, ZKP protocols have distinct memory and computing needs at each stage, these studies lack detailed CPU performance analyses necessary to improve ZKP performance and promote wider adoption.In this paper, we provide a comprehensive performance analysis of widely used ZKP libraries on CPUs. We perform four different analyses to characterize the CPU microarchitecture, memory, code, and scalability performance of the ZKP protocol on different CPUs. Our analysis reveals that the ZKP protocol performs differently on different CPUs, emphasizing the need for microarchitecture-specific analysis and optimizations. We evaluate loads and stores, last level cache (LLC) misses per kilo instructions (MPKI), and maximum memory bandwidth utilization of ZKP. We observe the proving stage consumes the highest memory bandwidth (25Gbps). We identify the functions that consume the most CPU time in each stage of the ZKP protocol and categorize each stage as compute, control-flow, or data-flow intensive. Also, we identify the proving stage as the most scalable with the potential to be sped up by parallel computation. These findings provide valuable insights for designing future ZKP accelerators, leading to more efficient and scalable ZKP implementations.

Zero-Knowledge Proofs (ZKPs) are cryptographic tools that enables one party, known as the prover, to prove to another party, the verifier, that a certain statement is true without revealing any information beyond the validity of the statement itself. We introduce the Neutrosophic One-Round Zero-Knowledge Proof protocol (N-1-R) ZKP, which is an extension of the One-Round (1-R) ZKP in the realm of Neutrosophic numbers. The N-1-R ZKP is the first Neutrosophic ZK protocol.

Smart healthcare systems play a pivotal role in delivering accessible medical services, especially in remote environments where patients rely on wearable devices to collect medical data, subsequently transmitted to caregivers for diagnosis purpose. Despite the benefits of telehealth systems, their vulnerability to security breaches stemming from insecure communication channels highlights the critical need for robust mechanisms ensuring secure data transmission and access control. These mechanisms are essential to verify the legitimacy of both the patients and caregivers. To address these challenges, we propose ZKP-MAC, a lightweight Zero Knowledge proof-based authentication and access control scheme specifically tailored for Telehealth systems. Our proposed scheme integrates physical unclonable functions (PUFs), leveraging cryptographic keys derived from device hardware fingerprints to authenticate patient data. Additionally, we adopt a zero-knowledge proof protocol for caregivers' authentication and access control. By regenerating keys based on device hardware fingerprints, our approach ensures lightweight, secure, and authentic communication. Additionally, our model enables dynamic key management mechanism to regulate data access effectively and continuously in telehealth applications. Experimental results demonstrate the robustness of our approach against various security threats, offering features such as perfect backward secrecy and mutual access control. We conduct a comprehensive evaluation of the ZKP-MAC's security attributes, and computational overhead, showcasing reduced complexity compared to competing schemes while maintaining resilience against attempts to compromise security features by both individual and colluding actors. Furthermore, our scheme undergoes rigorous formal analysis using Automated Verification of Internet Security Protocols and Applications (A VISP A).

No abstract available

Zero- Knowledge Proof is a cryptographic protocol exercised to render privacy and data security by securing the identity of users and using services anonymously. It finds numerous applications; authentication is one of them. A Zero-Knowledge Proof-based authentication system is discussed in this paper. Advanced Encryption Standard (AES) and Secure Remote Password (SRP) protocol have been used to design and build the ZKP based authentication system. SRP is a broadly used Password Authenticated Key Exchange (PAKE) protocol. The proposed method overcomes several drawbacks of traditional and commonly used authentication systems such as a simple username and plaintext password-based system, multi-factor authentication system and others.

Advances in wearable and implementable of wireless sensors have enable the development of tiny and intelligent sensors called body sensors. Monitoring the vital body parameters in real-time using wireless body area network (WBAN) has shown great potential in improving healthcare quality not only for patients but also for medical staff. However, security and privacy are still an important issue in WBANs especially in multi-hop architectures. Considering the constraints of the body sensors (namely energy, memory, computational power, etc.). In this paper, we propose and present the design and the evaluation of a secure lightweight and energy efficient authentication scheme BANZKP based on an efficient cryptographic protocol, Zero Knowledge Proof (ZKP) and a commitment scheme. ZKP is used to confirm the identify of the sensor nodes, with small computational requirement, which is favorable for body sensors given their limited resources, while the commitment scheme is used to deal with replay attacks and hence the injection attacks by committing a message and revealing the key later. BANZKP reduces the memory requirement by 56,13% compared to TinyZKP [10], the comparable alternative so far for Body Area Networks. Also, the simulation results demonstrate that our proposed scheme is 17 and 5 times more efficient in term of execution time, and uses 94.11% and 80% less energy compared to TinyZKP and W-ECDSA [16], respectively.

No abstract available

No abstract available

A zero-knowledge proof (ZKP) is an interactive proof that allows a prover to prove the knowledge of a secret to a verifier without revealing it. ZKPs are powerful tools to deal with critical applications in security e-commerce. Existing ZKPs are iterative in nature; their protocols require multiple communication rounds. The cost of iteration makes ZKPs unsuitable in practice. We propose a new protocol that meets all the requirements of ZKPs, yet runs in one round. The new approach substantially reduces computation and communications costs. It makes ZKPs more suitable for practical cryptographic systems for both government and commercial applications.

No abstract available

No abstract available

A zero-knowledge proof (ZKP) is an interactive proof between a prover and a verifier, with the prover's goal to convince the verifier that a solution of a computation problem exists without revealing any information about the solution itself. A card-based physical ZKP is an implementation of a ZKP using physical cards. Several metrics are used to measure the efficiency of card-based ZKPs, such as the numbers of required cards and shuffles. In this paper, we propose the first card-based ZKP for a puzzle Sudoku that uses only one shuffle. To achieve this, we use a technique of applying private operations interactively to prepare inputs for the protocol.

No abstract available

UAVs are increasingly being used in various domains, from personal and commercial applications to military operations. Ensuring the security and trustworthiness of UAV communications is crucial, and blockchain technology has been explored as a solution. However, privacy remains a challenge, especially in public blockchains. In this work, we propose a novel approach utilizing zero-knowledge proof techniques, specifically zk-SNARKs, which are non-interactive cryptographic proofs. This approach allows UAVs to prove their authenticity or location without disclosing sensitive information. We generated zk-SNARK proofs using the Zokrates tool on a Raspberry Pi, simulating a drone environment, and analyzed power consumption and CPU utilization. The results are promising, especially in the case of larger drones with higher battery capacities. Ethereum was chosen as the public blockchain platform, with smart contracts developed in Solidity and tested on the Sepolia testnet using Remix IDE. This novel proposed approach paves the way for a new path of research in the UAV area.

No abstract available

In order to study the standard security access authentication mechanism of intelligent sensing terminals of massive power Internet of Things, In order to study the standard secure access authentication mechanism of intelligent sensing terminal of massive power Internet of Things, a new privacy protection method widely used in block chain is proposed to prove identity. The traditional power IoT cloud-side interaction security access MQTT protocol still has a lot of room for adaptation and optimization. First, the proposed non-interactive zero-knowledge proof identity authentication method reduces the time of traditional standard secure access authentication process; Second, it reduced the computing resources consumed in a large number of intelligent sensors access authentication. The comparison results show that, the access authentication time of this method is 30% ∼ 50% less than that of the traditional secure access authentication process. The computing resources consumed during authentication are reduced by 20% to 30% compared with traditional security and secrecy mechanisms.

Digital technologies, such as wireless body area networks (WBANs) for mobile health (mHealth) applications, are expected to enhance the quality of the public health care system. Although mHealth can improve patients' quality of health by offering outpatient real-time health monitoring systems instead of being stuck in the hospital all the time to monitor chronic diseases. The major challenge in adopting mHealth is data security and privacy. The health data routed on the internet from the patient monitoring device to the health center for remote monitoring is vulnerable to confidentiality attacks. To handle this issue, we present an authentication scheme based on non-interactive zero-knowledge proof (NIZKP), which issues certificates and authenticates monitoring devices each time performing transactions without revealing sensitive information. Our authentication scheme provides a high level of security with a low computational cost, which is lightweight for WBANs.

Lattice-based non-interactive zero-knowledge proof has been widely used in one-way communication and can be effectively applied to resist quantum attacks. However, lattice-based non-interactive zero-knowledge proof schemes have long faced and paid more attention to some efficiency issues, such as proof size and verification time. In this paper, we propose the non-interactive zero-knowledge proof schemes from RLWE-based key exchange by making use of the Hash function and public-key encryption. We then show how to apply the proposed schemes to achieve the fixed proof size and rapid public verification. Compared with previous approaches, our schemes can realize better effectiveness in proof size and verification time. In addition, the proposed schemes are secure from completeness, soundness, and zero-knowledge.

No abstract available

Passwords are currently the king in online authentication. But passwords come with a lot of baggage - how to use them, store them, hide them, and obfuscate them. Every year, there are plenty of cyber-attacks which involves passwords being stolen. These passwords are stored and transmitted over networks and hence, many mistakes can be made while doing so. In this paper, a relatively new form of authentication is explored - one based on the concept of Zero-Knowledge Proof (ZKP). It further explores how ZKP can provide additional security to the authentication mechanism by taking the transmission of passwords out of the picture. This paper also discusses the Replay attack vulnerability present in the non-interactive implementation of ZKP and proposes a two-fold mitigation strategy against the vulnerability.

No abstract available

Usually, a proof of a theorem contains more knowledge than the mere fact that the theorem is true. For instance, to prove that a graph is Hamiltonian it suffices to exhibit a Hamiltonian tour in it; however, this seems to contain more knowledge than the single bit Hamiltonian/non-Hamiltonian.In this paper a computational complexity theory of the “knowledge” contained in a proof is developed. Zero-knowledge proofs are defined as those proofs that convey no additional knowledge other than the correctness of the proposition in question. Examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity. These are the first examples of zero-knowledge proofs for languages not known to be efficiently recognizable.

No abstract available

The advent of miniaturized mobile devices with wireless communication capability and integrated with biosensors has revolutionized healthcare systems. The devices can be used by individuals as wearable accessories to collect health data regularly. This type of medical assistance supported by mobile devices to monitor patients and offer health services remotely is known as mobile health (mHealth). Although mHealth provides many benefits and has become popular, it can pose severe privacy risks. Many features in mHealth are managed through a smartphone. Thus, one of the most worrying issues involves communication between the monitoring devices and the smartphone. When communication uses Bluetooth, it is standard for a device to be paired with the smartphone; but generally, it is not exclusively associated with a specific mHealth app. This characteristic can allow a data theft attack by a malicious app or fake data injection by an illegitimate device. To address this issue, we present an authentication scheme based on Non-Interactive Zero-Knowledge Proof that is lightweight enough to run on mHealth devices with minimal resources. Our scheme ensures that legitimate devices interact exclusively with the official mHealth application. To ensure the patient’s privacy-preserving throughout the system, we address the issues of storing, managing, and sharing data using blockchain. Since there is no privacy in the standard blockchain, we present a scheme in which the health data transmitted, stored, or shared are protected by Attribute-Based Encryption. The outcome is a system with fine-grained access control, entirely managed by the patient, and an end-to-end privacy guarantee.

No abstract available

Blockchain is the core technology underlying the first decentralized cryptocurrency, Bitcoin, introduced by Nakamoto in 2008. Since then, blockchain technology has many more advancements that are being developed and experimented. In particular, recent blockchain platforms such as Ethereum offer general and executable scripts, namely smart contracts, that can be employed to develop decentralized applications (DApps) in many domains beyond payment. However, the transparency of blockchain data raises concerns for many applications that require high privacy level. Therefore, many privacy enhancing technologies have been applied to DApp development, including zero knowledge proof (ZKP). This paper focuses on a particular kind of ZKP, called zero knowledge range proof (ZKRP), that has been applied in blockchain-based payments for banks. ZKRP allows a user to convince other people that a secret value actually lies within an interval without revealing any information about the secret. Here we introduce a new ZKRP which has the following remarkable features: (1) Non-interactive: No communication is required between a user and a verifier during the proof. (2) Range-flexibility: There is no limitation on the lower bound and the upper bound of the range except that they are natural numbers. (3) Efficiency: Our scheme is modified from that of Pang et al. (2010), yet achieves better security and is more efficient than their scheme. We believe our new ZKRP can be beneficial to the development of DApps and can extend the application scope to more scenarios.

Distributed certification is a set of mechanisms that allows an all-knowing prover to convince the units of a communication network that the network's state has some desired property, such as being 3-colorable or triangle-free. Classical mechanisms, such as proof labeling schemes (PLS), consist of a message from the prover to each unit, followed by one round of communication between each unit and its neighbors. Later works consider extensions, called distributed interactive proofs, where the prover and the units can have multiple rounds of communication before the communication among the units. Recently, Bick, Kol, and Oshman (SODA '22) defined a zero-knowledge version of distributed interactive proofs, where the prover convinces the units of the network's state without revealing any other information about the network's state or structure. In their work, they propose different variants of this model and show that many graph properties of interest can be certified with them. In this work, we define and study distributed non-interactive zero-knowledge proofs (dNIZK); these can be seen as a non-interactive version of the aforementioned model, and also as a zero-knowledge version of PLS. We prove the following: - There exists a dNIZK protocol for 3-coloring with O(log n)-bit messages from the prover and O(log n)-size messages among neighbors. - There exists a family of dNIZK protocols for triangle-freeness, that presents a trade-off between the size of the messages from the prover and the size of the messages among neighbors. - There exists a dNIZK protocol for any graph property in NP in the random oracle models, which is secure against an arbitrary number of malicious parties.

The Internet of Vehicles facilitates seamless Vehicle-to-Everything (V2X) communication, offering a myriad of services ranging from traffic management to data exchange and route scheduling. However, the existence of malicious Autonomous Vehicles (AVs) poses significant security and privacy threats to data communications and vehicle users, respectively. Therefore, it is crucial to verify the identity and preserve the privacy of AVs before offering V2X services within each vehicular broadcast domain. To address the aforementioned issues, a novel privacy-preserving lightweight Fast Reed-Solomon Interactive Oracle Proof of Proximity using polynomial commitment-based authentication protocol is presented. The AVs are initially registered with a trusted authority in this protocol. After that, they are authenticated by roadside units in their respective broadcast domains using a zero-knowledge proof-based challenge-response mechanism. As per the performance analysis, the proposed protocol surpasses state-of-the-art authentication protocols and achieves notable improvements of 19.43% in registration computation time, 50.96% in registration latency, 89.75% in authentication computation time, 14.97% in authentication latency, 97.42% in handover computation time, and 95.84% in handover latency, compared to other protocols. A qualitative security analysis is also carried out to prove that the proposed protocol provides anonymity, privacy, user verifiability, and untraceability features.

No abstract available

No abstract available

In distributed computing, data trading mechanisms are essential for ensuring the sharing of data across multiple computing nodes. Nevertheless, they currently encounter considerable obstacles, including low accuracy in matching trading parties, ensuring fairness in transactions, and safeguarding data privacy throughout the trading process. In order to address these issues, we put forward a data trading security scheme based on zero-knowledge proofs and smart contracts. In the phase of preparing the security parameters, the objective is to reduce the complexity of generating non-interactive zero-knowledge proofs and to enhance the efficiency of data trading. In the pre-trading phase, we devise attribute atomic matching smart contracts based on precise data property alignment, with the objective of achieving fine-grained matching of data attributes between trading parties. In the trading execution phase, lightweight cryptographic algorithms based on elliptic curve cryptography (ECC) and non-interactive zero-knowledge proofs are employed for the dual encryption of trading data and the generation of attribute proof contracts, thus ensuring the security and privacy of the data. The results of experiments conducted on the Ethereum platform in an industrial IoT scenario demonstrate that our scheme maintains stable and low-cost consumption while ensuring accuracy in matching and privacy protection.

No abstract available

In database applications involving sensitive data, the dual imperatives of data confidentiality and provable (verifiable) query processing are important. This paper introduces PoneglyphDB, a database system that leverages non-interactive zero-knowledge proofs (ZKP) to support both confidentiality and provability. Unlike traditional databases, PoneglyphDB enhances confidentiality by ensuring that raw data remains exclusively with the host, while also enabling verifying the correctness of query responses by providing proofs to clients. The main innovation in this paper is proposing efficient ZKP designs (called circuits) for basic operations in SQL query processing. These basic operation circuits are then combined to form ZKP circuits for larger, more complex queries. PoneglyphDB's circuits are carefully designed to be efficient by utilizing advances in cryptography such as PLONKish-based circuits, recursive proof composition techniques, and designing with low-order polynomial constraints. We demonstrate the performance of PoneglyphDB with the standard TPC-H benchmark. Our experimental results show that PoneglyphDB can efficiently achieve both confidentiality and provability, outperforming existing state-of-the-art ZKP methods.

No abstract available

Zero-knowledge proof (ZKP) is an attractive cryptographic paradigm that allows a party to prove the correctness of a given statement without revealing any additional information. It offers both computation integrity and privacy, witnessing many celebrated deployments, such as computation outsourcing and cryptocurrencies. Recent general-purpose ZKP schemes, e.g., zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK), suffer from time-consuming proof generation, which is mainly bottlenecked by the large-scale number theoretic transformation (NTT) and multi-scalar point multiplication (MSM). To boost its wide application, great interest has been shown in expediting the proof generation on various platforms like GPU, FPGA and ASIC.So far as we know, current works on the hardware designs for ZKP employ two separated data-paths for NTT and MSM, overlooking the potential of resource reusage. In this work, we particularly explore the feasibility and profit of implementing both NTT and MSM with a unified and high-performance hardware architecture. For the crucial operator design, we propose a dual-precision, load-balanced and fully-pipelined Montgomery multiplier (LBFP MM) by introducing the new mixed-radix technique and improving the prior quotient-decoupled strategy. Collectively, we also integrate orthogonal ideas to further enhance the performance of LBFP MM, including the customized constant multiplication, truncated LSB/MSB multiplication/addition and Karatsuba technique. On top of that, we present the unified, scalable and highperformance hardware architecture that conducts both NTT and MSM in a versatile pipelined execution mechanism, intensively sharing the common computation and memory resource. The proposed accelerator manages to overlap the on-chip memory computation with off-chip memory access, considerably reducing the overall cycle counts for NTT and MSM.We showcase the implementation of modular multiplier and overall architecture on the BLS12-381 elliptic curve for zk-SNARK. Extensive experiments are carried out under TSMC 28nm synthesis and similar simulation set, which demonstrate impressive improvements: (1) the proposed LBFP MM obtains 1.8x speed-up and 1.3x less area cost versus the state-of-the-art design; (2) the unified accelerator achieves 12.1x and 5.8x acceleration for NTT and MSM while also consumes 4.3x lower overall on-chip area overhead, when compared to the most related and advanced work PipeZK.

A new interactive quantum zero-knowledge protocol for identity authentication implementable in currently available quantum cryptographic devices is proposed and demonstrated. The protocol design involves a verifier and a prover knowing a pre-shared secret, and the acceptance or rejection of the proof is determined by the quantum bit error rate. It has been implemented in modified Quantum Key Distribution devices executing two fundamental cases. In the first case, all players are honest, while in the second case, one of the users is a malicious player. We demonstrate an increase of the quantum bit error rate around 25% in the latter case compared to the case of honesty. The protocol has also been validated for distances from a back-to-back setup to more than 60 km between verifier and prover. The security and robustness of the protocol has been analysed, demonstrating its completeness, soundness and zero-knowledge properties.

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

Privacy and security in the current modern, digital communication and data transfer-oriented world has become imperative. Most commonly used encryption methods often involve exposing sensitive information, which might be an open gate for potential vulnerabilities. This paper aims to explore the topic of applying ZKPs in cybersecurity in a comprehensive manner. For this purpose, Proposed work will provide an exhaustive description of the basic concepts of Zero-Knowledge Proofs , which refer to both the interactive and non-interactive forms of the product. Additionally, the study will focus on presenting various cryptographic protocols and algorithms utilizing Zero-Knowledge Proofs , such as zk-SNARKs and zk-STARKs . In addition to theoretical studies, Proposed work analyze the practical implementation details of Zero-Knowledge Proofs implementations , cryptographic libraries, programming languages, and frameworks commonly used to create ZKP-based applications . Zero-knowledge proofs enable groundbreaking approaches to address cybersecurity problems with an emphasis on user privacy and data confidentiality. On average, cryptographic operations experienced delays of approximately 10 milliseconds which was not intrusive for real-time systems. The system’s throughout remained at a steady average of 100 Mbps all times, so it performed well at processing data despite cryptographic overhead. The packet delivery ratio was constantly high at 98%, implying that most data packets were delivered consistently even over encrypted communication paths.

The zero knowledge succinct non-interactive argu-ment of knowledge (zkSNARK) systems necessitate the generation of a common reference string (CRS) via a trusted setup that traditionally involves a trusted third party (TTP). An alternative method, employing multiparty computation (MPC), facilitates the creation of an updatable structured reference string (SRS) without the need for a TTP, ensuring security provided at least one participant remains honest. We introduce a secure way to generate CRS without any trust assumption for participants. We introduce a novel platform designed to enable participants to autonomously update the CRS at their discretion. This platform transforms the CRS into a non-fungible token (NFT), enhancing the transparency and traceability of the CRS's revision history. Our platform incorporates a protocol for the generation and utilization of the proving and verification keys, integral to the zkSNARK scheme, based on the updated CRS. Implementation of this platform on the Ethereum blockchain has demonstrated secure CRS update mechanisms and the low overhead of CRS transformation.

No abstract available

No abstract available

No abstract available

We put forward a new approach for achieving non-interactive zero-knowledge proofs (NIKZs) from the learning with errors (LWE) assumption (with subexponential modulus to noise ratio). We provide a LWE-based construction of a hidden bits generator that gives rise to a NIZK via the celebrated hidden bits paradigm. A notable feature of our construction is its simplicity. Our construction employs lattice trapdoors, but beyond that uses only simple operations. Unlike prior solutions, we do not rely on a correlation intractability argument nor do we utilize fully homomorphic encryption techniques. Our solution provides a new methodology that adds to the diversity of techniques for solving this fundamental problem.

No abstract available

No abstract available

No abstract available

A non-interactive ZK (NIZK) proof enables verification of NP statements without revealing secrets about them. However, an adversary that obtains a NIZK proof may be able to clone this proof and distribute arbitrarily many copies of it to various entities: this is inevitable for any proof that takes the form of a classical string. In this paper, we ask whether it is possible to rely on quantum information in order to build NIZK proof systems that are impossible to clone. We define and construct unclonable non-interactive zero-knowledge arguments (of knowledge) for NP, addressing a question first posed by Aaronson (CCC 2009). Besides satisfying the zero-knowledge and argument of knowledge properties, these proofs additionally satisfy unclonability. Very roughly, this ensures that no adversary can split an honestly generated proof of membership of an instance $x$ in an NP language $\mathcal{L}$ and distribute copies to multiple entities that all obtain accepting proofs of membership of $x$ in $\mathcal{L}$. Our result has applications to unclonable signatures of knowledge, which we define and construct in this work; these non-interactively prevent replay attacks.

No abstract available

No abstract available

No abstract available

No abstract available

We initiate the study of non-interactive zero-knowledge (NIZK) arguments for languages in QMA. Our first main result is the following: if Learning With Errors (LWE) is hard for quantum computers, then any language in QMA has an NIZK argument with preprocessing. The preprocessing in our argument system consists of (i) the generation of a CRS and (ii) a single (instance-independent) quantum message from verifier to prover. The instance-dependent phase of our argument system involves only a single classical message from prover to verifier. Importantly, verification in our protocol is entirely classical, and the verifier needs not have quantum memory; its only quantum actions are in the preprocessing phase. Our second contribution is to extend the notion of a classical proof of knowledge to the quantum setting. We introduce the notions of arguments and proofs of quantum knowledge (AoQK/PoQK), and we show that our non-interactive argument system satisfies the definition of an AoQK. In particular, we explicitly construct an extractor which can recover a quantum witness from any prover which is successful in our protocol. Finally, we show that any language in QMA has an (interactive) proof of quantum knowledge.

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

Abstract In this study, we propose a new method for conversion from a one-way (OW)-secure key encapsulation mechanism (KEM) into a chosen-ciphertext (CCA) secure KEM in the random oracle model. Our conversion method is based on the non-interactive zero-knowledge (NIZK) proof system for proving the relationships (e.g., equality or linearity) of discrete logarithms, where the security analysis of our conversion method depends on the NIZK properties of soundness and zero-knowledge. Our conversion method achieves tight security reduction and it is semi-generic in the sense that other than OW-security, a KEM should be NIZK-compatible. From a theoretical viewpoint, our conversion method can be considered as the corresponding approach for obtaining an efficient signature by applying the Fiat–Shamir transform to the NIZK system. We applied our conversion method to several OW-secure (identity-based) KEMs and compared the results with those obtained by previous methods for achieving CCA security.

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

No abstract available

We propose the first generalization of the famous Non-Interactive Zero-Knowledge (NIZK) proofs to quantum languages (NIZKoQS) and we provide a protocol to prove advanced properties on a received quantum state non-destructively and non-interactively (a single message being sent from the prover to the verifier). In our second orthogonal contribution, we improve the costly Remote State Preparation protocols [Cojocaru et al. 2019; Gheorghiu and Vidick 2019] that can classically fake a quantum channel (this is at the heart of our NIZKoQS protocol) by showing how to create a multi-qubit state from a single superposition. Finally, we generalize these results to a multi-party setting and prove that multiple parties can anonymously distribute a GHZ state in such a way that only participants knowing a secret credential can share this state, which could have applications to quantum anonymous transmission, quantum secret sharing, quantum onion routing and more.

: With the rapid development of the digital economy and the Internet of Things, identity authentication in resource-constrained environments faces challenges such as low efficiency and inadequate privacy protection. Addressing the high computational and communication overhead of traditional RSA and ECC authentication mechanisms, this study proposes an efficient identity authentication mechanism (AC-ZKP) based on algebraic curves and non-interactive zero-knowledge proofs (NIZK). This mechanism leverages algebraic curve group operations to achieve lightweight key management and employs zero-knowledge proofs to ensure information concealment and anti-forgery during identity verification. The paper conducts a systematic study across four dimensions: system modeling, algorithm design, security analysis, and performance evaluation. Experimental results demonstrate that while maintaining 128-bit security strength, the AC-ZKP mechanism reduces authentication latency by approximately 44% and communication overhead by about 40%. It also exhibits strong scalability and resistance to attacks, significantly outperforming traditional ECC schemes. These findings provide a viable solution for lightweight, high-security identity authentication in IoT, edge computing, and cross-border data exchange environments.

No abstract available

A recent breakthrough [Hirahara and Nanashima, STOC'2024] established that if $\mathsf{NP} \not \subseteq \mathsf{ioP/poly}$, the existence of zero-knowledge with negligible errors for $\mathsf{NP}$ implies the existence of one-way functions (OWFs). In this work, we obtain a characterization of one-way functions from the worst-case complexity of zero-knowledge {\em in the high-error regime}. We say that a zero-knowledge argument is {\em non-trivial} if the sum of its completeness, soundness and zero-knowledge errors is bounded away from $1$. Our results are as follows, assuming $\mathsf{NP} \not \subseteq \mathsf{ioP/poly}$: 1. {\em Non-trivial} Non-Interactive ZK (NIZK) arguments for $\mathsf{NP}$ imply the existence of OWFs. Using known amplification techniques, this result also provides an unconditional transformation from weak to standard NIZK proofs for all meaningful error parameters. 2. We also generalize to the interactive setting: {\em Non-trivial} constant-round public-coin zero-knowledge arguments for $\mathsf{NP}$ imply the existence of OWFs, and therefore also (standard) four-message zero-knowledge arguments for $\mathsf{NP}$. Prior to this work, one-way functions could be obtained from NIZKs that had constant zero-knowledge error $\epsilon_{zk}$ and soundness error $\epsilon_{s}$ satisfying $\epsilon_{zk} + \sqrt{\epsilon_{s}}<1$ [Chakraborty, Hulett and Khurana, CRYPTO'2025]. However, the regime where $\epsilon_{zk} + \sqrt{\epsilon_{s}} \geq 1$ remained open. This work closes the gap, and obtains new implications in the interactive setting. Our results and techniques could be useful stepping stones in the quest to construct one-way functions from worst-case hardness.

The article presents a comprehensive analysis of the transition from traditional centralized digital identity models to an innovative decentralized paradigm based on block-chain technologies and zero-knowledge proofs (ZKP). It highlights the fundamental problems of existing systems that rely on centralized registries, passwords, and social logins. Such approaches create significant vulnerabilities, including risks of data breaches, mass surveillance, and manipulation, as centralized intermediaries act as sole controllers of personal information, depriving users of control over their data. In response to these challenges, the article discusses the concept of Decentralized Identity (DID). This model enables individuals to own, store, and control their digital credentials independently, without involving intermediaries. The key technological components of this ecosystem include Verifiable Credentials (VC), Digital ID Wallets, and Decentralized Identifiers (DID), which are typically stored on a block-chain to ensure immutability and security. A triadic trust model involving the Issuer, Holder, and Verifier is described, allowing data verification without direct contact with the issuing organization. Special attention is given to the concept of Self-Sovereign Identity (SSI) as a specific philosophy within DID that emphasizes user autonomy, data minimization, and privacy by design. Unlike the broader DID concept, in the SSI model, the user makes the final decision regarding the disclosure of their data. A central technology ensuring privacy in decentralized systems is zero-knowledge proofs (ZKP). ZKP allow the validation of the truthfulness of a statement without revealing the underlying information. The article provides a detailed analysis of the benefits of using ZKP in the context of DID, including selective attribute disclosure (e.g., proving legal age without revealing the date of birth), minimizing the amount of shared data, preventing correlation and user activity tracking, as well as creating reputation systems that preserve anonymity. Practical application scenarios such as private electronic voting and confidential medical data protection are examined. The paper also addresses standardization, which is key to ensuring compatibility and widespread adoption of DID solutions. Leading initiatives such as W3C Verifiable Credentials, the Decentralized Identity Foundation (DIF), and projects like Hyperledger Indy and Aries are mentioned. Examples of advanced implementations already in use are provided: Polygon’s zkKYC for private verification in DeFi, the Sismo protocol for creating anonymous reputation badges in Web3, and Evernym’s SSI platform based on Hyperledger Indy. In conclusion, it is emphasized that the combination of DID and ZKP forms a new paradigm for digital identity management focused on security and user autonomy. Despite challenges related to usability complexity, key loss risk, and legal uncertainty, the technology is actively evolving and moving from conceptual to practical application, which may eventually become the foundation for a global sovereign digital identity.

Identity authentication in the age of hyper-connected digital world is an important part of cyber security. Centralized identity verification systems are becoming more and more exposed to data breaches, identity fraud and leakage of personal information. Such systems usually have a single point-of-failure and users need to disclose private personal data to third party service providers, which would lead to privacy and security concerns. This study explores the strengthening of cybersecurity with blockchain-integrated identity authentication systems with ZKP processes, biometric alignment, and decentralized trust systems. In the proposed server-less model, blockchain is used to replace trusted parties, such that the identity information are scattered among multiple nodes on a decentralized ledger, so that the access between identity and the service is easy to be realized. This helps minimize any unauthorized interference and promote the transparency and traceability of the system. The zero-knowledge proof paradigms enable the user to prove himself/herself valid without exposing the real credentials, which makes it a useful tool to cut down the amount of disclosed private user information. Meanwhile biometric encryption further enhances security by associating cryptographic keys with physical traits, such as a finger print or an iris image, for secure non-repudiable access mechanisms. This layered, privacy-protecting authentication structure is created by orchestrating these technologies together. The blockchain’s transparency and immutability guarantees the integrity of the identity records, while zKP provides anonymous verification for use cases which include online voting, digital banking and secure access to confidential platforms. Biometric protection ensures non-replayability and impersonation resistance, avoiding common threats of password/token-based solutions. The paper contains thorough implementation and simulation of the presented biometric model over Ethereum using smart contracts, zk-SNARKs, and biometric template protection methods. Performance of the proposed method is inspected in terms of authentication latency, computational energy, and security resilience’s to the replay, man-in-the-middle, and biometric spoofing attacks. Experimental results indicate that the resulting integrated solution achieves high performance with increased privacy, user-specified control and resistance to tampering. This study brings forward next generation identity frameworks which has decentralized, cryptography based, as well as user-centric. It shows that the combination of blockchain, zero-knowledge and biometrics can be established in a trustless and reliable manner to authenticate identity in real-time. The results have direct impact on e-governance, finance, healthcare and smart cities, where data integrity and user privacy are of prime interest. This approach reflects a paradigm shift in decentralized cybersecurity infrastructures that place the control of identity in the hands of the identity owner.

Enterprise digital transformation and multiorganization collaboration highlight the limitations of centralized identity authentication, including single points of failure, inefficient cross-domain authentication, and privacy risks in data storage. This study proposes a distributed identity authentication framework integrating blockchain, zeroknowledge proof (ZKP), and verifiable credentials (VCs). A decentralized attribute-based access control (ABAC) architecture ensures policy consistency, while a lightweight ZKP protocol minimizes sensitive attribute exposure. Verifiable credentials are stored off-chain via IPFS to optimize efficiency. Experimental results demonstrate significant improvements: cross-domain authentication latency decreased by 57.7% (from $\mathbf{5 1 8. 2 2 ~ m s}$ to $\mathbf{2 1 9 ~ m s}$), system availability remained at 82% under node failures, and the ZKP mechanism reduced sensitive attribute exposure to $\mathbf{1 2. 8 \%}$. Hybrid storage (VCs + IPFS) reduced on-chain data by $\mathbf{7 5 \%}$ and write latency to $\mathbf{5 5 ~ m s}$. The proposed solution enhances authentication efficiency, fault tolerance, and privacy protection in distributed enterprise environments, offering a scalable and secure alternative to traditional systems. Future work will address high-concurrency performance and dynamic policy management.

The Internet of Medical Things (IoMT) is transforming healthcare by enabling devices to generate and share critical patient data. However, securely sharing this data across different healthcare entities remains a significant challenge due to concerns over privacy and security. Traditional solutions using Ciphertext Policy Attribute-Based Encryption (CP-ABE), Self-Sovereign Identity (SSI), and Zero-Knowledge Proofs (ZKPs) offer secure and anonymous data access, but they often fall short in scalability and integration, particularly in cross domain environments. To address these limitations, we introduce SSL-XIoMT, an optimized SSI and ZKP authentication framework within a consortium Hyperledger-based environment. This innovative system integrates SSI under advanced Zero-Knowledge Scalable Transparent Argument of Knowledge (ZK-STARK) and Plonk protocols within a consortium Hyperledger framework for privacy-preserving identity verification. We enhance identity privacy by integrating Multi-Party Computation (MPC), ensuring that identity credentials and ZKP proofs are securely shared and reconstructed without exposing sensitive information. Additionally, we optimize CP-ABE by offloading complex computations to fog nodes, which pre-compute attributes and logical operations. This approach significantly reduces computational overhead and enhances both privacy and efficiency. Our extensive analysis shows that SSL-XIoMT dramatically improves the performance of processing time for CP-ABE encryption and decryption compared to current methods. Moreover, our hybrid ZKPs based authentication approach outperforms the existing schemes regarding processing time and flexibility. The throughput test also demonstrates that SSL-XIoMT is practical for large scale cross-domain data sharing implementation.

The advancement of Industrial Internet of Things (IIoT) has enabled cross-domain collaboration among enterprises, facilitating data exchange and coordinated operations for complex manufacturing tasks. As the primary security mechanism, cross-domain continuous authentication periodically verifies external devices to prevent unauthorized access and session hijacking, thereby mitigating system vulnerabilities. However, existing solutions face limitations: some rely on device-specific features incompatible with heterogeneous environments, while others neglect cross-domain scenarios, offering insufficient privacy protection and irreversible identity management. To address these gaps, we propose a cross-domain authentication framework leveraging zero-knowledge proofs and blockchain technology. Devices are assigned anonymous identities, with revocation managed via a distributed ledger. Initial authentication employs zero-knowledge proofs to generate valid tokens, while continuous authentication refreshes these tokens periodically. Security analysis confirms robustness against common threats, and performance evaluations demonstrate that periodic token renewal reduces computational and communication costs compared to repeated initial authentication processes.

Secure digital identity management is every emerging concern. Traditional authentication which includes use of passwords, central databases, and third party recovery present great security and also usability issues. Zero- Knowledge Proofs (ZKPs) and blockchain have put forth as very good for Decentralized identity systems. But also many present solutions have large compute requirements, don’t scale well, and have poor user recovery. This review puts forth that in present ZKP based identity systems we see the lack of password less login, human readable identities, and self sovereign recovery. We look at recent systems which we note have a heavy use of complex crypto credentials, central verification which is a point of failure, and extensive infrastructure which in turn do not see wide scale adoption. To present solutions to these issues we have put forth a UID based identity which uses ZKPs for authentication which does not require storage of passwords or private keys. We introduce a novel recovery which uses a human readable phrase from private key, salt, and UID which in turn is a user controlled method. What we did is we put the UID on the blockchain which in turn improves privacy and scale. Our analysis which we present improves on issues of usability, scale and security which in turn we present a very simple and practical solution for today’s identity management issues. Also this study we present which we put forth to be the base for what we think will be future works in the development of useable ZKP based identity systems.

Internet of Vehicles (IoV), as an emerging technology, has attracted much research over the years due to rapid advancements in computing paradigms and vehicular and wireless technologies. These advancements enable vehicle-to-everything (V2X) communication to offer various services such as traffic management, data exchange, and route scheduling. However, the increase in density and the malicious behaviour of vehicle users have seriously threatened security and privacy concerns in the network. These concerns are related to anonymity, privacy, and verification of the identity of vehicle users. It is crucial to preserve users' privacy to prevent traceability and linkability, besides authentication to track malicious activities in the network. Therefore, in this paper, a novel privacy-preserving lightweight zk-SNARK of polynomial-based authentication protocol is presented. The vehicles are initially registered with a trusted authority (TA) in this protocol. After that, they are authenticated by RSUs, followed by verification of authentication during vehicle handover between RSUs. The proposed protocol is implemented using the Mininet-WiFi tool, and its performance is analyzed by comparing communication latency and computation time for variable vehicular density. An informal security analysis is also done to prove that the proposed protocol provides anonymity, privacy, user verifiability, and untraceability features.

Internet of Vehicles (IoV) is a typical application of mobile Internet of Things (IoT), which aims to improve road conditions and enhance the driving experience. However, the issue of identity leakage has drawn a major privacy concern during the vehicle’s authentication. It is impractical to apply traditional anonymous authentication methods directly to the IoV system due to their complex computation. To enhance the user’s privacy and the service’s efficiency, we propose a novel efficient anonymous authentication approach for the IoV based on the zero-knowledge proof (ZKP) and elliptic curve cryptography (ECC). We achieve the user’s strong anonymity and authenticity based on the Fujisaki–Okamoto Commitment algorithm. In addition, the third trusted authority can effectively trace users by tracking users’ verification keys. It holds the user’s traceability when a violation occurs. Meanwhile, we design a fast reconnection procedure based on the security context from the last access, which can reduce the computation overhead effectively. Through the security analysis, it proves that our scheme provides the anonymity, mutual authenticity, unlinkability, traceability, forward security, and replay-attack resistance. The experimental results indicate that our scheme has a better performance compared with the classic protocols in the IoV.

There has been a shift towards the use of Electric Vehicles (EV) in recent years. Though EVs offer many advantages, there are concerns on the cyber security of its components and the privacy of its users. When users charge their EVs at a charging station, they need to reveal their personal details. An attacker can compromise the users' privacy by identifying and tracking where users charge their EVs. Hence, there is a need to protect EVs from cyber-attacks and preserve its users' privacy. In this paper, we address the problem of privacy preservation of users while charging their EVs in a 5G-enabled vehicular charging system. We propose a user-centric authentication protocol for EV charging based on Decentralized Identifier (DID) and blockchain. We use Verifiable Credential (VC) together with DID which provides Zero-Knowledge Proof (ZKP) about the user. Users have complete control over their identities resulting in user-centric authentication. At the same time, a third party can verify the user's legitimacy before providing services. Hence, our protocol makes the charging service available in a secure way, preserving the privacy of the user.

The use of Electric Vehicles (EVs) has been gaining traction in recent years due to various reasons. While charging their EVs, users expose their identity and personal details, and an adversary being able to identify and track where users charge their EVs is a potential privacy threat. In this article, we propose a user-empowered privacy-preserving authentication protocol for EV charging based on Decentralized Identifier (DID) and Verifiable Credential (VC) to provide Zero-Knowledge Proof (ZKP)-security. The proposed method gives users full control over their identities and allows them to remain anonymous while charging from any station. Giving control over their identities empowers users. At the same time, by making use of the concept of VC, other parties can verify that a user is legitimate and authenticate the user before providing charging services. Hence, the proposed protocol makes the charging service available in a secure way, while empowering users and preserving their privacy.

Abstract: In modern democracies, secure and transparent voting mechanisms are critical for ensuring public trust and electoral integrity. Traditional voting systems often face challenges such as tampering, identity fraud, and lack of transparency. This paper proposes a Blockchain-Based Voting System designed to address these issues by integrating advanced technologies including Zero-Knowledge Proofs (ZKP), InterPlanetary File System (IPFS), and the Polygon Proof-of-Stake (PoS) blockchain. The system incorporates Aadhaar-based identity verification with OTP authentication to ensure that only eligible citizens can vote, while preserving voter anonymity through the implementation of ZKP. All sensitive data, including votes and candidate information, are recorded on the decentralized Polygon network, ensuring immutability and transparency. IPFS is employed for storing large files such as candidate profiles and voting records in a secure and distributed manner. Smart contracts automate the core election functions such as vote casting, validation, and result declaration, thereby minimizing the risk of human error and manipulation. A modular user interface is provided for both voters and election administrators, facilitating real-time monitoring, seamless authentication, and secure participation. By leveraging blockchain’s trustless architecture and privacypreserving cryptographic protocols, the proposed system aims to modernize the electoral process, enhance voter confidence, and strengthen democratic institutions in the digital age.The architecture ensures end-to-end verifiability, making each vote independently auditable without compromising confidentiality. This integration of privacy, security, and scalability offers a robust foundation for next-generation electoral systems.

No abstract available

The Internet of Autonomous Vehicles (IoAV) faces growing challenges in user privacy and communication security, stemming from dynamic network topologies induced by high-speed vehicle mobility, resource-constrained onboard devices, and the inherent tension between identity anonymity and traceability in latency-critical applications. Given the distributed architecture of fog computing and the limited storage and computational capabilities of vehicles, conventional anonymous authentication and centralized key negotiation mechanisms prove insufficient in addressing these issues. In response, We propose a distributed authentication and key negotiation protocol that combines multifactor biometrics, zero-knowledge proof (ZKP), and physical unclonable function (PUF) without relying on a trusted third party. Specifically, we design an efficient ZKP algorithm based on Chebyshev polynomials with low overhead and strong anonymity. Our key innovation is the implementation of independent key negotiation of three untrusted entities in a single protocol cycle, enabling 23 security features and functions. The performance analysis shows that the scheme takes only 17 ms to complete the protocol flow, and it reduces vehicle memory usage by 33%–83%, service latency by 61%–83%, and communication overhead by 12%–50% compared to existing schemes.

Authentication is crucial in Identity and Access Management (IAM), especially within the Internet of Medical Things (IoMT), where security is critical. This paper proposes a solution to strengthen IoMT authentication, addressing its vulnerabilities and resource constraints. By leveraging blockchain as an Identity Provider (IdP) and integrating Zero-Knowledge Proof (ZKP) authentication, alongside Single Sign-On (SSO) standards, the proposed framework enhances security while simplifying the authentication process. Sharing the computational burden between the blockchain and client-side devices optimizes resource utilization, mitigating the strain on IoMT resources. Experimental results demonstrate improved RAM and computing power efficiency. This approach offers a robust solution to IoMT authentication challenges, promising heightened security and efficiency in healthcare IoT ecosystems. By fortifying authentication mechanisms, this framework contributes significantly to securing sensitive medical data and ensuring seamless access for authorized users in IoMT environments.

The rapid proliferation of the Internet of Things (IoT) and the increasing heterogeneity of connected devices have exposed the limitations of traditional centralized authentication and access control systems. These conventional approaches struggle to meet the demands of high concurrency, cross-domain interoperability, and decentralized trust. To address these challenges, this paper proposes a distributed security authentication and access control framework that integrates blockchain and edge computing technologies. The proposed model introduces Decentralized Identifiers (DID) and zero-knowledge proofs (ZKP) to enhance identity authentication privacy and integrity. Additionally, it adopts a hybrid access control mechanism that combines Attribute-Based Access Control (ABAC) with Role-Based Access Control (RBAC), enabling fine-grained and dynamic policy enforcement. The system is structured in a three-tier architecture, where smart contracts deployed on a consortium blockchain ensure tamper-proof policy execution and auditability. Experimental evaluations show that the model significantly improves authentication latency, accuracy, and resilience against various attack scenarios, while maintaining policy flexibility and scalability. This work provides a practical and effective solution for secure and trustworthy device access management in complex IoT environments.

In the rapidly evolving landscape of cloud computing, ensuring secure user authentication and protection against cyber-attacks has become increasingly critical. This research proposes a novel security framework for cloud systems based on the Quantum Zero-Knowledge Proof (ZKP) technique, aiming to provide a privacy-preserving and quantum-resilient authentication mechanism. The core of the proposed model lies in leveraging photon polarization at specific quantum angles to implement secure and non-disclosive verification, effectively allowing users (provers) to prove their identity without revealing any sensitive credentials. The system's architecture integrates a Zero Knowledge Proof Engine (ZKE), which forms the backbone of the security protocol, enhancing resilience against Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks. The quantum properties of photons enable a high level of randomness and unpredictability, significantly improving the robustness of the system. A Python-based simulation environment has been developed to model the proposed engine and conduct experimental validations. Furthermore, a web-based application interface has been designed to facilitate seamless interaction between cloud users and the authentication system, demonstrating real-time threat detection and response. Experimental results, visualized through performance metrics and interface output, confirm the effectiveness and practicality of the proposed model. This approach not only enhances security but also offers a scalable and user-friendly solution for modern cloud environments, marking a significant step toward integrating quantum principles into mainstream cybersecurity infrastructures.

The rapid digital transformation being currently experienced the developing economies such as Zimbabwe has underlined the inefficiencies and vulnerabilities in security of traditional Know Your Customer (KYC) processes. These KYC processes and procedures are predominantly manual, slow and are prone to data breaches. This paper proposes a privacy preserving authentication model for KYC optimization using Zero-Knowledge Proof (ZKP) cryptography. This model addresses critical challenges which include prolonged customer onboarding times, high operational costs and data compliance risks. By means of leveraging ZKP the model enables secure identity verification without exposing sensitive data which ensures compliance with Zimbabwe Data Protection Act. A mixed-methods approach was adopted, combining qualitative and quantitative techniques to design, develop and evaluate the model. Experimental results have demonstrate significant improvements in data privacy and onboarding efficiency which has seen reduced onboarding time from 3 days to under 10 minutes. The model scalability and adaptability potential makes it suitable for diverse sectors which covers education, healthcare, e-commerce and government services therefore positioning Zimbabwe as a leader in secure digital transformation.

Zero-Knowledge Proof (ZKP)-based authentication offers a privacy-preserving and secure approach for digital wallet transactions in decentralized finance (DeFi). It enables users to verify identity and execute transactions without revealing sensitive information. However, existing authentication methods often rely on exposed public addresses, vulnerable private keys, or basic multi-factor authentication, which compromise privacy and scalability under high transaction loads. To address these challenges, this paper proposes a novel framework called zk-Rollup-Integrated The zk-BHC biometric hash algorithm. The solution uses zk-Rollups for efficient and scalable off-chain computation with biometric hash commitments to verify users while keeping their privacy safe. This integration makes sure that user identity verification and transaction validation happen without giving up any raw biometric inputs or transactional metadata. The proposed zk-BHC method uses a zero-knowledge proof inside a zk-Rollup to check biometric input (such a fingerprint) and let users log in. The method keeps authentication secure and reduces touch on the blockchain. Transaction confidentiality. Experimental evaluation demonstrates that zk-BHC significantly reduces gas costs, ensures sub-second authentication, and maintains zero-knowledge compliance. It enhances privacy by 98.7%, improves scalability by 97.4%, and resists common attack vectors by 96.2%, as well as reduces authentication latency by 97.9%, thereby mitigating risks such as key theft or identity spoofing in DeFi wallet interactions.

This study models and evaluates cryptographic authentication approaches to enhance secure automated access in Cyber-Physical Systems (CPS), such as smart grids and autonomous vehicles. Three models—PKI-based, Zero Knowledge Proof (ZKP)-based, and ECC with Challenge-Response—are compared through simulations using MATLAB and NS3. Evaluation metrics include latency, computational overhead, scalability, and resistance to cyber-attacks. The ECC model demonstrated the best overall performance in real-time, resource-constrained environments. The ZKP model offered superior privacy and attack resilience, ideal for sensitive applications. The PKI model, while strong in identity assurance, exhibited high latency and is best suited for structured networks. The study emphasizes the contextual suitability of each model and suggests hybrid approaches and future directions, such as quantum-safe cryptography and biometric integration. This research provides a framework for selecting authentication mechanisms tailored to CPS-specific operational and security requirements.

With the rapid development of online aquatic product trading, traditional centralized platforms are facing increasing pressure in terms of data security, privacy protection, and trust. Problems such as tampering with transaction records, weak identity authentication, privacy leakage, and the difficulty of balancing matching efficiency with security limit the further development of these platforms. To address these issues, this paper proposes a blockchain-based identity authentication and access control scheme for online aquatic product trading. The scheme first introduces a dual authentication mechanism that combines a verifiable random function with a Schnorr-based zero-knowledge proof, providing strong decentralized identity verification and resistance to replay attacks. It then designs a dynamic access control strategy based on a multi-dimensional reputation model, which converts user behavior, attributes, and historical transaction performance into a comprehensive trust score used to determine fine-grained access rights. In addition, an AES-PEKS hybrid encryption method is employed to support encrypted keyword search and order matching while protecting the confidentiality of order data. This paper implements a multi-channel architecture for aquatic product trading prototype system on Hyperledger Fabric. This system separates registration, order processing, and reputation management into different channels to improve concurrency and enhance privacy protection. Security analysis shows that the proposed solution effectively defends against replay attacks, key leaks, data tampering, and privacy theft. Performance evaluation further demonstrates that, compared to a single-chain architecture, the multi-channel design, while increasing security mechanisms, maintains a stable throughput of approximately 223 tx/s even when concurrency reaches 600–800 tx/s, ensuring normal operation of the trading system. These results indicate that this solution provides a practical technical approach and system-level reference for building secure, reliable, and efficient online aquatic product trading platforms.

The Internet of Vehicles (IoV) connects an isolated individual on the road to share information, which can improve traffic efficiency. However, the promotion of information sharing brings the critical security issues of identity authentication, followed by privacy protection issues in the authentication process in the IoV. In this study, we designed a blockchain-based conditional privacy-preserving authentication scheme for the IoV (BPA). Our scheme implements zero-knowledge proof (ZKP) to verify the identities of vehicles, which moves the authentication process down to the Roadside Units (RSUs) and achieves decentralized authentication at the edge nodes. Moreover, blockchain technology is utilized to synchronize a consistent ledger across all RSUs for recording and disseminating vehicle authentication states, which enhances the overall authentication process efficiency. We provide a theoretical analysis asserting that the BPA ensures enhanced security and effectively protects the privacy of all participating vehicles. Experimental evaluations confirm that our scheme outperforms existing solutions in terms of the computational and communication overhead.

Current authentication schemes based on zero-knowledge proof (ZKP) still face issues such as high computation costs, low efficiency, and security assurance difficulty. Therefore, we propose a secure and efficient authentication scheme (SEAS) for large-scale IoT devices based on ZKP. In the initialization phase, the trusted authority creates prerequisites for device traceability and system security. Then, we propose a new registration method to ensure device anonymity. In the identity tracing and revocation phase, we revoke the real identity of abnormal devices by decrypting and updating group public keys, avoiding their access and reducing revocation costs. In the authentication phase, we check the arithmetic relationship between blind certificates, proofs, and other random data. We propose a new anonymous batch authentication method to effectively reduce computation costs, enhance authentication efficiency, and guarantee device authentication security. Security analysis and experimental results show that an SEAS can ensure security and effectively reduce verification time and energy costs. Its security and performance exceed existing schemes.

A traceable anonymous authentication ring signature scheme with privacy protection is proposed to solve the problem of tracking the identity of malicious signers in ring signatures and protecting the identity privacy of receiver. When the decrypted plaintext contains illegal words, the receiver can request to trusted third party (TTP) to trace the signer, the trusted third party (TTP) interaction with the ring member to find the signer. In avoid leaking the privacy information of receiver, and receiver’s privacy information or input data. Before identify tracing, scheme adopts zero-knowledge proof (ZKP) technology verify the legitimacy of receiver and protect the privacy of the receiver. At last, trusted third party (TTP) returns the public key of the traced signer to the receiver. Based on the computational Diffie-Hellman difficult problem, the scheme is proved to satisfy the security of signature unforgeability under the random oracle model. Compared with the existing schemes, the experimental results show that the scheme reduces the time of signature by 47.521%, the time of verification by 45.915%, and the time of traceability by 16.630%, which proves that the scheme is more effective.

In IoT(Internet of Things) Traditional authentication methods, such as passwords or public-key cryptography, often encounter challenges related to security, efficiency, and scalability. In response, Present work proposed a streamlined alternative utilizing Zero-knowledge proofs(ZKPs), allowing users to prove their identity with minimal exposure to sensitive information. Emphasizing the need for optimization in computational resources, this approach becomes particularly valuable in the context of Internet of Things application(IOTA). Current work introduces a novel method for authentication that combines the concept of isomorphic graphs from multi-graph ZKP with ZeroKnowledge Succinct Non-Interactive Argument of Knowledge (Zk-SNARKs), along with multi-threading in the IOTA ecosystem. This advancement represents a significant step forward in scalability and provides a solution to the increasing need for secure and effective authentication methods.

This study presents an innovative authentication scheme that integrates physical unclonable functions (PUFs) and zero-knowledge proofs (ZKPs) to provide efficient and secure authentication for Internet of Things (IoT) devices. Traditional PUF-based protocols offer strong security but incur high resource costs and slow authentication. To address this, we propose a joint scheme. First, a unified architecture combining a PUF–true random number generator (TRNG) is introduced. This architecture utilizes a feedback permutation obfuscation mechanism and an arbitration delay deviation with a metastable design from a ring oscillator, ensuring the PUF–TRNG system possesses both attack resistance and true random properties. The architecture provides synchronization for both PUF and TRNG in the protocol. Next, we integrate Schnorr’s ZKP with a PUF-based key encapsulation and reconstruction scheme to construct an end-to-end anonymous identity authentication protocol that does not require real-time participation of a trusted third party. The protocol requires only two handshakes, significantly reducing the number of protocol rounds compared to related protocols. Finally, the PUF–TRNG architecture has been implemented on the Xilinx XC7A100T development board. Experimental results show that the PUF circuit effectively resists various modeling attacks. Formal verification with ProVerif demonstrates confidentiality, mutual authentication, and robustness against mainstream attacks. The protocol reduces area overhead and computational time by 43.04% and 42.99%, respectively, compared to similar protocols.

Online growth leads organizations to demand protected systems that protect privacy while managing identities. Traditional identity systems maintain centralized control that exposes users to data breaches while requiring new security solutions. A blockchain-enabled identity management solution was designed to implement zero-knowledge proofs (ZKP) for authentication methods with distributed execution of user credentials. The system uses Ethereum alongside Hyperledger Fabric platforms and runs simulations through Hyperledger Caliper platforms. The results demonstrate significant improvements in key performance metrics: The system delivered verification accuracy at 98.7% privacy leakage reached 0.05% while transaction latency fell under 125 ms and TPS scalability reached 950. The proposed model delivered superior privacy guarantees and operating efficiency. Future advancements in decentralized identity management build upon a reliable platform that ensures both privacy preservation and secure identity solutions.

Vehicle platoon (VP), as a typical form of traffic cooperation, can significantly enhance traffic efficiency and safety in Vehicular Ad hoc Networks (VANETs). However, malicious vehicles in VP poses a severe threat to the security of entire VP, requiring to be efficiently traced by identity authentication. In this paper, we propose a lattice-based efficient and traceable privacy-preserving batch authentication scheme for vehicle platoon in VANETs, named LETA. First, we design a dynamic VP identity structure VPD-Tree which is constructed based on hash tree and pseudonyms of vehicles to preserve privacy. Then, an aggregate signature is constructed based on VPD-tree and modular lattice for secure and efficient batch authentication of VP. Finally, Zero-Knowledge Proofs (ZKP) is applied on the VPD-Tree structure to anonymously and efficiently trace the malicious vehicles of VP. Security analysis shows that LETA achieves stronger security guarantees, thereby offering a more secure solution than existing approaches. Moreover, performance evaluations show that LETA achieves lower computation and communication overheads through the VPD-tree structure and efficient batch authentication scheme.

The digitization of medical records in the healthcare sector demands robust mechanisms to ensure data confidentiality, integrity, and privacy. This paper proposes an innovative multi-factor authentication (MFA) mechanism that leverages smart contracts and blockchain technology to secure the tracking of medical records. The proposed system, named Blockchain Authentication with Zero-Knowledge Proof (BAZKP), provides a tamper-proof environment for storing and accessing records while preserving users’ personally identifiable information (PII). A key novelty of BAZKP lies in storing only the character count structure of passwords rather than the actual credentials, combined with zero-knowledge proofs (ZKP) to verify identity without exposing sensitive data. This hybrid blockchain/ZKP approach addresses limitations of centralized and hardware-based solutions, reducing vulnerabilities while avoiding the cost and usability constraints of dedicated hardware systems. The system was implemented and tested on a private Ethereum testnet, with a proof-of-concept application developed using Solidity, Web3.js, and MetaMask. Performance evaluation over 100 transactions for core operations (registration, login, and password reset) demonstrated practical viability: registration incurred the highest latency (≈4500 ms) and gas consumption (≈120,000 gas), while login and reset operations were more efficient (≈4000 ms/80,000 gas and ≈3500 ms/60,000 gas, respectively). Comparative security analysis against existing MFA methods—including 2FA, hardware tokens, and biometrics—confirms that BAZKP provides superior privacy protection through decentralization and ZKP, without the cost and usability drawbacks of hardware-based solutions. Overall, this approach enhances trust in digital health systems by offering a secure, transparent, and privacy-preserving authentication framework for medical data, representing a significant advancement in digital healthcare security. Keywords: Blockchain; Multi-Factor Authentication; Smart Contracts; Zero-Knowledge Proof; Medical Record Security.

Anonymity forms the basis of decentralized ecosystems, leading to an increase in criminal activities such as money laundering and illegal currency trading. Especially in blockchain-based metaverse services, activities such as preventing sexual crimes and verifying the identity of adults are becoming essential. Therefore, avatar authentication and the KYC (Know Your Customer) process have become crucial elements. This paper proposes a mechanism to achieve the KYC process by verifying user identity using smart contracts. Users obtain an SBT (Soul Bound Token) from the metaverse service provider through the DID (Decentralized Identity) credential issued during the KYC process. The identity verification of avatars occurs within smart contracts, ensuring user privacy and protection through ZKP (Zero Knowledge Proof). Tools for generating ZKP are also provided, enabling users, even those who are unfamiliar with ZKP, to use them conveniently. Additionally, an integrated wallet is offered to seamlessly manage DID credentials and SBTs. Furthermore, in case of avatar identity issues, users can request an audit by the issuer through the associated DID tokens.

No abstract available

Systems for generating and managing digital identities are in the process of being transformed to improve data sharing security and increase decentralization. Addressing both issues, a theoretical solution to create and manage Self-Sovereign Identities (SSI) is proposed using two Zero-Knowledge Proof (ZKP) protocols based on the discrete logarithm difficulty. Automorphism group properties are introduced to link several identities, their identifiers and attributes to produce a proof. The proposed SSI protocol does not encounter the problem of reusing the same secret key as in the case of the initial ZKP Schnorr protocol. The designed protocol ensures minimal disclosure of information to a single trusted third party. In addition, it allows zero disclosure of information to service providers requiring proof of authentication or identification. Such a SSI protocol is compliant with Electronic IDentification And Trust Services (eIDAS) as well as General Data Protection Regulation (GDPR) regulations.

This research addresses the critical vulnerabilities inherent in centralized identity management systems, which aresusceptible to single points of failure, data breaches, and profound privacy violations. To mitigate these risks, we propose and detailthe architectural design of a novel, decentralized identity framework that integrates blockchain technology with biometricauthentication and advanced cryptographic principles.The proposed methodology generates a unique, blockchain-based identity for each user by cryptographically hashing personal dataand biometric templates (fingerprint and facial recognition) using SHA-256. Identity verification for service providers is facilitatedby access tokens issued via smart contracts, which allow for authentication without direct access to sensitive biometric data. Thesystem enforces secure access by validating tokens against real-time biometric verification, with automatic revocation uponmismatch.The framework incorporates a Zero-Knowledge Proof (ZKP) mechanism to enable privacy-preserving verification, allowing usersto authenticate their identity while withholding the underlying data. Decentralized storage of hashed biometric templates is achievedthrough integration with the Internet Computer Protocol (ICP), thereby eliminating centralized points of failure. The system'sperformance is rigorously evaluated using key metrics, including the False Acceptance Rate (FAR), False Rejection Rate (FRR),token generation latency, and blockchain transaction throughput.This work's primary contribution is the development of a resilient, interoperable, and privacy-centric model for digital identity. Theresults demonstrate enhanced security and a reduced risk of identity theft, positioning this solution as a secure and scalablealternative to traditional centralized identity infrastructures.

No abstract available

Digital credentials represent crucial elements of digital identity on the Internet. Credentials should have specific properties that allow them to achieve privacy-preserving capabilities. One of these properties is selective disclosure, which allows users to disclose only the claims or attributes they must. This paper presents a novel approach to selective disclosure BLS-MT-ZKP that combines existing cryptographic primitives: Boneh-Lynn-Shacham (BLS) signatures, Merkle hash trees (MT) and zero-knowledge proof (ZKP) method called Bulletproofs. Combining these methods, we achieve selective disclosure of claims while conforming to selective disclosure requirements. New requirements are defined based on the definition of selective disclosure and privacy spectrum. Besides selective disclosure, specific use cases for equating digital credentials with paper credentials are achieved. The proposed approach was compared to the existing solutions, and its security, threat, performance and limitation analysis was done. For validation, a proof-of-concept was implemented, and the execution time was measured to demonstrate the practicality and efficiency of the approach.

: The Internet of Things (IoT) is extensively applied across various industrial domains, such as smart homes, factories, and intelligent transportation, becoming integral to daily life. Establishing robust policies for managing and governing IoT devices is imperative. Secure authentication for IoT devices in resource-constrained environments remains challenging due to the limitations of conventional complex protocols. Prior methodologies enhanced mutual authentication through key exchange protocols or complex operations, which are impractical for lightweight devices. To address this, our study introduces the privacy-preserving software-defined range proof (SDRP) model, which achieves secure authentication with low complexity. SDRP minimizes the overhead of confidentiality and authentication processes by utilizing range proof to verify whether the attribute information of a user falls within a specific range. Since authentication is performed using a digital ID sequence generated from indirect personal data, it can avoid the disclosure of actual individual attributes. Experimental results demonstrate that SDRP significantly improves security efficiency, increasing it by an average of 93.02% compared to conventional methods. It mitigates the trade-off between security and efficiency by reducing leakage risk by an average of 98.7%.

Performing effective supervision in blockchain networks while preserving public anonymity has long been a challenging issue. Existing solutions often depend on third-party institutions or dual-chain architectures to monitor and recover user identities, but these approaches pose significant risks, such as identity disclosure and increased interchain communication costs. To address these concerns, this article proposes a novel supervised scheme based on threshold secret-sharing (TSS) and zero-knowledge proof (ZKP) on anonymous accounts on the blockchain called TSS-ZKP, while integrating regulatory authority (RA) and multiple traceability centers (TC). Compared to traditional single RA, TSS-ZKP decentralizes the RA and storage across multiple TCs, significantly reducing the risk of user identity leakage by a single RA. By TSS-ZKP, user identities are recovered through the collaborative generation of subsecrets by the RA and TCs, without storing actual identity information. By leveraging elliptic curves and using hash functions as secret labels, TSS-ZKP achieves lightweight operations, allowing TCs to efficiently locate subsecrets without extensive traversal. The comprehensive analysis of security and privacy demonstrated that TSS-ZKP effectively safeguards user privacy while enabling feasible supervision. In addition, comparison experimental results show that the time consumption of the TSS-ZKP is about 30% of that of the comparison scheme. Meanwhile, the simulation results highlight the practicality of the scheme, showing that TSS-ZKP significantly reduces the delays in the identity recovery process while maintaining high usability. In general, TSS-ZKP provides a safer and more feasible solution for enabling the supervision of blockchain accounts.

No abstract available

With the rapid advancement of blockchain technology and modern cryptographic methods, achieving efficient privacy preservation while maintaining robust security has become a critical challenge. To address this issue, this paper proposes a blockchain-based aggregated zero-knowledge proof (ZKP) scheme tailored for electronic voting applications. The proposed scheme leverages zero-knowledge proof techniques to authenticate voter identities while preserving privacy by preventing the disclosure of any sensitive voter information. Furthermore, it supports the aggregation of multiple ZKPs, significantly enhancing verification efficiency. To improve system synchronization and security, the scheme incorporates the Chinese cryptographic algorithm ZUC for dynamic updates of shared secret information. A comprehensive security analysis demonstrates that the scheme is secure under the Computational Diffie-Hellman (CDH) assumption. Performance evaluation indicates that, under the condition of updating shared secrets twice every 24 hours and with a voting population of 20, the proposed approach reduces communication overhead by 33.3% and computation overhead by 37.1% to 89.5% compared to existing methods. These results demonstrate that the proposed scheme outperforms comparable solutions in both communication and computational efficiency, making it well-suited for electronic voting scenarios that demand frequent identity verification and strong privacy guarantees.

No abstract available

Zero-knowledge protocols (ZKPs) allow a party to prove the validation of secret information to some other party without revealing any information about the secret itself. Appropriate, effective, and efficient use of cryptographic ZKPs contributes to many novel advances in real-world privacy-preserving frameworks. One of the most important type of cryptographic ZKPs is the zero-knowledge range proofs (ZKRPs). Such proofs have wide range of applications such as anonymous credentials, cryptocurrencies, e-cash schemes etc. In many ZKRPs the secret is represented in binary then committed via a suitable commitment scheme. Though there exist different base approaches on bilinear paring-based and RSA-like based constructions, to our knowledge there is no study on investigating the discrete logarithm-based constructions. In this study, we focus on a range proof construction produced by Mao in 1998. This protocol contains a bit commitment scheme with an OR-construction. We investigate the effect of different base approach on Mao's range proof and compare the efficiency of these basis approaches. To this end, we have extended Mao's range proof to base-3 with a modified OR-proof. We derive the number of computations in modulo exponentiations and the cost of the number of integers exchanged between parties. Then, we have generalized these costs for the base-u construction. Here, we mainly show that comparing with other base approaches, the base-3 approach consistently provides approximately 12% efficiency in computation cost and 10% efficiency in communication cost. We implemented the base-3 protocol and demonstrated that the results are consistent with our theoretical computations.

No abstract available

No abstract available

The widespread adoption of e-health systems raises critical concerns regarding data privacy and network security. Ensuring secure and reliable data sharing between patients and healthcare professionals remains a significant challenge. To address this, we propose a novel anonymous authentication scheme tailored for e-health environments, integrating zero-knowledge proof (ZKP) with multimodal biometrics. Our key contributions are as follows: (1) applying the Pedersen vector commitment algorithm to construct a biometric-based ZKP scheme, thereby ensuring enhanced security and privacy-preserving authentication; (2) utilizing multimodal cancelable biometrics generate (MCBG) technology, integrating fingerprint, face, and iris modalities to strengthen the security of the verification process; and (3) providing a detailed security analysis that demonstrates our scheme meets essential security requirements, including anonymity, authenticity, unlinkability, forward security, and resistance to replay attacks. Experimental results demonstrate stable proving and verification time of approximately 78 ms and 140 ms, respectively, regardless of the proof range, validating its efficiency and practicality for secure authentication in e-health systems.

The explosive gains of FinTech-enabled digital payments have raised concerns about transaction privacy, the leaking of identity information and regulatory compliance on public blockchains. Existing privacy-preserving payment solutions either have a high computational overhead or do not offer controlled auditability as demanded by financial regulators. This research addresses the problem of ensuring good privacy of transactions while guaranteeing lawful transparency of decentralized payment systems. The goal is to create a blockchain payment framework that incorporates zero-knowledge proof (ZKP) which will ensure payer anonymity, transaction unlinkability and selective regulatory disclosure. The proposed method combines cryptographic identity commitments, private transaction circuits with zk-SNARK and gas optimized smart contract verification with controlled audit proofs. The framework is tested on the Private-FinPay data set that contains two million transactions. Experimental results indicate that the proposed ZKP-FinPay can achieve $\mathbf{1, 2 0 0}$ transactions per second, verification latency of $\mathbf{1 2 0}$ ms, anonymity set of 50,000 users, and 0.5% probability of privacy leakage, which is better than the five state-of-the-art privacypreserving payment protocols. These findings confirm the viability of regulatory-compliant privacy preservation of FinTech blockchain systems as being technically feasible and practically scalable.

This paper presents a framework that integrates the Coalition for Content Provenance and Authenticity (C2PA) standard with Zero-Knowledge Proofs (ZKPs), specifically the Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs), to enable verifiable yet privacy-preserving authentication of digital images. Using the ZoKrates toolkit, the system derives a non-revealing fingerprint from the image, generates a succinct proof of integrity, and embeds this proof into C2PA-compliant metadata without exposing the underlying content. The proof can be verified locally or on the Ethereum blockchain using a Groth16 smart contract verifier, providing decentralized and auditably transparent validation. This capability allows journalists, victims, and legal professionals to attest to the existence and integrity of sensitive evidence while deferring its disclosure. Experimental results show that proof verification is highly efficient, requiring approximately 0.01 s, and that the entire workflow is reproducible within containerized environments. The proposed integration of zk-SNARKs with C2PA establishes a practical foundation for secure digital provenance, privacy-preserving evidence management, and strengthened trust in digital media ecosystems.

The need to send secure messages without having to disclose additional information beyond the content; checking data integrity without having visibility into the data itself; Providing the integrity of various systems through validation that does not require the disclosure of sensitive data leads to the discovery of the potential of Zero Knowledge Proof (ZKP) and the technique of Smart Questioning (SQ) to verify the authenticity of the given statement, which involves asking specific questions.

Summary: The system proposed in this study uses zero-knowledge proof (ZKP) to verify the traceability of wood recorded in a public blockchain. Wood is a byproduct of several states, ranging from standing trees to logs, lumber, and wood products (hereinafter “wood objects”) . The advantage of using the blockchain for record keeping is that participants can freely record the information at their discretion, without any restrictions. However, the openness of the blockchain may allow a malicious third party to introduce disinformation. In this study, we employ ZKP and near-field communication (NFC) chips to eliminate the possibility of disinformation introduction. ZKP is used to prove/validate changes in the state of wood objects, and the unique nonce associated with that state is encrypted and recorded on an NFC chip. The nonce is concealed and id of the wood object is defined as hash value of this nonce. We developed a prototype system based on an Android application and an Ethereum smart contract. We confirm that wood traceability and verification can be performed using the prototype system.

No abstract available

Digital identity verification has become crucial to every service in daily life. The privacy concerns associated with traditional Know Your Customer (KYC) systems have come to the forefront. These systems often require the sharing of personal information, which is stored in centralized databases, making them vulnerable to unauthorized access. To address these challenges, this work implements an electronic KYC system with selective disclosure using Merkle Tree and Zero-Knowledge Proofs (ZKP). Selective disclosure enables users to share only the necessary information, thereby reducing the exposure of sensitive data. ZKP enables the verification of this information without revealing the actual data, ensuring that privacy is preserved. The combination of selective disclosure and zkSNARKs in the proposed framework provides a solution for generating a single proof compared to multiple market proofs. This work demonstrates significant improvements in privacy protection compared to traditional identification systems. The implementation process and performance evaluation explore its potential impact on eKYC.

In the decentralized Internet environment, growing awareness of user data sovereignty has raised higher requirements for privacy protection in blockchain scenarios. To enhance the security and controllability of data authorization, this study develops a model integrating zero-knowledge proof (ZKP), field disclosure control, and multi-party joint verification. The ZKP ensures verifiable privacy, field disclosure control minimizes data exposure, and multi-party verification strengthens consistency and tamper resistance. Through this collaborative integration, the model forms a unified framework for secure and transparent data authorization. Experimental results on two blockchain datasets show that the model outperforms comparison approaches in authorization accuracy, field matching consistency, and verification efficiency, achieving a minimum verification loss of 0.248 and a true positive rate of 96.8%. Under simulation conditions, it maintains stable performance across different complexity levels, with authorization accuracy of 95.1% and field validation consistency of 96.5%. Compared with traditional single-mechanism methods, the model delivers comprehensive improvements in privacy strength, verification transparency, and collaborative trust, demonstrating strong potential for application in high-sensitivity blockchain privacy protection scenarios, particularly in privacy-critical domains such as healthcare record management, financial data exchange, and supply chain traceability.

Integrating third-party Machine Learning (ML) models into industrial Operational Technology (OT) creates a procurement deadlock: operators cannot verify vendor performance claims without sharing representative evaluation data with vendors, while vendors refuse to reveal proprietary model weights before purchase, rendering traditional safeguards such as Non-Disclosure Agreements technically unenforceable. This paper introduces a framework combining Zero-Knowledge Proofs (ZKPs) with smart contracts to enable trust-minimized, cryptographically verifiable competitive model procurement in Industrial Cyber-Physical Systems (ICPS). Vendors cryptographically prove that their model outperforms a legacy baseline without disclosing proprietary weights, a process we term cryptographic performance attestation, while the on-chain workflow automates escrow, proof verification, and best-vendor selection with arbiter-based dispute resolution. ZKP privacy is scoped to vendor model weights; operator-side evaluation-data confidentiality is managed separately via synthetic, de-identified, or public benchmark data. We analyze three ZKP workflow variations and evaluate them on consumer-grade hardware, achieving proving times of approximately three seconds and sub-dollar on-chain verification costs under Layer-2 fee assumptions for the recommended single-proof variation, while identifying computational trade-offs of recursive proof aggregation. The entire verification phase operates offline with no impact on real-time OT control paths, bridging the IT/OT pre-transaction trust gap while deferring artifact deployment to existing OT tooling.

Zero-Knowledge Proofs (ZKPs) have emerged as a powerful tool for secure and privacy-preserving computation. ZKPs enable one party to convince another of a statement's validity without revealing anything else. This capability has profound implications in many domains, including: machine learning, blockchain, image authentication, and electronic voting. Despite their potential, ZKPs have seen limited deployment because of their exceptionally high computational overhead, which manifests primarily during proof generation. To mitigate these overheads, a (growing) body of researchers have proposed hardware accelerators and GPU implementations of kernels and complete protocols. Prior art spans a wide variety of ZKP schemes that vary significantly in computational overhead, proof size, verifier cost, protocol setup, and trust. The latest, and widely used ZKP protocols are intentionally designed to balance these trade-offs. A particular challenge in modern ZKP systems is supporting complex, high-degree gates using the SumCheck protocol. We address this challenge with a novel programmable accelerator to efficiently handle arbitrary custom gates via SumCheck. Our accelerator achieves upwards of $1000 \times$ geomean speedup over CPU-based SumChecks across a range of gate types. We include this unit in zkPHIRE, a programmable, full-system accelerator that accelerates the HyperPlonk protocol. zkPHIRE achieves $1486 \times$ geomean speedup over CPU and $11.87 \times$ geomean speedup over the state-of-the-art at iso-area. Together, these results demonstrate compelling performance while scaling to large problem sizes (upwards of 230 constraints) and maintaining small proof sizes ($4-5$ KB).

Blockchain-based systems ensures data immutability and traceability, making them well suited for decentralized content governance. However, conventional metadata anchoring strategies remain static and task-agnostic, resulting in suboptimal trade-offs between auditability, privacy, and scalability. To address this limitation, we propose a Task-Driven Dynamic Metadata Mapping (TDMM) mechanism that adapts anchoring strategies based on task semantics and user roles. TDMM classifies metadata into three distinct anchoring types: full on-chain anchoring for audit-critical tasks, selective disclosure via zero-knowledge proofs (ZKPs) for sensitive attributes, and off-chain reference anchoring for general-purpose metadata. A dedicated mapping controller dynamically routes metadata fields to the appropriate anchoring mode according to predefined task policies. To preserve privacy without sacrificing verifiability, TDMM incorporates a hybrid ZKP architecture that processes proofs off-chain while anchoring verification results on-chain. We implement TDMM on a Hyperledger Fabric network, augmented with IPFS and Circom-based ZKP tooling. Experimental results show that TDMM significantly reduces on-chain storage overhead, lowers re-identification risk, and supports task-appropriate latency and throughput trade-offs, demonstrating its effectiveness in balancing transparency, privacy, and scalability in decentralized metadata governance.

Web-based credit card payments require complete disclosure of all payment card details for transaction authorization. The card’s CVV (Card Verification Value) is the secret code that authorizes card not presented transactions. Currently, all payment card details must be shared among various intermediaries involved in processing the transaction. To mitigate the risks associated with fraudulent transactions, industries have adopted security standards such as the PCI DSS. Credit card data confidentiality rests on all involved stakeholders adhering to best security practices, including data communication encryption, and do not misuse the payment information. However, this security posture does not prevent potential credit card data leaks. We propose an alternative method for conducting remote card payments that does not require disclosing the authorization code while ensuring high interoperability with existing payment networks. Our approach demonstrates how designated verifier Zero-Knowledge Proofs (ZKP) enable minimal disclosure of card details, particularly protecting the confidentiality of authorization codes.

Privacy remains a significant challenge in public blockchain ecosystems. Mainstream add-on privacy solutions, such as Stealth Address Protocols (SAPs) and Zero-Knowledge Proof (ZKP)-based mixers, have recently attracted considerable attention. However, existing SAPs offer only ephemeral anonymity for users' transaction data, and their implementation and evaluation within the highly concurrent Unspent Transaction Output (UTXO) model remain largely unexplored. ZKP-based mixers are limited to native coin transfers with fixed denominations and require additional security assumptions, employing out-of-band encrypted channels to transmit notes. To overcome these challenges, we unify the core principles underlying both SAPs and ZKP mixers and formally introduce StealthHub, a UTXObased SAP. Compared with the widely adopted dual-key-based Umbra protocol prevalent on Ethereum Virtual Machine (EVM)-compatible chains, StealthHub reduces computational overhead for the prepare and scan announcements stages by over 71% and 32%, respectively. Furthermore, by leveraging Merkle Mountain Range (MMR) commitments and off-chain batch aggregation, our StealthHub implementation lowers deposit and shielded transfer transaction costs to approximately 76% of those for a standard transfer, substantially improving practical usability.

As the world transitions toward digital-first governance and civic participation, ensuring the security and integrity of voting systems has become a critical concern. Traditional evoting mechanisms, although convenient, suffer from a range of vulnerabilities - including voter impersonation, double voting, identity leaks, and tampering by insiders or external adversaries. ECC-EXONUM-eVOTING was previously proposed to mitigate many of these issues through elliptic curve cryptography (ECC), Zero-Knowledge Proofs (ZKP), and Exonum private blockchain. In this paper, we extend the capabilities of ECC-EXONUMeVOTING by integrating two novel modules aimed at enhancing both system intelligence and accessibility. First, we implement an AI-based fraud detection system using unsupervised anomaly detection techniques that proactively identify and block fraudulent voting behaviors in real time. Second, we introduce a secure offline voting architecture designed for voters in remote or lowconnectivity regions, using QR-based tokenization and Merkle-root-based integrity proofs for delayed blockchain synchronization. Through simulations, algorithmic validation, and comparative analysis, we demonstrate how these enhancements significantly increase the robustness, scalability, and real-world applicability of blockchain-based voting systems.

In the graph of an increasingly interconnected and data-driven world, strong, secure, and privacypreserving authentication systems come as cardinal. Traditional methods of authentication have rarely met the requirements in terms of security, scalability, and privacy of the user. The present models are prone to data breaches, unauthorized access, and opacity in authentication transactions. In this paper, we propose the BlockchainEnhanced Zero-Knowledge Proof Authentication model, where current blockchain technology is combined with state-of-the-art zero-knowledge proof protocols to improve security, privacy, and transparency. To this end, the BZKPA framework uses ZK-SNARKs and ZK-STARKs for performing private identity verification without the disclosure of sensitive sets of information. The aforesaid protocols guarantee compact, efficient, and scalable proof generation and verification processes. The model makes use of blockchain's distributed ledger technology to form an immutable and tamper-proof record for the purpose of tracing and integrity in authentication transactions. Inherent consensus mechanisms within blockchain enhance the security resilience of BZKPA against unauthorized access and cyber attacks. On the other hand, the workflow of BZKPA involves user registration and initialization of credentials, initiation of an authentication request, generation of zero-knowledge proof, verification of proof, and blockchain recording of valid authentication transactions. It means secure and privacy-preserving authentication, with transparency and auditability enabled by blockchain technology. Critical considerations addressed in the implementation of BZKPA shall be related to cryptographic security, blockchain platform selection, smart contract development, compliance with privacy and data protection, scalability, and interoperability. Applications of BZKPA range from financial services to healthcare, government, supply chain, and IoT, and even decentralized applications, providing enhanced security and privacy for a digital identity verification process. The model proposed by BZKPA offers several improvements in the authentication system, covering the famous limitations and lacunas of the previous methods and developing a strong solution for secure, transparent, and privacy-preserving authentication. Its adoption can be a new bar of digital identity verification, strengthen the defense of cybersecurity, and further empower users over their digital identities against varied contexts.

The cross-chain technology, as a key driver for enhancing the interoperability of blockchains, enables asset transfer and exchange between different blockchains. At present, cross-chain models based on light clients are widely adopted due to their fully decentralized nature and applicability to diverse scenarios. However, the rapid advancement of on-chain analysis techniques, such as address linkage and fund flow tracking, has significantly increased risks of deanonymization in cross-chain transactions, posing serious privacy challenges. In this article, we propose <monospace>SharedRXC</monospace>, a privacy-preserving asset cross-chain scheme for the light-client cross-chain model, which guarantees address unlinkability without extra privacy trust assumptions. First, to hide cross-chain addresses during interchain transmission, we propose the ring account (RA) to replace a single address for sending or receiving funds. In addition, we propose a zero-knowledge proof (ZKP)-based method to verify the virtual identity ownership, allowing the virtual identity to track fund balances without exposing the addresses. Second, to prevent the exposure of the link between an address and its virtual identity caused by fund amount differences during deposits or withdrawals, which would compromise address unlinkability, we propose the shared Burn/Mint method to obscure on-chain fund change differences. Based on the liability equalization mechanism, we design two privacy-preserving cross-chain protocols: the cross-chain asset transfer (<inline-formula> <tex-math notation="LaTeX">$\mathit {SharedRXC}.\mathcal {T}$ </tex-math></inline-formula>) and exchange (<inline-formula> <tex-math notation="LaTeX">$\mathit {SharedRXC}.\mathcal {E}$ </tex-math></inline-formula>) protocols. Finally, we evaluate <inline-formula> <tex-math notation="LaTeX">$\mathit {SharedRXC}.\mathcal {T}$ </tex-math></inline-formula> and <inline-formula> <tex-math notation="LaTeX">$\mathit {SharedRXC}.\mathcal {E}$ </tex-math></inline-formula>, which reduce gas costs by 30%–40% compared with zkCross and achieve execution times in the millisecond range. Therefore, <monospace>SharedRXC</monospace> provides a practical privacy-preserving solution for cross-chain financial applications in the multichain ecosystem.

No abstract available

As cyber-crimes have become more complex network forensics has become an essential element of cybersecurity investigations. However, conventional forensic techniques are confronted with challenges such as data privacy, integrity, and secure authentication of evidence. This paper suggests a privacy-preserving AI-augmented forensic framework that uses Zero-Knowledge Proofs (ZKP) for authenticating forensics securely and blockchain for tamper-evident forensic storage. The intended framework employs AI and ML strategies for real-time intrusion detection real-time intrusion detection, anomaly recognition, and cyber-attack attribution, radically enhancing forensic efficacy and investigative productivity. Experimental evidence obtained with the UNSW-NB15 dataset provides evidence that the AI model offers a detection rate of 97.5% accompanied by precision as high as 96.8% and a recall of as much as 98.2% to ensure good cyber threat classification. Moreover, the verification process of ZKP takes only 1.2 milliseconds, allowing for fast forensic validation with data confidentiality being maintained. The blockchain-based logging system for forensics has an overhead of merely 0.35 MB per transaction, allowing tamper-proof and scalable storage of forensic data. The findings confirm that integrating AI, ZKP, and blockchain improves forensic trustworthiness at the cost of reduced data exposure. This work adds to developing privacy-protecting forensic techniques and offers a secure, scalable solution for contemporary cybercrime investigations.

Zero-knowledge proofs (ZKPs) are widely applied in digital economies, such as cryptocurrencies and smart contracts, for establishing trust and ensuring privacy between untrusted parties. However, almost all ZKPs rely on unproven computational assumptions or are vulnerable to quantum adversaries. We propose and experimentally implement an unconditionally secure ZKP for the graph three-coloring problem by combining subset relativistic bit commitments with quantum nonlocality game. Our protocol achieves a linear relationship between interactive rounds and the number of edges, reducing round complexity and storage requirements by thirteen orders of magnitude, thereby significantly enhancing practical feasibility. Our work illustrates the powerful potential of integrating special relativity with quantum theory in trustless cryptography, paving the way for robust applications against quantum attacks in distrustful internet environments.

Enhancing digital security has become essential in the age of decentralized systems. Zero-Knowledge Proof (ZKP) is a cryptographic method that allows one party to demonstrate ownership of certain knowledge without disclosing the actual data. When used with blockchain, Zero-Knowledge Proofs significantly improve privacy, validation, and data secrecy. This study investigates the use of Zero-Knowledge Proof in blockchain environments to enhance trustless authentication, secure transactions, and identity safeguarding. The main aim is to provide safe conversations while preserving transparency and anonymity. The immutable characteristics of blockchain, together with the privacy-preserving protocols of zero-knowledge proofs, allow applications like secret smart contracts, decentralized identification systems, and safe voting methods. The collaboration between blockchain and zero-knowledge proofs mitigates data exposure concerns and diminishes dependence on conventional centralized verification. This strategy aids in the development of robust digital infrastructures that can withstand cyber-attacks and data breaches. The incorporation of Zero-Knowledge Proof in blockchain signifies a progressive improvement in the protection of sensitive digital transactions across several industries.

No abstract available

No abstract available

E-voting systems often face risks such as data breaches, vote manipulation, and lack of voter confidence. Balancing security and anonymity has posed significant obstacles that obscured the immense potential of electronic voting systems. This paper addresses critical challenges in e-voting, including security vulnerabilities, lack of transparency, scalability and user accessibility issues. We propose a privacy-preserving framework to tackle these challenges, enhancing the security, transparency and scalability of e-voting systems. Our framework leverages blockchain to provide a tamper-evident ledger, zero-knowledge proofs to ensure ballot secrecy and data integrity and Merkle Trees to facilitate data storage in a scalable manner. Furthermore, we present findings of the framework's performance that was conducted under an e-voting use case, while we suggest improvements towards an even more secure and transparent framework.

No abstract available

Blockchain technology has gained widespread adoption across various industries due to its decentralized and transparent nature. However, its inherent characteristics, such as immutability and openness, expose the system to critical security threats and privacy concerns. This study aims to develop a comprehensive framework to enhance blockchain security and privacy, addressing prevalent challenges such as data breaches, transaction anonymity, and resistance to cyberattacks. The proposed framework integrates advanced cryptographic techniques, including Zero Knowledge Proofs (ZKP), Secure Multi Party Computation (SMPC), and enhanced encryption protocols, alongside innovative consensus mechanisms to improve system robustness. A simulation-based evaluation and a real-world case study were conducted to validate the framework. The results demonstrate significant improvements in mitigating security vulnerabilities, such as 51% attacks and double spending, while ensuring enhanced privacy through anonymized data handling and confidentiality-preserving transactions. Furthermore, the case study confirmed the framework's practicality and adaptability across diverse applications. These findings highlight the proposed framework's potential to establish a secure and privacy-preserving blockchain ecosystem, offering a solid foundation for future research and implementation in both public and private blockchain networks.

Ensuring secure and efficient authentication in Vehicular Ad Hoc Networks (VANETs) is vital for real-time communication and network resilience. However, traditional authentication mechanisms, such as Elliptic Curve Cryptography (ECC) and Public Key Infrastructure (PKI), face significant challenges, including high computational overhead, complex certificate revocation, and vulnerability to quantum attacks. To overcome these limitations, we propose a lattice-based authentication protocol that integrates post-quantum cryptography (PQC), zero-knowledge proofs (ZKPs), and fog computing for secure Vehicle-to-Roadside (V2R) communication. Our protocol offers quantum resistance, decentralized authentication, and dynamic pseudonym updates, enhancing both security and privacy in VANETs. Performance evaluations demonstrate that our approach achieves lower message delay (0.8), reduced packet loss ratio (0.6), minimal communication overhead (0.7), and the fastest authentication delay (0.5) compared to ECC and Physically Unclonable Function (PUF)-based methods. Additionally, formal security analysis confirms that our scheme effectively mitigates impersonation, replay, tracking, and quantum attacks, ensuring a scalable and future-proof authentication mechanism for next-generation VANETs.

With the current prevalence of digitization of health care records comes the issues of data privacy, security, and interoperability typical in traditional health information systems. This paper proposes a Blockchain-Powered Secure Health Data Exchange that utilizes smart contracts, cryptographic algorithms (AES-256, ECDSA), and a decentralized ledger to improve patient privacy and interoperability. This paper presents a novel blockchain-based monitoring mechanism tailored for EHRs: RUDDER—real-time, universal, decentralized, distributed, and enciphered data regulation for EHRs. Using role-based access control (RBAC) and zero-knowledge proofs (ZKP), the architecture prevents unauthorized access in our patient-centric model. This approach enabled the Practical Byzantine Fault Tolerance (PBFT) consensus mechanism, which offers high transaction throughput and latency. In addition, we create an interoperability layer that is FHIR compliant and allows for continued data exchange between the hospitals, research institutions, and the insurer. Experimental results show that significant gains have been achieved with a 500% increase in scalability, 99.6% lower operational costs, and 90% lower energy consumption compared to their conventional counterparts. The new framework that was proposed is a scalable, secure, and cost-effective solution for next-generation healthcare data management. The future work will cover AI-based anomaly detection and quantum-resistant cryptography that can improve security and efficiency.

The rapid development of the automotive Industrial Internet of Things requires secure networking infrastructure toward digitalization. Cybertwin (CT) is a next-generation networking architecture that serves as a communication, and digital asset owner, and can make the Vehicle-to-Everything (V2X) network flexible and secure. However, CT itself can publish end users’ digital assets to other entities as a service, making data security and privacy major obstacles in the realization of V2X applications. Motivated from the aforementioned discussion, this article presents BDTwin, a blockchain and deep-learning-based integrated framework to enhance security and privacy in CT-driven V2X applications. Specifically, a blockchain scheme is designed to ensure secure communication among vehicles, roadside units, CT-edge server, and cloud server using a smart contract-based enhance-Proof-of-Work (ePoW) and Zero Knowledge Proof (ZKP)-based verification process. Smart contracts are used to enforce rules and regulations that govern the behavior of V2X entities in a nondeniable and automated manner. In a deep-learning scheme, an autoregressive-deep variational autoencoder model is combined with attention-based bidirectional long short-term memory (A-BLSTM) for automatic feature extraction and attack detection by analyzing CT-edge servers data in a V2X environment. Security analysis and experimental results using two different sources, ToN-IoT and CICIDS-2017 show the superiority of the proposed BDTwin framework over some baseline and recent state-of-the-art techniques.

This research introduced a new novel “Unified Quantum-Resilient Blockchain-Zero-Knowledge Proofs Privacy Authentication Framework (QBC-ZKPAF)” to upgrade the IoT environments with greater security. To enable privacy-preserving authentication, access control, and secure communication, the framework integrates blockchain technology with Zero Trust Architecture (ZTA) and post-quantum cryptography. A hybrid Reinforcement-Lattice Blockchain KeyGen for quantum-resilient key generation, Deep Q-Network Multi-Factor Secure Key (DQN-MFSK) for dynamic selection of keys, and Zero-Knowledge Proof for privacy-preserving signatures are employed to achieve secure IoT settings. This architecture entails data privacy and confidentiality, auditability and traceability, and withstanding evolving threats, including potential threats in terms of quantum attacks. It then uses blockchain technology for recording unalterable data of identity and access management while Zero-Knowledge Proofs (ZKP) ensures authentication and verification without revealing sensitive information. By decentralizing identity management and enabling multi-factor authentication, QBC-ZKPAF provides robust security and privacy solutions for IoT networks. The experimental results demonstrate the model’s effectiveness with 98% privacy preservation, 700 TPS throughput, 0.7 J energy consumption, 0.98 quantum resilience, and 96% access control effectiveness, making it highly suitable for modern IoT and blockchain applications.

Zero Knowledge Proof (ZKP) is a very effective method of preserving privacy as it hides the most confidential information throughout the transaction. In this paper, we present a security and privacy-preserving approach for blockchain that relies on account and multi-data asset models using the Zero Knowledge Proof (ZKP) mechanism. We provide options for transferring data assets and detecting duplicate expenditures, and we also develop transaction structures, anonymised addresses and anonymised metadata for the data assets. To create and validate the ZKP, we use the zk-SNARKs algorithm and specify validation criteria for masked transactions, and finally conduct experimental tests to validate it. Creating better algorithms for ZKP will be the focus of our future efforts.

In blockchain based decentralized finance, cross-chain payment channel is a crucial component for achieving the interoperability among different software-defined blockchain systems. However, there are still some challenges in existing payment channels scenarios. First, payment channels need to be established through intermediaries with service fees, but no one has developed a suitable strategy for pricing the service fees currently. Second, these scenarios disclose sensitive information when intermediaries are engaged with cross-chain requests. Last but not least, the payment channel established currently tend to lack robust mechanisms for protecting the details of transactions during trading phase. To address the above challenges, this paper proposes a zero knowledge empowered payment channel to enhance privacy and transaction details protection with intermediary pricing strategy. Specifically, we develop the pricing strategy based on GARCH model with market dynamics. Moreover, we design a mechanism based on Pedersen commitments for verifiable proofs to preserve privacy in cross-chain requests. Finally, we construct the payment channel with zk-SNARKs to guard transaction details during trading phase. The experiment demonstrates our approach develops optimal pricing strategy and offer enhanced privacy and anonymity assurances.

Traditionally, health records are kept in siloed data storages of different health organizations. Today, all patients’ EHRs (Electronic Health Records) are used and shared with different institutes and research facilities without their consent. To protect and overcome pitfalls of generic systems, we introduce a new hybrid system called Hybrid Patient Data Vault (HPDV). This hybrid system can help patients securely share their health information in a manner that could allow them to share only what is necessary or in need-to-know basis. We detail the system’s components, workflows, and emergency protocols, emphasizing patient-centric design. Through a STRIDE-based threat model and simulations of key metrics like transaction latency and ZKP generation time, we demonstrate HPDV’s security and feasibility. Our evaluation shows it outperforms monolithic approaches in auditability and privacy, with ZKP proofs generated in under 7 seconds on standard devices. This work demonstrates a practical modern approach for secure, patient-controlled health data exchange.

This article proposes a novel blockchain-based architecture for cross-border payments that integrates self-sovereign identity (SSI) and zero-knowledge proofs (ZKPs) to address the fundamental challenges of traditional systems. The proposed framework enables near-instant settlement while preserving privacy and ensuring regulatory compliance by design. By layering an identity infrastructure with ZKP-gated smart-contract escrows and regulatory oracles, the system allows participants to prove compliance with jurisdiction-specific requirements without revealing sensitive personal data. The architecture comprises three interconnected layers — identity, value, and compliance — that work together to streamline remittances, business transactions, and international payroll processes. Comparative analysis demonstrates significant advantages over both correspondent banking and current blockchain networks in terms of settlement speed, transaction costs, fraud prevention, and automated compliance. While the approach faces challenges, including network adoption barriers, technical scalability, and governance complexity, this study outlines promising directions for future development, particularly in the context of emerging central bank digital currencies (CBDCs) and regulated stablecoins.

This paper discusses the obstacles to the capitalization of data elements, such as the difficulties in confirming data ownership, trust deficit, privacy breaches, and inefficiency of transactions, through a distributed solution based on blockchain technology. First, a data ownership confirmation mechanism based on a consortium blockchain is established by using the Merkle tree and PBFT (Practical Byzantine Fault Tolerance) consensus algorithm to achieve transparency and traceability of data ownership. Second, a multi-dimensional data value evaluation and RF-BP (Random Forest-Back Propagation) dynamic pricing mechanism are established by using machine learning algorithms to evaluate the value of data assets in a scientific manner. Third, a smart contract is established for pricing and payment, in order to achieve transaction automation and clearing and settlement. Finally, ZKP (Zero-Knowledge Proof) technology is applied to develop a mechanism for verifying compliance and privacy of data under the proposition of public review and "visible, invisible". Experimental results show that the proposed method reduces the average leakage risk and defense success rate under various attacks to 8.57 % and 97.1%, respectively. In terms of transaction efficiency, the proposed method achieves a throughput of 1250 TPS (Transactions Per Second) with a latency of 120 milliseconds at a 50-node scale. Overall performance is demonstrated with a confirmation and transaction success rate of 99.2% and 97.8%, respectively. The suggested framework provides reliable confirmation of data elements, scientific pricing, efficient trading and transaction processes, and privacy protection. It can support the vision of developing a secure, transparent and efficient market for data element circulation with technical feasibility and performance.

Property transactions in the UK are increasingly adopting blockchain technology to enhance efficiency, transparency, and security. However, the inherent transparency of blockchain raises significant data privacy risks and regulatory compliance challenges, particularly under the UK General Data Protection Regulation (UK GDPR). This study examines the role of Zero-Knowledge Proofs (ZKPs) in addressing these concerns by enabling transaction validation while preserving confidentiality. Using entropy measures, k-anonymity analysis, and logistic regression, this research quantitatively assesses the privacy risks, effectiveness of ZKPs, and regulatory acceptance in blockchain-based property transactions. The findings reveal that 65.5% of transactions remain highly or moderately identifiable, posing privacy vulnerabilities under UK data protection laws. ZKP-enabled transactions significantly enhance confidentiality, achieving a 92.5% transaction privacy score, compared to 48.3% for non-ZKP transactions. However, these privacy gains come at a 67.8% increase in transaction costs, highlighting a critical trade-off between security and efficiency. Regulatory approval rates for ZKP-based blockchain platforms stand at 72.5%, suggesting a strong potential for compliance advantages. While ZKPs improve privacy and regulatory alignment, challenges remain in terms of computational overhead, transaction costs, and adoption barriers. To facilitate large-scale implementation, this study recommends optimizing zk-Rollups for efficiency, developing clear policy frameworks, and enhancing collaboration between regulators, industry stakeholders, and blockchain developers. These steps are essential to ensuring a balance between privacy, scalability, and compliance, paving the way for secure and legally sound blockchain-based property transactions in the UK.

The rapid digitization of e-government systems has introduced significant privacy challenges, including unauthorized data access and identity theft, which threaten the integrity and trustworthiness of public services. This study proposes a privacy protection framework based on Zero-Knowledge Proofs (ZKP), a cryptographic technique enabling secure verification without revealing sensitive information. The framework addresses critical privacy concerns such as secure identity verification, data confidentiality, and compliance with regulatory standards. By integrating advanced ZKP schemes, including Succinct Non-Interactive Arguments of Knowledge (zk-SNARKs) and Bulletproofs, the framework ensures efficient proof generation and verification while minimizing computational overhead. A performance evaluation demonstrated that the proposed framework reduces privacy risks by 78% and achieves a threefold increase in transaction throughput compared to traditional cryptographic methods, such as Rivest–Shamir–Adleman (RSA) and Public Key Infrastructure (PKI). The scalability and efficiency of the framework were validated through extensive computational overhead analysis and comparative benchmarking. Additionally, trusted setup optimizations and constraint system modeling were employed to enhance the framework’s robustness and adaptability for large-scale e-government applications.

In response to the growing demand for secure and transparent digital elections, this paper presents a blockchain based Smart Election System that leverages advanced cryptographic and artificial intelligence techniques to ensure privacy, scalability, and verifiability. The proposed system integrates multi-factor authentication, Zero-Knowledge Proofs (ZKPs), smart contracts, and a sharded blockchain ledger to enable real-time, tamper-proof voting. Additionally, an Artificial intelligence based anomaly detection module monitors voting behaviour to flag suspicious patterns.Experimental evaluation demonstrates that the system achieves an average vote transaction latency of 1100ms with sharding, compared to 2800ms without it. The throughput increases from 130 to 220 votes/sec when sharding is enabled. ZKP integration ensures privacy at the cost of a moderate increase in validation time from 130ms to 230ms. The anomaly detection model, based on supervised learning, attained 92% precision, 88% recall, and an F1-score of 90%, ensuring proactive fraud detection. These results confirm the system’s effectiveness in delivering a smart scalable, private, and trustworthy e-voting platform suitable for national and institutional elections.

To address the core challenges of information asymmetry, privacy leakage, and low storage efficiency in rice supply chains, this study proposes an enhanced traceability system that integrates blockchain, adaptive encryption, and lightweight zero‐knowledge proofs. The system features a dynamic role‐based encryption model, where encryption levels are determined by both data sensitivity and role‐based weights. This model was designed and validated through surveys involving 50 stakeholders. By adopting an on‐chain and off‐chain collaborative storage architecture that leverages Merkle trees and IPFS, the system achieves a 67% reduction in storage overhead. Furthermore, an optimized Groth16‐based ZKP protocol ensures rapid verification in under 180 ms on ARM‐based devices. Experimental results demonstrate that, at a scale of 100,000 records, the system attains a transaction processing capacity of 328 TPS and an information entropy of 3.87, representing a 51% improvement over single‐layer encryption schemes. The monthly deployment cost remains affordable for smallholder farmers, ranging from $2 to $5. The system also supports interoperability with external traceability frameworks through cross‐chain channels and adaptation to the GS1 EPCIS standard, facilitating trusted collaboration in transnational rice supply chains. By effectively balancing data integrity and privacy protection, this solution significantly enhances system scalability and offers a novel pathway for the digital transformation of agricultural supply chains.

With rapidly increasing drug abuse across the world, it is imperative to monitor their supply chain with sufficient transparency. Blockchain is a common solution for achieving transparency in supply chain monitoring, but it does not have sufficient throughput for large-scale supply chains. It is challenging to achieve throughput and privacy simultaneously because complex dependencies among the supply chain events and the need for aggregation both make the application of ZKP challenging. We present PrivHChain, a privacy-preserving hierarchical blockchain that preserves transaction privacy even against blockchain peers while allowing them to verify record consistencies. This is enabled by novel modeling of supply chain events which makes it possible to use novel efficient zero-knowledge protocol schemes to verify the complex dependencies. Novel aggregation techniques are proposed to enable the proof aggregation, and the proofs are used to design monitoring protocols. PrivHChain is implemented and validated with extensive experiments and simulations. The results indicate that (i) the extra overhead of encryption and ZKP schemes is acceptable or negligible, and (ii) the throughput is improved by up to 5 times in simulations even with all the encryption/ZKP schemes.

Zero-knowledge proof (ZKP) frameworks have the potential to revolutionize the handling of sensitive data in various domains. However, deploying ZKP frameworks with real-world data presents several challenges, including scalability, usability, and interoperability. In this project, we present Fact Fortress, an end-to-end framework for designing and deploying zero-knowledge proofs of general statements. Our solution leverages proofs of data provenance and auditable data access policies to ensure the trustworthiness of how sensitive data is handled and provide assurance of the computations that have been performed on it. ZKP is mostly associated with blockchain technology, where it enhances transaction privacy and scalability through rollups, addressing the data inherent to the blockchain. Our approach focuses on safeguarding the privacy of data external to the blockchain, with the blockchain serving as publicly auditable infrastructure to verify the validity of ZK proofs and track how data access has been granted without revealing the data itself. Additionally, our framework provides high-level abstractions that enable developers to express complex computations without worrying about the underlying arithmetic circuits and facilitates the deployment of on-chain verifiers. Although our approach demonstrated fair scalability for large datasets, there is still room for improvement, and further work is needed to enhance its scalability. By enabling on-chain verification of computation and data provenance without revealing any information about the data itself, our solution ensures the integrity of the computations on the data while preserving its privacy.

Ensuring the reliable, auditable, and privacy-oriented distribution of donations in disaster logistics constitutes a critical challenge due to multi-stakeholder coordination difficulties and the risk of misuse. This study presents a modular architecture, named SecureRelief, operating on a permissioned Hyperledger Fabric platform. The architecture integrates authentication based on Self-Sovereign Identity (SSI), Decentralized Identifiers (DID), and WebAuthn, together with Attribute-Based Access Control (ABAC), and enables the verification of delivery evidence through privacy-preserving validation using zero-knowledge proofs (ZKP). Documents are stored off-chain on the InterPlanetary File System (IPFS), while only cryptographic summary (hash) values sufficient for integrity verification are maintained on-chain. In scenario-based laboratory experiments, the blockchain layer demonstrated low latency (p95 < 16 ms) and stable transaction throughput, confirming its scalability. While the API layer handled high burst request loads with a 0% error rate, the additional computational overhead introduced by the integrated privacy-preserving (ZKP) mechanisms kept the end-to-end transaction latency within acceptable limits for disaster management applications (3.5–4.5 s).

. In response to the growing need for secure, scalable, and transparent election processes, this study explores an advanced modular e-voting architecture that leverages the limitations of traditional and blockchain-based voting systems. While some previous systems eliminated many of the challenges of election fraud and manipulation via immutability and decentralization, they are still riddled with high transaction costs, scalability limits, centralized biometric storage, and the lack of a verifiable audit trail. This paper introduces a new framework that integrates several novel technologies, such as Decentralized Identity (DID), Federated Learning (FL), Zero-Knowledge Proofs (ZKP), Homomorphic Encryption, and Directed Acyclic Graph (DAG)-based Distributed Ledger Technology to realize a secure, private, and tamper-evident digital voting solution. The architecture is composed of four important phases, namely: voter onboarding using DIDs and verified credentials, AI-based eligibility assessment using on-device federated agents, privacy-protected vote casting using ZKP and encryption, and verifiable homomorphic tallying during post-election aggregation. Paired with the ability to achieve near-instant finality and zero-cost submissions, this approach addresses one of the major drawbacks of traditional blockchain used as a voting system, the complexity of smart contracts and gas fees, using DAG-based networks like IOTA or Hedera. Furthermore, the integration of VDFs and edge-based machine learning introduces a novel layer of defense against coercion, impersonation, and automated attacks. The architecture inherently supports inclusiveness through multimedia mobile interfaces and decentralized biometric verification, making it suitable for deployment in digitally underprivileged regions. As a result, the proposed technology offers a decentralized, transparent, scalable, and privacy-preserving solution for democratic participation in an increasingly digital future.

Traditional fundraising methods often struggle with issues such as limited transparency, high intermediary costs, and inefficiencies in fund distribution, leading to donor mistrust and reduced participation. This paper introduces a secure, decentralized fundraising framework that leverages Ethereum based smart contracts, Web3 wallet integration, and IPFS for decentralized storage. The proposed system eliminates the need for intermediaries, enabling automated, tamper proof transactions and real time fund tracking. Key features include KYC based fundraiser verification, zero-knowledge proof (ZKP) for privacy, and zk rollup technology for improved scalability. Performance evaluations demonstrate low transaction latency, optimized gas consumption, and successful end to end integration with blockchain APIs. The system offers a practical alternative to conventional platforms by enhancing transparency, reducing operational costs, and ensuring accountable fund distribution. This framework has the potential to transform the future of charitable giving and crowdfunding through blockchain innovation.

The article examines cryptographic methods of zero-knowledge proof (ZKP) as a tool for overcoming information asymmetry in data markets. The theoretical foundations of ZKP are considered, including their formal properties and classification, as well as practical application scenarios in digital identification systems, confidential auctions, machine learning and data management. The impact of ZKP on the behavior of economic agents, transaction costs and market structure is analyzed. Both potential benefits of the technology — increased trust and automated verification — and risks associated with computational complexity and possible participant segmentation are identified. The study concludes that further development of hybrid privacy architectures and regulatory mechanisms is necessary to support open data markets.

High-value payment transactions (HVTs) face heightened exposure to money laundering risks due to their large monetary volumes, cross-jurisdictional nature, and the increasing complexity of financial networks. Traditional Anti-Money Laundering (AML) procedures rely heavily on sharing customer identities, transactional attributes, and risk-model outputs across institutions and regulators—creating substantial privacy, security, and data-handling risks. Zero-Knowledge Proofs (ZKPs) offer a transformative alternative by enabling financial institutions to prove compliance with AML requirements without revealing the underlying sensitive information. This paper examines the design and application of ZKP-based compliance frameworks for HVT ecosystems, detailing how AML checks—including KYC verification, sanctions screening, transaction-amount threshold validation, behavioral-risk scoring, and source-of-funds assessment—can be cryptographically attested through privacy-preserving proofs. We propose a hybrid architecture that combines off-chain AML computation with an on-chain ZKP verification and audit layer supported by secure regulatory nodes. Through structured workflows and proof types such as range proofs, list membership proofs, and rule-compliance circuits, the model ensures regulatory oversight while maintaining strict confidentiality. The study also evaluates the performance implications of ZKP systems in high-volume transaction environments and addresses security, interoperability, and oracle-reliability concerns. Ultimately, ZKP-enabled AML frameworks demonstrate significant potential to enhance compliance efficiency, reduce data-exposure risk, and strengthen trust across global payment networks. The paper concludes by outlining future research opportunities, including AI-driven AML circuits, cross-border ZKP interoperability standards, and integration with decentralized identity solutions.

This research paper presents the development of an electronic voting system that utilizes blockchain technology and Zero Knowledge Proof to enhance privacy and security during voting. Electronic voting systems have many issues regarding privacy, data integrity, and proper transparency, whereas traditional voting systems face the issue of being cost-effective. This research has solved the previously mentioned issues by using ZKP over the polygon network. Furthermore, ZKP, along with blockchain technology, helps in the decen-tralization, immutability, and transparency of the stored data while maintaining the confidentiality of the voter identity in the process of authentication and vote validation. Moreover, cryptographic verification is aided through role management and a user interface, which results in a quicker verification process than traditional methods. Using a polygon network as the medium for conducting tests has shown a low transaction cost of 0.010 POL to facilitate voting while providing substantial privacy. The approach presented in this research has significantly improved over traditional E-voting systems in terms of cost, security, and scalability, indicating that this approach is better suited for election processes today.

This paper introduces a Cyber-Physical System (CPS) that can be used to improve privacy protection in enterprise Blockchain (BC) systems, particularly in Hyperledger Fabric (HF). The proposed CPS employs advanced methods to facilitate a privacy-preserving authorization mechanism. Using data masking, Homomorphic Encryption (HE), and complex digital signatures, the model ensures the confidentiality of transaction data during the authorization process. Additionally, the implementation of Secure Multiparty Computation (SMC) and Zero-Knowledge Proofs (ZKP) enhances the security of the data by preventing unauthorized personnel from accessing it and ensuring that the approving peers remain anonymous. The solution proposed in the paper addresses the problems of conventional centralized access control, which can be manipulated and has data leakage problems. Experimental results have proved the design’s practical applicability and security trade-off, providing a robust foundation for enterprises to adopt privacy-preserving BC. Thus, the HF platform integration demonstrates the model’s real-world applicability, which developed a secure, scalable, and efficient solution for handling sensitive transactions in distributed networks.

This study presented a verified federated edge AI architecture that is supported by blockchain technology. It tackles the important problems of trust, privacy, and transparency in AI collaboration between different organizations. The framework successfully addresses federated learning (FL) issues like malicious updates, free-rider participation, and auditability gaps by incorporating zero-knowledge proofs (ZKPs) for secure model update verification, a lightweight blockchain consensus for efficient transaction recording, and an adaptive incentive mechanism to reward verified contributions. Experiments on healthcare, financial, and IoT datasets verified the edge-optimized architecture's reduced latency, low communication cost, and better resilience against model poisoning assaults. Notwithstanding these improvements, the system's efficacy is affected by the computing overhead of cryptographic operations, the complexity of the models, and the heterogeneity of the networks. In the future, we want to improve ZKP schemes to speed up verification, provide support for heterogeneous multi-modal data, and strengthen assurances by combining privacy-enhancing technologies like differential privacy. To further evaluate scalability, interoperability, and regulatory compliance under practical deployment scenarios, large-scale real-world pilots will be conducted across healthcare, finance, and smart city infrastructures.

This study designs and implements a blockchain-based decentralised ETF trading platform architecture, deploying smart contract clusters through the Arbitrum network to achieve ETF asset management, trading and redemption functions. Experimental evaluation shows that the platform achieves a transaction confirmation time of 19.7 seconds and a functional success rate of more than 99.8%, while reducing the transaction cost by 66.7%. The hybrid trading mechanism combines the advantages of AMM and order book to effectively increase liquidity utilisation to 56%.ZKP technology application achieves user privacy and compliance balance. The research results demonstrate that the blockchain-driven ETF trading model outperforms the traditional model in terms of asset transparency, trading efficiency and user autonomy, and provides an innovative solution for financial asset management.

The modern financial ecosystem is characterized by a "liquidity paradox": while digitization has accelerated transaction speeds, liquidity remains siloed across disparate asset classes such as equities, cryptocurrencies, and loyalty points. This fragmentation forces consumers to manually liquidate assets into fiat currency prior to transaction, creating friction, latency, and opportunity costs. This paper proposes the "Just-In-Time Liquidity Protocol" (JIT-LP), a novel neuro-symbolic architecture that decouples "value" from "currency" at the point of sale. By utilizing autonomous AI agents acting as fiduciaries for both payer and payee, the protocol negotiates the optimal composition of a payment in real-time, executing atomic swaps across ISO 20022 payment rails. I present the architectural design of the JIT-LP, detailing the interaction between edge-hosted Portfolio Agents and Treasury Agents. Furthermore, I introduce a Zero-Knowledge Proof (ZKP) mechanism for verifying solvency without compromising user asset privacy. Theoretical modeling suggests that JIT-LP can reduce consumer overdraft incidents by utilizing idle asset liquidity while offering merchants dynamic inventory-based discounting. This paradigm shift from static message exchange to agentic negotiation redefines the payment network as a real-time value optimization layer.

This paper explores how Zero-Knowledge Proofs (ZKPs) can enhance the privacy and security of decentralized supply chains. Although blockchain technology enhances supply chain transparency, it also reveals sensitive information, including supplier identities, pricing strategies, and transaction volumes. ZKPs offer a feasible approach in that subjects can authenticate data without revealing the underlying data, whilst keeping the information confidential and maintaining trust. In this study, the main performance indicators, including the time to verify a transaction (0.48 seconds), communication overhead (1.3 KB proof size), and privacy (95) in the ZKP-based system, are examined. ZKPs can enhance economic security by eliminating risks, such as industrial espionage and counterparty fraud, that can arise from publicly accessible data in historical blockchain systems. The performance of ZKP-enabled networks is also compared with that of traditional transparent blockchain systems. The major benefits are data privacy (95 % in ZKPs and 40 % in traditional systems) and scalability (80 % high and 60 % moderate). The paper also discusses how AI-based ZKP generation can speed up proof generation and automated compliance auditing to uphold regulatory compliance, including the General Data Protection Regulation (GDPR) and Anti-Money Laundering (AML). By incorporating AI into the ZKP procedure, proof generation can be sped up, yielding significant improvements in efficiency. This study finds that ZKPs can provide an effective approach to decentralized supply chain security, privacy, efficiency, and regulatory compliance, thereby making global trade activities more secure, transparent, and efficient.

Many existing anonymous parking payment schemes lack high efficiency and flexibility. For instance, the calculation and communication costs involved in payment may linearly increase with the payment amount. In this paper, we propose an anonymous payment system (dubbed AnoPay) for vehicle parking, which leverages updatable attribute-based anonymous credentials and efficient zero-knowledge proof (ZKP) to achieve user anonymity and constant overhead for parking fee payment. To further improve the efficiency, we design a secure parking fee aggregation protocol based on linear homomorphic encryption to aggregate parking transactions, where the amount of each parking transaction is hidden and the privacy of the parking lot in terms of its revenue is guaranteed. AnoPay achieves both unlinkability and accountability, malicious payments can be efficiently traced when it is necessary. We provide a security model and rigorous proof for each security property of AnoPay. Extensive experiments and comparisons demonstrate the efficiency and practicality of the system.

With the rapid development of Zero-Knowledge Proofs (ZKPs), particularly Succinct Non-Interactive Arguments of Knowledge (SNARKs), benchmarking various ZK tools has become a valuable task. ZK-friendly hash functions, as key algorithms in blockchain, have garnered significant attention. Therefore, comprehensive benchmarking and evaluations of these evolving algorithms in ZK circuits present both promising opportunities and challenges. Additionally, we focus on a popular ZKP application, privacy-preserving transaction protocols, aiming to leverage SNARKs' cost-efficiency through"batch processing"to address high on-chain costs and compliance issues. To this end, we benchmarked three SNARK proving systems and five ZK-friendly hash functions, including our self-developed circuit templates for Poseidon2, Neptune, and GMiMC, on the bn254 curve within the circom-snarkjs framework. We also introduced the role of"sequencer"in our SNARK-based privacy-preserving transaction scheme to enhance efficiency and enable flexible auditing. We conducted privacy and security analyses, as well as implementation and evaluation on Ethereum Virtual Machine (EVM)-compatible chains. The results indicate that Poseidon and Poseidon2 demonstrate superior memory usage and runtime during proof generation under Groth16. Moreover, compared to the baseline, Poseidon2 not only generates proofs faster but also reduces on-chain costs by 73% on EVM chains and nearly 26% on Hedera. Our work provides a benchmark for ZK-friendly hash functions and ZK tools, while also exploring cost efficiency and compliance in ZKP-based privacy-preserving transaction protocols.

Preserving privacy in blockchain-based systems is crucial for ensuring anonymity and confidentiality during transactions. While cryptographic solutions can address on-chain privacy concerns, their implementation on blockchains may introduce performance overhead, which remains unclear to researchers and practitioners. This paper investigates the performance impact of integrating zero-knowledge proofs (ZKPs) into the widely adopted permissioned blockchain framework called Hyperledger Fabric. The study focuses on evaluating the scalability and bottleneck aspects of blockchain platforms incorporating ZKPs. Through comprehensive experimentation and analysis, the study reveals that the integration of ZKPs compromises performance in terms of transaction rates and latency, while effectively safeguarding users’ personal information. Implementing on-chain ZKP feature would result in a performance loss of 30% to 87.5% in various experimental configurations in Hyperledger Fabric. The findings presented in this paper are informative for the design and implementation of blockchain-based systems with strict privacy requirements.

Latest identity systems rely on public blockchains to enhance user autonomy and reduce tracking from conventional identity providers. At the same time, identity systems integrate novel technologies such as zero-knowledge proofs (ZKPs) to improve data privacy and data compliance. We show that a naive verification of ZKPs at smart contracts enables replay attacks: Attackers can replay ZKPs at arbitrary times without having access to the private inputs that are required for the computation of the ZKP. To solve this problem, we construct a transaction sequence which verifies time-bound and replay-resistant ZKPs at smart contracts. Our construction introduces an additional but constant fee of 0.14${\$}$ per verification of a ZKP on the public blockchain Ethereum. With our new construction, we propose Portal, a novel identity system for decentralized single sign-on.

In the domain of Industrial Internet of Things (IIoT), the demand for robust and secure methods for goods tracking and management has become growingly critical. Conventional methods face significant challenges, including authentication, computational overhead, cyber security, and data integrity. To address these issues, this paper proposes a block-chain based system for goods management and tracking with enhanced authentication mechanism by leveraging the decentralized nature of block-chain technology and integrating Elliptic Curve Digital Signature Algorithm (ECDSA) with Elliptic Curve Cryptography-Zero Knowledge Proof (ECC-ZKP). The proposed solution aims to ensure the authenticity and the integrity for all the transaction while providing high level privacy-preserving verification without revealing information. The research in this paper demonstrates that the proposed block-chain-based system significantly enhances security performance, key management and operational efficiency, addressing the existing challenges in IIoT goods tracking and management, providing a resilient framework for more secure industrial operations in managing goods.

No abstract available

Every transaction is made public and verified by a third party, and the transparency of blockchain applications leads to privacy leaks. Everyone can access the transaction, making it easier for network analysis to identify the user's identity, which is a major problem with the blockchain. Financial institutions have become hesitant to adopt blockchain technology; as a result, preventing its spread. To confirm that encryption and security are maintained for transactions in the blockchain, this research introduces a zero‐knowledge proof (ZKP) based transaction validation scheme. To increase the security of blockchain applications, the proposed lattice‐based blind ring signature (LBRS) scheme integrates blind and ring signatures and is applied to sensitive data. The data are encrypted using this encryption scheme before being stored with the transactional information in the blocks. The encrypted data is then stored in the blocks, which users can retrieve after verification. The encrypted data is then stored in blocks, which users can retrieve after verification. A verification scheme based on the ZKP is used to prevent unauthorized access and changes to the data. The proposed LBRS scheme meets the security analysis requirement. The performance of an LBRS scheme is compared to other relevant models in terms of execution time, encryption time, and decryption time. Overall, the results are more encouraging and reassuring than other relevant works of interest. Finally, this model provides better computational security and satisfies the requirements like correctness and security analysis.