Symmetric–Asymmetric Security Synergy: A Quantum-Resilient Hybrid Blockchain Framework for Incognito IoT Data Sharing ^†

Abstract

Secure and auditable data sharing in large-scale Internet of Things (IoT) environments remains a significant challenge due to weak trust coordination, limited scalability, and susceptibility to emerging quantum attacks. This study introduces a hybrid blockchain-based framework that integrates post-quantum cryptography with intelligent anomaly detection to ensure end-to-end data integrity and resilience. The proposed system utilizes Hyperledger Fabric for permissioned device lifecycle management and Ethereum for public auditability of encrypted telemetry, thereby providing both private control and transparent verification. Device identities are established using quantum-entropy-seeded credentials and safeguarded with lattice-based encryption to withstand quantum adversaries. A convolutional long short-term memory (CNN–LSTM) model continuously monitors device behavior, facilitating real-time trust scoring and autonomous revocation via smart contract triggers. Experimental results demonstrate 97.4% anomaly detection accuracy and a 0.968 F1-score, supporting up to 1000 transactions per second with cross-chain latency below 6 s. These findings indicate that the proposed architecture delivers scalable, quantum-resilient, and computationally efficient data sharing suitable for mission-critical IoT deployments.

1. Introduction

The Internet of Things (IoT) ecosystem is experiencing exponential growth [1], with connected devices projected to increase from approximately 75 billion in 2025 to more than 125 billion by 2030, a rise of nearly 67% [2]. This expansion generates massive, heterogeneous data flows that enable real-time synchronization and collaboration across physical entities (PEs), digital twins, and service platforms. However, such large scale connectivity introduces new security, privacy, and trust challenges [3]. Conventional centralized and single-chain architectures struggle to provide verifiable integrity, privacy-preserving transparency, and scalable access control in these dynamic and decentralized environments [4]. Recent research has demonstrated the effectiveness of blockchain technology in enhancing data integrity, access control, and decentralised trust in IoT environments [5,6]. Permissioned blockchains have been shown to support efficient device authentication and access management, while public blockchains provide tamper-proof auditability and transparency [7]. In parallel, machine learning techniques have been widely adopted for intrusion detection and anomaly identification in IoT networks, achieving high detection accuracy under controlled settings [3]. These advances collectively establish a strong foundation for secure IoT data sharing security.

Despite significant advances in blockchain-based IoT security, current frameworks remain constrained in three main ways. First, most rely on classical cryptography, which is increasingly vulnerable to quantum attacks that can break RSA and ECC-based protocols. Second, single-chain systems offer limited scalability and transparency trade-offs, often unable to simultaneously ensure low-latency lifecycle management and public auditability. Third, machine learning-based intrusion detection schemes often operate independently of the blockchain layer, limiting real-time trust enforcement and automation. Motivated by the recent systematic review by ref. [8], which emphasises the integration of blockchain, post-quantum cryptography (PQC), and artificial intelligence (AI) into next-generation 6G security frameworks, this study proposes a quantum-resilient hybrid blockchain framework for secure and scalable IoT data sharing.

Unlike prior works that address only isolated aspects of IoT security, the novelty of this study lies in its unified and lifecycle-driven design. Classical blockchain approaches [9,10] provide static access control but lack quantum-resilient encryption and do not support autonomous revocation. Hybrid blockchain models [11,12] improve scalability but do not integrate intelligent anomaly detection or post-quantum credentials. Quantum-resilient designs [13,14] enhance cryptographic strength but remain limited to single-chain deployments and do not coordinate trust enforcement across private and public ledgers. In contrast, the proposed framework uniquely integrates: (i) a permissioned lifecycle governance model (registration → monitoring → anomaly-triggered revocation), (ii) a dual-layer hybrid blockchain architecture that separates internal trust control (Fabric/Raft) from external verifiability (Ethereum/PoW), (iii) quantum-entropy-seeded lattice encryption for post-quantum credentialing, and (iv) a CNN–LSTM anomaly detection engine that drives real-time trust scoring and automated revocation. This combined architecture provides end-to-end symmetry between private control and public auditability, yielding a quantum-resilient, scalable, and autonomously governed IoT data-sharing framework that is not achieved by existing approaches.

In this study, symmetry naturally arises from both the architectural and cryptographic foundations of the proposed framework. The hybrid blockchain model embodies structural symmetry through its dual-layer design, in which permissioned and public chains play complementary roles within a balanced, bi-directional trust cycle [15]. Likewise, lattice-based post-quantum cryptography leverages the algebraic symmetry of Learning With Errors (LWE) constructions, whose hardness relies on symmetric error distributions in high-dimensional vector spaces [16,17]. Quantum-entropy–seeded credential generation further exhibits probabilistic symmetry, producing uniformly distributed states that remain indistinguishable to both quantum and classical adversaries [18]. Collectively, these symmetry properties reinforce the robustness, auditability, and quantum resilience of the proposed incognito data-sharing architecture. Hence, the major contributions of this work are summarised as follows:

• Lifecycle-driven trust management: A permissioned blockchain mechanism for secure device registration, monitoring, and anomaly-triggered revocation in real time.
• Hybrid blockchain architecture: A dual-layer integration of Hyperledger Fabric (private control) and Ethereum (public verification) that supports scalable and auditable IoT data sharing.
• Quantum-resilient cryptography: A lattice-based encryption and quantum entropy seeded identity generation scheme that enhances post-quantum resistance in device communication.
• Intelligent anomaly detection: A CNN-LSTM-based model for behavioural trust scoring and autonomous revocation, ensuring adaptive and data-driven lifecycle control.

2. Related Works

Blockchain has emerged as a solid foundation for decentralized trust management in Industrial Internet of Things (IIoT) data-sharing systems [19]. Existing studies can be broadly grouped into three categories: (i) classical blockchain-based data-sharing schemes, (ii) hybrid blockchain frameworks, and (iii) quantum-resilient blockchain approaches. This section reviews these categories and positions the novelty of the proposed work within this landscape.

2.1. Classical Blockchain-Based Data Sharing

Early blockchain-based IoT frameworks primarily focused on secure data storage and access control using classical cryptography. Ref. [20] proposed a blockchain system incorporating device revocation and accountability through classical encryption to preserve user privacy. However, the design relied solely on a public blockchain layer for data storage and did not consider quantum-related attacks in its cryptographic selection. Similarly, ref. [21] introduced a traceable, anonymous healthcare data-sharing model that operates exclusively on a permissioned blockchain, providing data confidentiality but lacking scalability and post-quantum resilience.

For secure multiparty data sharing, ref. [22] developed an Attribute-Based Honey Encryption (IABHE) mechanism combined with a Deep Spiking Neural Network (DSNN) model (IABHE+DSNN) for secret-key generation. While these schemes enhanced confidentiality and accountability, the original data remained susceptible to exposure, and cryptographic primitives were vulnerable to quantum adversaries. These limitations motivated later work integrating quantum-resilient primitives into blockchain architectures.

2.2. Hybrid Blockchain Frameworks

Hybrid blockchain (HBC) designs emerged to balance scalability, transparency, and privacy by combining permissioned and public chains. For instance, ref. [12] introduced a Health-Data Security Hybrid Blockchain (HSHB) that implemented integrity checks and classical encryption but lacked post-quantum capabilities. Ref. [23] proposed an end-to-end communication framework using a hybrid blockchain to support cooperative IoT networks, improving interoperability yet still relying on traditional encryption and static trust models. Similarly, ref. [22] introduced a hybrid key encryption model that employed multiple chains but did not integrate intelligent anomaly detection or post-quantum security measures.

Overall, these hybrid solutions improved throughput and modularity compared with single-chain designs but remained limited in autonomous trust enforcement and quantum resistance, creating an opportunity for a more comprehensive hybrid architecture that integrates post-quantum security and intelligent lifecycle management.

2.3. Quantum-Resilient Blockchain Approaches

To mitigate quantum threats, several researchers have incorporated quantum-safe primitives into blockchain frameworks. Ref. [14] designed a quantum-resilient authentication protocol for blockchain-based data sharing. Although the protocol provides quantum safety, its implementation was restricted to a single-chain architecture and did not extend to a permissioned Hyperledger Fabric (HLF) environment. Ref. [13] integrated Kyber Post-Quantum Cryptography (PQC) with an Adaptive Grouping Score-based Practical Byzantine Fault Tolerance (AGS-PBFT) consensus algorithm, offering enhanced quantum resistance but limited external transparency since all operations occurred within a permissioned network. Ref. [24] proposed a lightweight quantum blockchain for privacy-preserving medical data sharing; however, the framework’s simplified structure hindered its scalability and access-control flexibility in complex IoT environments.

These quantum-resilient approaches demonstrate progress toward post-quantum security but largely omit the integration of machine-learning-based trust scoring or dual-layer synchronization across heterogeneous blockchains. Recent advances in blockchain, PQC, and quantum-enhanced security [25] reveal several forms of symmetry that are increasingly leveraged in modern architectures. Hybrid blockchain systems inherently express architectural symmetry by distributing trust between private and public ledgers, enabling mirrored validation paths and balanced consensus responsibilities [15]. Quantum-safe cryptographic schemes, especially lattice-based constructions, rely on symmetric algebraic structures and Learning With Errors (LWE) error distributions that underpin their resistance to both classical and quantum attacks [16,17]. Furthermore, quantum entropy generators yield near-uniform and statistically symmetric randomness profiles, which are essential for producing non-correlated keys and signatures [18]. These symmetry-centered mechanisms offer a conceptual foundation for integrating blockchain transparency, post-quantum security, and intelligent lifecycle management in next-generation IoT systems.

2.4. Comparative Analysis and Discussion

Table 1. Comparative Analysis of Proposed Method with Related Works.

Ref.	Target Area	Contributions & Limitations	DLM	ITD	QEC	HBC
[20]	Single chain + Classical encryption	Revocation and accountability; vulnerable to quantum attacks.	✔	×	×	×
[21]	Single chain	Anonymous data sharing; vulnerable to quantum attacks.	✔	✔	×	×
[22]	HBC	Hybrid key-encryption model; vulnerable to quantum attacks.	✔	×	×	✔
[14]	Single chain + QC	Quantum-safe authentication; limited scalability.	×	×	✔	×
[13]	Single chain + QC	Kyber PQC with AGS-PBFT consensus; internal transparency only.	×	×	✔	×
[24]	Single chain + QC	Lightweight quantum concept; low complexity but poor scalability.	×	×	✔	×
[12]	HBC + Classical encryption	Hybrid health-data security model; vulnerable to quantum attacks.	✔	×	×	✔
Ours	HBC + QC	Device lifecycle, anomaly detection, and quantum-secure hybrid blockchain.	✔	✔	✔	✔

✔Considered; × Not considered; DLM: Device Lifecycle Management; ITD: Intelligent Threat Detection; QEC: Quantum-Enhanced Credentials; HBC: Hybrid Blockchain.

summarizes representative studies and highlights their primary contributions and limitations relative to the proposed framework. A checkmark (✔) denotes that the feature was addressed in the respective study, whereas a cross (×) indicates omission. As observed, existing systems typically address one or two aspects such as device lifecycle or quantum resilience but seldom achieve all four dimensions: DLM, ITD, QEC, and HBC. Our method uniquely integrates these capabilities, achieving both post-quantum security and autonomous, hybrid trust management. In summary, classical blockchain models [20,21,22] provide foundational security but are computationally intensive and quantum-vulnerable. Hybrid frameworks [12,23] improved scalability and data interoperability but lacked autonomous revocation and quantum-grade encryption. Quantum-resilient designs [13,14,24] enhanced cryptographic strength but remained limited to single-chain structures and did not integrate intelligent threat detection.

Unlike these prior efforts, the proposed framework combines permissioned device lifecycle management, quantum entropy-seeded lattice encryption, and a CNN–LSTM anomaly detection engine within a dual-chain architecture. This integration enables real-time trust scoring, quantum-resilient credentialing, and transparent cross-chain verification, offering a more comprehensive and future-proof approach to secure IoT data sharing.

3. Methodology

This section details the architectural design and operational workflow of the proposed hybrid blockchain-based incognito data-sharing system. Throughout, we use incognito to mean (i) unlinkability between the device’s real identity and its public-chain telemetry anchor, and (ii) confidentiality of payloads at rest and on chain. These guarantees are achieved via permissioned lifecycle governance on Hyperledger Fabric (device identity, trust updates, revocation) and lattice-based encryption (LBE) for public-chain anchoring, such that only authorized parties can decrypt off-chain while auditors can still verify on-chain integrity.

To improve clarity, the overall operation of the proposed hybrid blockchain framework is summarised as a linear workflow, illustrated in Figure 1. The functional labels used in the figure (e.g., Device Registration, Anomaly Detection Model, Revocation List, and Data Upload) correspond directly to the core methodological components described in the manuscript, namely device lifecycle management, intelligent anomaly detection, revocation enforcement, and secure data sharing while the arrows indicate the chronological execution order of system operations rather than strict control dependencies between modules. Specifically, the framework operates through five sequential stages:

• device registration on the permissioned Hyperledger Fabric network,
• local post-quantum encryption of telemetry data using lattice-based encryption,
• continuous anomaly monitoring and trust scoring via the CNN–LSTM model,
• automated revocation enforcement for devices exhibiting anomalous behaviour, and
• anchoring of encrypted telemetry hashes and revocation proofs on the public Ethereum blockchain to ensure tamper-proof auditability.

Figure 1. Overall system architecture of the proposed hybrid blockchain-based IoT data-sharing framework. The component labels reflect functional roles in the manuscript, like device lifecycle management, anomaly detection and trust evaluation, revocation synchronisation, and secure encrypted data sharing across private and public blockchains.

Figure 1. Overall system architecture of the proposed hybrid blockchain-based IoT data-sharing framework. The component labels reflect functional roles in the manuscript, like device lifecycle management, anomaly detection and trust evaluation, revocation synchronisation, and secure encrypted data sharing across private and public blockchains.

For additional clarity, the functional components serve the following roles within the proposed framework.

• The Private Blockchain governs device trust by determining which devices are authorised, trusted, or revoked throughout their lifecycle.
• The Public Blockchain provides a transparent and tamper-proof audit layer that records cryptographic evidence of system decisions without revealing sensitive data.
• Device Registration represents the onboarding process through which an IoT device is assigned an approved digital identity on the permissioned ledger.
• The Anomaly Detection Model (ML) continuously evaluates device behaviour using network and metadata features to assign dynamic trust scores.
• Devices identified as malicious are recorded in the Revocation List, which functions as a blacklist of compromised or untrusted devices.
• The Revocation Sync mechanism ensures that revocation decisions are consistently propagated across all participating nodes.
• The Data Upload (Encrypted with LBE) component anchors encrypted telemetry records to the public blockchain, enabling integrity verification without exposing payload contents.
• Data Access & Decryption is restricted to authorised entities that possess the required cryptographic credentials.
• Finally, Malicious Activity Tracking provides a public audit trail of flagged behaviours and revocation events, supporting accountability and post-incident analysis.

Algorithm 1 presents a procedural workflow rather than an analytical optimisation model. It formalises the sequential execution logic of device registration, post-quantum encryption, anomaly detection, and blockchain-triggered revocation. As such, the algorithm is expressed in structured pseudocode to emphasize system orchestration and control flow, rather than a closed-form mathematical formulation. In particular, the anomaly detection pipeline operates on network/metadata features and does not require decryption of telemetry payloads to flag devices; decryption is reserved for authorised access workflows.

Algorithm 1 Hybrid blockchain incognito data sharing

Step 1. Start server Step 2. Register a Device on Private Blockchain Input: Device Info, Owner Info, Timestamp Procedure: The device is registered successfully Step 3. Revoke a Device Input: Device Info Procedure: The device is revoked successfully Step 4. Prepare Data Input: IoT device data, DeviceID Procedure: The device data is encrypted using LBE (post-quantum) Step 5. Record Shared Data on Public Blockchain Input: Encrypted data (ciphertext + metadata) Procedure: Encrypted anchor is stored on the public blockchain Step 6. Screen Anomaly Data Input: ML models (CNN–LSTM), metadata features Procedure: Updated Blockchain State    Extract network/metadata features (no payload decryption);    if Device behavior is Anomalous with ML then     Flag Device;     Revoke DeviceID in Private Blockchain;    else     Allow Data Sharing

3.1. Device Lifecycle Management

The proposed system enforces a robust device lifecycle to ensure integrity and trust: registration, anomaly detection, and revocation.

(1) Device Registration: Each IoT device is assigned a unique digital identity upon successful registration in the private blockchain network. The identity, denoted ${\mathcal{ID}}_i$, is linked with metadata such as owner information, timestamp, and a public key. These attributes are immutably recorded as:

$$\mathrm{Register}\left({\mathcal{ID}}_i\right)\to {\mathrm{Ledger}}_{\mathrm{private}}\ni ({\mathcal{ID}}_i,{\mathrm{PK}}_i,t_i).$$

(1)

(2) Anomaly Detection: We implement a hybrid 1D Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM) pipeline using the NSL-KDD dataset [26]. The input is $\mathbf{X}=[x_1,\dots ,x_T]\in {\mathbb{R}}^{T\times d}$, where each $x_t$ is a d-dimensional feature vector of network/metadata statistics at time t. For the CNN, we apply K learnable 1D filters ${\mathbf{w}}^{\left(k\right)}\in {\mathbb{R}}^h$ with kernel size h. We use same-length padding so that indices $x_{t+i}$ are well-defined at boundaries:

$$c_t^{\left(k\right)}=\mathrm{ReLU}\left(\sum _{i=0}^{h-1}{\mathbf{w}}_i^{\left(k\right)}·x_{t+i}+b^{\left(k\right)}\right).$$

(2)

Here, $x_t$ denotes the input feature vector extracted from network traffic at time step t, T represents the length of the temporal sequence, and d is the dimensionality of the feature space for each traffic instance.

Feature vectors extracted from packet traces are passed into the CNN-LSTM model ${\mathcal{F}}_{\theta }$, yielding a predicted probability vector $\widehat{\mathbf{y}}={\mathcal{F}}_{\theta }\left(x_i\right)\in {\mathbb{R}}^C$:

$$\widehat{\mathbf{y}}={\mathcal{F}}_{\theta }\left(x_i\right),x_i\in {\mathbb{R}}^{T\times d}.$$

(3)

In this expression, ${\mathcal{F}}_{\theta }(·)$ denotes the trained CNN-LSTM model parameterized by $\theta$, $x_i$ represents the feature sequence associated with device i, and ${\tau }_i\in [0,1]$ is the resulting trust score, where higher values indicate benign behavior and lower values indicate anomalous activity.

We compute class probabilities via Softmax, with $C=5$ (DoS, Probe, R2L, U2R, Normal). We denote the i-th component of $\widehat{\mathbf{y}}$ by ${\widehat{y}}_i$:

$${\widehat{y}}_i={\displaystyle \frac{exp\left(z_i\right)}{{\sum }_{j=1}^{C}exp\left(z_j\right)}},\mathrm{where}\mathbf{z}={\mathbf{W}}_{\mathrm{out}}{\mathbf{h}}_T+{\mathbf{b}}_{\mathrm{out}}.$$

(4)

A trust score $\tau \in [0,1]$ is derived from the model output; in our implementation, $\tau$ is the maximum Softmax probability (optionally temperature-calibrated). Devices with $\tau <\delta$ are flagged:

$$\mathrm{If}\tau <\delta ,\mathrm{then}\mathrm{Flag}\left(\mathcal{ID}\right).$$

(5)

Here, $\delta$ denotes a predefined trust threshold that determines the revocation boundary. Devices with trust scores below this threshold are flagged as anomalous and subject to automated revocation by the blockchain enforcement logic. The CNN-LSTM model is tightly integrated with the hybrid blockchain: an anomalous decision ($\tau <\delta$) invokes a Fabric chaincode update to set status = Flagged and emits an event; this can be mirrored to Ethereum for public auditability.

(3) Device Revocation: Flagged devices are added to the global revocation list $\mathcal{R}$, propagated across peers via smart-contract events:

$$\mathrm{Revoke}\left(\mathcal{ID}\right)\Rightarrow \mathcal{ID}\in \mathcal{R},\mathcal{R}\subseteq {\mathrm{Ledger}}_{\mathrm{private}}.$$

(6)

Table 2. Device lifecycle state transitions.

State	Trigger Event	Action
Unregistered	Device boot request	Submit registration
Active	Registration confirmed	Begin data sharing
Monitored	Ongoing communication	Anomaly detection active
Flagged	$\tau <\delta$	Temporary isolation
Revoked	Smart-contract event	Added to revocation list

summarizes the possible states that an IoT device can occupy within the proposed system and the corresponding events that trigger transitions between these states.

(4) Scalability perspective: The framework targets large-scale deployments with parallel lifecycle events. Hyperledger Fabric handles high throughput transactions via channelization and modular consensus, while high frequency trust evaluation and telemetry analytics remain private. Only critical anomaly/revocation anchors are relayed to Ethereum, avoiding public-chain congestion and preserving responsiveness.

3.2. Hybrid Blockchain Logic and Smart Contract

The proposed dual-layer blockchain architecture combines Hyperledger Fabric and Ethereum to leverage their complementary strengths. Hyperledger Fabric serves as the permissioned layer, optimized for scalability, privacy, and low-latency consensus, while Ethereum acts as the public layer, ensuring decentralized auditability and transparency. Together, these layers achieve both internal trust enforcement and external accountability within resource-constrained IoT environments. In our experiments, the private Fabric network employed the Raft consensus algorithm for lifecycle events and trust updates, while the public Ethereum layer used standard Proof-of-Work (PoW) mining via the Geth client. Hyperledger Fabric manages all permissioned operations, including device identity registration, revocation enforcement, and trust scoring through on-chain chaincode written in Go. Meanwhile, Ethereum hosts public smart contracts written in Solidity to record encrypted telemetry and revocation proofs. This design separates internal lifecycle control from external audit trails, ensuring scalability and transparency beyond single-chain systems [27,28].

On Ethereum, smart contracts are deployed to maintain tamper-proof telemetry logs from verified devices. Each transaction is lattice-encrypted and signed with a quantum-entropy–seeded signature prior to submission. The Solidity contract implements the following core functions:

• submitTelemetry()—Receives and stores lattice-encrypted telemetry logs.
• flagDevice()—Records a device ID flagged by the CNN—LSTM intrusion-detection model.
• publishRevocation()—Anchors revoked device identifiers and timestamps for public verification.

On Hyperledger Fabric, chaincode provides fine-grained lifecycle control and access management:

• RegisterDevice(ID, PK, EntropySeed)—Registers a device with a quantum-seeded identity.
• UpdateTrust(ID, Score)—Updates device trust scores based on ML inference.
• RevokeAccess(ID)—Revokes blockchain privileges and updates the global revocation map.

Cross-chain synchronization occurs via a lightweight relay/oracle module that monitors Fabric events and anchors their cryptographic digests to Ethereum. Each anchor includes a unique nonce and timestamp to prevent replay attacks. Anchors are confirmed after $N=3$ Ethereum block confirmations to ensure finality while keeping latency within the bounds. The confirmation threshold was set to $N=3$ blocks as a trade-off between transaction finality and latency. Empirical studies and practical Ethereum deployments show that three confirmations provide sufficient probabilistic finality for non-financial anchoring operations, while avoiding excessive confirmation delay. Since the proposed framework anchors only encrypted hashes and revocation proofs rather than high-value transactions, this setting is appropriate for maintaining responsiveness without compromising audit integrity.

The link between the two chains is represented by:

$$\mathrm{Hash}(ID,\mathrm{revoked},t)\stackrel{\mathtt{publishRevocation}\left(\right)}{\to }\mathrm{Ethereum}\mathrm{ledger}.$$

(7)

To maintain confidentiality, lattice-based encryption (LBE) secures telemetry data prior to on-chain anchoring, ensuring that public verification never exposes payload contents. Only hash commitments and, when necessary, succinct zero-knowledge proofs (ZKPs) or revocation tokens are stored on the public ledger. This separation of proof and payload maintains transparency without disclosing sensitive information. To address deployment feasibility in constrained environments, the dual-chain framework employs modular offloading. The public ledger handles lightweight commitments and event proofs, while computationally intensive consensus operations and smart contracts execute on the Fabric layer. Edge devices perform minimal tasks signing, encryption, and hash forwarding to maintain efficiency. Benchmark tests using Raspberry Pi 4 and ESP32 clients show average CPU utilization below 58% during data submissions, confirming practicality under edge-level constraints.

3.3. Quantum-Resilient Cryptographic Integration

The integration of lattice-based encryption (LBE) within this framework provides a robust defense against quantum-capable adversaries. LBE relies on the hardness of the Learning With Errors (LWE) problem, which remains computationally intractable even for quantum algorithms such as Shor’s. Consequently, it serves as a practical and forward compatible alternative to RSA or ECC in distributed IoT environments. Figure 2 illustrates the end-to-end incorporation of quantum-entropy processes within the hybrid blockchain workflow. In our prototype, the quantum components are implemented through high-entropy pseudo-random number generators (PRNGs) and software-based quantum-circuit samplers to emulate a quantum entropy source; no physical quantum device was required for the reported experiments. Thus, the cryptographic integration is fully realizable on conventional hardware while maintaining post-quantum security properties.

Each IoT device connects to a quantum entropy engine, from which it derives a high-entropy cryptographic seed. Telemetry data generated by these devices is first encrypted using the lattice-based encryption scheme (LBE). The encryption key $\mathbf{r}$ is generated or verified through quantum-entropy sampling:

$$\mathbf{r}\sim \mathrm{QSampler}\left(\right|\psi \rangle )\Rightarrow \mathrm{H}\mathrm{i}\mathrm{g}\mathrm{h}\text{-}\mathrm{e}\mathrm{n}\mathrm{t}\mathrm{r}\mathrm{o}\mathrm{p}\mathrm{y}\mathrm{input}.$$

(8)

The 512-bit parameter referenced in this work denotes the entropy seed length used to initialize the PRNG and LBE modules, not the key size of the underlying lattice scheme. In our implementation, LBE parameters follow standard Kyber512 equivalent settings for symmetric key generation. Quantum-entropy-seeded key generation ensures that device identities are initialized with non-deterministic, high-entropy randomness, minimizing risks of key reuse or correlation issues especially critical in edge deployments where entropy sources may be limited. Incoming network traffic is then evaluated by the CNN–LSTM anomaly-detection model. Devices that exhibit suspicious activity are subjected to signature validation, where a hashed quantum-entropy–seeded state $H\left(\right|\psi \rangle )$ confirms whether a device key has been altered or compromised:

$${\mathrm{Q}\mathrm{C}\text{-}\mathrm{S}\mathrm{i}\mathrm{g}\mathrm{n}\mathrm{a}\mathrm{t}\mathrm{u}\mathrm{r}\mathrm{e}}_{{\mathcal{ID}}_i}=H\left(\right|\psi \rangle ),\mathrm{validated}\mathrm{via}\mathrm{smart}\mathrm{contract}.$$

(9)

Empirical profiling of the implemented cryptographic routines shows that both key generation and signature verification processes complete in less than 10 ms on the Raspberry Pi 4 and ESP32 testbeds, confirming their suitability for real-time device onboarding and anomaly response cycles. The lattice encryption stage, although computationally heavier (approximately 10–15 ms per operation), remains well within the performance tolerances of edge-class IoT hardware. Overall, these results demonstrate that the integrated quantum-resilient primitives strengthen confidentiality, ensure non-repudiation, and maintain robustness against both classical and quantum-grade attacks, enhancing the security posture of the proposed hybrid blockchain framework without imposing prohibitive computational overhead.

3.4. Cryptographic Integration and Risk Mitigation

The proposed framework integrates quantum-entropy-based cryptographic primitives directly into the blockchain architecture. During device registration, each IoT node generates a 512-bit entropy token derived from quantum noise sources (The 512-bit value denotes the entropy seed length used for key initialization, not the lattice key size itself). These identities are registered on the Hyperledger Fabric network via a smart contract that immutably links the token to device metadata and its associated public key. All telemetry packets sent by devices are pre-encrypted using the registered public key, ensuring confidentiality prior to any chain storage. Revocation triggers and anomaly signals are likewise cryptographically signed to prevent spoofed submissions. To guarantee auditability and public traceability, hashed metadata and revocation logs are appended to the Ethereum ledger, forming a dual-chain mechanism that enforces both private access control and public accountability.

Table 3. Risk Mitigation Mapping in Hybrid Blockchain IoT.

Threat	Attack Vector	Impact	Mitigation	Overhead
Sybil Attack	Identity spoofing	Trust disruption	Public key infra. + smart contract verification	Minimal
Replay Attack	Packet reuse	Data tampering	Timestamps + nonce-based signatures	Low
Insider Collusion	Peer manipulation	Revocation failure	ML-based anomaly detection + audit log trails	Moderate
Cross-chain Relay Hijack	Relay state injection	Fork propagation	State proof verification and anchored consensus	High
Quantum Key Guessing	Quantum adversary	Identity breach	Quantum entropy-based identity generation (512-bit)	Low

Overhead levels (Minimal/Low/Moderate/High) correspond to empirical CPU or memory deltas of ±5–30% and latency variations of ±5–20 ms measured under the setup. See Table 5.

summarizes potential security threats to the hybrid blockchain-IoT architecture, alongside their corresponding mitigation strategies and system overhead.

As detailed in Section 3.5, edge-level performance was evaluated on Raspberry Pi 4 and ESP32 devices to verify lightweight deployment feasibility. While Table 3 captures the core cryptographic and relay layer defenses, several higher level vulnerabilities particularly at the smart contract, internal-access, and consensus layers require further consideration.

Table 4. Additional Threat Vectors and Mitigations in the Hybrid Blockchain Framework.

Threat Vector	Mitigation Strategy	Overhead/Trade-Off
Smart-contract exploits	Static analysis, formal verification, and permissioned chaincode access	Slight delay in contract deployment
Internal data leakage	Attribute-based encryption, access logging, and revocable keys	Key-management complexity
Consensus exploits	PBFT slashing, PoW confirmation delay, randomized validators	Higher consensus latency (public chain)
Cross-chain replay	Nonce tagging, time-lock validation, anchored hashes	Minimal relay-logic overhead

summarizes these advanced threat vectors together with their corresponding mitigation strategies and associated trade-offs.

Together, these mitigation layers provide a comprehensive defense surface. By combining entropy-seeded identity management, ML-driven anomaly detection, and cross-chain state anchoring, the framework ensures that both security and auditability are enforced across private and public blockchain tiers without compromising computational efficiency.

3.5. Experimental Setup

The proposed hybrid blockchain framework was evaluated through two complementary experiments: (i) blockchain-side performance tests and (ii) machine-learning-based anomaly-detection simulations. All experiments were conducted on a virtualised testbed using actual Hyperledger Fabric v2.5 and Ethereum Geth v1.13 deployments, interconnected via Mininet v2.3.0 for controlled network emulation. Unless otherwise stated, throughput and latency metrics correspond to a Raft/PoW configuration. Fabric used Raft consensus for permissioned events, and Ethereum used PoW mining with an average 14 s block time and confirmation depth $N=3$.

The hybrid blockchain comprised five Fabric peers, one ordering service, and a single Geth node connected through a Mininet simulated LAN (10 Mbps and 1 Gbps links). Each node ran on the hardware specified in

Table 5. Experimental Environment and System Specifications.

Component	System	Specifications
Software	Operating System	Ubuntu 20.04.5 LTS
	Network Emulator	Mininet v2.3.0
	Blockchain Frameworks	Hyperledger Fabric v2.5, Ethereum Geth v1.13
	Smart-Contract Tools	Remix IDE (Solidity 0.8.17)
	ML/Quantum Libraries	TensorFlow 2.13, Pennylane 0.41.0, Anaconda Navigator 2.5.2
Hardware	CPU	Intel Xeon Gold 6230 (20 cores)
	RAM	64 GB
	Storage	2 TB SSD
	Edge Devices	Raspberry Pi 4 (4 GB RAM, Cortex-A72) and ESP32 modules tested with lattice-based encryption of 128-byte payloads at 10 Hz and signing/verifying each transaction during 5-min steady-state runs.

. Mininet links were used to inject deterministic latency and bandwidth constraints for scalability testing.

The CNN–LSTM anomaly detection model was trained on the NSL-KDD dataset [26] using an 80/20 stratified train/test split and evaluated across five independent runs. Although the NSL-KDD dataset is not a native IoT dataset, it remains a widely adopted benchmark for evaluating intrusion detection systems due to its balanced class distribution, reduced redundancy, and comprehensive coverage of attack categories such as DoS, Probe, R2L, and U2R. These attack patterns closely resemble adversarial behaviours observed in modern IoT and IIoT environments, including traffic flooding, reconnaissance, unauthorised access attempts, and privilege escalation. In this work, NSL-KDD is used to validate the integration of anomaly detection with blockchain-driven trust enforcement rather than to claim state-of-the-art intrusion detection performance. The proposed hybrid blockchain architecture and CNN–LSTM pipeline are dataset-agnostic and can be directly extended to recent IoT-focused datasets such as BoT-IoT, TON_IoT, and IoT-23 without architectural modification. Future work will evaluate the framework under these datasets to further demonstrate real-world applicability. Reported accuracy and F1-scores represent mean values across these runs. Training employed Adam optimisation (learning rate = 0.002, batch size = 64) for 15 epochs with ReLU activation and sparse-categorical-cross-entropy loss. Each round timeout refers to the maximum training epoch duration, not to the blockchain consensus timeout.

Blockchain throughput and latency were recorded under workloads ranging from 100 to 1000 simulated IoT devices. Measurements were averaged over 10 runs, each consisting of 1000 transactions per second (tx/s) on Fabric and cross-chain anchoring to Ethereum. A single-chain (Fabric-only) baseline was used for comparison under identical conditions; observed deviations were less than 5%. Fabric used block interval = 2 s and batch size = 10 transactions per block.

Each experiment was repeated five times under identical conditions, and reported results correspond to mean measurements; standard deviation error was under 5 %. Together, Table 5 and

Table 6. Model and Blockchain Parameters.

Parameter	Value/Description
Number of IoT devices	100
Number of anomaly classes	5 (DoS, Probe, R2L, U2R, Normal)
Total features	41 (NSL-KDD)
Training rounds	15
Learning rate	0.002 (Adam optimizer)
Batch size	64
Activation function	ReLU
Loss function	Sparse categorical cross-entropy
Quantum-entropy seed length	512 bits
Blockchain throughput	1000 tx/s (Fabric)
Consensus algorithm	Raft (Fabric) + PoW (Ethereum)
Baseline comparison	Single-chain Fabric (same hardware)

provide a reproducible specification of the complete evaluation environment and parameterization used in this study.

4. Experimental Results and Case Study

This section presents the application process and observed effects of the proposed framework when deployed in a simulated IoT environment. The case study demonstrates how device registration, anomaly detection, post-quantum encryption, and hybrid blockchain coordination operate together in practice and evaluates their impact on security enforcement, latency, and scalability.

4.1. Device Lifecycle and ML Performance

This experiment evaluates the effectiveness of the lifecycle-driven trust management process introduced in Section 3. Throughput and detection performance are quantified in terms of accuracy, F1-score, false-positive rate (FPR), false-negative rate (FNR), and revocation latency. Accuracy and F1-score assess the CNN-LSTM intrusion detection model, whereas revocation latency measures the time interval between anomaly flagging and the confirmed update of the device status on the private ledger. The average accuracy was recorded at 97.4% and an F1-score of 0.968 on five independent runs with a stratified 80/20 train–test split. Figure 3 shows the normalized confusion matrix, from which a false-positive rate of 1.9% and a false-negative rate of 0.7% were derived. Most misclassifications corresponded to transient network bursts incorrectly labeled as DoS attacks.

Revocation performance: The average latency from anomaly detection to completed revocation on the Fabric ledger was 1.8 ± 0.2 s over five trials. Each revocation event required two signed chaincode updates and one cross-chain relay confirmation, confirming near real-time enforcement of trust state changes. Figure 4 illustrates the latency distribution and its variance across test runs, reporting the average latency required to revoke a compromised IoT device after an anomaly is detected.

Lifecycle efficiency: Figure 5 reports computational and communication costs for the registration, anomaly-detection, and revocation stages. The registration phase dominated communication overhead (≈64 kB per device), whereas anomaly detection incurred the highest CPU load. All metrics represent the mean of five repeated measurements, with standard deviation below 5%.

Figure 6 shows how malicious behavior causes a sharp decline in IoT device reputation over time, while normal devices remain trusted as depicted by the “red” dotted line and “green” line, respectively.

Figure 7 depicts how the system enforces revocation based on dynamic trust decay. The green line tracks the trust score trajectory under the revocation update parameters ${\mu }_1=1$, ${\mu }_2=2$, and ${\mu }_T=0.6$. The dashed red line denotes the revocation threshold at $0.6$. Once the trust score dips below this threshold, the device is automatically flagged for revocation. This critical transition point is further highlighted by the shaded Revoked Zone, providing a visual cue for when trust enforcement mechanisms are activated within the device lifecycle management framework.

Function comparison is carried out in Figure 8, which directly compares communication cost and computational efficiency across the three core DLM functions. Registration is low-cost in both dimensions, making it ideal for lightweight onboarding. Anomaly detection is compute heavy, reflecting the complexity of real-time ML-based monitoring. The system (CNN-LSTM) model was trained on a subset of 10,000 records selected from the NSL-KDD dataset, carefully stratified to preserve the proportional distribution of attack classes DoS, Probe, R2L, U2R, Normal. The performance of the anomaly detection module was evaluated using standard classification metrics including accuracy, precision, recall, and F1-score.

• Accuracy: The ratio of correctly classified samples to total samples.
• Precision: The ratio of true positives to the sum of true positives and false positives.
• Recall: The ratio of true positives to the sum of true positives and false negatives.
• F1-score: The harmonic mean of precision and recall, offering a balance between false positives and false negatives.

The following results where obtained of the performance metrics; Accuracy: 97.4%, F1-score: 96.8%, Precision: 95.1%, Recall: 98.2%. These metrics indicate high effectiveness in detecting diverse attack types, including DoS and R2L. Additionally, we observed consistent detection performance across different system configurations cloud-only, edge-only, and hybrid.

4.2. Hybrid Blockchain Implementation for Data Sharing and Monitoring

The private Hyperledger Fabric network manages device identities, trust updates, and revocation decisions. All registration and status updates are immutably stored on the ledger.

Table 7. Illustrative chaincode output for device registration and revocation on the private ledger.

Device ID	Owner	Status	Last Updated
device 1	UserA	Active	2024-01-01T10:00:00Z
device 2	UserB	Revoked	2025-01-02T10:00:00Z
device 3	UserC	Active	2025-01-02T11:00:00Z

presents a sample excerpt of ledger entries for illustration; the full experiment included 100 devices registered and monitored across the testbed.

4.2.1. Chaincode Computational Performance

Figure 9 reports CPU and memory utilization of key chaincode functions, averaged over 30 invocations with deviation below 5%. The RegisterDevice() function incurs the highest load (12.5% CPU, 150 MB RAM) due to identity generation and metadata storage. UpdateTrust() is lightweight (8% CPU, 120 MB RAM), while RevokeAccess() exhibits moderate overhead consistent with two ledger updates and event emission.

4.2.2. Public-Chain Logging and Cost Efficiency

The public Ethereum network stores encrypted telemetry and revocation proofs for auditability. Figure 10 shows the transformation pipeline for IoT telemetry: plaintext payloads, their lattice-encrypted ciphertexts, and compact hashed revocation commitments.

The ETH and USD cost of core contract operations is reported in

Table 8. Ethereum smart-contract gas consumption and estimated execution costs.

Function	Gas	ETH	USD
DeployContract	1,500,000	0.0300	105.00
submitTelemetry()	60,000	0.0012	4.20
flagDevice()	45,000	0.0009	3.15
publishRevocation()	50,000	0.0010	3.50

. Costs were computed assuming a gas price of 20 gwei and ETH = 3500 USD (May 2025 rates).

4.2.3. Long-Term Cost and Deployment Feasibility

While public blockchain logging introduces operational costs, the proposed framework is designed to minimize long-term expenses by restricting Ethereum interactions to low-frequency, high-value events. Only encrypted telemetry hashes and revocation proofs are anchored on Ethereum, rather than raw IoT data, significantly reducing transaction volume and gas consumption. High-frequency operations such as device monitoring, trust updates, and anomaly evaluation are confined to the permissioned Hyperledger Fabric layer. In practical deployments, this selective anchoring strategy ensures predictable and manageable costs, even at scale. Furthermore, the framework is compatible with cost-optimised alternatives such as Ethereum Layer-2 rollups, private Ethereum networks, or periodic batch anchoring, which can further reduce fees without compromising auditability. These design choices make the proposed hybrid blockchain architecture economically viable for long-term IoT deployments.

4.2.4. Cross-Chain Revocation Flow and Consensus Interaction

Figure 11 illustrates the coordinated interaction between the anomaly detection engine, Fabric consensus, and Ethereum anchoring. Although PBFT is conceptually used to explain trust finality, the experimental deployment used the Raft ordering service. The relay component monitors Fabric events at 500 ms intervals and forwards signed digests with nonce + timestamp to Ethereum to avoid replay.

4.2.5. Cross-Chain Performance Evaluation

The hybrid blockchain was tested under three network scenarios (stable, intermittent loss, and bandwidth throttling). Each measurement was averaged over ten runs with standard deviation ≤0.3 s.

Table 9. Cross-Chain Performance Metrics Under Varying Network Conditions.

Condition	Relay Latency (s)	Fabric Throughput (tx/s)	Ethereum Confirmation (s)
Stable Network (100 Mbps)	2.1	94	13.7
Intermittent Loss (10%)	4.5	82	14.8
Bandwidth Limit (10 Mbps)	5.8	76	14.2

shows that relay latency increased under constrained links, while Ethereum confirmation remained stable due to global difficulty in PoW.

Compared with a baseline Fabric only deployment (80 tx/s), the hybrid model sustained +17% higher throughput and maintained it cross-chain, confirming the system suitability for large scale, audit ready IoT environments.

4.3. Post-Quantum Cryptographic (PQC) Primitives

Table 10. Comparison of Post-Quantum Cryptographic Schemes for IoT Integration.

Scheme	Security	Key Size	Speed	IoT Suit
Lattice (NTRU, Kyber)	Strong	Small	Fast	High
Code-based (McEliece)	Very strong	Very large	Moderate	Low
Multivariate (Rainbow)	Vulnerable	Moderate	Fast	Low
Hash-based (SPHINCS+)	Very strong	Large	Slow	Medium
Isogeny-based (SIKE)	Broken	Small	Slow	Not rec.

compares representative post-quantum cryptographic families with respect to key size, speed, and IoT suitability. Lattice-based schemes (e.g., NTRU, Kyber) were selected for this work due to their worst-case hardness guarantees, compact key material, and balanced performance on constrained devices.

Code-based cryptosystems such as McEliece offer very strong security but incur impractically large public keys for embedded IoT nodes, while multivariate schemes (Rainbow, GeMSS) have been weakened by recent structural attacks. Hash-based primitives (SPHINCS+) provide robust signatures but impose large signature sizes and are not suited for encryption. Only schemes compatible with constrained IoT devices and hybrid-blockchain message-size limits were considered.

Table 11. Computation Overhead of Quantum-Resilient Cryptographic Primitives.

Operation	Time (ms)
Key Generation	9.2
Quantum Hashing $H\left(\right|\psi \rangle )$	6.5
Lattice Encryption	13.8
Lattice Decryption	11.1
Signature Verification	7.9

reports the measured latency of PQC operations used in the hybrid blockchain workflow. These values were obtained using software-based quantum-circuit samplers (Pennylane) and a lattice-based cryptographic library running on an edge-class device. Key generation (9.2 ms) and signature verification (7.9 ms) are lightweight enough for device enrollment and frequent trust-state validation. Lattice encryption (13.8 ms) and decryption (11.1 ms), used during telemetry exchange, introduce moderate overhead while remaining within acceptable limits for real-time IoT communication.

Figure 12 shows the entropy characteristics of 1000 quantum-derived entropy seeds of 128-bit each, generated using a depth-3 quantum-circuit sampler with random rotation gates. Min-entropy values concentrate around 0.95, and Shannon entropy ranges between 0.99 and 1.0, indicating near uniform bit distributions.

These results confirm that the simulated quantum entropy source provides sufficiently high randomness for device identity initialization, lattice-based key generation, and revocation verification. Measurements were averaged over ten independent circuit initializations. Although the entropy is simulator derived rather than hardware generated, it provides a reproducible approximation of quantum grade randomness suitable for the proposed framework.

4.4. Scalability and Robustness Across Deployment Conditions

To evaluate robustness and scalability, we simulated deployments ranging from 100 to 1000 IoT devices under different placement models (edge, cloud, hybrid) using Hyperledger Fabric with a Raft ordering service. Raft-based results were obtained using scaled message-delay modeling rather than 1000 physical peers, using Mininet to emulate propagation delay and network load. Latency reflects intra-network processing delay, while throughput measures block-commit rate under a 1-of-2 endorsement policy and block sizes of 50–100. Revocation rate denotes the percentage of detected anomalies successfully revoked within 2 s. Each scenario was repeated five times at a standard deviation less than 4%.

Table 12. Scalability and Robustness Metrics Under Varying Conditions (Raft ordering, mean of five runs).

Scenario	Latency (ms)	Throughput (tx/s)	Revocation Rate (%)
100 Devices (Raft)	32.4	910	98.1
500 Devices (Raft)	47.8	885	96.9
1000 Devices (Raft)	68.3	840	95.2
Edge-only (PoW) 1	54.2	740	92.5
Cloud-only (Raft)	30.7	940	98.7
Hybrid Placement (Raft + PoW)	40.1	895	96.4

¹ PoW execution refers to a Geth client operating at the edge node; IoT devices do not participate in mining.

explicitly demonstrates the scalability of the proposed framework under increasing device populations. As the number of IoT devices scales from 100 to 1000, transaction latency increases gradually, while throughput degrades gracefully without system collapse. Importantly, revocation success remains above 95% across all Raft-based configurations, confirming that lifecycle enforcement and anomaly-triggered revocation scale effectively. These results validate that the hybrid blockchain architecture sustains predictable performance under large-scale IoT workloads. The results demonstrate that the Raft-based private ledger maintains high throughput as device count scales, with latency increasing predictably due to leader-driven log replication. Cloud-only and hybrid placements achieve the highest throughput due to lower propagation delay and greater compute availability. Edge-only PoW configurations show reduced performance due to mining constraints but still maintain revocation accuracy above 92%. Revocation success exceeds 95% across all Raft-based setups.

Figure 13 visualizes performance trends across scenarios. Latency increases moderately with scale under Raft, while cloud and hybrid placements sustain the highest throughput and revocation precision.

These results confirm that the proposed hybrid blockchain framework remains robust and scalable across diverse deployment conditions, with the caveat that large-node Raft results reflect simulation scaling rather than deployment with 1000 physical validating peers.

4.5. Comparison with Existing IoT Data-Sharing Frameworks

To verify the advancement of the proposed framework beyond a single case demonstration, we compare its security and operational coverage against representative blockchain-based IoT data-sharing systems reported in the literature. The comparison focuses on whether each framework provides (i) lifecycle-driven governance (registration and revocation), (ii) intelligent threat detection integrated with enforcement, (iii) post-quantum or quantum-resilient cryptographic protection, and (iv) hybrid blockchain separation between internal control and public auditability.

Table 13. Comparison with Representative IoT Data-Sharing Frameworks.

Method	Chain Type	DLM	ITD	PQC/QRC	Public Audit	Performance Reporting
Yang et al. [20]	Single	✔	×	×	✔	Limited (chain focus)
Liu et al. [21]	Permissioned	✔	✔	×	×	Limited (case-specific)
Reshma et al. [22]	Hybrid	✔	×	×	✔	Partial (crypto focus)
Wang et al. [12]	Hybrid	✔	×	×	✔	Partial (health domain)
Erukala et al. [23]	Hybrid	×	×	×	✔	Limited (E2E comm.)
Ghaemi et al. [14]	Single + QC	×	×	✔	×	Partial (auth protocol)
Aslam et al. [13]	Single + PQC	×	×	✔	×	Partial (consensus/crypto)
Venkatesh et al. [24]	Single + QC	×	×	✔	×	Partial (lightweight claims)
Ours	Hybrid	✔	✔	✔	✔	Full (ML + PQC + chain + robustness)

Legend: ✔ = supported; × = not supported. DLM = Device Lifecycle Management; ITD = Intelligent Threat Detection; PQC/QRC = post-quantum / quantum-resilient cryptography.

summarizes the results.

A key observation is that several existing blockchain-based IoT frameworks provide device accountability or privacy-preserving sharing but remain reliant on classical cryptography and do not address quantum threats [12,20,21,23]. Conversely, quantum-resilient proposals enhance cryptographic strength but are typically implemented on single-chain designs and do not provide dual-layer auditability or blockchain-triggered lifecycle revocation [13,14,24]. In contrast, the proposed approach integrates lifecycle governance, hybrid-chain auditability, and ML-driven revocation under a single operational workflow, which is consistent with the system-level results reported throughout Section 4 (latency/throughput, PQC overhead, and robustness across deployment conditions).

Unlike many existing IoT data-sharing frameworks, which focus primarily on architectural design or cryptographic primitives, the proposed framework provides a comprehensive experimental evaluation covering end-to-end latency, cross-chain throughput, anomaly detection accuracy, and post-quantum cryptographic overhead.

As shown in

Table 14. Quantitative Comparison with Representative IoT Data-Sharing and Security Frameworks.

Method	Latency (ms)	Throughput (tx/s)	Anomaly Detection Metrics	Cryptographic Overhead
Yang et al. [20]	×	×	×	Classical encryption only
Liu et al. [21]	×	×	Accuracy only (domain-specific)	Classical encryption
Reshma et al. [22]	Enc: 15,765 ms; Dec: 10,786 ms	×	×	Honey encryption + DSNN key generation
Wang et al. [12]	×	×	×	Classical encryption
Ghaemi et al. [14]	× (relative only)	×	×	Quantum-safe authentication (no ML metrics)
Aslam et al. [13]	Consensus latency reported (no E2E)	Consensus-level only	×	Kyber PQC (no lifecycle metrics)
Venkatesh et al. [24]	×	×	×	Lightweight QC (no anomaly metrics)
Ours	2.1–5.8 s relay; ∼14.2 s PoW confirm	76–94 (Fabric); 23 (Ethereum)	Accuracy 97.4%, Precision 95.1%, Recall 98.2%, F1 96.8%	KeyGen 9.2 ms; LBE enc 13.8 ms; dec 11.1 ms

Note: × indicates the metric was not reported or not verifiable from the original publication text.

, prior works typically report isolated metrics or omit performance analysis entirely, making direct numerical comparison infeasible. In contrast, the proposed approach evaluates all major system components under a unified experimental setting, thereby offering stronger empirical validation of its practical applicability.

5. Discussion and Future Work

This section discusses the advantages, limitations, and future research directions of the proposed framework, based on the experimental observations presented in the previous section. The proposed framework demonstrates how hybrid blockchain architectures, quantum-resilient cryptography, and deep learning-based anomaly detection can be combined to provide secure and auditable IoT data sharing. The experimental results highlight several important insights. First, the Raft-based private ledger maintains high throughput and stable latency even under increased device populations, confirming that the trust management workflow scales effectively when the computational load is distributed between device edge and cloud nodes. Second, the CNN-LSTM anomaly detector delivers high accuracy and low false alarm rates, enabling reliable revocation decisions without burdening the consensus layer. Third, the integration of lattice-based encryption and quantum derived entropy adds post-quantum resistance with acceptable computational overhead for edge class devices.

Despite these strengths, the hybrid blockchain architecture introduces trade-offs that must be acknowledged. Cross-chain anchoring adds unavoidable confirmation delays due to Ethereum’s Proof-of-Work finality, although these delays do not impact internal responsiveness. The lattice-based cryptography used for telemetry protection increases computation time relative to classical schemes, and while still practical, it may stress ultra-low-power IoT microcontrollers. Furthermore, the entropy module relies on simulated quantum-circuit sampling rather than hardware-based QRNGs, introducing a gap between experimental and real world post-quantum deployments. The anomaly detection model, although effective, remains susceptible to concept drift or adversarial manipulation, which may cause delayed or incorrect revocation events if not periodically retrained.

Future work will focus on optimizing these components. Lightweight post-quantum algorithms, hardware-accelerated lattice computations, and adaptive ML retraining pipelines will be explored to further reduce the runtime footprint on constrained devices. In addition, the modular nature of the framework makes it well-suited for drone-based and UAV mesh networks, where devices are mobile and link quality fluctuates rapidly. Extending the architecture to airborne IoT environments will require bandwidth aware anomaly detection, adaptive cross-chain synchronization, and mobility tolerant consensus routing. These enhancements form a natural progression of the framework toward more dynamic and latency sensitive IoT ecosystems.

5.1. Ethical and Post-Quantum Privacy Considerations

Deploying post-quantum cryptographic primitives and ML-driven revocation within decentralized IoT systems raises important ethical considerations. Blockchain immutability may amplify the impact of ML misclassification, particularly if a benign device is permanently flagged without the ability to contest or reverse that decision. To mitigate this, trust scores in the proposed system are ephemeral and stored in revocable smart-contract states rather than permanently written to public ledgers. Additionally, quantum-derived entropy used for device identities is generated locally and never transmitted, reducing exposure to surveillance or linkage attacks.

From a privacy perspective, the hybrid architecture supports identity minimization by anchoring only hashed revocation proofs on the public chain and retaining sensitive information within the permissioned Fabric network. Zero-knowledge proofs may be incorporated in future iterations to further anonymize credential verification, while differential privacy techniques can protect telemetry features used in anomaly detection. Ethical alignment with responsible AI principles requires continuous monitoring of ML bias, adversarial robustness, and misclassification rates, especially as device populations evolve.

5.2. Limitations and Residual Security Risks

Despite the demonstrated effectiveness of the proposed framework, several limitations and residual security risks remain. First, the experimental evaluation relies on simulated environments and benchmark datasets, which may not fully capture the diversity and noise characteristics of large-scale real-world IoT deployments. While the architecture is dataset-agnostic, performance under highly dynamic traffic patterns and heterogeneous device capabilities warrants further investigation. Second, although lattice-based cryptography and quantum-entropy-seeded identities provide post-quantum resilience, the current implementation relies on software-based quantum entropy generation rather than hardware quantum random number generators (QRNGs). This may introduce variations in entropy quality on constrained devices. Future deployments could mitigate this risk through hardware-assisted entropy sources.

Third, the anomaly detection mechanism, while effective, remains susceptible to concept drift and adversarial evasion, which could lead to false positives or delayed revocation. Although revocation decisions are reversible and auditable, persistent misclassification could affect the availability of benign devices. Finally, cross-chain coordination introduces additional attack surfaces, including relay-layer manipulation and smart contract vulnerabilities. While anchoring and consensus verification mitigate these risks, formal verification and adversarial testing of cross-chain logic remain open challenges.

6. Conclusions

This work presented a secure and scalable hybrid blockchain framework for resilient IoT data sharing that integrates Raft-based private consensus, public-chain auditability, lattice-based post-quantum cryptography, and deep-learning-driven anomaly detection. The system demonstrated reliable device lifecycle management, high accuracy in anomaly classification, efficient revocation enforcement, and post-quantum-aligned cryptographic performance on constrained hardware. Cross-chain experiments further confirmed stable throughput and predictable relay latencies across diverse deployment conditions. Scalability experiments involving up to 1000 concurrent IoT devices confirm that the framework maintains stable throughput, bounded latency growth, and high revocation accuracy under increasing system load. The combined results indicate that hybrid blockchain architectures, when paired with lightweight post-quantum primitives and ML-based trust scoring, offer a viable approach for securing next-generation IoT and cyber–physical systems. Future research will extend these capabilities to drone swarms, UAV telemetry networks, and mobility-intensive edge environments, alongside continued efforts to improve cryptographic efficiency, ML robustness, and ethical safeguards.