Search Results (64)

Linkable ring signatures are a type of ring signature scheme that can protect the anonymity of signers while allowing the public to verify whether the same signer has signed the same message multiple times. This functionality makes linkable ring signatures suitable for applications such as cryptocurrencies and anonymous voting systems, achieving the dual goals of identity privacy protection and misuse prevention. However, existing post-quantum linkable ring signature schemes often suffer from issues such as excessive linear data growth the adoption of post-quantum signature algorithms, and high circuit complexity resulting from the use of post-quantum zero-knowledge proof protocols. To address these issues, a logarithmic-size post-quantum linkable ring signature scheme based on aggregation operations is proposed. The scheme constructs a Merkle tree from ring members’ public keys via a hash algorithm to achieve logarithmic-scale signing and verification operations. Moreover, it introduces, for the first time, a post-quantum aggregate signature scheme to replace post-quantum zero-knowledge proof protocols, thereby effectively avoiding the construction of complex circuits. Scheme analysis confirms that the proposed scheme meets the correctness requirements of linkable ring signatures. In terms of security, the scheme satisfies the anonymity, unforgeability, and linkability requirements of linkable ring signatures. Moreover, the aggregation process does not leak information about the signing members, ensuring strong privacy protection. Experimental results demonstrate that, when the ring size scales to 1024 members, our scheme outperforms the existing Dilithium-based logarithmic post-quantum ring signature scheme, with nearly 98.25% lower signing time, 98.90% lower verification time, and 99.81% smaller signature size. Full article

Public blockchains offer transparency and tamper resistance, but implementing national-scale lotteries directly on-chain is impractical because each bet would require a separate transaction, incurring substantial gas costs and facing throughput limitations. This paper presents an auditable lottery architecture designed to address these scalability challenges and eliminate the reliance on trusted third parties. The proposed approach decouples high-volume bet recording from on-chain enforcement. Bets are recorded off-chain in a transaction-positioned Merkle tree (TP-Merkle tree), while the service provider commits only the per-round root hash and summary metadata to an Ethereum smart contract. Each player receives a signed receipt and a compact Merkle proof (Slice), enabling independent inclusion checks and third-party audits. A programmable appeal mechanism allows any participant to submit receipts and cryptographic evidence to the contract; if misbehavior is proven, compensation is executed automatically from a pre-deposited margin. A proof-of-concept implementation demonstrates the system’s feasibility, and extensive experiments evaluate collision behavior, storage overhead, proof size, and gas consumption, demonstrating that the proposed design can support national-scale betting volumes (tens of millions of bets per round) while occupying only a small fraction of on-chain resources. Full article

To address the high computational and communication overheads and the limited edge security found in many existing batch verification methods for Mobile Edge Computing (MEC), this paper presents a blockchain-based batch authentication and symmetric group key agreement protocol. A core feature of this protocol is the establishment of a shared symmetric key among all authenticated participants. This symmetry in key distribution is fundamental for enabling secure and efficient broadcast or multicast communication within the MEC group. The protocol introduces a chameleon hash function built on elliptic curves, allowing smart mobile devices (SMDs) to generate lightweight signatures. The edge server (ES) then performs efficient large-scale batch authentication using an aggregate signature technique. Considering the need for secure and independent communication between SMDs and ES, the protocol further establishes a one-to-one session key agreement mechanism and uses a Merkle tree to verify session key correctness. Formal verification with ProVerif2.05 tool confirms the protocol’s security and multiple protection properties. Experimental results show that, compared with the CPPBA, ECCAS, and LBVP schemes, the protocol improves computational efficiency of batch authentication by 0.94%, 67.20%, and 49.53%, respectively. For group key agreement, the protocol achieves a 35.26% improvement in computational efficiency over existing schemes. Full article

In today’s rapidly advancing healthcare landscape, integrating Artificial Intelligence (AI) and Machine Learning (ML) has the potential to significantly improve patient care and streamline medical processes. The utilization of confidential patient data to train and develop these technologies, however, raises significant concerns regarding authenticity, security, and privacy. In this study, we introduce MediChainAI, a safe and practical framework that allows patients full ownership over their own health data by integrating Self-Sovereign Identity (SSI), Blockchain, and sophisticated cryptography techniques. By clearly outlining the goals and parameters of this access, MediChainAI allows patients to safely and selectively share data with healthcare providers and researchers. While SSI guarantees that patients have ownership of their data, the framework uses Blockchain technology to keep things transparent and secure. Further, MediChainAI makes use of Merkle trees, which provide verified access to subsets of data without jeopardizing the privacy of the whole dataset. The encryption mechanism, which is based on smart contracts, is a distinctive feature of the framework that allows researchers and medical practitioners controlled and secure access to patient data. In order to improve the accuracy and reliability of medical diagnoses and treatment, this strategy makes sure that only confirmed, legitimate data is utilized to train medical models. A significant step toward safer and more personalized healthcare, MediChainAI encourages ethical and patient-focused innovation by effectively resolving essential issues regarding data security and patient privacy. Full article

Blockchain technologies offer transformative potential in terms of addressing the security, trust, and identity management issues that exist in large-scale Internet of Things (IoT) deployments. This narrative review provides a comprehensive survey of various studies, focusing on decentralized identity management, trust mechanisms, smart contracts, privacy preservation, and real-world IoT applications. According to the literature, blockchain-based solutions provide robust authentication through mechanisms such as Physical Unclonable Functions (PUFs), enhance transparency via smart contract-enabled reputation systems, and significantly mitigate vulnerabilities, including single points of failure and Sybil attacks. Smart contracts enable secure interactions by automating resource allocation, access control, and verification. Cryptographic tools, including zero-knowledge proofs (ZKPs), proxy re-encryption, and Merkle trees, further improve data privacy and device integrity. Despite these advantages, challenges persist in areas such as scalability, regulatory and compliance issues, privacy and security concerns, resource constraints, and interoperability. By reviewing the current state-of-the-art literature, this review emphasizes the importance of establishing standardized protocols, performance benchmarks, and robust regulatory frameworks to achieve scalable and secure blockchain-integrated IoT solutions, and provides emerging trends and future research directions for the integration of blockchain technology into the IoT ecosystem. Full article

The widespread circulation of digital misinformation exposes a critical shortcoming in prevailing detection strategies, namely, the absence of robust mechanisms to confirm the origin and authenticity of online content. This study addresses this by introducing VeriTrust, a conceptual and provenance-centric framework designed to establish content-level trust by integrating Self-Sovereign Identity (SSI), blockchain-based anchoring, and AI-assisted decentralized verification. The proposed system is designed to operate through three key components: (1) issuing Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) through Hyperledger Aries and Indy; (2) anchoring cryptographic hashes of content metadata to an Ethereum-compatible blockchain using Merkle trees and smart contracts; and (3) enabling a community-led verification model enhanced by federated learning with future extensibility toward zero-knowledge proof techniques. Theoretical projections, derived from established performance benchmarks, suggest the framework offers low latency and high scalability for content anchoring and minimal on-chain transaction fees. It also prioritizes user privacy by ensuring no on-chain exposure of personal data. VeriTrust redefines misinformation mitigation by shifting from reactive content-based classification to proactive provenance-based verification, forming a verifiable link between digital content and its creator. VeriTrust, while currently at the conceptual and theoretical validation stage, holds promise for enhancing transparency, accountability, and resilience against misinformation attacks across journalism, academia, and online platforms. Full article

Hash functions are fundamental components in both cryptographic and non-cryptographic systems, supporting secure authentication, data integrity, fingerprinting, and indexing. While the Ascon family, selected by the National Institute of Standards and Technology (NIST) in 2023 for lightweight cryptography, has been extensively evaluated in its authenticated encryption mode, its hashing and extendable-output variants, namely Ascon-Hash256, Ascon-XOF128, and Ascon-CXOF128, have not received the same level of empirical attention. This paper presents a structured benchmarking study of these hash variants using both the SMHasher framework and custom Python-based simulation environments. SMHasher is used to evaluate statistical and structural robustness under constrained, patterned, and low-entropy input conditions, while Python-based experiments assess application-specific performance in Bloom filter-based replay detection at the network edge, Merkle tree aggregation for blockchain transaction integrity, lightweight device fingerprinting for IoT identity management, and tamper-evident logging for distributed ledgers. We compare the performance of Ascon hashes with widely used cryptographic functions such as SHA3 and BLAKE2s, as well as high-speed non-cryptographic hashes including MurmurHash3 and xxHash. We assess avalanche behavior, diffusion consistency, output bias, and keyset sensitivity while also examining Ascon-XOF’s variable-length output capabilities relative to SHAKE for applications such as domain-separated hashing and lightweight key derivation. Experimental results indicate that Ascon hash functions offer strong diffusion, low statistical bias, and competitive performance across both cryptographic and application-specific domains. These properties make them well suited for deployment in resource-constrained systems, including Internet of Things (IoT) devices, blockchain indexing frameworks, and probabilistic authentication architectures. This study provides the first comprehensive empirical evaluation of Ascon hashing modes and offers new insights into their potential as lightweight, structurally resilient alternatives to established hash functions. Full article

In this paper, we design, implement, and empirically evaluate a tamper-evident, blockchain-secured solar energy logging system for resource-constrained edge Internet of Things (IoT) devices. Using a Merkle tree batching approach in conjunction with threshold-triggered blockchain anchoring, the system combines high-frequency local logging with energy-efficient, cryptographically verifiable submissions to the Ethereum Sepolia testnet, a public Proof-of-Stake (PoS) blockchain. The logger captured and hashed cryptographic chains on a minute-by-minute basis during a continuous 135 h deployment on a Raspberry Pi equipped with an INA219 sensor. Thanks to effective retrial and daily rollover mechanisms, it committed 130 verified Merkle batches to the blockchain without any data loss or unverifiable records, even during internet outages. The system offers robust end-to-end auditability and tamper resistance with low operational and carbon overhead, which was tested with comparative benchmarking against other blockchain logging models and conventional local and cloud-based loggers. The findings illustrate the technical and sustainability feasibility of digital audit trails based on blockchain technology for distributed solar energy systems. These audit trails facilitate scalable environmental, social, and governance (ESG) reporting, automated renewable energy certification, and transparent carbon accounting. Full article

This paper introduces a novel approach to tree modeling architecture integrated with blockchain technology, aimed at enhancing landscape spatial planning and forest monitoring systems. The primary objective is to develop a low-cost, automated tree CAD modeling methodology combined with blockchain functionalities to support smart forest projects and collaborative design processes. The proposed method utilizes a parametric tree CAD model consisting of four 2D tree-frames with a 45° division angle, enriched with recorded tree-leaves’ texture and color. An “AI Text-by-Voice CAD Programming” technique is employed to create tangible tree-model NFT tokens, forming the basis of a thematic “Internet-of-Trees” blockchain. The main results demonstrate the effectiveness of the blockchain/Merkle hash tree in tracking tree geometry growth and texture changes through parametric transactions, enabling decentralized design, data validation, and planning intelligence. Comparative analysis highlights the advantages in cost, time efficiency, and flexibility over traditional 3D modeling techniques, while providing acceptable accuracy for metaverse projects in smart forests and landscape architecture. Core contributions include the integration of AI-based user voice interaction with blockchain and behavioral data for distributed and collaborative tree modeling, the introduction of a scalable and secure “Merkle hash tree” for smart forest monitoring, and the facilitation of fintech adoption in environmental projects. This framework offers significant potential for advancing metaverse-based landscape architecture, smart forest surveillance, sustainable urban planning, and the improvement of citizen involvement in sustainable forestry paving the way for a greener future. Full article

Reusing cached data is a widely adopted technique for improving network and system performance. Future Internet architectures such as Named Data Networking (NDN) leverage intermediate nodes—such as proxy servers and routers—to cache and deliver data, reducing latency and alleviating load on original data sources. However, a fundamental challenge of this approach is the lack of trust in intermediate nodes, as users cannot reliably identify and verify them. To address this issue, many systems adopt data-oriented verification rather than sender authentication, using Merkle Hash Trees (MHTs) to enable users to verify both the integrity and authenticity of received data. Despite its advantages, MHT-based authentication incurs significant redundancy: identical hash values are often recomputed, and witness data are repeatedly transmitted for each segment. These redundancies lead to increased computational and communication overhead, particularly in large-scale data publishing scenarios. This paper proposes a novel scheme to reduce such inefficiencies by enabling the reuse of previously verified node values, especially transmitted witnesses. The proposed scheme improves both computational and transmission efficiency by eliminating redundant computation arising from repeated calculation of identical node values. To achieve this, it stores and reuses received witness values. As a result, when verifying 2ⁿ segments (n > 8), the proposed method achieves more than an 80% reduction in total hash operations compared to the standard MHT. Moreover, our method preserves the security guarantees of the MHT while significantly optimizing its performance in terms of both computation and transmission costs. Full article

With the continuous development of quantum computing technology, the traditional public key cryptosystem is facing severe security challenges, especially in the resource-constrained UAV swarm communication scenario. To deal with this problem, this paper proposes a secure communication scheme for the post-quantum era, which combines the Kyber-based group key agreement mechanism and the lightweight identity authentication system constructed by sparse Merkle tree (SMT). The system is initialized by the edge node, and supports the dynamic joining and leaving of the UAV through the authentication and key management mechanism. To meet the security and performance requirements in different application scenarios, we design and integrate two mainstream post-quantum signature schemes to provide flexible identity authentication options. Experimental results show that the scheme has low resource overhead while ensuring security, which is suitable for the actual communication deployment of post-quantum UAV swarm. Full article

Distributed digital identity is an emerging identity management technology aimed at achieving comprehensive interconnectivity between digital objects. However, there is still the problem of privacy leakage in distributed identities, and selective disclosure technology partially solves the privacy issue in distributed identities. Most of the existing selective disclosure algorithms use anonymous credentials or hash functions. Anonymous credential schemes offer high security and meet the requirements of unforgeability and unlinkability, but their exponential operations result in low efficiency. The scheme based on hash functions, although more efficient, is susceptible to man-in-the-middle attacks. This article proposes an efficient selective disclosure scheme based on hash functions and implicit certificates. The attribute values are treated as leaf nodes of the Merkle tree, and the root node is placed in a verifiable credential. According to the implicit certificate algorithm process, a key pair that can use the credential is generated. During the attribute disclosure process, the user autonomously selects the attribute value to be presented and generates a verification path from the attribute to the root node. The verifier checks the Merkle tree verification path. All operations are completed within 10 ms while meeting the unforgeability requirements and resisting man-in-the-middle attacks. This article also utilizes the ZK-SNARK algorithm to hide the validation path of the Merkle tree, enhancing the security of the path during the disclosure process. The experimental results show that the selective disclosure algorithm performs well in both performance and privacy protection, with an efficiency 80% faster than that of existing schemes. This enhances the proposed scheme’s potential and value in the field of identity management; it also holds broad application prospects in fields such as the Internet of Things, finance, and others. Full article

The Blockchain-based Decentralized Identity Management System (BDIMS) is an innovative framework designed for digital identity management, utilizing the unique attributes of blockchain technology. The BDIMS categorizes entities into three distinct groups: identity providers, service providers, and end-users. The system’s efficiency in identifying and extracting information from identification cards is enhanced by the integration of artificial intelligence (AI) algorithms. These algorithms decompose the extracted fields into smaller units, facilitating optical character recognition (OCR) and user authentication processes. By employing Merkle Trees, the BDIMS ensures secure authentication with service providers without the need to disclose any personal information. This advanced system empowers users to maintain control over their private information, ensuring its protection with maximum effectiveness and security. Experimental results confirm that the BDIMS effectively mitigates identity fraud while maintaining the confidentiality and integrity of sensitive data. Full article

With the rapid advancement in artificial intelligence, autonomous driving has emerged as a prominent research frontier. Autonomous vehicles rely on high-precision high-definition map data, necessitating timely map updates by map companies to accurately reflect road conditions. This paper proposes an efficient and fair map-data-sharing mechanism for vehicular networks. To encourage vehicles to share data, we introduce a reputation unit to resolve the cold-start issue for new vehicles, effectively distinguishing legitimate new vehicles from malicious attackers. Considering both the budget constraints of map companies and heterogeneous data collection capabilities of vehicles, we design a fair incentive mechanism based on the proposed reputation unit and a reverse auction algorithm, achieving an optimal balance between data quality and procurement costs. Furthermore, the scheme has been developed to facilitate mutual authentication between vehicles and Roadside Unit(RSU), thereby ensuring the security of shared data. In order to address the issue of redundant authentication in overlapping RSU coverage areas, we construct a Merkle hash tree structure using a set of anonymous certificates, enabling single-round identity verification to enhance authentication efficiency. A security analysis demonstrates the robustness of the scheme, while performance evaluations and the experimental results validate its effectiveness and practicality. Full article

The security of commonly used cryptographic systems like RSA and ECC might be threatened by the future development of quantum computing. Verkle-based HORST decreases the size of signatures by 75% (from 12.8 KB to 3.2 KB) and enables O(1)-sized proofs by replacing Merkle trees with Verkle trees. Because verification shifts from O(log t) to constant time, it is ideal for blockchain and IoT applications that require short signatures and fast validation. In order to increase efficiency, this study introduces Verkle-based HORST, a hash-based signature method that uses Verkle trees. Our primary contributions are the following: a formal security analysis proving maintained protection levels under standard assumptions; a thorough performance evaluation demonstrating significant improvements in signature size and verification complexity in comparison to conventional Merkle tree approaches; and a novel signature construction employing polynomial commitments to achieve compact proofs. The proposed approach has a lot of benefits for real-world implementation, especially when dealing with situations that call for a large number of signatures or settings with limited resources. We offer comprehensive implementation instructions and parameter choices to promote uptake while preserving hash-based cryptography’s quantum-resistant security features. Our findings suggest that this method is a good fit for post-quantum cryptography systems’ standardization. Full article