Search Results (47)

With the widespread adoption of cryptocurrencies, the ability to conduct continuous offline payments has increasingly become a critical technological requirement. In network-constrained scenarios, current dual-offline payment technologies are useful for single transactions. However, their limitations in continuous payment scenarios have become increasingly evident, making them unable to meet real-world application needs. This has prompted the industry to demand more urgent innovations in research on continuous offline payment capabilities. To address these challenges, this paper proposes a continuous dual-offline payment system capable of supporting multiple continuous payments. The system integrates elliptic curve cryptography (ECC) and zero-knowledge proof (ZKP) technology to generate secure asset credentials, ensuring both immutability and privacy credentials throughout the offline payment lifecycle. A dynamic credential decomposition mechanism enables the splitting of input credentials into change credentials and receipt credentials, facilitating uninterrupted dual-offline payments between hardware wallets. Additionally, it incorporates a batch verification scheme based on smart contracts, utilizing zero-balance verification and chained hash tracing to ensure payment uniqueness and prevent double-spending attacks, thereby guaranteeing the verifiability and validity of payment settlements. Experimental evaluations demonstrate that the proposed system reduces gas consumption per payment and improves execution efficiency during batch processing, combining high security with strong performance. This research provides a feasible solution for the application of digital currencies in offline scenarios, carrying significant theoretical value and practical significance for driving technological innovation and application expansion in the cryptocurrency field. In addition to cryptocurrency payments, the proposed system is also applicable to IoT and sensor network environments. Many IoT devices operate in disconnected or network-limited areas and require secure micro-transactions. Our dual-offline payment mechanism supports such scenarios, as the main cryptographic operations are lightweight enough for typical IoT hardware. This further extends the practical value of our system beyond traditional cryptocurrency payments. Full article

Sixth-generation (6G) networks are expected to provide ubiquitous connectivity, AI-native orchestration, and seamless integration across terrestrial and non-terrestrial infrastructures. However, these capabilities introduce new privacy challenges related to the classification and protection of personal, quasi-personal, and non-personal data in complex data-driven environments. This paper presents a systematic review of 78 peer-reviewed studies published between 2019 and 2025. Following a PRISMA-based methodology, this review analyzes privacy-enhancing technologies (PETs), regulatory compliance frameworks, and architectural patterns for privacy preservation in 6G networks. The findings show that differential privacy (DP) and federated learning (FL) dominate current research, accounting for nearly 52% of the reviewed studies. Blockchain auditing and zero-knowledge proofs (ZKPs) collectively represent approximately 30%, while the remaining mechanisms, including physical-layer security (PLS), trusted execution environments (TEEs), homomorphic encryption (HE), secure multi-party computation (SMPC), and anonymization, account for roughly 18%. These mechanisms exhibit varying levels of privacy strength, utility preservation, latency, and energy cost. At the same time, evolving regulatory frameworks, including GDPR, PDPL, CCPA/CPRA, LGPD, and PIPL, increasingly extend privacy obligations to quasi-personal and aggregated data. Building on these findings, this paper proposes a unified taxonomy that clarifies the boundary between personal and non-personal data. It also provides a cross-layer mapping between PETs and compliance requirements across the Core/SBA, RAN, Edge/MEC, and NTN layers. Finally, this paper presents a forward-looking roadmap for 2025–2030, highlighting hybrid PET pipelines, post-quantum auditability, and AI-driven compliance automation as key directions for privacy-preserving 6G standardization. Full article

Ensuring data security and privacy has emerged as a serious concern in the realm of blood supply chain. This is mainly because of sensitivity of donor information, the involvement of multiple stakeholders, and the need for transparent traceability. This paper proposes a novel privacy-preserving, permissioned blockchain framework for blood supply chain management that integrates Hyperledger Fabric, the InterPlanetary File System (IPFS), and a Zero-Knowledge Proof (ZKP)-based authentication protocol. The framework introduces a Pseudonymous Role-Bound Zero-Knowledge Authentication (PRZKA) mechanism that enables donors to authenticate and authorize access to their medical data without revealing their real identities. Context-specific pseudonyms derived through cryptographic hash-to-curve operations ensure unlinkability across different healthcare interactions, while Schnorr-style challenge–response proofs prevent replay attacks and credential misuse. Sensitive donor information is protected using Fabric Private Data Collections, whereas encrypted medical records are stored off-chain in IPFS, with only secure content identifiers recorded on the blockchain. Smart contracts enforce fine-grained, consent-aware access control policies and maintain immutable audit logs of all access events. The proposed system architecture combines an off-chain ZKP gateway with on-chain authorization logic to minimize blockchain overhead while preserving strong security guarantees. Furthermore, a performance evaluation framework is defined, including metrics, workload scenarios, and system configurations, to support future empirical validation. Security analysis indicates that the proposed framework enhances privacy, prevents identity linkage, and enables auditable, consent-driven data sharing compared with existing blockchain-based healthcare solutions. Full article

With the growing volume of sensitive data stored and processed in cloud environments, conventional security models are no longer sufficient to guarantee privacy, integrity, and trust. This paper proposes a blockchain-based framework that integrates Zero-Knowledge Proofs (ZKPs) and homomorphic encryption (HE) to enable secure and privacy-preserving data sharing. ZKPs are employed to verify user access rights without exposing identities or underlying information, while HE allows computations to be performed directly on encrypted data, ensuring confidentiality is preserved throughout the data lifecycle. The proposed framework addresses the limitations of existing approaches that either lack encrypted computation capabilities or expose sensitive data during processing. Formal and informal analyses demonstrate the feasibility of the model in terms of encryption time, ZKP verification latency, and computation overhead. The framework is designed to be applied initially in the healthcare sector and aligns with national digital transformation initiatives such as Saudi Vision 2030. Full article

The proliferation of digital assets has catalyzed a profound decoupling between intangible property and traditional inheritance jurisprudence. Under the existing legal framework in Taiwan, practitioners must rely on the testamentary forms prescribed in Article 1189 of the Civil Code, which are fundamentally ill equipped to handle cryptographic assets. Specifically, Notarized Wills (Article 1191) necessitate full disclosure to a notary, creating a “Privacy–Security Paradox” where revealing private keys exposes assets to misappropriation. Conversely, while Sealed Wills (Article 1192) offer confidentiality, they are plagued by risks of physical degradation and technical non-executability. This study proposes zkWill, an EVM-compatible decentralized testamentary framework designed to bridge these structural gaps. By leveraging Zero-Knowledge Proofs (ZKPs), zkWill achieves a state of “blind compliance,” verifying that a sealed will meets the statutory requirements of the Civil Code without disclosing its underlying content. The system integrates the Permit2 protocol for secure asset migration and combines AES-256 encryption with IPFS to immunize testaments against centralized storage failures. Unlike conventional services that demand custodial trust, zkWill employs decentralized oracles to trigger automated execution, ensuring legacy distribution without compromising wallet private keys. Empirical data from the Arbitrum Sepolia testnet confirms that the framework maintains constant verification efficiency and a judicially resilient audit trail, providing a paradigm that harmonizes legal pragmatism with cryptographic security for digital inheritance. Full article

Large-scale Virtual Power Plants (VPPs) are increasingly essential as Distributed Energy Resources (DERs) assume ancillary service duties once supplied by conventional generation, yet scaling a VPP exposes a persistent trilemma among economic efficiency, data privacy, and operational security. Centralized coordination can approach optimal revenue but requires collecting fine-grained DER operational data and creates a single point of compromise. Federated Learning (FL) mitigates raw data centralization by keeping measurements and experience local, but it introduces a fragile trust assumption that the aggregator will correctly and fairly combine model updates. This trust gap is acute in reinforcement learning-based VPP control because aggregation deviations, including selectively dropping updates, manipulating weights, replaying stale models, or injecting a replacement model, can silently bias the learned policy and degrade both profit and compliance. We propose a zero-knowledge federated reinforcement learning framework for trustless VPP coordination in which each DER trains a local deep reinforcement learning agent to solve a multi-objective dispatch problem that balances ancillary service revenue against battery degradation under operational and grid constraints, while the global aggregation step is made externally verifiable. In each round, participants bind membership via signed receipts and commit to their updates, and the aggregator produces a zk-SNARK, proving that the published global parameters equal the agreed aggregation rule applied to the receipt-bound set of committed updates under a fixed-point encoding with range constraints. Verification is lightweight and can be performed independently by each DER, removing the need to trust the aggregator for aggregation integrity without centralizing raw DER operational data or trajectories. The proposed design does not aim to hide model updates from the aggregator. Instead, it provides external verifiability of the aggregation computation while keeping raw measurements and local experience. We formalize the threat model and verifiable security properties for aggregation correctness and update inclusion, present a circuit construction with proof complexity characterized by model dimension and fleet size, and evaluate the approach in power and cyber co-simulation on the IEEE 33 bus feeder with ancillary service signals. Results show near-centralized economic performance under benign conditions and improved robustness to aggregator side deviations compared to standard federated reinforcement learning. Full article

Integrating third-party Machine Learning (ML) models into industrial Operational Technology (OT) creates a procurement deadlock: operators cannot verify vendor performance claims without sharing representative evaluation data with vendors, while vendors refuse to reveal proprietary model weights before purchase, rendering traditional safeguards such as Non-Disclosure Agreements technically unenforceable. This paper introduces a framework combining Zero-Knowledge Proofs (ZKPs) with smart contracts to enable trust-minimized, cryptographically verifiable competitive model procurement in Industrial Cyber-Physical Systems (ICPS). Vendors cryptographically prove that their model outperforms a legacy baseline without disclosing proprietary weights, a process we term cryptographic performance attestation, while the on-chain workflow automates escrow, proof verification, and best-vendor selection with arbiter-based dispute resolution. ZKP privacy is scoped to vendor model weights; operator-side evaluation-data confidentiality is managed separately via synthetic, de-identified, or public benchmark data. We analyze three ZKP workflow variations and evaluate them on consumer-grade hardware, achieving proving times of approximately three seconds and sub-dollar on-chain verification costs under Layer-2 fee assumptions for the recommended single-proof variation, while identifying computational trade-offs of recursive proof aggregation. The entire verification phase operates offline with no impact on real-time OT control paths, bridging the IT/OT pre-transaction trust gap while deferring artifact deployment to existing OT tooling. Full article

The rapid expansion of the Internet of Things (IoT) has led to billions of interconnected devices generating and exchanging sensitive data across diverse domains, which introduces challenges in identity management (IdM) regarding privacy, scalability, and verifiability. While blockchain technology provides decentralization and tamper resistance, its transparency and increasing on-chain storage demands make it unsuitable for large-scale IoT identity ecosystems. To overcome these challenges, IoT-SBIdM is proposed as a lightweight, privacy-preserving, and stateless blockchain-based identity management framework designed for IoT environments. This framework incorporates Elliptic Curve Cryptography (ECC)-based accumulators and Zero-Knowledge Proofs (ZKPs) to facilitate selective disclosure, enabling entities to prove credential authenticity without exposing sensitive identity information. Furthermore, the framework adopts W3C-compliant Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to promote interoperability and user-controlled identity ownership. The experimental results indicate that IoT-SBIdM achieves efficient smart contract execution by reducing gas costs through optimized registry logic. Moreover, the system maintains a compact block size of only 45 MB at higher block heights, outperforming comparable schemes in storage efficiency by achieving a 55% reduction relative to recent models and an approximate 94% reduction relative to older systems, thereby demonstrating superior scalability and storage efficiency, making it suitable for identity management solutions for IoT environments. Full article

Digital product passports outline information about a product’s lifecycle, circularity, and sustainability-related data. Sustainability data contains claims about carbon footprint, recycled material composition, ethical sourcing of production materials, etc. Also, upcoming regulatory directives require companies to disclose this type of information. However, current sustainability reporting practices face challenges, such as greenwashing, where companies make incorrect claims that are difficult to verify. There is also a challenge of disclosing sensitive production information when other stakeholders, such as consumers or other economic operators, wish to verify sustainability claims independently. Zero-knowledge proofs (ZKPs) provide a cryptographic system for verifying statements without revealing sensitive information. The goal of this research paper is to explore ZKP cryptography, trust models, and implementation concepts for extending DPP capability in privacy-aware reporting and verification of sustainability claims in products. To achieve this goal, first, formal representations of sustainability claims are provided. Then, a data matrix and trust model for generating proofs are developed. An interaction sequence is provided to show different components for various proof generation and verification scenarios for sustainability claims. Lastly, the paper provides a circuit template for the proof generation of an example claim and a credential structure for their input data validation. The proposed approach is assessed using a scenario-based evaluation to check the performance metrics for data credential verification and proof generation for verifying material composition in a product. Full article

Mandatory SIM card registration, while essential to regulatory oversight and national security, continues to raise significant privacy concerns due to the centralized collection and storage of sensitive user data by Mobile Network Operators (MNOs). This paper introduces a novel framework that combines blockchain technology with Zero-Knowledge Proofs (ZKPs) to enable secure and privacy-preserving identity verification during SIM registration. The proposed system allows users to authenticate their identity attributes without revealing any personal information, effectively minimizing direct data access by MNOs or intermediaries. A smart contract deployed on the blockchain enforces regulatory policies while ensuring the transparency, immutability, and auditability of all registration events. By removing single points of failure and minimizing trust in centralized authorities, this work offers a cryptographically secure and regulation-compliant solution, with scalability supported by its modular design for next-generation digital identity management in telecommunications infrastructures. Full article

As artificial intelligence (AI) systems grow more powerful, autonomous, and embedded in critical infrastructure, their identification and traceability become foundational to regulatory oversight and sustainable digital governance. In digitally transformed enterprises, long-term sustainability depends on transparent, accountable, and lifecycle-governed AI systems, all of which require verifiable identity. This study proposes a conceptual and architectural framework for AI identification, combining technical and governance mechanisms to support lifecycle accountability. The framework integrates five components: model fingerprinting, cryptographic hashing, blockchain-based registration, zero-knowledge proof (ZKP)-based proof of possession, and post-deployment structural change screening. We introduce a dual-layer identifier, consisting of a machine-verifiable primary hash and a human-readable secondary identifier, anchored in a tamper-resistant registry. Identity validation is supported by selective ZKP-based verification at governance-defined checkpoints, while post-deployment changes are monitored using Lempel-Ziv Jaccard Distance (LZJD) as a governance-oriented screening signal rather than a semantic performance metric. The framework establishes an enforceable and transparent identity infrastructure that enables continuity, auditability, and policy-aligned oversight across AI system lifecycles. By embedding AI identification within enterprise architecture and governance processes, the proposed approach supports sustainable innovation, strengthens institutional accountability, and provides a foundation for selective, policy-defined verification during digital transformation. Full article

Ensuring the reliable, auditable, and privacy-oriented distribution of donations in disaster logistics constitutes a critical challenge due to multi-stakeholder coordination difficulties and the risk of misuse. This study presents a modular architecture, named SecureRelief, operating on a permissioned Hyperledger Fabric platform. The architecture integrates authentication based on Self-Sovereign Identity (SSI), Decentralized Identifiers (DID), and WebAuthn, together with Attribute-Based Access Control (ABAC), and enables the verification of delivery evidence through privacy-preserving validation using zero-knowledge proofs (ZKP). Documents are stored off-chain on the InterPlanetary File System (IPFS), while only cryptographic summary (hash) values sufficient for integrity verification are maintained on-chain. In scenario-based laboratory experiments, the blockchain layer demonstrated low latency (p95 < 16 ms) and stable transaction throughput, confirming its scalability. While the API layer handled high burst request loads with a 0% error rate, the additional computational overhead introduced by the integrated privacy-preserving (ZKP) mechanisms kept the end-to-end transaction latency within acceptable limits for disaster management applications (3.5–4.5 s). Full article

A sharing framework based on Zero-Knowledge Proof (ZKP) and Proxy Re-encryption (PRE) technologies offers a promising solution for sharing Student Electronic Academic Records (SEARs). As core credentials in the education sector, student records are characterized by strong identity binding, the need for long-term retention, frequent cross-institutional verification, and sensitive information. Compared with electronic health records and government archives, they face more complex security, privacy protection, and storage scalability challenges during sharing. These records not only contain sensitive data such as personal identity and academic performance but also serve as crucial evidence in key scenarios such as further education, employment, and professional title evaluation. Leakage or tampering could have irreversible impacts on a student’s career development. Furthermore, traditional blockchain technology faces storage capacity limitations when storing massive academic records, and existing general electronic record sharing solutions struggle to meet the high-frequency verification demands of educational authorities, universities, and employers for academic data. This study proposes a dedicated sharing framework for students’ electronic academic records, leveraging PRE technology and the distributed ledger characteristics of blockchain to ensure transparency and immutability during sharing. By integrating the InterPlanetary File System (IPFS) with Ethereum Smart Contract (SC), it addresses blockchain storage bottlenecks, enabling secure storage and efficient sharing of academic records. Relying on optimized ZKP technology, it supports verifying the authenticity and integrity of records without revealing sensitive content. Furthermore, the introduction of gate circuit merging, constant folding techniques, Field-Programmable Gate Array (FPGA) hardware acceleration, and the efficient Bulletproofs algorithm alleviates the high computational complexity of ZKP, significantly reducing proof generation time. The experimental results demonstrate that the framework, while ensuring strong privacy protection, can meet the cross-scenario sharing needs of student records and significantly improve sharing efficiency and security. Therefore, this method exhibits superior security and performance in privacy-preserving scenarios. This framework can be applied to scenarios such as cross-institutional academic certification, employer background checks, and long-term management of academic records by educational authorities, providing secure and efficient technical support for the sharing of electronic academic credentials in the digital education ecosystem. Full article

Privacy-preserving machine learning (PPML) constitutes a core element of responsible AI by supporting model training and inference without exposing sensitive information. This survey presents a comprehensive examination of the major cryptographic PPML techniques and introduces a unified taxonomy covering technical models, verification criteria, and evaluation dimensions. The study consolidates findings from both survey and experimental works using structured comparison tables and emphasizes that recent research increasingly adopts hybrid and verifiable PPML designs. In addition, we map PPML applications across domains such as healthcare, finance, Internet of Things (IoT), and edge systems, indicating that cryptographic approaches are progressively transitioning from theoretical constructs to deployable solutions. Finally, the survey outlines emerging trends—including the growth of zero-knowledge proofs (ZKPs)-based verification and domain-specific hybrid architectures—and identifies practical considerations that shape PPML adoption in real systems. Full article

One-Time Passwords (OTPs) are a core component of multi-factor authentication in banking, e-commerce, and digital platforms. However, conventional delivery channels such as SMS and email are increasingly vulnerable to SIM-swap fraud, phishing, spoofing, and session hijacking. This study proposes an end-to-end mobile authentication architecture that integrates a permissioned Hyperledger Fabric blockchain for tamper-evident identity management, an AI-driven risk engine for behavioral and SIM-swap anomaly detection, Zero-Knowledge Proofs (ZKPs) for privacy-preserving verification, and geolocation-bound OTP validation for contextual assurance. Hyperledger Fabric is selected for its permissioned governance, configurable endorsement policies, and deterministic chaincode execution, which together support regulatory compliance and high throughput without the overhead of cryptocurrency. The system is implemented as a set of modular microservices that combine encrypted off-chain storage with on-chain hash references and smart-contract–enforced policies for geofencing and privacy protection. Experimental results show sub-0.5 s total verification latency (including ZKP overhead), approximately 850 transactions per second throughput under an OR-endorsement policy, and an F1-score of 0.88 for SIM-swap detection. Collectively, these findings demonstrate a scalable, privacy-centric, and interoperable solution that strengthens OTP-based authentication while preserving user confidentiality, operational transparency, and regulatory compliance across mobile network operators. Full article