Post-Quantum Linkable Hash-Based Ring Signature Scheme for Off-Chain Payments in IoT

Machine learning (ML) and privacy protection are inseparable. On the one hand, ML can be the target of privacy protection; on the other hand, it can also be used as an attack tool for privacy protection. Ring signature (RS) is an effective way for privacy protection in cryptography. In particular, lattice-based RS can still protect the privacy of users even in the presence of quantum computers. However, most current lattice-based RS schemes are based on a strong trapdoor like hash-and-sign, and in such constructions, there is a hidden algebraic structure, that is, added to lattice so that the trapdoor shape is not leaked, which greatly affects the computational efficiency of RS. In this study, utilizing Lyubashevsky collision-resistant hash function over lattice, we construct an RS scheme without trapdoors based on ideal lattice via Fiat‒Shamir with aborts (FSwA) protocol. Regarding security, the proposed scheme satisfies unconditional anonymity against chosen setting attacks (UA-CSA), which is stronger than anonymity against full key exposure (anonymity-FKE), and moreover, our scheme satisfies unforgeability with respect to insider corruption (EU-IC). Regarding computational overhead, compared with other RS schemes that satisfy the same degree of security, our scheme has the highest computational efficiency, the signing and verification time costs of the proposed scheme are obviously better than those of other lattice-based RS schemes without trapdoors, which is more suitable for ML scenarios.

As the next‐generation power grid system, the smart grid can realize the balance of supply and demand and help in communication security and privacy protection. However, real‐time power consumption data collection might expose the users’ privacy information, such as their living habits and economic conditions. In addition, during the process of data transmission, it may lead to data inconsistency between the user side and the storage side. Blockchain provides tamper‐resistant and traceable characteristics for solving these problems, and ring signature schemes provide an anonymous authentication mechanism. Therefore, in this work, we consider the applications of ring signature scheme in smart grid based on blockchain. We introduce the notion of multi‐authority traceable ring signature (MA‐TRS) scheme for distributed setting. In our scheme, there is an auditing node that can distinguish the identity of the real signer from the ring without any secret information. Last but not least, we prove that the proposed scheme is unforgeable, anonymous, and traceable.

With the rapid development of quantum computers and quantum computing, Internet of Things (IoT) networks equipped with traditional cryptographic algorithms have become very weak against quantum attacks. This paper focuses on the privacy-preserving problem in IoT networks and proposes a certificateless ring signature (CLRS) scheme. This CLRS is constructed with lattice theories, which show promising advantages in resisting quantum attacks. Meanwhile, the certificateless mechanism reduces the key control ability of the key generation center (KGC) by adding personal secret keys to the private key generated by the system. Meanwhile, the ring signature mechanism protects users' privacy information through a non-central control mechanism. Next, the security proof in a random oracle model is given, which shows that this CLRS scheme can obtain unforgeability and ensure the signer's anonymity. Its security properties include non-repudiation, traceability, and post-quantum security. Then, the efficiency comparison and performance results show that this CLRS scheme is more efficient and practical than similar schemes. Moreover, this work presents an exploration of the post-quantum cryptographic algorithm and its application in IoT networks.

Internet of Medical Things (IoMT) is a kind of Internet of Things (IoT) that includes patients and medical sensors. Patients can share real‐time medical data collected in IoMT with medical professionals. This enables medical professionals to provide patients with efficient medical services. Due to the high efficiency of cloud computing, patients prefer to share gathering medical information using cloud servers. However, sharing medical data on the cloud server will cause security issues, because these data involve the privacy of patients. Although recently many researchers have designed data sharing schemes in medical domain for security purpose, most of them cannot guarantee the anonymity of patients and provide access control for shared health data, and further, they are not lightweight enough for IoMT. Due to these security and efficiency issues, a novel lightweight privacy‐preserving data sharing scheme is constructed in this paper for IoMT. This scheme can achieve the anonymity of patients and access control of shared medical data. At the same time, it satisfies all described security features. In addition, this scheme can achieve lightweight computations by using elliptic curve cryptography (ECC), XOR operations, and hash function. Furthermore, performance evaluation demonstrates that the proposed scheme takes less computation cost through comparison with similar solutions. Therefore, it is fairly an attractive solution for efficient and secure data sharing in IoMT.

A ring signature scheme can be viewed as a group signature scheme with no anonymity revocation and with simple group setup. A linkable ring signature (LRS) scheme additionally allows anyone to determine if two ring signatures have been signed by the same group member. Recently, Dodis et al. [18] gave a short (constant-sized) ring signature scheme. We extend it to the first short LRS scheme, and reduce its security to a new hardness assumption, the Link Decisional RSA (LD-RSA) Assumption. We also extend [18]’s other schemes to a generic LRS scheme and a generic linkable group signature scheme. We discuss three applications of our schemes. Kiayias and Yung [22] constructed the first e-voting scheme which simultaneously achieves efficient tallying, public verifiability, and write-in capability for a typical voter distribution under which only a small portion writes in. We construct an e-voting scheme based on our short LRS scheme which achieves the same even for all worst-case voter distribution. Direct Anonymous Attestation (DAA) [6] is essentially a ring signature scheme with certain linking properties that can be naturally implemented using LRS schemes. The construction of an offline anonymous e-cash scheme using LRS schemes is also discussed.

Although currently several traceable (or linkable) ring signature schemes have been proposed, most of them are constructed on pairings. In this paper, we present an efficient traceable ring signature (TRS) scheme without pairings, which is based on the modified EDL signature (first proposed by D.Chaum et al. in Crypto 92). Compared with other ring signature schemes, the proposed scheme does not employ pairing computation and has some computational advantages, whose security can be reduced to the computational Diffie-Hellman (CDH) and decisional Diffie-Hellman (DDH) assumptions in the random oracle model. Also, the proposed scheme is similar to certificateless signature scheme, where user and key generating center make interaction to generate ring key. We give a formal security model for ring signature and prove that the proposed scheme has the properties of traceability and anonymity.

Blockchain has been a promising infrastructure for enabling secure data sharing for the Internet of Things (IoT). With the widespread of IoT applications, security issues, such as data privacy, anonymity, and accountability become critical concerns for the users, which are essential principles for secure communication in those applications. However, the existing blockchain-based data-sharing schemes mainly consider data privacy. Only a few works can support anonymity with strong, trusted assumptions. Thus, there is a research gap on the anonymity of blockchain-based data sharing for IoT, which does not rely on any trusted party. In this article, we propose a blockchain-based anonymous data-sharing scheme (BA-DS) by adopting a novel public key encryption derived from a ring signature. In BA-DS, we remove the trusted party and ensure anonymity by using an unconditional linkable ring signature and Signature of Knowledge (SoK). During the revocation, we apply blockchain infrastructure to record the valid revocation list and generate a tag for data stored on the cloud, providing solid accountability. The formal security analysis shows that BA-DS is selective indistinguishable secure in the random oracle model. Additionally, we also prove that BA-DS holds anonymity, data privacy, accountability, and authenticity. The extensive experiments indicate that our proposed BA-DS achieves reasonable efficiency in terms of computational complexity, communication overhead, and consumption on the blockchain.

Blockchain-enabled cold-chain logistics system (BCCLS) has solved the centralized problem in traditional CCLS system. However, along with that different logistics entities establish their own distributed blockchain ledger, it brings new "data island" and privacy leakage problems for BCCLS. In this paper, a transaction ring signing model with multi-chain fusion (MCF) mechanism has been introduced first which helps achieve secure cross-chain data sharing. The MCF mechanism utilizes the relay chain technology to establish a cross-chain transaction platform among different chains. The transaction ring signing model establishes a ring signature mechanism for one cold-chain logistics product circulating in different institutions. Meanwhile, a ring signature (RS) scheme based on lattice assumption is proposed, which can improve the anti-quantum security of transaction ring signing model. This RS is constructed by lattice assumption which can anti-quantum attack security for cross-chain transaction in BCCLS. Then, the security proof shows that the RS scheme can achieve anonymity under full key exposure and unforgeability under insider attack. The efficiency comparison shows that the RS scheme is efficient than similar schemes, and the performance evaluation shows that the transaction ring signing model with MCF model is efficient and practical.

Linkable ring signatures are a type of ring signature scheme that can protect the anonymity of signers while allowing the public to verify whether the same signer has signed the same message multiple times. This functionality makes linkable ring signatures suitable for applications such as cryptocurrencies and anonymous voting systems, achieving the dual goals of identity privacy protection and misuse prevention. However, existing post-quantum linkable ring signature schemes often suffer from issues such as excessive linear data growth the adoption of post-quantum signature algorithms, and high circuit complexity resulting from the use of post-quantum zero-knowledge proof protocols. To address these issues, a logarithmic-size post-quantum linkable ring signature scheme based on aggregation operations is proposed. The scheme constructs a Merkle tree from ring members’ public keys via a hash algorithm to achieve logarithmic-scale signing and verification operations. Moreover, it introduces, for the first time, a post-quantum aggregate signature scheme to replace post-quantum zero-knowledge proof protocols, thereby effectively avoiding the construction of complex circuits. Scheme analysis confirms that the proposed scheme meets the correctness requirements of linkable ring signatures. In terms of security, the scheme satisfies the anonymity, unforgeability, and linkability requirements of linkable ring signatures. Moreover, the aggregation process does not leak information about the signing members, ensuring strong privacy protection. Experimental results demonstrate that, when the ring size scales to 1024 members, our scheme outperforms the existing Dilithium-based logarithmic post-quantum ring signature scheme, with nearly 98.25% lower signing time, 98.90% lower verification time, and 99.81% smaller signature size.

In recent years, the Internet of things (IoT) equipment has grown rapidly, and the scale of the IoT has also expanded. The IoT is deployed in the system in a centralized manner. At the same time that massive data has put a certain amount of pressure on the storage, the open network environment has not fully protected the privacy of the IoT data, which has become one of the important factors restricting the development of the IoT. Blockchain is a point‐to‐point distributed ledger technology based on cryptographic algorithms. The characteristics of decentralization, tamper resistance, anonymity, and public verifiability can alleviate data security issues in IoT. Ring signature and proxy reencryption are common encryption technologies in the field of privacy protection. Therefore, this article combines blockchain technology with ring signature and proxy reencryption to propose a privacy protection solution for the IoT. Through this solution, the data authorized for sharing in the IoT is transmitted in the system in the form of ciphertext, the identity information of the data sender is protected, and the distributed ledger eases the pressure of mass data storage on a centralized server. The correctness and safety of the proposed scheme are also analyzed.

This study aims to fortify Internet of Things (IoT) security through the strategic implementation of Artificial Neural Networks (ANNs). With the rapid expansion of IoT devices, traditional security measures have struggled to cope with the dynamic and complex nature of these environments. ANNs, known for their adaptability, are explored as a promising solution to enhance security. The central objective is to significantly improve the accuracy of IoT security measures by optimizing ANN architectures. Using a curated dataset with key environmental parameters, the study evaluates three ANN models—Backpropagation Neural Network (BPNN), Multilayer Perceptron (MLP), and Long Short-Term Memory (LSTM). The evaluation metrics include accuracy, precision, recall, and F1-score across different train-test splits. Results show that LSTM consistently outperforms BPNN and MLP, demonstrating superior accuracy and the ability to capture temporal dependencies within IoT security data. Implications stress the importance of aligning model selection with specific application goals, considering factors like computational efficiency. In conclusion, this research contributes valuable insights into the practical implementation of ANNs for IoT security, guiding future optimization efforts and addressing real-world deployment challenges to safeguard sensitive data and ensure system resilience in the evolving IoT landscape.

With the arrival of the 5G era, the Internet of Things (IoT) has entered a new stage, and the amount of IoT data is growing rapidly. The traditional blockchain cannot handle massive amounts of data, which presents scalability challenges for blockchain technology. Existing blockchain improvement technologies such as off-chain payments, protocol improvements, and sharding techniques have performance bottlenecks and limitations in the data, which is rapidly growing. The blockchain is fundamentally a decentralized distributed ledger, and the traditional chain structure is inadequate for addressing concerns such as forks, double-spending attacks, and other factors in the current IoT landscape. In this paper, we propose a high-throughput distributed ledger based on Directed Acyclic Graph (DAG) named TEEDAG. We design a consensus algorithm based on self-referencing parallel chains combined with Trusted Execution Environment (TEE) to ensure the security of the consensus process. The experiment proves that TEEDAG demonstrates a significantly higher throughput compared to traditional blockchain solutions and offers improved security and efficiency compared to existing DAG-based distributed ledger solutions.

A lattice-based forward secure IBE scheme for Internet of things

The blockchain-enabled industrial Internet of Things (IIoT) faces security threats such as quantum computing attacks and privacy disclosure. Targeting these issues, in this study, we design a new lattice-based linkable ring signature (LRS) scheme, which is used to achieve privacy protection for the blockchain-enabled IIoT. Firstly, by using the trapdoor generation algorithm on the lattice and the rejection sampling lemma, we propose a new lattice-based LRS scheme with anti-quantum security and anonymity. Then, we introduce it into blockchain. Through the stealth address and key image technologies, we construct a privacy protection scheme for blockchain in the IIoT, and this LRS scheme protects identity privacy for users through anonymous blockchain. In addition, it also can resist the double spending attack with the linking user’s signature. Lastly, we provide a security analysis, and it is proven that our ring signature scheme satisfies correctness, anonymity, unforgeability and linkability. Compared with other similar schemes, the performance simulation indicates that our scheme’s public key and signature are shorter in size, and its computation overhead and time cost are lower. Consequently, our novel LRS scheme is more secure and practical, which provides privacy protection and anti-quantum security for the blockchain-enabled IIoT.

A survey on privacy and security issues in IoT-based environments: Technologies, protection measures and future directions