Zero-knowledge Proofs Research Articles

VPFL: Enabling verifiability and privacy in federated learning with zero-knowledge proofs

Federated learning has become increasingly popular in recent years and is widely applied to various fields of machine learning. However, the localized execution of federated learning lacks visibility of the training process to a third party (e.g., the model user or auditor), which raises the need to verify the training process. Privacy concerns over the public release of sensitive data for verification purposes are a prominent issue. Therefore, enabling a public verification of the training process without revealing sensitive data is a challenge. In this paper, we focus on verifiability and privacy in federated learning and propose a verifiable and privacy-preserving federated learning scheme (VPFL). We first employ zero-knowledge proofs to allow a third party to publicly verify the training process, which enhances the transparency of the training process and the reliability of the model. Then, to further protect the privacy of sensitive data, we exploit a commitment scheme to ensure that no information about sensitive data is leaked to a third party. We conduct extensive experiments to evaluate the performance of our scheme. For federated learning with 100 clients, our scheme only takes 13.1s to generate evidence and 8.8s to verify it. In addition, we compared our scheme with other schemes, and we observed that our scheme satisfies both the security properties of verifiability and privacy.

ÜSTÜN MƏXFİLİYİN QORUNMASI TEXNİKALARI İLƏ AĞILLI MÜQAVİLƏLƏRDƏ MƏLUMAT MƏXFİLİYİNİN TƏKMİLLƏŞDİRİLMƏSİ

This research paper delves into the imperative domain of bolstering data confidentiality within smart contracts through the integration of advanced privacy-preserving methodologies. Smart contracts, pivotal components of blockchain technology, execute self-executing contracts with predefined conditions and are increasingly utilized across various sectors, necessitating stringent data protection measures. The paper addresses the pressing need for fortified data privacy within smart contracts and investigates cutting-edge approaches to mitigate privacy challenges. Two focal techniques under scrutiny are zero-knowledge proofs (SBÇs) and homomorphic encryption. SBÇs facilitate the validation of computations without revealing sensitive data, enabling parties to verify transaction authenticity without disclosing the underlying information. Meanwhile, homomorphic encryption permits computations on encrypted data, preserving confidentiality by allowing operations on encrypted information without the need for decryption. By analyzing these advanced privacy-preserving techniques, this study aims to address the vulnerabilities in data confidentiality present in smart contracts. Its findings hold significant promise in fortifying the security and confidentiality of transactions, thus contributing substantially to the evolution of secure blockchain technology. This research underscores the pivotal role of innovative privacy-enhancing mechanisms in safeguarding sensitive data within smart contracts, ensuring the trust and integrity essential for their widespread adoption.

Efficient and Secure EMR Storage and Sharing Scheme Based on Hyperledger Fabric and IPFS

This study examines the issues of privacy protection, data security, and query efficiency in blockchain-based electronic medical record (EMR) sharing. It proposes a secure storage and sharing scheme for EMR based on Hyperledger Fabric and the InterPlanetary File System (IPFS). To mitigate the privacy risks of data mining that could reveal patient identities, we establish an attribution channel in Hyperledger Fabric to store EMR ownership information and a data channel to store the storage location, digest, and usage records of medical data. Encrypted medical data are stored in the IPFS. To improve query efficiency in the blockchain, we integrate queryable medical data attributes into a composite key for conditional queries, avoiding complex data filtering processes. Additionally, we use a zero-knowledge proof combined with smart contracts for decentralized identity verification, eliminating reliance on third-party centralized verification services and enhancing system security. We also integrate AES and proxy re-encryption techniques to ensure data security during sharing. This scheme provides a more secure, efficient, and privacy-preserving approach for EMR systems, with significant practical implications and broad application potential.

Atomic cross-chain swap based on private key exchange

Atomic Cross-Chain Swap (ACCS) is one important topic in cryptocurrency, where users can securely and trustlessly exchange assets between two different blockchains. However, most known ACCS schemes assume specific scripting functionalities of the underlying blockchains, such as Hash Time Locked Contracts (HTLC). In addition, these schemes are typically only applicable to certain digital signature schemes, like Schnorr or Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. In this paper, we propose a generic ACCS scheme, independent from the underlying blockchains. To the best of our knowledge, this is the first solution of this kind. Our results are as follows. First, we define a formal system model of ACCS. Next, we present a generic ACCS scheme meets our model. This scheme admits atomicity in cross-chain swaps without the need for a Trusted Third Party (TTP) and protects users’ privacy. Finally, by using the Non-Interactive Zero-Knowledge (NIZK) proof protocol as a tool, we instantiate our generic scheme for Elliptic Curve Discrete Logarithm Problem-based (ECDLP-based) signatures. In addition, we implement our scheme, and the experimental results show that our protocol outperforms the existing ACCS schemes, such as the HTLC-based schemes.

ZKAV:Zero Knowledge proof for AV

This study investigates how blockchain technology can be used in the automotive industry and society, with a focus on addressing privacy concerns and compliance issues. The study investigates the application of privacy-preserving methods, including zero-knowledge proofs and anonymous credentials, to protect vehicle data shared with servers and prevent V2X channel spam. The proposed blockchain ecosystem involves collaborations among stakeholders like governmental bodies and automotive industry participants to ensure user privacy, implementation employs Ethereum[5], circom, and ezkl for practical realization, the study demonstrates the potential of blockchain and [7] Zero Knowledge Proofs in overcoming challenges, promoting a more secure digital environment.

Personhood Global Whispers: Ethical Echoes of Decentralization?

This article explores the ethical dilemmas propelled by a significant shift in the allocation of trust and intelligence due to blockchain technology and AI, resulting in a notable decrease in transaction costs. The ethical and political implications of democratizing the resulting productivity gains are noteworthy, and while the pie is expanding, how its slices are distributed remains an open question. Enter Worldcoin, an innovative worldwide initiative that creates an identity system based on proof of personhood and zero-knowledge proofs (ZKP) to provide everyone with a distinct and anonymous "World ID. Using the author's “cyberethics-mix" framework, this paper examines the possible implications of such a system concerning data's protection, ownership, accuracy, and accessibility, underscoring the ethical significance of a political approach emphasizing inclusivity and sustainability through digital decentralization.

Blockchain Enforced Attribute based Access Control with ZKP for Healthcare Service

The relationship between doctors and patients is reinforced through the expanded communication channels provided by remote healthcare services, resulting in heightened patient satisfaction and loyalty. Nonetheless, the growth of these services is hampered by security and privacy challenges they confront. Additionally, patient electronic health records (EHR) information is dispersed across multiple hospitals in different formats, undermining data sovereignty. It allows any service to assert authority over their EHR, effectively controlling its usage. This paper proposes a blockchain enforced attribute-based access control in healthcare service. To enhance the privacy and data-sovereignty, the proposed system employs attribute-based access control, zero-knowledge proof (ZKP) and blockchain. The role of data within our system is pivotal in defining attributes. These attributes, in turn, form the fundamental basis for access control criteria. Blockchain is used to keep hospital information in public chain but EHR related data in private chain. Furthermore, EHR provides access control by using the attributed based cryptosystem before they are stored in the blockchain. Analysis shows that the proposed system provides data sovereignty with privacy provision based on the attributed based access control.

Enhancing privacy and security in 5G networks with an anonymous handover protocol based on Blockchain and Zero Knowledge Proof

The latest advancement in cellular technology, 5G, has the ability to facilitate various applications such as Device-to-Device (D2D) communication, vehicular communications, and the Internet of Everything (IoE). However, the technology is faced with challenges related to user privacy, resource management, handover authentication, and security of the air interface and internet channels. Moreover, the use of specialized base stations such as wireless Access Points (AP) and Road-Side Units (RSU) in vehicular communications may be owned by subscribers outside formal network operators. The conventional handover authentication schemes have a lengthy latency period that conflicts with the 5G quality of service. To tackle these challenges, this paper presents an anonymous scheme that utilizes Blockchain and Zero Knowledge Proof (ZKP) to ensure efficient privacy in the handover protocol of 5G Networks. The proposed scheme has been thoroughly evaluated for security and privacy and has shown to be resistant to identity catching, location area tracing, and replay attacks while achieving Forward/Backward secrecy. Furthermore, the performance evaluation of the proposed scheme indicates that it is efficient and speedy as it involves a limited number of messages, low computation, and does not necessitate the involvement of the Home Network (HN) in the authentication or handover protocols. A diligently crafted BAHO authentication protocol, following cryptographic principles, guarantees robust security against the Real-or-Random model. This results in a seamless and secure transition for User Equipment, upholding confidentiality, integrity, and authenticity during handovers between Access Points.

Integrating blockchain and ZK-ROLLUP for efficient healthcare data privacy protection system via IPFS

With the rapid development of modern medical technology and the dramatic increase in the amount of medical data, traditional centralized medical information management is facing many challenges. In recent years blockchain, which is a peer-to-peer distributed database, has been increasingly accepted and adopted by different industries and use cases. Key areas of healthcare blockchain applications include electronic medical record (EMR) management, medical device supply chain management, remote condition monitoring, insurance claims and personal health data (PHD) management, among others. Even so, there are a number of challenges in applying blockchain concepts to healthcare and its data, including interoperability, data security privacy, scalability, TPS and so on. While these challenges may hinder the development of blockchain in healthcare scenarios, they can be improved with existing technologies In this paper, we propose a blockchain-based healthcare operations management framework that is combined with the Interplanetary File System (IPFS) for managing EMRs, protects data privacy through a distributed approach while ensuring that this medical ledger is tamper-proof. Doctors act as full nodes, patients can participate in network maintenance either as light nodes or as full nodes, and the hospital acts as the endpoint database of data, i.e., the IPFS node, which saves the arithmetic power of nodes and allows the data stored in the hospitals and departments to be shared with the other organizations that have uploaded the data. Therefore, the integration of blockchain and zero-knowledge proof proposed in this paper helps to protect data privacy and is efficient, better scalable, and more throughput.

RNA: R1CS Normalization Algorithm Based on Data Flow Graphs for Zero-Knowledge Proofs

The communities of blockchains and distributed ledgers have been stirred up by the introduction of zero-knowledge proofs (ZKPs). Originally designed as a solution to privacy issues, ZKPs have now evolved into an effective remedy for scalability concerns. To enable ZKPs, Rank-1 Constraint Systems (R1CS) offer a verifier for bi-linear equations. In order to accurately and efficiently represent R1CS, several language tools like Circom, Noir, and Snarky have been proposed to automate the compilation of advanced programs into R1CS. However, due to the flexible nature of R1CS representation, there can be significant differences in the compiled R1CS forms generated from circuit language programs with the same underlying semantics. To address this issue, this paper puts forth a data-flow-based R1CS paradigm algorithm, which produces a standardized format for different R1CS instances with identical semantics. Additionally, we present an R1CS benchmark, and our experimental evaluation demonstrates the efficacy of our methods.

BPA: A Novel Blockchain-Based Privacy-Preserving Authentication Scheme for the Internet of Vehicles

The Internet of Vehicles (IoV) connects an isolated individual on the road to share information, which can improve traffic efficiency. However, the promotion of information sharing brings the critical security issues of identity authentication, followed by privacy protection issues in the authentication process in the IoV. In this study, we designed a blockchain-based conditional privacy-preserving authentication scheme for the IoV (BPA). Our scheme implements zero-knowledge proof (ZKP) to verify the identities of vehicles, which moves the authentication process down to the Roadside Units (RSUs) and achieves decentralized authentication at the edge nodes. Moreover, blockchain technology is utilized to synchronize a consistent ledger across all RSUs for recording and disseminating vehicle authentication states, which enhances the overall authentication process efficiency. We provide a theoretical analysis asserting that the BPA ensures enhanced security and effectively protects the privacy of all participating vehicles. Experimental evaluations confirm that our scheme outperforms existing solutions in terms of the computational and communication overhead.

Metadata-Private Resource Allocation in Edge Computing Withstands Semi-Malicious Edge Nodes.

Edge computing provides higher computational power and lower transmission latency by offloading tasks to nearby edge nodes with available computational resources to meet the requirements of time-sensitive tasks and computationally complex tasks. Resource allocation schemes are essential to this process. To allocate resources effectively, it is necessary to attach metadata to a task to indicate what kind of resources are needed and how many computation resources are required. However, these metadata are sensitive and can be exposed to eavesdroppers, which can lead to privacy breaches. In addition, edge nodes are vulnerable to corruption because of their limited cybersecurity defenses. Attackers can easily obtain end-device privacy through unprotected metadata or corrupted edge nodes. To address this problem, we propose a metadata privacy resource allocation scheme that uses searchable encryption to protect metadata privacy and zero-knowledge proofs to resist semi-malicious edge nodes. We have formally proven that our proposed scheme satisfies the required security concepts and experimentally demonstrated the effectiveness of the scheme.

Secure and Verifiable Data Collaboration with Low-Cost Zero-Knowledge Proofs

Federated Learning (FL) emerges as a viable solution to facilitate data collaboration, enabling multiple clients to collaboratively train a machine learning (ML) model under the supervision of a central server while ensuring the confidentiality of their raw data. However, existing studies have unveiled two main risks: (i) the potential for the server to infer sensitive information from the client's uploaded updates (i.e., model gradients), compromising client input privacy, and (ii) the risk of malicious clients uploading malformed updates to poison the FL model, compromising input integrity. Recent works utilize secure aggregation with zero-knowledge proofs (ZKP) to guarantee input privacy and integrity in FL. Nevertheless, they suffer from extremely low efficiency and, thus, are impractical for real deployment. In this paper, we propose a novel and highly efficient approach RiseFL for secure and verifiable data collaboration, ensuring input privacy and integrity simultaneously. Firstly, we devise a probabilistic integrity check method that transforms strict checks into a hypothesis test problem, offering great optimization opportunities. Secondly, we introduce a hybrid commitment scheme to satisfy Byzantine robustness with improved performance. Thirdly, we present an optimized ZKP generation and verification technique that significantly reduces the ZKP cost based on probabilistic integrity checks. Furthermore, we theoretically prove the security guarantee of RiseFL and provide a cost analysis compared to state-of-the-art baselines. Extensive experiments on synthetic and real-world datasets suggest that our approach is effective and highly efficient in both client computation and communication. For instance, RiseFL is up to 28x, 53x, and 164x faster than baselines ACORN, RoFL, and EIFFeL for the client computation.

A Distributed Internet of Vehicles Data Privacy Protection Method Based on Zero-Knowledge Proof and Blockchain

A Distributed Internet of Vehicles Data Privacy Protection Method Based on Zero-Knowledge Proof and Blockchain

Confidentially Compare Rational Numbers under the Malicious Model

<p>Secure multi-party computation is a hotspot in the cryptography field, and it is also a significant means to realize privacy computation. The Millionaires’ problem is the most fundamental problem among them, which is the basic module of secure multi-party computation protocols. Although there are many solutions to this problem, there are few anti-malicious adversarial protocols besides protocols based on Yao’s garbled circuit. Only a few solutions have low efficiency, and there is no protocol for rational numbers comparison under the malicious model, which restricts the solution of many secure multi-party computation problems. In this paper, the possible malicious behaviors are analyzed in the existing Millionaires’ problem protocols. These behaviors are discovered and taken precautions against through the triangle area formula, zero-knowledge proof, and cut-and-choose method, so the protocol of comparing confidentially rational numbers is proposed under the malicious model. And this paper adopts the real/ideal model paradigm to prove the security of the malicious model protocol. Efficiency analysis indicates that the proposed protocol is more effective than existing protocols. The protocol of rational numbers comparison under the malicious model is more suitable for the practical applications of secure multi-party computation, which has important theoretical and practical significance.</p> <p> </p>

Static Program Analysis for IoT Risk Mitigation in Space-Air-Ground Integrated Networks

The space-air-ground integrated networks(SAGINs) are pivotal for modern communication and surveillance, with a growing number of connected devices. The proliferation of IoT devices within these networks introduces new risks due to potential erroneous synergistic interactions that could compromise system integrity and security. This paper addresses the challenges in coordination, synchronization, and security within SAGINs by introducing a novel static program analysis (SPA) technique using zero-knowledge (ZK) proofs. This approach ensures the detection of risky interactions without compromising sensitive source code, thus safeguarding intellectual property and privacy. The proposed method overcomes the incompatibility between SPA and ZK systems by developing an imperative programming language for SAGINs and a specialized abstract domain for interaction threats. The system translates network control algorithms into arithmetic circuits suitable for ZK analysis, maintaining high accuracy in detecting risks. Evaluations on real-world scenarios demonstrate the system's efficacy in identifying risky interactions with minimal computational overhead. This research presents the first ZK-based SPA scheme for SAGINs, enhancing security and confidentiality in network analysis while adhering to privacy regulations.

Evaluation of trust service and software product regimes for zero-knowledge proof development under eIDAS 2.0

This paper delves into two legal models for zero-knowledge proof protocols in the context of the eIDAS 2.0 Regulation: a trust service or a software product. The ARIES: reliAble euRopean Identity EcoSystem EU project highlighted the need for a legal framework for stakeholders to accept proof of the existence of user data with legal certainty, while Hyperledger Indy shows that ZKP solutions are currently commercialized, stressing deficiencies in the eIDAS 2.0. An overview of ZKP applied to identity, its relationship to the European Digital Identity Wallet and the electronic attestations of attributes, both introduced by the eIDAS 2.0, and Self-Sovereign Identity systems, leads to the central question of proof of the existence of user-held data as a trust service or as a software product and its data privacy implications for each approach. Finally, we outline a possible solution based on the product approach for future work. Our findings reveal that ZKP technology must have legal value and a presumption system to be effective. However, the path we take could lead us either to develop a system of surveillance and control in electronic environments or to build an environment where we share not the data itself but proof of its existence.

Improved RSA dynamic cryptographic accumulator-based anonymous batch authentication scheme for Internet of Vehicles

The Internet of Vehicles (IoV) provides various services to vehicles through information sharing to ensure road safety and improve traffic efficiency. However, malicious attackers can challenge the privacy and security systems of the IoV by conducting security attacks. Currently, many schemes use bilinear pairing or elliptic curves to construct authentication systems, ensuring anonymity of vehicle identities and message security. However, these schemes suffer drawbacks such as low computational efficiency and high communication overhead in highly dynamic IoV. Therefore, we propose a new efficient certificateless message authentication scheme. The proposed scheme constructs a lightweight security authentication protocol by improving the RSA dynamic accumulator and combining it with non-interactive discrete logarithm zero-knowledge proofs. In addition, our scheme eliminates the need for bilinear pairing operations, thereby reducing computational overhead. Simultaneously, it enables real-time tracking and revocation of malicious vehicle identities. Security analysis shows that our scheme can be reduced to a secure S-RSA assumption under the random oracle model, meeting various security requirements of the IoV. Performance analysis shows that our scheme diminishes not only the computational overhead but also the communication overhead.

The Paradox of Power: Securing User Data in the Cloud's Shadow

Whilst the blessing of the cloud, which provides for adaptability and easy data sharing as well as storage, comes with some security doubts. We place a major responsibility on our backs of protecting the data provided by our users from any evil attempts to sneak in and also risks of being accidentally exposed and the ones that exist through shared infrastructure. This paper traverses this complex terrain by noting the need for targeted security solutions which are aimed towards dealing with the compounded nature of the fast-growing problem. By exploring such threats as data breaches, the possible encryption breaks and the nature of server sharing we will analyze the safety of cloud-based services. We position that the existing security methods, though very necessary, are not exclusive in responding to the ones posed by the new threats. This means we will therefore be rather flexible in our design of the data security in the cloud. By the way, we will employ innovative strategies, maybe, by replacing a word for words such as homomorphic encryption, zero-knowledge proofs, and federated learning, presenting how it holds promise for private and confidential assets. Furthermore, we investigate the exploding influence of blockchain technology, regarding the wages it might deserve in providing manipulated data authentication and creating trust. The work in this paper creates a path towards a future when database users' virtual information in the cloud is safe and certified. Through proposing a wide-ranged approach, which equates realized ideas with well-established security frameworks, we shall lead a cloud infrastructure where stability and power would prevail. Keywords – Cloud Computing, Security Issues, Security Challenges

Experimental implementation of a quantum zero-knowledge proof for user authentication

A new interactive quantum zero-knowledge protocol for identity authentication implementable in currently available quantum cryptographic devices is proposed and demonstrated. The protocol design involves a verifier and a prover knowing a pre-shared secret, and the acceptance or rejection of the proof is determined by the quantum bit error rate. It has been implemented in modified Quantum Key Distribution devices executing two fundamental cases. In the first case, all players are honest, while in the second case, one of the users is a malicious player. We demonstrate an increase of the quantum bit error rate around 25% in the latter case compared to the case of honesty. The protocol has also been validated for distances from a back-to-back setup to more than 60 km between verifier and prover. The security and robustness of the protocol has been analysed, demonstrating its completeness, soundness and zero-knowledge properties.