Explore the vast range of titles available.

Wireless medical sensor networks (WMSNs) enable continuous patient monitoring by transmitting sensitive physiological data over open wireless links. Given the resource-constrained nature and large-scale deployment of such networks, authentication mechanisms must be both lightweight and privacy-preserving. Moreover, due to the frequent turnover of patients and devices in hospital environments, timely member revocation is crucial to prevent discharged or compromised entities from injecting forged reports that could mislead medical diagnosis. Although existing pairing-free certificateless aggregate authentication schemes are efficient, they often suffer from critical security and privacy vulnerabilities. Recently, an efficient certificateless authentication scheme with revocation has been proposed. However, our analysis reveals that the scheme presents the following security vulnerabilities: (i) member witnesses can be recovered from public information, (ii) revocation checks can be bypassed via identity grafting attack, and (iii) user identities can be linked due to the long-term use of static pseudonyms. To address these issues, we propose a security-enhanced certificateless aggregate authentication protocol with revocation for WMSNs. Our design enforces strong identity–membership binding to resist grafting attacks, employs a non-interactive zero-knowledge membership proof to preserve witness secrecy, and adopts dynamic pseudonym rotation to achieve unlinkability. We provide formal security proofs and comprehensive performance comparisons. The results indicate that, at the same security level, our protocol achieves more efficient signature verification while maintaining communication overhead comparable to existing schemes. In addition, the overhead introduced by our revocation mechanism remains constant, making it well suited for large-scale WMSNs deployments with frequent membership changes.

In last years, there has been an increasing effort to leverage distributed ledger technology (DLT), including blockchain. One of the main topics of interest, given its importance, is the research and development of privacy mechanisms, as for example is the case of zero knowledge proofs (ZKP). ZKP is a cryptographic technique that can be used to hide information that is put into the ledger, while still allowing to perform validation of this data. In this work we describe different strategies to construct zero knowledge range proofs (ZKRP), as for example the scheme proposed by Boudot (in: Bart (ed) Advances in cryptology—EUROCRYPT 2000, Springer, Berlin, 2000 ) in 2001; the one proposed by Camenisch et al. (in: Josef (ed) Advances in cryptology—ASIACRYPT 2008, Springer, Berlin, 2008 ), and bulletproofs (Bünz et al., in: 2018 IEEE symposium on security and privacy (SP), 2018 ), proposed in 2017. We also compare these strategies and discuss possible use cases. Since bulletproofs (Bünz et al. 2018 ) is the most efficient construction, we will give a detailed description of its algorithms and optimizations. Bulletproofs is not only more efficient than previous schemes, but also avoids the trusted setup, which is a requirement that is not desirable in the context of DLT and blockchain. In case of cryptocurrencies, if the setup phase is compromised, it would be possible to generate money out of thin air. Interestingly, bulletproofs can also be used to construct generic ZKP, in the sense that it can be used to prove generic statements, and thus it is not only restricted to ZKRP, but it can be used for any kind of proof of knowledge. Hence Bulletproofs leads to a more powerful tool to provide privacy for DLT. Here we describe in detail the algorithms involved in Bulletproofs protocol for ZKRP. Also, we present our implementation, which was open sourced (Morais et al., in: Zero knowledge range proof implementation, 2018 . https://github.com/ing-bank/zkrangeproof ).

Traceable ring signatures (TRSs) allow a signer to create a signature that maintains anonymity while enabling traceability if needed. It merges the characteristics of traditional ring signatures with the ability to trace signers, making it ideal for applications that demand both confidentiality and accountability. In a TRS scheme, a ring of potential signers generates a signature on a message without disclosing the actual signer’s identity. However, the identity can be traced if the signer uses the same tag for multiple signatures. This paper introduces a novel formal construction of TRS under universally composable (UC) security. We integrate verifiable random functions (VRFs) and zero-knowledge proofs for membership, employing Pedersen commitments. Our signature schemes maintain a logarithmic size while preserving the UC security guarantees. Additionally, we explore the potential to extend the property of one-time anonymity in TRS to K-time anonymity.

In this paper, we address the problem of secure decision of membership. We present a Zero-Knowledge Dual Membership Proof (ZKDMP) protocol, which can support positive and negative (Pos-and-Neg) membership decisions simultaneously. To do it, two secure aggregation functions are used to compact an arbitrarily-sized subset into an element in a cryptographic space. By using these aggregation functions, a subset can achieve a secure representation, and the representation size of the subsets is reduced to the theoretical lower limit. Moreover, the zeros-based and poles-based secure representation of the subset are used to decide Pos-and-Neg membership, respectively. We further verify the feasibility of combining these two secure representations of the subset, so this result is used to construct our dual membership decision cryptosystem. Specifically, our ZKDMP protocol is proposed for dual membership decisions, which can realize a cryptographic proof of strict Pos-and-Neg membership simultaneously. Furthermore, the zero-knowledge property of our construction ensures that the information of the tested element will not be leaked during the implementation of the protocol. In addition, we provide detailed security proof of our ZKDMP protocol, including positive completeness, negative completeness, soundness and zero-knowledge.

Blockchain-based sensor networks offer promising solutions for secure and transparent data management in IoT ecosystems. However, efficient set membership proofs remain a critical challenge, particularly in resource-constrained environments. This paper introduces a novel OR-aggregation approach (where “OR” refers to proving that an element equals at least one member of a set without revealing which one) for zero-knowledge set membership proofs, tailored specifically for blockchain-based sensor networks. We provide a comprehensive theoretical foundation, detailed protocol specification, and rigorous security analysis. Our implementation incorporates optimization techniques for resource-constrained devices and strategies for integration with prominent blockchain platforms. Extensive experimental evaluation demonstrates the superiority of our approach over existing methods, particularly for large-scale deployments. Results show significant improvements in proof size, generation time, and verification efficiency. The proposed OR-aggregation technique offers a scalable and privacy-preserving solution for set membership verification in blockchain-based IoT applications, addressing key limitations of current approaches. Our work contributes to the advancement of efficient and secure data management in large-scale sensor networks, paving the way for wider adoption of blockchain technology in IoT ecosystems.