Biometric authentication is a very convenient and user-friendly method. The popularity of this method requires strong privacy-preserving technology to prevent the disclosure of template information. ...Most of the existing privacy protection technologies rely on classic encryption techniques, such as homomorphic encryption, which incur huge system overhead and cannot be popularized. To address these issues, we propose a novel biometric authentication scheme with privacy protection based on support vector machine and zero knowledge proof (BioAu–SVM+ZKP). BioAu–SVM+ZKP allows users to authenticate themselves to different service providers without disclosing any biometric template information. The evidence is generated through the zero-knowledge proof utilizing polynomial commitments. Our approach for generating a unique and repeatable biometric identifier from the user’s fingerprint image leverages the multi-classification property of SVM. Notably, our scheme not only reduces the communication overhead but also provides the privacy protection features. Besides, the communication overhead of BioAu–SVM+ZKP is constant. We have simulated the authentication scheme on the common dataset NIST, analyzed the performance and proved the security.
•The use of polynomial commitment significantly improves the efficiency of this scheme.•The scheme addresses the conflict between the precision required by cryptographic algorithms and the inherent fuzziness of biometric data.•The scheme has a better role of privacy protection.
The integration of the Internet of Things (IoT) with traditional healthcare systems has improved quality of healthcare services. However, the wearable devices and sensors used in Healthcare System ...(HS) continuously monitor and transmit data to the nearby devices or servers using an unsecured open channel. This connectivity between IoT devices and servers improves operational efficiency, but it also gives a lot of room for attackers to launch various cyber-attacks that can put patients under critical surveillance in jeopardy. In this article, a Blockchain-orchestrated Deep learning approach for Secure Data Transmission in IoT-enabled healthcare system hereafter referred to as “BDSDT” is designed. Specifically, first a novel scalable blockchain architecture is proposed to ensure data integrity and secure data transmission by leveraging Zero Knowledge Proof (ZKP) mechanism. Then, BDSDT integrates with the off-chain storage InterPlanetary File System (IPFS) to address difficulties with data storage costs and with an Ethereum smart contract to address data security issues. The authenticated data is further used to design a deep learning architecture to detect intrusion in HS network. The latter combines Deep Sparse AutoEncoder (DSAE) with Bidirectional Long Short-Term Memory (BiLSTM) to design an effective intrusion detection system. Experiments on two public data sources (CICIDS-2017 and ToN-IoT) reveal that the proposed BDSDT outperformed state-of-the-arts in both non-blockchain and blockchain settings and have obtained accuracy close to 99% using both datasets.
How to alleviate the contradiction between the patient's privacy and the research or commercial demands of health data has become the challenging problem of intelligent medical system with the ...exponential increase of medical data. In this paper, a blockchain-based privacy-preserving scheme is proposed, which realizes secure sharing of medical data between several entities involved patients, research institutions and semi-trusted cloud servers. And meanwhile, it achieves the data availability and consistency between patients and research institutions, where zero-knowledge proof is employed to verify whether the patient's medical data meets the specific requirements proposed by research institutions without revealing patients’ privacy, and then the proxy re-encryption technology is adopted to ensure that research institutions can decrypt the intermediary ciphertext. In addition, this proposal can execute distributed consensus based on PBFT algorithm for transactions between patients and research institutions according to the prearranged terms. Theoretical analysis shows the proposed scheme can satisfy security and privacy requirements such as confidentiality, integrity and availability, as well as performance evaluation demonstrates it is feasible and efficient in contrast with other typical schemes.
The traditional centralized digital identity management system (DIMS) has been subject to threats such as fragmented identity, single point of failure, internal attacks and privacy leakage. Emerging ...blockchain technology allows DIMSs to be deployed in it, which largely alleviates the problems caused by the centralized third party, but its inherent transparency and lack of privacy pose a huge challenge to DIMSs. In this regard, we leverage the smart contracts and zero-knowledge proof (ZKP) algorithms to improve the existing claim identity model in blockchain to realize the identity unlinkability, effectively avoiding the exposure of the ownership of attributes. Furthermore, we implement a system prototype named BZDIMS that includes a challenge-response protocol, which allows users to selectively disclose their ownership of attributes to service providers to protect users’ behavior privacy. Performance evaluation and security analysis show that our scheme achieves effective attribute privacy protection and a wider application scope compared with the prior model.
As bitcoin has received considerable attentions, a large number of transactions are increasingly published through the Internet. The potential threat to online transactions is not only limited to the ...anonymity of identities such as address and pseudonyms, but also other sensitive information shown on scripts like transaction amounts. We propose a framework to hide the amounts by employing the Paillier cryptosystem for encryption and decryption. Due to its homomorphic properties, we create a dumbaccount which can receive the same amounts of bitcoins in each transaction but cannot spend them. This ensures that the hidden amounts are always positive, and keeps the equality between the Input-sum and the Output-sum via the commitment proofs. Our framework achieves delicate anonymity and prevents active and passive attacks, which effectively improves the transaction privacy. Analyses show that our proposal is secure and practical.
•We propose encrypted bitcoin transactions allowing coins to be merged, split, or spent while simultaneously keeping the value transferred.•We achieve verifiability of encrypted bitcoin transactions by using Commitment Proof.•We present transaction privacy enhanced bitcoin protocol compatible with the original protocol while only using well established cryptographic assumptions.
Ripple Effect is a logic puzzle where the player has to fill numbers into empty cells in a rectangular grid. The grid is divided into rooms, and each room must contain consecutive integers starting ...from 1 to its size. Also, if two cells in the same row or column contain the same number x, there must be a space of at least x cells separating the two cells. In this paper, we develop a physical zero-knowledge proof for the Ripple Effect puzzle using a deck of cards, which allows a prover to convince a verifier that he/she knows a solution without revealing it. In particular, given a secret number x and a list of numbers, our protocol can physically verify that x does not appear among the first x numbers in the list without revealing x or any number in the list.
Presented herein is a novel algorithm for multi-round, zero-knowledge proof (ZKP), devised specifically for authenticating factorisation proofs within a variety of cryptographic applications. This ...advanced algorithm, while maintaining computational complexity within acceptable bounds, offers a secure and proficient solution. The functionality of the algorithm is marked by multiple rounds of interaction between the Prover and Verifier. Initially, the Prover generates a random value and calculates a commitment. Subsequently, the Verifier issues a random challenge, eliciting a computed response from the Prover. To validate the proof, the Verifier verifies the equality of the commitment and the computed response. Efficaciousness of the proposed multi-round ZKP algorithm is demonstrated across diverse input sizes and parameters. Results indicate a success rate exceeding 90% on average, showcasing the robustness of the method. The recurring interaction between the Verifier and Prover enhances the Prover's authentication, thereby improving the algorithm’s reliability. Implementation of the algorithm, achievable through standard cryptographic tools and protocols, can fortify the security of multiple cryptographic applications. A significant application can be found in Digital Identity Management Systems (DIMS). Currently, these systems are vulnerable to a myriad of threats, including identity spoofing, data breaches, and internal security risks. The application of the ZKP algorithm can simultaneously augment security and withhold sensitive information, potentially transforming the DIMS security landscape. Future research may focus on improving the efficiency and scalability of the multi-round ZKP algorithm. There also remains a vast potential for exploring additional applications of this technique within various cryptographic domains.
We propose Bulletproofs, a new non-interactive zero-knowledge proof protocol with very short proofs and without a trusted setup; the proof size is only logarithmic in the witness size. Bulletproofs ...are especially well suited for efficient range proofs on committed values: they enable proving that a committed value is in a range using only 2 log_2(n)+9 group and field elements, where n is the bit length of the range. Proof generation and verification times are linear in n. Bulletproofs greatly improve on the linear (in n) sized range proofs in existing proposals for confidential transactions in Bitcoin and other cryptocurrencies. Moreover, Bulletproofs supports aggregation of range proofs, so that a party can prove that m commitments lie in a given range by providing only an additive O(log(m)) group elements over the length of a single proof. To aggregate proofs from multiple parties, we enable the parties to generate a single proof without revealing their inputs to each other via a simple multi-party computation (MPC) protocol for constructing Bulletproofs. This MPC protocol uses either a constant number of rounds and linear communication, or a logarithmic number of rounds and logarithmic communication. We show that verification time, while asymptotically linear, is very efficient in practice. The marginal cost of batch verifying 32 aggregated range proofs is less than the cost of verifying 32 ECDSA signatures. Bulletproofs build on the techniques of Bootle et al. (EUROCRYPT 2016). Beyond range proofs, Bulletproofs provide short zero-knowledge proofs for general arithmetic circuits while only relying on the discrete logarithm assumption and without requiring a trusted setup. We discuss many applications that would benefit from Bulletproofs, primarily in the area of cryptocurrencies. The efficiency of Bulletproofs is particularly well suited for the distributed and trustless nature of blockchains. The full version of this article is available on ePrint.