CIPHER-IoT: Zero-Knowledge Proof Integration with Hyperledger Fabric for Privacy-Preserving IoT Systems

Shahnawaz Qadir; Rana Hashmy

doi:10.3991/ijim.v20i06.60367

Authors

Shahnawaz Qadir University of Kashmir, Srinagar, India https://orcid.org/0000-0002-8541-3060
Rana Hashmy University of Kashmir, Srinagar, India https://orcid.org/0009-0002-9565-7349

DOI:

https://doi.org/10.3991/ijim.v20i06.60367

Keywords:

Internet of Things (IoT), Hyperledger Fabric, Blockchain, Zero-Knowledge Proofs, Groth16 zk-SNARKs, Privacy-Preserving Systems, Cryptographic Commitments, Access Control

Abstract

The proliferation of Internet of Things (IoT) devices creates unprecedented security, privacy, and transparency challenges in distributed systems. Traditional encryption-based approaches provide privacy but impose significant computational overhead, storage bloat, and key management complexity. This paper presents CIPHER-IoT, a blockchain-based framework that integrates Zero-Knowledge Proofs (ZKPs) with Hyperledger Fabric for privacy-preserving IoT data management. Unlike encryption-based approaches that store encrypted data on-chain, CIPHER-IoT utilises Groth16 zk-SNARKs to generate cryptographic proofs of data validity while storing only commitments on the blockchain, achieving stronger privacy guarantees with lower storage overhead. The framework employs Ed25519 for lightweight digital signatures and implements comprehensive chaincode for ZKP verification, commitment uniqueness checking, and access control enforcement. CIPHER-IoT targets gateway/edge IoT deployments with moderate computational capacity (ARM processors 500 MHz+) rather than ultra-constrained sensors. We evaluate CIPHER-IoT against two baseline systems, SPAS (homomorphic encryption-based) and SPAS-H (AES encryption with Hyperledger Fabric), using realistic simulation with 50–500 devices and transaction rates of 10–75 TPS. Experimental results demonstrate superior privacy (98% confidentiality vs. 80–95% for encryption-based approaches) alongside competitive performance: read latency improves 37% (p < 0.001), throughput increases 14.6% (p < 0.001), memory reduces 21.4%, network bandwidth saves 47%, and disk I/O reduces 37.8%. The system maintains zero data loss under failure scenarios and scales linearly to 500 devices with minimal degradation (9.9%). CIPHER-IoT demonstrates that verification-based privacy mechanisms can achieve stronger privacy and better performance than transformation-based approaches in distributed validation contexts, particularly suitable for enterprise IoT deployments requiring coordinated privacy-preserving infrastructure.

Author Biographies

Shahnawaz Qadir, University of Kashmir, Srinagar, India

Shahnawaz Qadir is an Assistant Professor of Information Technology and a part-time Research Scholar at the University of Kashmir, India. His research interests include Internet of Things (IoT) Security, Blockchain Technology, Privacy-Preserving Systems, Cryptography, and Network Security. (Email: sqadir@uok.edu.in; ORCID: 0000-0002-8541-3060).

Rana Hashmy, University of Kashmir, Srinagar, India

Dr. Rana Hashmy is a Professor of Practice at Central University of Kashmir. Formerly a Scientist D at the University of Kashmir, she brings extensive experience in academic research and curriculum development. Her research interests include Internet of Things (IoT), Software Engineering, Data Mining, Artificial Intelligence, Machine Learning, and Distributed Systems.

References

[1] E. A. Shammar, A. T. Zahary, and A. A. Al-Shargabi, An attribute-based access control model for Internet of Things using Hyperledger Fabric blockchain, Wireless Communications and Mobile Computing, vol. 2022, Art. no. 6926408, pp. 1–25, 2022. https://doi.org/10.1155/2022/6926408

[2] A. Iftekhar, X. Cui, Q. Tao, and C. Zheng, Hyperledger Fabric access control system for Internet of Things layer in blockchain-based applications, Entropy, vol. 23, no. 8, p. 1054, 2021. https://doi.org/10.3390/e23081054

[3] J. Westphall and J. E. Martina, Blockchain privacy and scalability in a decentralized validated energy trading context with Hyperledger Fabric, Sensors, vol. 22, no. 12, p. 4585, 2022. https://doi.org/10.3390/s22124585

[4] Y. Ucbas, A. Eleyan, M. Hammoudeh, and M. Alohaly, Performance and scalability analysis of Ethereum and Hyperledger Fabric, IEEE Access, vol. 11, pp. 67156–67167, 2023. https://doi.org/10.1109/access.2023.3291618

[5] S. M. Hosseini, J. Ferreira, and P. C. Bartolomeu, Blockchain-based decentralized identification in IoT: An overview of existing frameworks and their limitations, Electronics, vol. 12, no. 6, p. 1283, 2023. https://doi.org/10.3390/electronics12061283

[6] Y. Jeong, D. Hwang, and K. H. Kim, Blockchain-based management of video surveillance systems, in Proc. Int. Conf. Inf. Networking (ICOIN), 2019, pp. 465–468. https://doi.org/10.1109/icoin.2019.8718126

[7] P. Yadav, S. Sharma, A. Muzumdar, C. Modi, and C. Vyjayanthi, Designing a trustworthy and secured house rental system using blockchain and smart contracts, in Proc. IEEE 19th India Council Int. Conf. (INDICON), 2022, pp. 1–6. https://doi.org/10.1109/indicon56171.2022.10039764

[8] F. Kurniawan, D. P. Putra, J. Hammad, and A. S. Prabuwono, A Blockchain-Secure Mobility Data in Smart Campus, Int. J. Interact. Mob. Technol. (iJIM), vol. 17, no. 18, pp. 55–66, 2023, https://doi.org/10.3991/ijim.v17i18.41823

[9] S. M. H. Bamakan, A. Motavali, and A. B. Bondarti, A survey of blockchain consensus algorithms performance evaluation criteria, Expert Systems with Applications, vol. 154, p. 113385, 2020. https://doi.org/10.1016/j.eswa.2020.113385

[10] S. Sutradhar et al., Enhancing identity and access management using Hyperledger Fabric and OAuth 2.0: A blockchain-based approach for security and scalability in the healthcare industry, Internet of Things and Cyber-Physical Systems, vol. 4, pp. 49–67, 2024. https://doi.org/10.1016/j.iotcps.2023.07.004

[11] S. Lee, M. Kim, J. Lee, R. H. Hsu, M. S. Kim, and T. Q. Quek, Facing latency of Hyperledger Fabric for blockchain-enabled IoT: Modeling and analysis, IEEE Network, vol. 37, no. 6, pp. 232–239, 2023. https://doi.org/10.1109/mnet.120.2200064

[12] B. Zhong et al., Hyperledger Fabric-based consortium blockchain for construction quality information management, Frontiers of Engineering Management, vol. 7, no. 4, pp. 512–527, 2020. https://doi.org/10.1007/s42524-020-0128-y

[13] I. T. Al-Haboosi, B. M. Elbagoury, S. El-Regaily, and E. M. El-Horbaty, A Hybrid-Transformer-Based Cyber-Attack Detection in IoT Networks, Int. J. Interact. Mob. Technol. (iJIM), vol. 18, no. 14, pp. 90–102, 2024, https://doi.org/10.3991/ijim.v18i14.50343

[14] O. J. Ajayi et al., BECA: A blockchain-based edge computing architecture for Internet of Things systems, IoT, vol. 2, no. 4, pp. 610–632, 2021. https://doi.org/10.3390/iot2040031

[15] J. E. Abang, H. Takruri, R. Al-Zaidi, and M. Al-Khalidi, Latency performance modelling in Hyperledger Fabric blockchain: Challenges and directions with an IoT perspective, Internet of Things, vol. 26, p. 101217, 2024. https://doi.org/10.1016/j.iot.2024.101217

[16] M. El Ghazouani, A. Ikidid, C. A. Zaouiat, L. Aziz, M. Y. Ichahane, and L. Er-Rajy, Optimal Method Combining Blockchain and Multi-Agent System to Ensure Data Integrity and Deduplication in the Cloud Environment, Int. J. Interact. Mob. Technol. (iJIM), vol. 18, no. 10, pp. 90–105, 2024, https://doi.org/10.3991/ijim.v18i10.43305

[17] S. Balasubramanian and I. S. Akila, Blockchain implementation for agricultural food supply chain using Hyperledger Fabric, Journal of Intelligent & Fuzzy Systems, vol. 43, no. 5, pp. 5387–5398, 2022. https://doi.org/10.3233/jifs-211265

[18] L. Li et al., A blockchain-based product traceability system with off-chain EPCIS and IoT device authentication, Sensors, vol. 22, no. 22, p. 8680, 2022. https://doi.org/10.3390/s22228680

[19] S. Qadir and R. Hashmy, Ensuring data integrity and confidentiality in IoT ecosystems using blockchain technology, in Advances in Data-Driven Computing and Intelligent Systems (ADCIS 2024), J. C. Bansal et al., Eds. Singapore: Springer, 2025, vol. 1377, pp. 463–475. https://doi.org/10.1007/978-981-96-5370-6_34

[20] S. R, R. Chirakarotu Nair, and P. Kumar Panakalapati, Promise of Zero‐Knowledge Proofs (ZKPs) for Blockchain Privacy and Security: Opportunities, Challenges, and Future Directions, SECURITY AND PRIVACY, Sep. 2024, doi: https://doi.org/10.1002/spy2.461

[21] S. Qadir and R. Hashmy, A systematic literature review on security vulnerabilities in IoT-enabled systems and blockchain-based security solutions, in Proc. IEEE 4th World Conf. Applied Intelligence and Computing (AIC), GB Nagar, Gwalior, India, 2025, pp. 1-8. https://doi.org/10.1109/aic66080.2025.11211990

[22] K. Gai et al., CAPE: Commitment-based Privacy-Preserving Payment Channel Scheme in Blockchain, IEEE Transactions on Dependable and Secure Computing, pp. 1–16, 2025, doi: https://doi.org/10.1109/tdsc.2025.3542906

[23] X. Feng, K. Cui, L. Wang, Z. Liu, and J. Ma, PBAG: A Privacy-Preserving Blockchain-Based Authentication Protocol With Global-Updated Commitment in IoVs, IEEE Transactions on Intelligent Transportation Systems, vol. 25, no. 10, pp. 13524–13545, May 2024, doi: https://doi.org/10.1109/tits.2024.3399200