PRZK-Bind: A Physically Rooted Zero-Knowledge Authentication Protocol for Secure Digital Twin Binding in Smart Cities

TL;DR

PRZK-Bind is a novel, lightweight zero-knowledge protocol designed for secure, real-time binding of digital twins to physical entities in smart cities, addressing latency, decentralization, and security challenges.

Contribution

It introduces a decentralised, Schnorr-based zero-knowledge authentication protocol tailored for dynamic digital twin environments in smart cities.

Findings

Achieves up to 4.5x lower latency compared to baselines.

Reduces energy consumption by 4x.

Maintains false acceptance rates over 10x lower.

Abstract

Digital twin (DT) technology is rapidly becoming essential for smart city ecosystems, enabling real-time synchronisation and autonomous decision-making across physical and digital domains. However, as DTs take active roles in control loops, securely binding them to their physical counterparts in dynamic and adversarial environments remains a significant challenge. Existing authentication solutions either rely on static trust models, require centralised authorities, or fail to provide live and verifiable physical-digital binding, making them unsuitable for latency-sensitive and distributed deployments. To address this gap, we introduce PRZK-Bind, a lightweight and decentralised authentication protocol that combines Schnorr-based zero-knowledge proofs with elliptic curve cryptography to establish secure, real-time correspondence between physical entities and DTs without relying on pre-shared secrets. Simulation results show that PRZK-Bind significantly improves performance, offering up to 4.5 times lower latency and 4 times reduced energy consumption compared to cryptography-heavy baselines, while maintaining false acceptance rates more than 10 times lower. These findings highlight its suitability for future smart city deployments requiring efficient, resilient, and trustworthy DT authentication.