# Verifiable Differential Privacy Partial Disclosure for IoT with Stateless k-Use Tokens

**Authors:** Dachuan Zheng, Weijie Shi, Yilin Pan, Shengzhao Shu, Chunsheng Xu, Zihao Li, Bing Wang, Yuzhe Lin, Peishun Liu

PMC · DOI: 10.3390/s26041393 · Sensors (Basel, Switzerland) · 2026-02-23

## TL;DR

This paper introduces a privacy-preserving method for IoT systems that limits data disclosure while ensuring compliance and performance.

## Contribution

A novel stateless k-use token mechanism with verifiable differential privacy for IoT partial disclosure.

## Key findings

- The stateless k-use mechanism improves throughput by 25–37% compared to server-state baselines.
- Re-identification accuracy remains at 0.50–0.52, indicating strong resistance to splicing attacks.
- The system demonstrates low-energy feasibility and audit-friendliness in IoT applications.

## Abstract

Internet of Things (IoT) applications often require only minimal necessary information—such as threshold judgments, binning, or prefixes—yet they must control privacy leakage arising from multi-round and cross-entity access without exposing raw values. Existing solutions, however, frequently rely on ciphertext structures and server-side states, making it difficult to define a leakage upper bound for restricted answers in the sense of Differential Privacy (DP), or they lack unified information budgeting and k-use control. To address these challenges, this paper proposes a verifiable differential privacy partial disclosure scheme for IoT. We employ DP accounting to uniformly constrain the leakage of three types of operators: threshold, binning, and prefix. Furthermore, we design stateless k-use tokens based on Verifiable Random Functions (VRFs) and chained receipts to generate publicly verifiable compliance evidence for each response. We implemented an end-edge-cloud prototype system and evaluated its performance on two use cases: smart meter threshold alarms and industrial sensor out-of-bound detection. Experimental results demonstrate that compared with a baseline relying on server-state counting for k-use control, our stateless k-use mechanism improves throughput by approximately 25–37% under concurrency scales of 1, 8, and 16, and reduces p95 latency by an average of 15%. Meanwhile, in multi-party splicing attack experiments, the re-identification accuracy remains stable in the 0.50–0.52 range, approximating random guessing. These results validate that the proposed scheme possesses low-energy engineering feasibility and audit-friendliness while effectively suppressing splicing risks.

## Full-text entities

- **Genes:** VEGFB (vascular endothelial growth factor B) [NCBI Gene 7423] {aka VEGFL, VRF}, NFKB1 (nuclear factor kappa B subunit 1) [NCBI Gene 4790] {aka CVID12, EBP-1, KBF1, NF-kB, NF-kB1, NF-kappa-B1}, ACACA (acetyl-CoA carboxylase alpha) [NCBI Gene 31] {aka ACAC, ACACAD, ACACalpha, ACC, ACC1, ACCA}, NBN (nibrin) [NCBI Gene 4683] {aka AT-V1, AT-V2, ATV, NBS, NBS1, P95}, SRPRA (SRP receptor subunit alpha) [NCBI Gene 6734] {aka DP, SRPR, Sralpha}
- **Diseases:** injury to (MESH:D014947)
- **Chemicals:** DP (-)
- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12944880/full.md

## Figures

9 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12944880/full.md

## References

38 references — full list in the complete paper: https://tomesphere.com/paper/PMC12944880/full.md

---
Source: https://tomesphere.com/paper/PMC12944880