Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

ZKASP: ZKP-based Attestation of Software Possession for Measuring Instruments



Luis Brandao, Carlos Eduardo Cardoso Galhardo, Rene Peralta


Software-controlled measuring instruments used in commercial transactions, such as fuel dispensers and smart meters, are sometimes subject to "memory replacement" attacks. Cybercriminals replace the approved software by a malicious one that then tampers with measurement results, inflicting a financial loss to customers and companies. To mitigate such attacks, legal metrology systems often require regular device attestation, where an auditor checks that the device possesses ("knows") the approved software. However, current attestation methods usually require the software to be known by the auditor, thus increasing the risk of inadvertent leakage or malicious theft of proprietary information, besides facilitating its malicious adulteration. We describe how this issue can be addressed in legal metrology systems by using zero-knowledge proofs of knowledge (ZKPoK). These proofs enable attestation of possession of approved software, while ensuring its confidentiality from the auditor. To further provide publicly verifiable evidence of freshness, each such proof can be related to a fresh random value from a public randomness beacon. This article presents the basic conceptual idea, while also discussing pitfalls that should be avoided.
Measurement Science and Technology


cryptography, device attestation, legal metrology, proof of knowledge, public auditability, randomness beacon, zero-knowledge proof


Brandao, L. , Cardoso Galhardo, C. and Peralta, R. (2022), ZKASP: ZKP-based Attestation of Software Possession for Measuring Instruments, Measurement Science and Technology, [online],, (Accessed February 27, 2024)
Created March 9, 2022, Updated November 29, 2022