Introduction

The Internet of Medical Things (IoMT) has emerged as a transformative force in healthcare, enabling seamless connectivity among wearable and implantable devices like smartwatches, insulin pumps, and cardiac monitors to collect and transmit real-time health data such as heart rate, glucose levels, and blood oxygen saturation1. These devices, often equipped with low-power processors (e.g., ARM Cortex-M4, 80 MHz, 512 KB SRAM), support critical applications including remote patient monitoring, chronic disease management (e.g., diabetes, hypertension), and personalized telemedicine, facilitating data-driven clinical decisions across geographically dispersed regions2. By 2025, the global IoMT market is projected to exceed $150 billion, with over 50 billion connected devices generating terabytes of sensitive medical data daily3. This rapid proliferation underscores the urgent need for robust mechanisms to ensure data privacy, integrity, and scalability in dynamic IoMT ecosystems, particularly in multi-region deployments spanning hospitals, clinics, and home care settings4. However, the resource-constrained nature of IoMT devices, coupled with stringent regulatory requirements, poses significant challenges in securing sensitive data against breaches, tampering, and emerging quantum threats, necessitating innovative solutions to balance security, efficiency, and compliance5.

IoMT devices, such as biosensors and smart implants, typically operate under severe computational and energy constraints, with memory budgets of ~ 10–20 kB and battery capacities of ~ 200 mAh, making traditional cryptographic protocols like AES-256 (requiring ~ 0.5 mJ/operation) or ECC (~ 1 mJ/operation) impractical due to their high computational overhead and energy consumption6. These limitations force trade-offs that prioritize battery life (e.g., 24–48 h) over robust security, increasing vulnerabilities to data breaches or tampering, which could falsify critical vitals (e.g., heart rate misreported as 120 bpm instead of 180 bpm, risking misdiagnosis)7. Existing privacy-preserving schemes, such as homomorphic encryption or secure multi-party computation, incur substantial overheads (~ 200–300 ms/packet, ~ 1–2 mJ/packet), rendering them unscalable for multi-region IoMT networks with thousands of devices and diverse data rates (e.g., 1–100 kbps for ECG, 0.1–1 kbps for temperature)8. Symmetric key cryptography, while lightweight, struggles with adaptability to dynamic network conditions, such as device mobility (1–5 m/s in ambulances) or topology shifts, leading to packet loss rates of ~ 2–5% in dense networks and high rekeying costs (~ 0.1 mJ/packet)9. Centralized edge-based solutions, which offload processing to servers (e.g., Raspberry Pi 4, 1.5 GHz), mitigate device constraints but introduce single points of failure, making them susceptible to DDoS attacks that disrupt connectivity for up to 10% of devices, highlighting the need for decentralized, scalable, and resilient IoMT architectures10.

The dynamic and heterogeneous nature of IoMT networks exacerbates these challenges, as device mobility and varying capabilities (e.g., 250 kbps BLE vs. 1 Mbps 5G) complicate adaptive key management and data aggregation6. Frequent rekeying, necessary to maintain security in dynamic topologies, consumes significant energy (~ 0.1 mJ/packet) and risks key exposure if not carefully managed11. Diverse data rates across devices create bottlenecks at edge nodes, with aggregation latencies reaching ~ 100–200 ms in high-density scenarios (e.g., 5000 devices), and packet loss increasing to ~ 5% under poor signal conditions (SNR < 10 dB)12. Most critically, the advent of quantum computing poses an existential threat, as algorithms like Shor could break RSA and ECC within seconds by 2030–2035, compromising patient data confidentiality unless post-quantum cryptography (PQC), such as lattice-based schemes, is adopted13. While PQC offers quantum resilience, its computational intensity (e.g., ~ 10 ms/key generation on Cortex-M4) challenges IoMT devices, and zero-knowledge proofs (ZKPs), which enable verifiable computations without revealing data, remain underexplored for IoMT due to their complexity (~ 5–10 ms/proof)14. A critical research gap exists in developing a unified system that integrates quantum resilience, privacy, scalability, and adaptability while optimizing for IoMT resource constraints, ensuring compliance with regulatory standards and fostering trust in healthcare delivery15.

To address these challenges, we propose Q-PRADAX, a novel framework for secure, privacy-preserving, and scalable data aggregation in multi-region IoMT networks. Q-PRADAX integrates Ring-LWE-based post-quantum cryptography to ensure long-term security against quantum threats, achieving 256-bit security with ~ 8.1 ms encryption latency. It employs zk-SNARKs (Groth16, ~ 4.7 ms proof generation) to verify data integrity and authenticity without disclosing sensitive information, ensuring 100% tampering detection. Edge intelligence, powered by Q-learning (learning rate 0.1, converging in ~ 500 episodes), enables dynamic key management and adaptive clustering, optimizing for device mobility and network conditions (SNR 10–20 dB, 1–5% packet loss) to achieve 99.7% packet delivery for 5000 devices. By minimizing latency (~ 47 ms aggregation) and energy (~ 0.40 mJ/packet), Q-PRADAX addresses the scalability and efficiency needs of heterogeneous IoMT environments, paving the way for a future-proof, patient-centric healthcare ecosystem that complies with HIPAA/GDPR and fosters trust among stakeholders.

The major contributions of this paper are as follows:

  • Quantum-Resilient Security System: Q-PRADAX introduces a robust security system for IoMT by integrating lattice-based post-quantum cryptography, ensuring resilience against future quantum attacks. Unlike traditional cryptographic methods vulnerable to quantum computing, this approach secures sensitive medical data transmission across multi-region IoMT networks, providing a future-proof solution for long-term data protection.

  • Privacy-Preserving Data Verification with Zero-Knowledge Proofs: The paper proposes the use of zero-knowledge proofs to enable verification of data integrity and authenticity without revealing sensitive information. This contribution enhances patient privacy in IoMT applications, allowing secure data aggregation in untrusted environments while complying with stringent regulations like HIPAA and GDPR.

  • Adaptive Clustering for Scalable Data Aggregation: Q-PRADAX presents a novel adaptive clustering algorithm tailored for heterogeneous IoMT networks. By dynamically grouping devices based on network conditions, proximity, and computational capabilities, this algorithm optimizes data aggregation, reducing latency and communication overhead, thereby improving scalability and efficiency in large-scale deployments.

  • Edge Intelligence for Dynamic Key Management: The system leverages edge intelligence to implement dynamic regional key management, addressing the challenges of device mobility and varying network topologies in IoMT. This contribution enhances adaptability and reduces reliance on centralized systems, enabling real-time optimization of security and aggregation processes in distributed healthcare environments.

The remainder of this paper is organized as follows: The section “Related works” reviews the related works, while the section “System model and design goal” outlines the system model and design goals. The section “Q-PRADAX system” introduces the proposed Q-PRADAX system in detail. The section “Security analysis of Q-PRADAX” presents the security analysis of Q-PRADAX, and the section “Experimental setup for Q-PRADAX evaluation” evaluates its performance using relevant metrics. Section “Result and discussion” discusses the results and key observations, followed by the section “Comparison with related work”, which highlights the limitations and provides further discussion. Finally, the section “Limitations and future works” concludes the paper and outlines potential directions for future research.

Related works

This section provides a detailed analysis of previous papers, highlighting their contributions, results, and limitations. Table 1 offers a quick comparison of all works, making it easier to position Q-PRADAX as a novel and comprehensive solution.

The authors in14 proposes the Dynamic Aggregation Quantum Federated Learning (DAQFL) algorithm for intelligent diagnosis on the Internet of Medical Things, addressing the limitations of traditional quantum federated learning (QFL) in handling heterogeneous healthcare data. DAQFL leverages quantum neural networks (QNNs) with designed variational quantum circuits (VQC) for local training and introduces a dynamic weighted aggregation method based on accuracy to mitigate performance degradation from data heterogeneity, including long-tailed distributions. Extensive experiments across three distribution settings, IID, non-IID, and long-tailed, using the Wisconsin Breast Cancer and Fetal Health datasets demonstrate DAQFL superior performance. For Wisconsin Breast Cancer (Distribution 1), DAQFL achieves testing accuracies of 92.39% (2 clients), 90.06% (4 clients), and 88.30% (8 clients), with F1-scores of 92.36%, 89.77%, and 87.92%, outperforming baselines like DTQFL, FEDQCNN, and FEDAVG. In Distribution 2, DAQFL testing accuracies range from 78.91% to 84.37% across low to high heterogeneity, with F1-scores of 78.85% to 84.32%. For Fetal Health (Distribution 2), DAQFL achieves testing accuracies from 71.13% to 80.35% and F1-scores from 70.54% to 79.47% across varying heterogeneity levels, with a peak accuracy of 79.08% in Distribution 3 (4 clients), surpassing QFEDAVG (77.12%), QFEDSDG (78.83%), and DTQFL (78.29%). Strengths include enhanced accuracy, robustness against noise, and effective handling of heterogeneous data, making it suitable for real-world medical applications. Limitations include potential computational complexity of QNNs and the need for further optimization for larger-scale IoMT deployments.

In15, the authors propose a lightweight protocol for secure authentication and privacy preservation in Internet of Medical Things healthcare systems, addressing the vulnerabilities of interconnected medical devices to attacks while ensuring the confidentiality of patient data. The protocol is designed for resource-constrained IoMT devices, utilizing lightweight components such as XOR operations, hash functions, and concatenation to minimize computational overhead, and employs blind signatures during registration with the Certificate Authority (CA) to protect patient privacy. It ensures security features like anonymity, confidentiality, integrity, mutual authentication, and resistance to attacks including CCA, replay, man-in-the-middle, impersonation, and modification, while also enabling the detection and removal of malicious gateways and devices. Validation using the AVISPA tool confirms its security. Performance comparisons show the proposed protocol reduces computational cost to 5Th (3Th + 2Th + 0Th) and communication cost to 800 bits, significantly lower than existing protocols like Fatouhi et al. (34Th, 5440 bits), Kang et al. (32Th, 5120 bits), Li et al. (26Th, 4160 bits), and Yu and Park (25Th, 4000 bits), making it 5 to 6 times more efficient. Strengths include its low computational overhead, robust security, and practical applicability in IoMT environments, enhancing patient safety and data protection. Limitations include potential challenges in scaling to larger networks and the need for further optimization to handle diverse attack scenarios in real-world settings.

The authors in16 proposes an innovative federated learning (FL) system for the Internet of Medical Things to address challenges in privacy preservation, communication efficiency, and energy management of resource-constrained medical devices. The system integrates differential privacy (DP) to protect patient data by adding controlled noise, ensuring privacy against inference attacks while maintaining diagnostic accuracy. It employs a Stackelberg game model to optimize power allocation and manage cross-tier interference, using non-uniform and uniform pricing strategies to enhance communication efficiency, derived through nonlinear programming and convex optimization. To tackle energy constraints, Lyapunov optimization is used for adaptive client selection, balancing energy usage and learning efficiency for sustainable device participation. Simulations demonstrate that the proposed strategy achieves a test accuracy of around 0.75 after 200 iterations, outperforming methods like Greedy, MAB, OCEAN-u, and OCEAN-d (all below 0.65), and maintains higher accuracy under DP constraints (ε = 20, 30) compared to non-private FL. Against attacker models, the strategy limits attacker prediction accuracy to below 0.2 after 25 epochs, while non-private FL reaches 0.5. Strengths include improved privacy, efficient interference management, and energy sustainability, making it highly effective for IoMT FL systems. Limitations include the need for high-performance computing and upgraded infrastructure for real-world implementation, as well as further exploration of diverse network topologies and device heterogeneity.

The paper in17 introduces AIBS-IoTHS, a novel artificial intelligence and blockchain scheme for Internet of Things (IoT) healthcare systems, aimed at achieving secure and energy-efficient data transmission in IoT networks within the healthcare sector. The AIBS-IoTHS model employs a metaheuristic-based Modified Sunflower Optimization-based Clustering (MSFOC) technique, which uses a fitness function considering residual energy, node degree, distance to neighboring nodes, and distance to the base station to optimize cluster head selection and energy efficiency. Blockchain technology ensures secure inter-cluster and intra-cluster medical data transmission, while the Classification Enhancement Generative Adversarial Networks (CEGAN) model performs diagnostics on the secured data to detect diseases. Simulation results on benchmark medical datasets demonstrate AIBS-IoTHS superior performance, achieving a packet delivery ratio of 99.60% to 97.69% across 100 to 500 sensor nodes (vs. PSO: 94.05%–91.03%, GA: 94.68%–92.21%), throughput of 0.9910 Mbps to 0.8960 Mbps (vs. PSO: 0.7005 Mbps–0.5100 Mbps, GA: 0.8305 Mbps–0.6089 Mbps), and energy consumption of 0.0500 mJ to 0.3700 mJ (vs. PSO: 0.2009 mJ–0.8830 mJ, GA: 0.1719 mJ–0.8225 mJ), with a network lifetime of 1767 to 3612 rounds (vs. PSO: 1350–3078 rounds, GA: 1455–3280 rounds), outperforming methods like PSO, GA, ALO, GWO, and RDAC-BC. Strengths include high energy efficiency, secure data transmission via blockchain, and accurate diagnostics using CEGAN, making it ideal for IoT healthcare applications. Limitations include the need for real-time implementation and potential scalability challenges with larger datasets or medical imaging applications.

In18, the authors propose FedSparsity, a blockchain-based federated learning (FL) system for the Internet of Medical Things, addressing the limitations of traditional FL methods in handling heterogeneous data, single points of failure, and security vulnerabilities. FedSparsity introduces a Proof-of-Contribution-Earned (PoCE) consensus protocol using an improved addition tic-tac-toe game for block propagation and miner selection, a cooperative reward system to encourage high-quality data sharing among devices, and a sparsity strategy with an exponential random graph to reduce the number of parameters in a CNN fully connected layers, minimizing memory usage for resource-constrained IoMT devices. Security analysis confirms the system robustness against FL-related attacks. Experimental results on the PAMAP2 and HAR datasets show FedSparsity achieving the highest test accuracy of 74.82% (PAMAP2) and 87.61% (HAR), outperforming CDW-FedAvg (64.53%, 83.66%), EdgeChain (64.38%, 80.26%), and FedBlock (63.95%, 80.06%), with a tensor size reduction to 126,271,452 (PAMAP2) and 207,647,312 (HAR) compared to 165,459,144 and 275,358,392 for others, and execution times of 2660.98s (PAMAP2) and 630.81s (HAR), demonstrating faster convergence and efficiency. Strengths include improved accuracy, faster convergence, reduced resource usage, and enhanced security, making it ideal for heterogeneous IoMT settings. Limitations include potential scalability challenges with larger networks and the need for further optimization for diverse IoMT applications.

The authors in19 proposes a multi-layer, edge-enabled AI model for Internet of Medical Things healthcare systems to enhance real-time data analysis, transmission, and security in resource-constrained environments. The model features a two-layer architecture: the first layer interconnects IoMT sensors and consumer electronics to collect and forward patient data to edge nodes for local processing, while the second layer implements dynamic, trusted routing strategies and lightweight encryption with rotating keys to ensure secure communication and data privacy. The approach minimizes network congestion, balances data load, and isolates malicious devices using edge-based monitoring and key management. Simulation results show the proposed model reduces packet drop ratio by 27.7% to 34% (sensors mobility: 3–18 m/s, rounds: 1000–4000 s), data delay by 25.8% to 30%, security overhead by 36.8% to 42.7%, and compromised packets by 29.4% to 34.8%, while improving system uptime by 29% to 37.2% compared to CMTL and FDT-RPL. Strengths include enhanced security, reduced latency, and improved reliability, making it suitable for real-time IoMT applications. Limitations include potential scalability issues with increasing device density and the need for further optimization of encryption overhead in highly dynamic networks.

The paper in20 proposes a Blockchain-Enabled Federated Learning (BFL) system for IoT-driven smart healthcare systems, focusing on enhancing privacy and security in Electronic Health Record (EHR) processing. The system integrates Zero-Knowledge Proofs (ZKP) for authentication and Homomorphic Encryption (HE) for secure computation, ensuring data privacy without exposing raw patient data, while blockchain ensures tamper-proof data integrity and transparent transactions via smart contract-based access control. It employs lightweight consensus mechanisms, secure aggregation, optimized anonymization, and an enhanced incentive mechanism to improve efficiency and reliable participation. Evaluations on a real-world healthcare dataset show the proposed BFL achieving a model accuracy of 92.6%, outperforming Traditional FL (84%), Blockchain EHR (88%), HE-Based FL (89%), and DP-Based FL (90%), with an execution time of 3.8 s compared to 5.0s, 4.8s, 4.5s, and 4.2s respectively, and a privacy preservation rate of 98.7%. Strengths include superior privacy, high accuracy, reduced computational overhead, and scalability, making it ideal for IoT healthcare applications. Limitations include the computational overhead of HE, potential scalability challenges with larger datasets, and the need for further optimization in resource-constrained environments.

Table 1 Summary of Key Existing Works Highlighting Core Technologies, Strengths, and Limitations.
Full size table

The Internet of Medical Things requires robust multi-region data aggregation to enable real-time healthcare decision-making, yet existing privacy-preserving systems like DAQFL14, lightweight authentication protocols15, FL systems16, AIBS-IoTHS17, FedSparsity18, edge-enabled AI models19, and BFL systems20 often fall short in addressing scalability, adaptability to dynamic IoMT networks, and resilience against future quantum attacks in a unified manner. These approaches typically focus on specific challenges, such as privacy through differential privacy, blockchain, or homomorphic encryption, energy efficiency, or heterogeneous data handling, but lack integration of quantum-resilient mechanisms, dynamic regional key management, and adaptive clustering for multi-region data aggregation, leaving them vulnerable to quantum threats and inefficient in large-scale, heterogeneous IoMT settings. This gap motivates the development of Q-PRADAX, a quantum-resilient and adaptive extension of the Privacy-Enhanced Multi-Region Data Aggregation scheme, which incorporates zero-knowledge proofs for secure verification, edge intelligence for dynamic key management, lattice-based post-quantum cryptography for quantum resistance, and a novel adaptive clustering algorithm to optimize aggregation in heterogeneous IoMT networks, aiming to provide a scalable, secure, and future-proof solution for IoMT ecosystems.

System model and design goal

This section provides a detailed overview of the Q-PRADAX architecture, outlining its components and operational system designed for secure, privacy-preserving data aggregation within IoMT. We describe the system multi-layered design, the functions of its constituent entities, and the workflow that ensures efficient, adaptive, and robust data processing. Subsequently, we present the adversary model, specifying the potential threats and attacker capabilities considered during the development of Q-PRADAX. Lastly, we define the design objectives that shape our system, ensuring it effectively tackles the distinct challenges of IoMT while prioritizing security, privacy, and operational feasibility.

System architecture

The Q-PRADAX system is designed to facilitate secure, privacy-preserving, and efficient data aggregation in IoMT, which form a critical component of the Internet of Medical Things. The architecture is structured as a layered, distributed system that integrates IoMT devices, edge nodes, and cloud infrastructure to support real-time healthcare applications. The system model comprises three primary layers: the Device Layer, the Edge Layer, and the Cloud Layer, each with distinct roles and interactions to ensure scalability, adaptability, and resilience.

  • Device Layer: This layer consists of resource-constrained IoMT devices, such as wearable biosensors, smart implants, and medical monitors, deployed on or within patients. These devices collect sensitive health data (e.g., heart rate, glucose levels, or blood pressure) and perform lightweight cryptographic operations. Each device is equipped with a unique identifier and participates in data aggregation by generating and transmitting encrypted data packets to nearby edge nodes. To address the computational limitations of these devices, Q-PRADAX employs optimized zero-knowledge proofs for data integrity verification, minimizing processing overhead.

  • Edge Layer: The edge layer includes local gateways or servers that act as intermediaries between the device and cloud layers. Edge nodes are responsible for regional data aggregation, dynamic key management, and adaptive clustering. Leveraging edge intelligence, these nodes use machine learning-based heuristics to dynamically group devices into clusters based on factors such as proximity, network conditions, and device capabilities. This clustering reduces communication latency and optimizes resource utilization. Additionally, edge nodes implement lattice-based post-quantum cryptography to secure data transmission and manage regional cryptographic keys, enhancing adaptability to dynamic IoMT topologies.

  • Cloud Layer: The cloud layer serves as the central hub for global data aggregation, storage, and analysis, enabling healthcare providers to access aggregated insights for decision-making. It performs high-level computations, such as verifying aggregated data integrity using ZKPs and storing encrypted data. The cloud layer also coordinates with edge nodes to distribute cryptographic parameters and ensure system-wide consistency.

The workflow begins with IOMT devices collecting health data and applying ZKPs to generate proofs of data integrity and authenticity without revealing sensitive information. These proofs, along with encrypted data, are transmitted to edge nodes, which perform regional aggregation using the adaptive clustering algorithm. Edge nodes verify the ZKPs, aggregate the data, and forward it to the cloud layer for global processing. Throughout this process, lattice-based PQC secures all communications, ensuring resilience against quantum attacks. The edge layer dynamically adjusts clustering and key management based on real-time network conditions, optimizing efficiency and scalability.

Adversary model

The adversary model for Q-PRADAX considers a range of potential threats and attacker capabilities relevant in IoMT environments. We assume adversaries can be either external (e.g., unauthorized entities intercepting communications) or internal (e.g., compromised devices or edge nodes). The key threats include:

  • Eavesdropping: Adversaries may attempt to intercept encrypted data or cryptographic keys during transmission between devices, edge nodes, or the cloud.

  • Data Tampering: Malicious entities may alter aggregated data to mislead healthcare decisions, compromising data integrity.

  • Collusion Attacks: Multiple compromised nodes (devices or edge nodes) may collude to infer sensitive information or disrupt aggregation.

  • Quantum Attacks: Adversaries with access to quantum computers may attempt to break traditional cryptographic schemes (e.g., RSA, ECC) to decrypt sensitive data.

  • Denial-of-Service (DoS): Attackers may overload resource-constrained devices or edge nodes to disrupt data aggregation.

Design goals

The design of Q-PRADAX is guided by the following goals, which address the unique challenges of IOMTs while ensuring security, privacy, and practicality:

  • Privacy Preservation: Ensure that sensitive health data remains confidential during aggregation, even in the presence of untrusted or compromised nodes. This is achieved through ZKPs, which allow verification of data integrity and authenticity without disclosing underlying data, ensuring compliance with privacy regulations.

  • Quantum Resilience: Protect the system against future quantum attacks by adopting lattice-based PQC for all cryptographic operations, including encryption, key exchange, and digital signatures. This ensures long-term security for IoMT data aggregation.

  • Scalability and Efficiency: Enable efficient data aggregation in large-scale, multi-region IOMTs by minimizing computational and communication overheads. The adaptive clustering algorithm and edge intelligence optimize resource utilization, reducing latency and energy consumption for resource-constrained devices.

  • Adaptability: Support dynamic network conditions, such as device mobility, varying topologies, and heterogeneous device capabilities, through edge-based dynamic key management and adaptive clustering. This ensures robust performance in real-world IoMT deployments.

  • Robustness Against Attacks: Provide resilience against eavesdropping, tampering, collusion, and DoS attacks. The combination of ZKPs, PQC, and adaptive clustering ensures that the system remains secure and operational even under adversarial conditions.

Q-PRADAX system

Q-PRADAX is an advanced, quantum-resilient system for secure, scalable, and privacy-preserving data aggregation in IoMT, enhancing the PRDA scheme by integrating zero-knowledge proofs21,29, lattice-based post-quantum cryptography22,28, edge intelligence, and adaptive clustering to support real-time healthcare applications. Operating across Device, Edge, and Cloud Layers, it achieves its goals of privacy preservation, quantum resilience, scalability, adaptability, and robustness through a ten-step workflow: initializing devices with PQC keys for secure communication, collecting health data efficiently, encrypting data and generating ZKPs for privacy, transmitting data to edge nodes securely, dynamically clustering devices to optimize aggregation, verifying and aggregating data regionally, managing keys dynamically for adaptability, sending aggregated data to the cloud, processing and storing data securely, and providing continuous feedback for optimization. Below, a comprehensive, detailed, and step-by-step mathematical model for Q-PRADAX is presented, with each step accompanied by a clear goal to elucidate its purpose and significance.

Step 1: System initialization

The system initialization step is a critical, robust foundation for Q-PRADAX by initializing IoMT devices, edge nodes, and cloud infrastructure with lattice-based post-quantum cryptographic key pairs and unique identifiers. This step ensures robust, trusted communication channels across the Device Layer, Edge Layer, and Cloud Layer, enabling secure, scalable, and adaptable data aggregation on the Internet of Medical Things. System initialization equips IoMT devices, edge nodes, and the cloud with unique identifiers and Ring-LWE-based post-quantum cryptographic key pairs, orchestrated by the cloud to ensure system-wide consistency and quantum-resilient security. Devices register with edge nodes, which distribute keys via secure channels, with key generation offloaded to manufacturing or edge nodes to minimize device burden, enabling scalable, independent operation across large IoMT networks. This step ensures privacy through local secret key storage, adaptability to dynamic network conditions, and robustness against eavesdropping, unauthorized access, and quantum attacks, addressing vulnerabilities in traditional cryptography and aligning with Q-PRADAX goals.

Device set: Define the set of IoMT devices as.

$$\:D=\left\{{D}_{1},\:{D}_{2},\dots\:\dots\:.{D}_{n}\right\}$$
(1)

Where \(\:n\) is the number of devices, and each\(\:{\:D}_{i}\) represents an individual device, such as a biosensor or smart implant.

Edge node set: Define the set of edge nodes as.

$$\:E=\left\{{E}_{1},\:{E}_{2},\dots\:\dots\:.{E}_{m}\right\}$$
(2)

Where \(\:m\) is the number of edge nodes, and each\(\:{\:E}_{j}\) acts as a local gateway for regional data processing.

Cloud Node: Denote the cloud node as: \(\:C\)

which serves as the central hub for global data aggregation, analysis, and storage.

Key Generation (PQC):

For each device\(\:{\:D}_{i}\), generate a lattice-based key pair using a post-quantum cryptographic scheme, such as Ring-LWE:

$$\:\left({pk}_{i},\:{sk}_{i}\right)\leftarrow\:\text{K}\text{e}\text{y}\:\text{G}\text{e}\text{n}\left({1}^{{ \leftthreetimes } }\right)$$
(3)

Where \(\:{pk}_{i}\) is the public key, \(\:{sk}_{i}\) is the secret key, and \({ \leftthreetimes }\) is the security parameter determining the cryptographic strength.

For each edge node \(\:{\:E}_{j}\), generate a key pair:

$$\:\left({pk}_{j},\:{sk}_{j}\right)\leftarrow\:\text{K}\text{e}\text{y}\:\text{G}\text{e}\text{n}\left({1}^{ { \leftthreetimes } }\right)$$
(4)

For the cloud node \(\:C\), generate a master key pair:

$$\:\left({pk}_{C},\:{sk}_{C}\right)\leftarrow\:\text{K}\text{e}\text{y}\:\text{G}\text{e}\text{n}\left({1}^{ { \leftthreetimes } }\right)$$
(5)

The \(\:\text{K}\text{e}\text{y}\:\text{G}\text{e}\text{n}\) function is based on a lattice-based PQC scheme, specifically Ring-LWE, which operates over a polynomial ring \(\:{R}_{q}={\mathbb{Z}}_{q}\left[x\right]/({x}^{n}+1)\), where \(\:q\) is a prime modulus, and \(\:n\) is a power of 2. The security relies on the hardness of lattice problems, such as the Shortest Vector Problem (SVP) or Closest Vector Problem (CVP).

Identifier Assignment:

Assign a unique identifier to each device \(\:{D}_{i}\):

$$\:{\:ID}_{i}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}$$
(6)

Where \(\:\kappa\:\) is the bit length of the identifier to ensure uniqueness and collision resistance in large-scale networks.

Assign identifiers to edge nodes and the cloud:

 

$$\:{\:ID}_{{E}_{j}}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}, \:{\:ID}_{C}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}$$
(7)

Parameter Distribution:

The cloud node \(\:C\) distributes cryptographic parameters to edge nodes, which relay them to devices:

$$\:\text{P}\text{a}\text{r}\text{a}\text{m}\text{s}=\left\{q,n,\chi\:\right\}$$
(8)

Where \(\:q\) is the modulus, \(\:n\) is the polynomial degree, and \(\:\chi\:\) is the error distribution used in Ring-LWE key generation.

Step 2: Data collection by IoMT devices

The goal of the data collection step in the Q-PRADAX system is to enable IoMT devices to gather sensitive health data, such as heart rate, blood pressure, or glucose levels, in real time with minimal resource consumption, ensuring efficient, scalable, private, and robust operation. Each IoMT device, equipped with tailored sensors like pulse oximeters or glucometers, continuously monitors patients and stores data in a local buffer at optimized sampling rates (e.g., every second for heart rate, every 15 min for glucose), using lightweight algorithms to minimize computational and energy demands within strict hardware constraints. This independent, low-overhead process, with buffers periodically flushed to edge nodes to prevent overflow, supports scalability for thousands of devices, enhances privacy by keeping raw data local before encryption, and reduces vulnerability to DoS attacks by limiting resource usage, aligning with Q-PRADAX goals of real-time health monitoring, efficiency, and robustness against adversarial threats. Table 2 resume all Symbols and Meanings used in this paper.

Data representation: For each device \(\:{\:D}_{i}\in\:D\), where \(\:D=\left\{{D}_{1},{D}_{2}\dots\:\dots\:..,{D}_{n}\right\}\) is the set of \(\:n\) IoMT devices, let.

$$\:{\:x}_{i}\left(t\right)\in\:{\mathbb{R}}^{d}$$
(9)

represent the health data vector at time \(\:t\), where \(\:d\) is the dimensionality of the data for heart rate, \(\:d=3\) for a vector including heart rate, blood pressure, and oxygen saturation).

Data buffer: Each device \(\:{D}_{i}\) maintains a local buffer.

$$\:{B}_{i}=\left\{{x}_{i}\left({t}_{1}\right),{x}_{i}\left({t}_{2}\right)\dots\:\dots\:..,{x}_{i}\left({t}_{k}\right)\right\}$$
(10)

Where \(\:k\) is the buffer size, and \(\:{t}_{1}\), \(\:{t}_{2}\),……. \(\:{t}_{k}\) are the time points at which data is collected.

Resource Constraints:

Computational Capacity: The computational power of device \(\:{D}_{i}\) is constrained by:

$$\:{C}_{i}<{C}_{max}$$
(11)

Where \(\:{C}_{i}\) is the device computational capacity (e.g., in FLOPS), and \(\:{C}_{max}\) is the maximum computational power.

Energy Constraint: The energy available to device \(\:{D}_{i}\) is constrained by:

$$\:{E}_{i}<{E}_{max}$$
(12)

Where \(\:{E}_{i}\) is the device current energy level (e.g., in milliampere-hours), and \(\:{E}_{max}\) is the maximum battery energy.

Sampling Rate: The data collection frequency is defined by a sampling interval \(\:\varDelta\:t\), such that:

$$\:{t}_{j+1}={t}_{j}+\varDelta\:t$$
(13)

Where \(\:\varDelta\:t\) is the time between consecutive samples (e.g. \(\:\varDelta\:t=1\) second for heart rate monitoring).

Step 3: Data encryption and ZKP generation

The goal of Step 3 in the Q-PRADAX system is to secure sensitive health data from IoMT devices using quantum-resilient lattice-based post-quantum cryptography, specifically Ring-LWE, and generate zero-knowledge proofs via zk-SNARKs23 to verify data validity and authenticity without revealing the data, ensuring privacy, scalability, and robustness against quantum attacks, eavesdropping, and tampering in IoMT networks. Each device encrypts its health data vector (e.g., heart rate, glucose levels) with the public key of the nearest edge node, producing a ciphertext, and simultaneously creates a lightweight ZKP to prove the data clinical validity (e.g., heart rate within 40–180 bpm) and origin, using optimized algorithms to minimize computational and energy demands on resource-constrained devices24. The encrypted data, ZKP, and device identifier form a secure packet for transmission, providing quantum-resilient security, privacy-preserving verification, and scalability for large-scale, dynamic IoMT networks while mitigating adversarial threats, aligning with Q-PRADAX core objectives.

After collecting health data (e.g., heart rate, glucose levels), the device retrieves its secret key and the public key of the target edge node, both initialized in Step 1.

Encryption (PQC):

For each data vector \(\:{\:x}_{i}\left(t\right)\), device \(\:{D}_{i}\) encrypts it using the public key \(\:{pk}_{j}\) of the target edge node \(\:{E}_{j}\in\:E\), where \(\:E=\left\{{E}_{1},\:\:{E}_{2},\dots\:\dots\:.{E}_{m}\right\}\):

$$\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{j}}\left({\:x}_{i}\left(t\right)\right)$$
(14)

Where \(\:\text{E}\text{n}\text{c}\) is a lattice-based encryption scheme (e.g., Ring-LWE encryption) operating over the polynomial ring \(\:{R}_{q}={\mathbb{Z}}_{q}\left[x\right]/({x}^{n}+1)\), with \(\:q\) a prime modulus (e.g., 12289) and \(\:n\) a power of 2 (e.g., 512 or 1024).

The encryption process involves:

$$\:{\:c}_{i}\left(t\right)=(u,v)$$
(15)

Where:

  1. 1.

    \(\:u=a\cdot\:s+{e}_{1}\),

  2. 2.

    \(\:v = pk_{j} \cdot \:s + e_{2} + \left\lfloor {q/p} \right\rfloor \cdot \:\:x_{i} \left( t \right)\)

  3. 3.

    \(\:a\): is a random polynomial.

  4. 4.

    \(\:s\), \(\:{e}_{1}\), \(\:{e}_{2}\): are small error polynomials sampled from an error distribution \(\:\chi\:\).

  5. 5.

    \(\:\left\lfloor {q/p} \right\rfloor\): scales the message \(\:{\:x}_{i}\left(t\right)\)to the ring (with \(\:p\) as the plaintext modulus).

ZKP Generation:

Device \(\:{D}_{i}\) generates a zero-knowledge proof to prove that \(\:{\:x}_{i}\left(t\right)\) is valid and originates from \(\:{D}_{i}\):

$$\:{\pi\:}_{i}\left(t\right)=\text{Z}\text{K}\text{P}.\text{P}\text{r}\text{o}\text{v}\text{e}({sk}_{i},\:{\:x}_{i}\left(t\right),\:{ID}_{i},\:\text{s}\text{t}\text{m}\text{t})$$
(16)

Where \(\:{sk}_{i}\) is the device secret key, \(\:{ID}_{i}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}\) is its identifier, and \(\:\text{s}\text{t}\text{m}\text{t}\) is a statement asserting:

  1. 1.

    Validity: \(\:{\:x}_{i}\left(t\right)\in\:{R}_{valid}\), where \(\:{R}_{valid}\subseteq\:{\mathbb{R}}^{d}\) defines acceptable ranges (e.g., heart rate \(\:{\:x}_{i}\left(t\right)\in\:\left[\text{40,180}\right]).\)

  2. 2.

    Authenticity: The data is generated by device \(\:{D}_{i}\) with identifier \(\:{ID}_{i}\), signed with \(\:{sk}_{i}\).

  3. 3.

    \(\:\text{Z}\text{K}\text{P}.\:\:\text{P}\text{r}\text{o}\text{v}\text{e}\) is a non-interactive ZKP protocol (e.g., zk-SNARK), producing a proof \(\:{\pi\:}_{i}\left(t\right)\) that is compact and efficient for resource-constrained devices.

The proof satisfies:

$$\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)=True$$
(17)

ensuring:

  1. 1.

    Zero-Knowledge: No information about\(\:{\:x}_{i}\left(t\right)\) is revealed beyond the statement truth.

  2. 2.

    Completeness: Valid data from an authentic device produces a proof that passes verification.

  3. 3.

    Soundness: Invalid data or proofs from unauthorized devices fail verification.

Secure packet: The device constructs a packet.

$$\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)$$
(18)

Where \(\:{\:c}_{i}\left(t\right)\)is the ciphertext, \(\:{\:\pi\:}_{i}\left(t\right)\)is the ZKP, and \(\:{ID}_{i}\) is the device identifier.

Step 4: Data transmission to edge nodes

The goal of Step 4 in the Q-PRADAX system is to securely and efficiently transmit encrypted health data packets, containing ciphertexts\(\:{\:c}_{i}\left(t\right)\), zero-knowledge proofs \(\:{\pi\:}_{i}\left(t\right)\), and device identifiers \(\:{ID}_{i}\), from IoMT devices \(\:{D}_{i}\) to the nearest edge node \(\:{E}_{j}\), minimizing energy consumption and communication overhead while ensuring privacy-preserving, quantum-resilient data delivery in IoMT. Each device selects the closest edge node based on proximity or signal quality to reduce transmission distance \(\:{d}_{i,j}\), using low-power wireless protocols like Bluetooth Low Energy (BLE) or Zigbee over a secure channel established with the edge node public key \(\:{pk}_{j}\). The compact packet \(\:{P}_{i}\left(t\right)\) optimized through data compression and adaptive modulation, is transmitted with retransmission protocols to ensure reliable delivery, while edge nodes acknowledge receipt to clear device buffers. This process, critical for bridging the Device and Edge Layers, leverages quantum-resilient encryption and ZKPs25 to protect against eavesdropping and tampering, supports scalability for thousands of devices by reducing network congestion, and mitigates DoS attacks through energy-efficient transmission.

Packet representation: For each device \(\:{D}_{i}\in\:D\), where \(\:D=\left\{{D}_{1},\:{D}_{2},\dots\:\dots\:\dots\:\dots\:{D}_{n}\right\}\) is the set of \(\:n\) IoMT devices, the secure packet at time \(\:t\) is.

$$\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)$$
(19)

Communication cost: The communication cost for transmitting \(\:{P}_{i}\left(t\right)\) from device \(\:{D}_{i}\) to edge node \(\:{E}_{j}\) is.

$$\:{\text{C}\text{o}\text{m}\text{m}}_{\text{i}}=\left|{\:c}_{i}\left(t\right)\right|+\left|{\:\pi\:}_{i}\left(t\right)\right|+\left|{\:ID}_{i}\right|$$
(20)

Where \(\:\left|{\:c}_{i}\left(t\right)\right|,\left|{\:\pi\:}_{i}\left(t\right)\right|,\left|{\:ID}_{i}\right|\)denote the bit sizes of the ciphertext, ZKP, and identifier, respectively.

Energy cost: The energy consumed for transmission is modeled as.

$$\:{\text{E}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{i}}=\alpha\:\cdot\:{\text{C}\text{o}\text{m}\text{m}}_{\text{i}}+\beta\:\cdot\:{d}_{i,j}^{2}$$
(21)

Where:

  1. 1.

    \(\:\alpha\:\): is the energy per bit transmitted (e.g., in joules/bit, dependent on the wireless protocol, typically 50nJ/bit for BLE).

  2. 2.

    \(\:\beta\:\): is the energy coefficient for distance-dependent path loss (e.g., in joules/m², accounting for signal attenuation).

  3. 3.

    \(\:{d}_{i,j}\): is the Euclidean distance between device \(\:{\:D}_{i}\)and edge node \(\:{\:E}_{j}\)(e.g., in meters, typically 1–10 m in IoMT).

  4. 4.

    The quadratic term \(\:{d}_{i,j}^{2}\) reflects the free-space path loss model, common in short-range wireless communications.

Resource Constraints:

The transmission must satisfy the device energy constraint:

$$\:{\text{E}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{i}}\le\:{\text{E}}_{\text{i}}\le\:{\text{E}}_{\text{m}\text{a}\text{x}}$$
(22)

Where \(\:{\text{E}}_{\text{i}}\) is the current energy level, and \(\:{\text{E}}_{\text{m}\text{a}\text{x}}\) is the maximum battery energy (e.g., 200 mAh).

The computational cost for preparing and sending the packet is constrained by:

$$\:{\text{C}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{i}}\le\:{\text{C}}_{\text{i}}\le\:{\text{C}}_{\text{m}\text{a}\text{x}}$$
(23)

Where \(\:{\text{C}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{i}}\) is the computational effort (e.g., in FLOPS), and \(\:{\text{C}}_{\text{m}\text{a}\text{x}}\) is the maximum computational capacity.

Transmission reliability: The probability of successful packet delivery is modeled as.

$$\:{\text{P}}_{\text{s}\text{u}\text{c}\text{c}\text{e}\text{s}\text{s}}={e}^{-\gamma\:\cdot\:{SNR}^{-1}}$$
(24)

Where \(\:\gamma\:\) is a channel-specific constant, and SNR is the signal-to-noise ratio, dependent on \(\:{d}_{i,j}\) and environmental noise.

Step 5: Adaptive clustering at edge layer

The goal of Step 5 in the Q-PRADAX system is to dynamically cluster IoMT devices under edge nodes to optimize data aggregation, minimizing latency, energy, and computational overhead while enhancing scalability, adaptability, and robustness in large-scale the Internet of Medical Things. Edge nodes group devices into clusters \(\:{C}_{j}\) based on proximity, signal strength, computational capacity, and network conditions, using machine learning heuristics like k-means or graph-based clustering to minimize aggregation costs, with real-time updates adapting to device mobility or topology changes. Upon receiving packets \(\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)\), edge node \(\:{\text{E}}_{\text{j}}\)assigns devices to clusters ensuring minimal communication costs and sufficient resources, with constraints on cluster size and device capacity preventing overload.

Cluster representation: Let \(\:D=\left\{{D}_{1},\:{D}_{2},\dots\:\dots\:\dots\:\dots\:{D}_{n}\right\}\) be the set of \(\:n\) IoMT devices, and \(\:E=\left\{{E}_{1},\:{E}_{2},\dots\:\dots\:.{E}_{m}\right\}\) be the set of \(\:m\) edge nodes. Each edge node \(\:{E}_{j}\) manages a cluster.

$$\:{C}_{j}\subseteq\:D$$
(25)

Where \(\:{C}_{j}\) is the set of devices assigned to \(\:{E}_{j},\) and the clusters form a partition of \(\:D\):

$$\:\bigcup\:_{j=1}^{m}\:\:{C}_{j}=D,\:\:\:\:\:\:\:{C}_{j}\cap\:{C}_{k}=\varnothing\:\:for\:j\ne\:k$$
(26)

Clustering objective: Minimize the total cost of aggregation across all clusters.

$$\:{\text{C}\text{o}\text{s}\text{t}}_{\text{c}\text{l}\text{u}\text{s}\text{t}\text{e}\text{r}}=\sum\:_{j=1}^{m}\left(\sum\:_{{D}_{i}\in\:{C}_{j}}{\text{C}\text{o}\text{m}\text{m}}_{\text{i}}+\gamma\:\cdot\:\left|{C}_{j}\right|\right)$$
(27)

Where:

  1. 1.

    \(\:{\text{C}\text{o}\text{m}\text{m}}_{\text{i}}=\left|{\:c}_{i}\left(t\right)\right|+\left|{\:\pi\:}_{i}\left(t\right)\right|+\left|{\:ID}_{i}\right|:\) is the communication cost for device \(\:{D}_{i}\), as defined in Step 4, representing the bit size of the packet \(\:{P}_{i}\left(t\right)\).

  2. 2.

    \(\:\left|{C}_{j}\right|:\) is the number of devices in cluster \(\:{C}_{j}\).

  3. 3.

    \(\:\gamma\::\) is the aggregation overhead per device (e.g., in joules or computational cycles), accounting for processing costs at the edge node (e.g., verifying ZKPs, decrypting ciphertexts).

Clustering Constraints:

Proximity constraint: Devices in \(\:{C}_{j}\) must be within a proximity threshold to\(\:{E}_{j}\).

$$\:{dist(D}_{i},{E}_{j})\le\:\theta\:,\:{\forall\:D}_{i}\in\:{C}_{j}$$
(28)

Where \(\:{dist(D}_{i},{E}_{j})\) is the network distance (e.g., signal strength in dBm or latency in milliseconds), and \(\:\theta\:\) is the maximum allowable distance (e.g., −80 dBm for signal strength).

Capacity constraint: Each device must have sufficient computational capacity.

$$\:{cap}_{i}\ge\:\varphi\:,\:{\forall\:D}_{i}\in\:{C}_{j}$$
(29)

Where \(\:{cap}_{i}\) is the computational capacity of \(\:{D}_{i}\) (e.g., in FLOPS), and \(\:\varnothing\:\) is the minimum required capacity (e.g., 1 MFLOPS).

Cluster size constraint: Each cluster has a maximum size to prevent overloading.

$$\:\left|{C}_{j}\right|\le\:\text{m}\text{a}\text{x}\_size$$
(30)

Where \(\:\text{m}\text{a}\text{x}\_size\) is the maximum number of devices per cluster (e.g., 100 devices).

Clustering algorithm: Assign devices to clusters using a heuristic algorithm (k-means or graph-based clustering).

$$\:{C}_{j}=\left\{{D}_{i}\left|{dist(D}_{i},{E}_{j})\le\:\theta\:\:and\:{cap}_{i}\ge\:\varphi\:\:and\left|{C}_{j}\right|\le\:\:\text{m}\text{a}\text{x}\_size\right.\right\}$$
(31)
  1. 1.

    k-means Approach: Treat edge nodes as centroids and devices as points in a feature space defined by:

$$\:{\overrightarrow{f}}_{i}=\left({dist(D}_{i},{E}_{j}),{cap}_{i},\:{load}_{i}\:\right)$$
(32)

Where \(\:{load}_{i}\) is the current workload of \(\:{D}_{i}\) (e.g., buffer occupancy). Minimize the within-cluster variance:

$${\text{min}}\sum {\:_{{j = 1}}^{m} } \sum {\:_{{D_{i} \in \:C_{j} }} } \left\| {\vec{f}_{i} - \overrightarrow {{\mu \:}} _{j} } \right\|^{2}$$
(33)

Where \(\:{\overrightarrow{\mu\:}}_{j}\) is the centroid of cluster \(\:{C}_{j}\).

  1. 2.

    Graph-Based Approach: Model devices and edge nodes as a graph \(\:G=(V,E)\), with vertices \(\:\text{V}=\text{D}\cup\:\text{E}\) and edges weighted by \(\:{dist(D}_{i},{E}_{j})\). Use spectral clustering to partition \(\:G\) into \(\:m\) clusters, optimizing connectivity and capacity.

Dynamic update: Update clusters at time \(\:t+1\) based on current network conditions.

$$\:{C}_{j}\left(t+1\right)=Update\left({C}_{j}\left(t\right),\:network\_params\left(t\right)\right)$$
(34)

Where:

  1. 1.

    \(\:\text{n}\text{e}\text{t}\text{w}\text{o}\text{r}\text{k}\_\text{p}\text{a}\text{r}\text{a}\text{m}\text{s}\left(\text{t}\right)=\left\{{\text{d}\text{i}\text{s}\text{t}(\text{D}}_{\text{i}},{\text{E}}_{\text{j}}),{\text{c}\text{a}\text{p}}_{\text{i}},\:{\text{l}\text{o}\text{a}\text{d}}_{\text{i}},{\text{m}\text{o}\text{b}\text{i}\text{l}\text{i}\text{t}\text{y}}_{\text{i}},\:{\text{S}\text{N}\text{R}}_{\text{i},\text{j}}\:\right\}\)

  2. 2.

    \(\:{\text{m}\text{o}\text{b}\text{i}\text{l}\text{i}\text{t}\text{y}}_{\text{i}}\): is the device movement speed (e.g., in m/s),

  3. 3.

    \(\:{\text{S}\text{N}\text{R}}_{\text{i},\text{j}}\): is the signal-to-noise ratio for the link between \(\:{\text{D}}_{\text{i}}\) and \(\:{\text{E}}_{\text{j}}.\).

  4. 4.

    The update function re-runs the clustering algorithm or adjusts assignments incrementally.

Optimization problem: Formulate clustering as an optimization problem.

$$\:\underset{\left\{{\text{C}}_{1},\:\dots\:\dots\:..,{\text{C}}_{\text{m}}\right\}}{\text{min}}{\text{C}\text{o}\text{s}\text{t}}_{\text{c}\text{l}\text{u}\text{s}\text{t}\text{e}\text{r}}$$
(35)

Subject to:

$$\:{dist(D}_{i},{E}_{j})\le\:\theta\:,\:{cap}_{i}\ge\:\varphi\:,\:\:\:\:\:\left|{C}_{j}\right|\le\:\:\text{m}\text{a}\text{x}\_size,\:\bigcup\:_{j=1}^{m}\:\:{C}_{j}=D,\:\:\:\:\:{C}_{j}\cap\:{C}_{k}=\varnothing\:\:for\:j\ne\:k$$

Step 6: Regional data aggregation and verification

The goal of Step 6 in the Q-PRADAX system is to enable edge nodes \(\:{E}_{j}\) to aggregate encrypted health data from clustered IoMT devices in \(\:{C}_{j}\), verifying data integrity and authenticity using zero-knowledge proofs to ensure privacy, computational efficiency, and scalability. Each edge node processes packets \(\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)\), verifying ZKPs \(\:{\:\pi\:}_{i}\left(t\right)\)with \(\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)\) to confirm data validity (e.g., heart rate within 40–180 bpm) and authenticity, including only valid ciphertexts \(\:{c}_{i}\left(t\right)\) in aggregation and discarding tampered data. The node aggregates valid ciphertexts into a compact result \(\:{a}_{j}\), using functions like sum or average, either via homomorphic properties of Ring-LWE PQC or by decrypting with \(\:{sk}_{j}\), aggregating plaintexts, and re-encrypting for cloud transmission, optimized with parallel processing to minimize computational cost.

Data representation: For each device \(\:{D}_{i}\in\:{C}_{j}\), where \(\:{C}_{j}\subseteq\:D\:\)is the cluster managed by edge node \(\:{E}_{j}\subseteq\:E\), the packet is.

$$\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)$$
(36)

Where :

  1. 1.

    \(\:{\:c}_{i}\left(t\right)={Enc}_{{pk}_{j}}\left({x}_{i}\left(t\right)\right)\)is the ciphertext of health data \(\:{x}_{i}\left(t\right)\in\:{\mathbb{R}}^{d}\), encrypted with the public key \(\:{pk}_{j}\) of \(\:{E}_{j}\).

  2. 2.

    \(\:{\:\pi\:}_{i}\left(t\right)\)is the ZKP proving validity and authenticity, generated via \(\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)\).

  3. 3.

    \(\:{\:ID}_{i}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}\)is the device identifier.

ZKP Verification: For each device \(\:{D}_{i}\in\:{C}_{j}\), verify the ZKP:

$$\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)=True$$
(37)

Where \(\:stmt\) asserts:

Validity: \(\:{x}_{i}\left(t\right)\in\:{R}_{valid},\) where \(\:{R}_{valid}\in\:{\mathbb{R}}^{d}\) is the acceptable range.

Authenticity: The data is from device \(\:{D}_{i}\:\)with \(\:{\:ID}_{i}\), signed with \(\:{sk}_{i}\). If verification fails, exclude \(\:{\:c}_{i}\left(t\right)\) from aggregation.

Aggregation: Aggregate valid ciphertexts.

$$\:{a}_{j}=\text{A}\text{g}\text{g}\text{r}\text{e}\text{g}\text{a}\text{t}\text{e}\left(\left\{\left.{\:c}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\:\text{a}\text{n}\text{d}\:\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:\text{s}\text{t}\text{m}\text{t}\right)=True\right\}\right)$$
(38)

Where \(\:\text{A}\text{g}\text{g}\text{r}\text{e}\text{g}\text{a}\text{t}\text{e}\) is a function (e.g., sum, average, count) defined as:

If homomorphic encryption is used:

$$\:{a}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{cloud}}\left(f\left(\left\{\left.{\:x}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\right\}\right)\right)$$
(39)

Where \(\:f\) is the aggregation function and \(\:{pk}_{cloud}\) is the cloud public key.

If decryption is performed

$$\:{a}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{cloud}}\left(f\left(\left\{\left.{{\text{D}\text{e}\text{c}}_{{sk}_{j}}\:(c}_{i}\left(t\right))\right|{D}_{i}\in\:{C}_{j}\right\}\right)\right)$$
(40)

Where \(\:{{\text{D}\text{e}\text{c}}_{{sk}_{j}}\:(c}_{i}\left(t\right))=\:{\:x}_{i}\left(t\right)\).

Output: The aggregated result.

$$\:{a}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{cloud}}\left(f\left(\left\{\left.{\:x}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\:and\:valid\right\}\right)\right)$$
(41)

ready for transmission to the cloud.

The regional data aggregation and verification step in Q-PRADAX enables edge nodes to efficiently process encrypted health data, using ZKPs to ensure integrity and authenticity while reducing data volume for cloud transmission.

Step 7: Dynamic key management

The goal of Step 7 in the Q-PRADAX system is to dynamically update cryptographic keys for IoMT devices and edge nodes to ensure quantum-resilient security, adapt to network changes like device mobility or node failures, using a machine learning-driven approach to optimize key update frequency and lattice-based PQC for secure key distribution. Edge nodes \(\:{E}_{j}\) monitor network conditions for each cluster \(\:{C}_{j}\), triggering key updates via a decision function \(\:Update\:\left(t\right)\) when changes exceed a threshold \(\:\delta\:\), or based on a reinforcement learning model \(\:M\left(t\right)\) predicting optimal frequency using parameters like mobility and signal strength. New key pairs (\(\:{pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}})\) are generated with \(\:\text{K}\text{e}\text{y}\text{G}\text{e}\text{n}\left({1}^{ { \leftthreetimes } }\right)\), encrypted as (\(\:{{c}_{{k}_{i}}={\text{E}\text{n}\text{c}}_{{pk}_{i}}(pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}}\left)\right)\), and sent to devices \(\:{D}_{i}\), which decrypt them using \(\:{sk}_{i}\), adopt the keys, and acknowledge receipt, while \(\:{E}_{j}\) updates its keys and coordinates with the cloud.

Key update: For each device \(\:{D}_{i}\in\:{C}_{j}\), where \(\:{C}_{j}\) is the cluster managed by edge node \(\:{E}_{j}\in\:E\), generate new keys.

 

$$(\:{pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}})\leftarrow\:\:\text{K}\text{e}\text{y}\text{G}\text{e}\text{n}\left({1}^{ { \leftthreetimes } }\right)\:\:\:\:\:\:\:\:\:\:\forall\:{D}_{i}\in\:{C}_{j}$$
(42)

Where:

  1. 1.

    \(\:\text{K}\text{e}\text{y}\:\text{G}\text{e}\text{n}\) is the PQC key generation algorithm.

  2. 2.

    \({ \leftthreetimes }\) is the security parameter.

  3. 3.

    \(\:{pk}_{i}^{{\prime\:}}\) and \(\:{sk}_{i}^{{\prime\:}}\) are the new public and secret keys, respectively.

Secure key distribution: Encrypt the new keys with the device current public key.

$$\:{{c}_{{k}_{i}}={\text{E}\text{n}\text{c}}_{{pk}_{i}}(pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}})$$
(43)

where \(\:\text{E}\text{n}\text{c}\) is the Ring-LWE encryption function, producing a ciphertext \(\:{c}_{{k}_{i}}=(u,v)\), with:

  1. 1.

    \(\:u=a\cdot\:s+{e}_{1}\),

  2. 2.

    \(\:v = pk_{i} \cdot \:s + e_{2} + \left\lfloor {\frac{q}{p}} \right\rfloor \cdot \:\:\)(\(\:{pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}})\).

  3. 3.

    \(\:a,s,\:{e}_{1},{e}_{2}\) are polynomials in \(\:{R}_{q}\) and \(\:p\) is the plaintext modulus. The device decrypts \(\:{c}_{{k}_{i}}\) using \(\:{sk}_{i}\) to recover (\(\:{pk}_{i}^{{\prime\:}},{sk}_{i}^{{\prime\:}})\).

Update trigger: Decide when to update keys using a decision function.

$$\:\text{U}\text{p}\text{d}\text{a}\text{t}\text{e}\:\left(\text{t}\right)=\left\{\begin{array}{c}1\:\:\:\:\:\:\:\:\:if\:{\varDelta\:}_{network}\left(t\right)>\delta\:\\\:0\:\:\:\:\:\:\:\:\:\:\:\:otherwise\:\:\:\:\:\:\:\:\:\:\:\end{array}\right.\:\:$$
(44)
$$\:{\varDelta\:}_{network}\left(t\right)=\:{w}_{1}\cdot\:mobility\:\left(t\right)+{w}_{2}\cdot\:failures\:\left(t\right)+{w}_{3}\cdot\:SNR\_change\left(t\right)$$
(45)

Where:

  1. 1.

    \(\:{\varDelta\:}_{network}\left(t\right)\) measures network changes:

  2. 2.

    \(\:mobility\:\left(t\right)\): Average device movement speed.

  3. 3.

    \(\:failures\:\left(t\right)\): Number of node failures or dropouts in \(\:{C}_{j}\).

  4. 4.

    \(\:SNR\_change\left(t\right)\): Variation in signal-to-noise ratio across links.

  5. 5.

    \(\:{w}_{1}\), \(\:{w}_{2}\), \(\:{w}_{3}\): Weights (e.g., normalized to sum to 1).

  6. 6.

    \(\:\delta\:\): Threshold for significant change (e.g., calibrated to trigger on 10% network disruption).

Machine learning model: Predict optimal key update frequency.

$$\:{f}_{update}=M(\:network\_params(t\left)\right)$$
(46)

Where:

  1. 7.

    \(\:{f}_{update}\): Update frequency (e.g., updates per hour).

  2. 8.

    \(\:\text{n}\text{e}\text{t}\text{w}\text{o}\text{r}\text{k}\_\text{p}\text{a}\text{r}\text{a}\text{m}\text{s}\left(\text{t}\right)=\left\{{\text{f}\text{a}\text{i}\text{l}\text{u}\text{r}\text{e}\text{s}}_{j},\:{\text{c}\text{a}\text{p}}_{i},\:{\text{l}\text{o}\text{a}\text{d}}_{\text{i}},{\text{m}\text{o}\text{b}\text{i}\text{l}\text{i}\text{t}\text{y}}_{\text{i}},\:{\text{S}\text{N}\text{R}}_{\text{i},\text{j}}\:\right\}\): including device mobility, computational capacity, workload, signal quality, and cluster failure rates.

  3. 9.

    \(\:M\left(t\right)\): A reinforcement learning model (e.g., Q-learning) with state space \(\:network\_params\left(t\right)\), action space \(\:\left\{update,\:no\_update\right\}\), and reward function:

$$\:R\left(t\right)=\alpha\:\cdot\:security\:\left(t\right)-\beta\:\cdot\:overhead\:\left(t\right)$$
(47)
  1. 1.

    \(\:security\:\left(t\right)\): Estimated security level (e.g., inversely proportional to key age).

  2. 2.

    \(\:overhead\:\left(t\right)\): Computational and communication cost of key updates.

  3. 3.

    \(\:\alpha\:,\:\beta\:\): Weights balancing security and efficiency.

The dynamic key management step in Q-PRADAX ensures quantum-resilient security by updating cryptographic keys adaptively, using PQC for secure distribution and a reinforcement learning model to optimize update frequency based on network conditions.

Step 8: Data transmission to cloud layer

The goal of Step 8 in the Q-PRADAX system is to securely transmit aggregated health data and zero-knowledge proofs from edge nodes \(\:{E}_{j}\) to the cloud for global processing, ensuring quantum-resilient security, privacy, and efficiency while minimizing communication overhead. Each edge node prepares a packet \(\:{P}_{j}=\left({\:c}_{j},\:\:{{\Pi\:}}_{j},{\:ID}_{{E}_{j}}\right)\), where \(\:{c}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left({a}_{j}\right)\) encrypts the aggregated data \(\:{a}_{j}\) from cluster \(\:{C}_{j}\) using the cloud public key \(\:{pk}_{C}\) via a PQC scheme like Ring-LWE, \(\:{{\Pi\:}}_{j}=\left\{\left.{\pi\:}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\right\}\) contains device ZKPs for integrity verification, and \(\:{\:ID}_{{E}_{j}}\) identifies the node. The packet is sent over a secure channel established in Step 1, with adaptive modulation, compression, and retransmission protocols optimizing packet size and ensuring reliable delivery.

Packet representation: For edge node \(\:{E}_{j}\in\:E\), where \(\:E=\left\{{E}_{1},\:{E}_{2},\dots\:\dots\:.{E}_{m}\right\}\) is the set of \(\:m\) edge nodes, the packet is.

$$\:{P}_{j}=\left({\:c}_{j},\:{{\Pi\:}}_{j},{\:ID}_{{E}_{j}}\right)$$
(48)

Where:

  1. 1.

    \(\:{c}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left({a}_{j}\right)\), the encrypted aggregated data, with \(\:{a}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left(f\left(\left\{\left.{\:x}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\:and\:valid\right\}\right)\right)\) from Step 6, and \(\:{pk}_{C}\) is the cloud public key.

  2. 2.

    \(\:{{\Pi\:}}_{j}=\left\{\left.{\pi\:}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\right\}\), the set of ZKPs from devices in cluster \(\:{C}_{j}\), each proving validity and authenticity of \(\:{\:x}_{i}\left(t\right).\).

  3. 3.

    \(\:{\:ID}_{{E}_{j}}\in\:{\left\{\text{0,1}\right\}}^{\kappa\:}\), the edge node unique identifier.

Encryption: Encrypt the aggregated data using Ring-LWE.

$$\:{c}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left({a}_{j}\right)=({u}_{j},{v}_{j})$$
(49)
  1. 4.

    \(\:{u}_{j}={a}_{C}\cdot\:{s}_{j}+{e}_{1,j}\)

  2. 5.

    \(v_{j} = pk_{C} \cdot \:s_{j} + e_{{2,j}} + \left\lfloor {\frac{q}{p}} \right\rfloor \cdot \:\:\)(\(\:{a}_{j})\).

  3. 6.

    \(\:{a}_{C},{s}_{j},\:{e}_{1,j},{e}_{2,j}\) are polynomials in \(\:{R}_{q}={\mathbb{Z}}_{q}\left[x\right]/({x}^{n}+1)\).

Communication cost: The cost of transmitting\(\:{P}_{j}\).

$$\:{Comm}_{j}=\left|{\:c}_{j}\right|+\:\left|{{\Pi\:}}_{j}\right|+\left|{\:ID}_{{E}_{j}}\right|$$
(50)

Where:

  1. 1.

    \(\:\left|{\:c}_{j}\right|\approx\:2n\text{log}q\:bits\),

  2. 2.

    \(\:\left|{{\Pi\:}}_{j}\right|=\sum\:_{{D}_{i}\in\:{C}_{j}}\left|{\pi\:}_{i}\left(t\right)\right|\), with \(\:\left|{\pi\:}_{i}\left(t\right)\right|\approx\:2-3kB\) for zk-SNARKs.

  3. 3.

    \(\:\left|{\:ID}_{{E}_{j}}\right|=128\:bits\)

Energy cost: The energy for transmission.

$$\:{\text{E}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{j}}=\alpha\:\cdot\:{\text{C}\text{o}\text{m}\text{m}}_{\text{j}}+\beta\:\cdot\:{d}_{j,C}^{2}$$
(51)

Where:

  1. 1.

    \(\:\alpha\:\): Energy per bit.

  2. 2.

    \(\:\beta\:\): Distance-dependent path loss coefficient (e.g., for long-range transmission).

  3. 3.

    \(\:{\:d}_{j,C}\): Distance to the cloud (e.g., 1–10 km for 5G).

Step 9: Cloud-level processing and storage

The goal of Step 9 in the Q-PRADAX system is to perform global aggregation of health data from edge nodes, verify data integrity and authenticity using zero-knowledge proofs, and securely store data in the cloud for healthcare applications, ensuring quantum-resilient security, privacy, scalability, and robustness in large-scale IoMT. The cloud receives packets \(\:{P}_{j}=\left({\:c}_{j},\:{{\Pi\:}}_{j},{\:ID}_{{E}_{j}}\right)\) from edge nodes \(\:{E}_{j}\), decrypts \(\:{c}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left({a}_{j}\right)\) using its secret key \(\:{sk}_{C}\), and verifies ZKPs in \(\:{{\Pi\:}}_{j}=\left\{\left.{\pi\:}_{i}\left(t\right)\right|{D}_{i}\in\:{C}_{j}\right\}\) with \(\:{pk}_{{E}_{j}}\) and statement \(\:s{tmt}_{j}\) to confirm \(\:{a}_{j}\) validity. Valid \(\:{a}_{j}\) are globally aggregated into \(\:A=\text{A}\text{g}\text{g}\text{r}\text{e}\text{g}\text{a}\text{t}\text{e}\left(\left\{\left.{\:a}_{j}\right|{E}_{j}\in\:E\right\}\right)\) using functions like sum or statistical analysis for insights like regional health trends, and encrypted data \(\:{c}_{j}\) is stored with metadata (timestamp, \(\:{\:ID}_{{E}_{j}}\)) in a PQC-secured database, with access controls and audit logs. This step offloads computation from edge nodes, supports thousands of devices, ensures privacy via ZKPs and PQC, and protects against tampering and quantum attacks, enabling real-time health monitoring and predictive analytics while aligning with Q-PRADAX goals.

Packet representation: The cloud receives packets from edge nodes\(\:E=\left\{{E}_{1},\:{E}_{2},\dots\:\dots\:.{E}_{m}\right\}\).

$$\:{P}_{j}=\left({\:c}_{j},\:{{\Pi\:}}_{j},{\:ID}_{{E}_{j}}\right)\:\:\:\:\:\:\:\:\:\:\:\forall\:{E}_{j}\in\:E$$
(52)

Decryption: Decrypt \(\:{c}_{j}\) using the cloud secret key.

$$\:{a}_{j}={\text{D}\text{e}\text{c}}_{{sk}_{C}}\left({c}_{j}\right)$$
(53)

ZKP Verification: Verify each ZKP in \(\:{{\Pi\:}}_{j}\):

$$\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{{E}_{j}},\:{\pi\:}_{i}\left(t\right),\:{stmt}_{i}\right)=True\:\:\:\:\:\:\:\:\:\:\forall\:{\pi\:}_{i}\left(t\right)\in\:{{\Pi\:}}_{j}$$
(54)

Global aggregation: Aggregate valid data.

$$\:A=\text{A}\text{g}\text{g}\text{r}\text{e}\text{g}\text{a}\text{t}\text{e}\left(\left\{\left.{\:a}_{j}\right|{E}_{j}\in\:E\:and\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}=\text{T}\text{r}\text{u}\text{e}\right\}\right)$$
(55)

Storage: Store encrypted data and metadata.

$$\:S=\left\{\left.{\:(c}_{j},{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j})\right|{E}_{j}\in\:E\right\}$$
(56)

Where:

  1. 1.

    \(\:{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j}=\left({t}_{j},{\:ID}_{{E}_{j}},\left|{C}_{j}\right|,agg\_type\right)\): including timestamp \(\:{t}_{j}\), edge node ID, cluster size, and aggregation type (e.g., sum, average).

  2. 2.

    \(\:{\:c}_{j}\): Stored as received, encrypted with \(\:{pk}_{C}\).

  3. 3.

    Optional re-encryption: \(\:{c}_{j}^{{\prime\:}}={\text{E}\text{n}\text{c}}_{{pk}_{S}}\left({a}_{j}\right)\), using a storage key \(\:{pk}_{S}\).

Computational Cost:

$$\:{Comp}_{cloud}=\sum\:_{{E}_{j}\in\:E}\left({\text{C}\text{o}\text{s}\text{t}}_{Dec}\left({c}_{j}\right)+\sum\:_{\:{\pi\:}_{i}\in\:{{\Pi\:}}_{j}}{Cost}_{ZKP}\left(\left|{\pi\:}_{i}\left(t\right)\right|\right)+{Cost}_{Agg}\left({a}_{j}\right)\right)$$
(57)

Storage Cost:

$$\:{Storage}_{cloud}=\sum\:_{{E}_{j}\in\:E}\left(\left|{c}_{j}\right|+\left|{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j}\right|\right)$$
(58)

The cloud-level processing and storage step in Q-PRADAX enables global health data aggregation and secure storage, using ZKPs for integrity verification and PQC for quantum-resilient protection.

  1. 1.

    Step 10: Feedback and Continuous Optimization.

The goal of Step 10 in the Q-PRADAX system is to provide feedback from the cloud to edge nodes and IoMT devices to optimize clustering, key management, and system performance, ensuring adaptability, efficiency, scalability, and robustness in large-scale IoMT. The cloud analyzes the global aggregate \(\:A\) and network parameters (e.g., mobility, signal strength, failure rates) using an optimization function \(\:\text{O}\text{p}\text{t}\text{i}\text{m}\text{i}\text{z}\text{e}\) employing gradient descent or reinforcement learning to compute updated parameters \(\:{\theta\:}^{{\prime\:}}(t+1)\) (clustering thresholds) and \(\:{\delta\:}^{{\prime\:}}(t+1)\) (key update frequencies) that minimize a system cost function balancing clustering, communication, and computational costs. These parameters are encrypted with each edge node public key \(\:{pk}_{{E}_{j}}\), transmitted over secure channels, and decrypted by edge nodes \(\:{E}_{j}\), which update clusters \(\:{C}_{j}(t+1)\) using \(\:{\theta\:}^{{\prime\:}}(t+1)\) and adjust key update frequency \(\:{f}_{update}\) to \(\:{\delta\:}^{{\prime\:}}(t+1)\), notifying devices as needed.

Feedback parameters: The cloud computes updated parameters.

$$\:{\theta\:}^{{\prime\:}}(t+1),\:{\delta\:}^{{\prime\:}}\left(t+1\right)=\:\text{O}\text{p}\text{t}\text{i}\text{m}\text{i}\text{z}\text{e}(\text{A},\:network\_params(t\left)\right)$$
(59)

Where:

  1. 1.

    \(\:\text{A}\): The global aggregate from Step 9 (e.g., average health metrics across clusters).

  2. 2.

    \(\:\text{n}\text{e}\text{t}\text{w}\text{o}\text{r}\text{k}\_\text{p}\text{a}\text{r}\text{a}\text{m}\text{s}\left(\text{t}\right)=\left\{{{\text{m}\text{o}\text{b}\text{i}\text{l}\text{i}\text{t}\text{y}}_{\text{i}},\text{c}\text{a}\text{p}}_{\text{i}},\:{\text{l}\text{o}\text{a}\text{d}}_{\text{i}},{\text{S}\text{N}\text{R}}_{\text{i},\text{j}}\:,{failures}_{j},\:threat\_level\left(t\right)\right\}\), including device mobility, computational capacity, workload, signal-to-noise ratio, cluster failure rates, and estimated security threat level.

  3. 3.

    \(\:{\theta\:}^{{\prime\:}}(t+1)\): Clustering parameters (e.g., distance thresholds for k-means, edge weights for graph-based clustering).

  4. 4.

    \(\:{\delta\:}^{{\prime\:}}\left(t+1\right)\): Key update frequency threshold (e.g., updates per hour).

  5. 5.

    \(\:\text{O}\text{p}\text{t}\text{i}\text{m}\text{i}\text{z}\text{e}\): An optimization function (e.g., gradient descent, Q-learning) minimizing system cost.

Optimization objective: Minimize the system-wide cost.

$$\:{Cost}_{system}=\sum\:_{j=1}^{m}{\text{C}\text{o}\text{s}\text{t}}_{cluster,j}+\sum\:_{j=1}^{m}{\text{C}\text{o}\text{m}\text{m}}_{j}+{\text{C}\text{o}\text{m}\text{p}}_{C}$$
(60)

Where:

\(\:{\text{C}\text{o}\text{s}\text{t}}_{cluster,j}\): Clustering cost for \(\:{C}_{j}\), measuring intra-cluster communication and computational overhead.

$$\:{\text{C}\text{o}\text{s}\text{t}}_{cluster,j}=\sum\:_{{D}_{i}\in\:{C}_{j}}({w}_{1}\cdot\:{d}_{i,j}+{w}_{2}\cdot\:{load}_{i})$$
(61)
  1. 1.

    \(\:{d}_{i,j}\): Distance (physical or signal-based) between device \(\:{D}_{i}\) and edge node \(\:{E}_{j}\).

  2. 2.

    \(\:{load}_{i}\): Computational load of \(\:{D}_{i}\).

  3. 3.

    \(\:{w}_{1},\:{w}_{2}\): Weights (e.g., normalized to sum to 1).

\(\:{\text{C}\text{o}\text{m}\text{m}}_{j}\): Communication cost from Step 8.

$$\:{Comm}_{j}=\left|{\:c}_{j}\right|+\:\left|{{\Pi\:}}_{j}\right|+\left|{\:ID}_{{E}_{j}}\right|$$
(62)

\(\:{\mathbf{C}\mathbf{o}\mathbf{m}\mathbf{p}}_{\varvec{C}}\): Cloud computational cost from Step 9.

$$\:{Comp}_{C}=\sum\:_{{E}_{j}\in\:E}\left({\text{C}\text{o}\text{s}\text{t}}_{Dec}\left({c}_{j}\right)+\sum\:_{\:{\pi\:}_{i}\in\:{{\Pi\:}}_{j}}{Cost}_{ZKP}\left(\left|{\pi\:}_{i}\left(t\right)\right|\right)+{Cost}_{Agg}\left({a}_{j}\right)\right)$$
(63)

Edge update: Edge nodes update clusters and key policies.

$$\:{C}_{j}\left(t+1\right)=\text{U}\text{p}\text{d}\text{a}\text{t}\text{e}\:\left({C}_{j}\left(t\right),\:{\theta\:}^{{\prime\:}}(t+1)\right)$$
(64)

Where:

  1. 1.

    \(\:\text{U}\text{p}\text{d}\text{a}\text{t}\text{e}\): Re-clustering function (e.g., re-run k-means with new \(\:{\theta\:}^{{\prime\:}}(t+1)\), or adjust graph edges).

  2. 2.

    \(\:{C}_{j}\left(t+1\right)\): Updated cluster assignments for devices in \(\:{C}_{j}.\).

  3. 3.

    \(\:{f}_{update}={\delta\:}^{{\prime\:}}\left(t+1\right)\): New key update frequency (e.g., 0.5 updates/hour).

Feedback transmission: Encrypt and send parameters.

$$\:{c}_{\theta\:,j}={\text{E}\text{n}\text{c}}_{{pk}_{{E}_{j}}}({\theta\:}^{{\prime\:}}\left(t+1\right),\:{\delta\:}^{{\prime\:}}\left(t+1\right))$$
(65)

Where \(\:\text{E}\text{n}\text{c}\) uses Ring-LWE, and \(\:{c}_{\theta\:,j}\) is sent over the secure channel from Step 1.

Optimization algorithm: The \(\:\text{O}\text{p}\text{t}\text{i}\text{m}\text{i}\text{z}\text{e}\) function uses.

Gradient descent: Minimize \(\:{Cost}_{system}\) by iterating :

$$\:{\theta\:}^{{\prime\:}}\left(t+1\right)=\theta\:\left(t\right)-\eta\:\cdot\:{\nabla\:}_{\theta\:}{Cost}_{system}$$
(66)
$$\:{\delta\:}^{{\prime\:}}\left(t+1\right)=\delta\:\left(t\right)-\eta\:\cdot\:{\nabla\:}_{\delta\:}{Cost}_{system}$$
(67)

Where \(\:\eta\:\) is the learning rate (e.g., 0.01).

Reinforcement learning: Use Q-learning with state \(\:network\_params\left(t\right)\), actions \(\:\left\{{\theta\:}^{{\prime\:}},\:{\delta\:}^{{\prime\:}}\right\}\), and reward.

$$\:R\left(t\right)=-{Cost}_{system}+\alpha\:\cdot\:security\left(t\right)$$
(68)

Where \(\:security\left(t\right)\) reflects key freshness and cluster robustness.

Table 2 Table: symbols and Meanings.
Full size table

Security analysis of Q-PRADAX

This section evaluates the security of the Q-PRADAX system against the specified adversary model in Sect. 3, focusing on its resilience to key threats in Internet of Medical Things: eavesdropping, data tampering, collusion attacks, quantum attacks, and denial-of-service (DoS) attacks. Table 3 summarizes the security analysis of Q-PRADAX.

Eavesdropping security analysis

The Q-PRADAX system robustly defends against eavesdropping attacks, where adversaries attempt to intercept encrypted health data, cryptographic keys, or feedback parameters during transmission between IoMT devices \(\:{(D}_{i})\), edge nodes \(\:{(E}_{j})\), and the cloud \(\:\left(C\right)\) to extract sensitive information like heart rate or glucose levels, presenting a formidable challenge due to its quantum-resilient, multi-layered cryptographic defenses. Q-PRADAX employs Ring-LWE-based post-quantum cryptography for encryption in Steps 3 (\(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{j}}\left({\:x}_{i}\left(t\right)\right)\)), step 8 (\(\:{c}_{j}={\text{E}\text{n}\text{c}}_{{pk}_{C}}\left({a}_{j}\right)\)), and step 10 (\(\:{c}_{\theta\:,j}={\text{E}\text{n}\text{c}}_{{pk}_{{E}_{j}}}({\theta\:}^{{\prime\:}}\left(t+1\right),\:{\delta\:}^{{\prime\:}}\left(t+1\right))\)), operating over \(\:{R}_{q}={\mathbb{Z}}_{12289}\left[x\right]/({x}^{512}+1)\) with security parameter \(\: { \leftthreetimes } =256\). Secure channels using TLS 1.3 with AES-256-GCM in Steps 4 (BLE/Zigbee) and 8 (5G/Wi-Fi) provide additional encryption, while zk-SNARK zero-knowledge proofs (\(\:{\pi\:}_{i}\left(t\right)=\:\text{Z}\text{K}\text{P}.\,\text{P}\text{r}\text{o}\text{v}\text{e}({sk}_{i},\) \(\:{\:x}_{i}\left(t\right),\:{ID}_{i},\:\text{s}\text{t}\text{m}\text{t})\)) in Steps 3, 6, and 9 ensure that intercepted proofs reveal only statements like: \(\:{x}_{i}\left(t\right)\in\:{R}_{valid}\).

Theorem 1

(Eavesdropping Resistance): Assuming the hardness of the Ring-LWE problem over \(\:{R}_{q}={\mathbb{Z}}_{12289}\left[x\right]/({x}^{512}+1)\) and the zero-knowledge property of zk-SNARKs, an eavesdropper intercepting packets \(\:{P}_{i}\left(t\right)=\left({\:c}_{i}\left(t\right),\:{\:\pi\:}_{i}\left(t\right),{\:ID}_{i}\right)\) where \(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{j}}\left({\:x}_{i}\left(t\right)\right)\), cannot recover the plaintext health data\(\:{\:x}_{i}\left(t\right)\) or (e.g., heart rate) or cryptographic keys with non-negligible probability.

Proof

Q-PRADAX security against eavesdropping rests on three integrated mechanisms: (1) Ring-LWE semantic security, where ciphertexts \(\:{c}_{i}\left(t\right)=(u,v)\), with \(\:u=a\cdot\:s+{e}_{1}\), \(v = pk_{j} \cdot \:s + e_{2} + \left\lfloor {q/p} \right\rfloor \cdot \:\:x_{i} \left( t \right)\), are indistinguishable from random polynomials due to the hardness of the Ring-LWE problem, equivalent to lattice problems like Shortest Vector Problem (SVP), with decryption probability \(\:<{2}^{-256}\). (2) TLS 1.3 CPA-secure AES-256-GCM, ensuring packet confidentiality unless the session key is broken, requiring \(\:{2}^{128}\) operations; and (3) zk-SNARKs’ zero-knowledge property, where \(\:{\pi\:}_{i}\left(t\right)\) is simulatable without \(\:{x}_{i}\left(t\right)\), with distinguishing probability \(\:<{2}^{-256}\), and soundness ensuring only valid proofs pass verification.\(\square\)

Data tampering security analysis

The Q-PRADAX framework robustly counters data tampering attacks, where adversaries attempt to alter health data (e.g., modifying heart rate values) or aggregated results during transmission or processing to mislead healthcare decisions, presenting a significant challenge to data integrity in IoMT. Q-PRADAX employs zk-SNARK zero-knowledge proofs \(\:{\pi\:}_{i}\left(t\right)\) in Steps 3, 6, and 9 to prove data validity \(\:{x}_{i}\left(t\right)\in\:{R}_{valid}\), e.g., heart rate in [40, 180] bpm) and authenticity (signed by \(\:{D}_{i}\)), with edge nodes (Step 6) and the cloud (Step 9) verifying \(\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)=True\), discarding invalid packets. TLS/QUIC with HMAC-SHA256 in Steps 4 (BLE/Zigbee) and 8 (5G/Wi-Fi) ensures transmission integrity, while Step 9 stores data \(\:S=\left\{{\:(c}_{j},{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j})\right\}\) with SHA-256 hashes in \(\:{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j}=({t}_{j},{ID}_{{E}_{j}},\:\left|{C}_{j}\right|,\:ag{g}_{type},\:hash\left({c}_{j}\right))\) to detect modifications.

Theorem 2

(Data Tampering Resistance): Under the soundness of zk-SNARKs and the collision resistance of SHA-256, Q-PRADAX ensures that any tampered data \(\:{\:x}_{i}\left(t\right)\) \(\:\notin\:{R}_{valid}\) d or modified packets are rejected by verification in steps 6 or 9 with non-negligible probability.

Proof

Q-PRADAX integrity protection integrates three mechanisms: (1) zk-SNARKs’ soundness ensures \(\:\text{Z}\text{K}\text{P}.\text{V}\text{e}\text{r}\text{i}\text{f}\text{y}\left({pk}_{i},\:{\pi\:}_{i}\left(t\right),\:stmt\right)=True\) only if \(\:{x}_{i}\left(t\right)\in\:{R}_{valid}\) and is signed by \(\:{sk}_{i}\), with a negligible soundness error (\(\:<{2}^{-256}\)) for \({ \leftthreetimes } =256\), rejecting tampered data (e.g., heart rate = 300 bpm) as 300 \(\:\notin\:\) [40,180], (2) TLS HMAC-SHA256 detects in-transit modifications to packets \(\:{P}_{i}\left(t\right)\) or \(\:{P}_{j}\), with collision probability \(\:<{2}^{-128}\), triggering retransmission or rejection; and (3) SHA-256 hashes in \(\:{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j}\) ensure stored \(\:{c}_{j}\) remains unchanged, with collision probability \(\:<{2}^{-256}\).\(\square\)

Collusion attacks security analysis

The Q-PRADAX framework robustly counters collusion attacks, where multiple compromised IoMT devices (\(\:{D}_{i})\) or edge nodes (\(\:{E}_{i})\) attempt to infer sensitive health data (e.g., reconstruct \(\:{x}_{i}\left(t\right)\) such as heart rate) or disrupt aggregation by submitting invalid data, presenting a complex challenge in large-scale IoMT. Q-PRADAX employs zk-SNARK zero-knowledge proofs \(\:\left({\pi\:}_{i}\left(t\right)\right)\) in Steps 3, 6, and 9 to ensure no data beyond validity \(\:({x}_{i}\left(t\right)\in\:{R}_{valid})\) and authenticity is revealed, distributed clustering in Step 5 to confine compromised devices to clusters \(\:{C}_{j}\), dynamic key updates in Step 7 with frequency \(\:{f}_{update}\in\:\left[\text{0.1,1}\right]\) updates/hour, and privacy-preserving aggregation in Steps 6 and 9 to obscure individual \(\:{x}_{i}\left(t\right)\).

Theorem 3

(Collusion Resistance): Assuming the zero-knowledge property of zkSNARKs and Ring-LWE hardness, colluding devices in cluster \(\:{C}_{j}\) cannot infer individual data \(\:{\:x}_{i}\left(t\right)\) from other devices or produce invalid aggregates \(\:{a}_{j}\) with nonnegligible probability, due to privacy-preserving proofs and isolated clustering.

Proof

Q-PRADAX defense against collusion integrates four mechanisms: (1) zk-SNARKs’ zero-knowledge property ensures \(\:{\pi\:}_{i}\left(t\right)=\text{Z}\text{K}\text{P}.\text{P}\text{r}\text{o}\text{v}\text{e}({sk}_{i},{\:x}_{i}\left(t\right),\:{ID}_{i},\:\text{s}\text{t}\text{m}\text{t})\) is simulatable without revealing \(\:{\:x}_{i}\left(t\right)\), with distinguishing probability \(\:<{2}^{-256}\), and even colluding devices in \(\:{C}_{j}\) cannot decrypt \(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{{E}_{j}}}\left({\:x}_{i}\left(t\right)\right)\) without \(\:{sk}_{{E}_{j}}\), protected by Ring-LWE semantic security over \(\:{R}_{q}={\mathbb{Z}}_{12289}\left[x\right]/({x}^{512}+1)\), 2) clustering constraints (\(\:{dist\:(D}_{i},{E}_{j})\le\:\theta\:)\) isolate compromised devices to \(\:{C}_{j}\), and a compromised \(\:{E}_{j}\) cannot access \(\:{c}_{i}\left(t\right)\) from other clusters \(\:{C}_{k}\) due to lacking \(\:{sk}_{{E}_{k}}\); (3) key updates triggered by \(\:\text{U}\text{p}\text{d}\text{a}\text{t}\text{e}\left(\text{t}\right)=1\) if \(\:{\varDelta\:}_{network}\left(t\right)\)= \(\:{w}_{1}\cdot\:mobility\:\left(t\right)+{w}_{2}\cdot\:failures\:\left(t\right)+{w}_{3}\cdot\:SN{R}_{change\left(t\right)}>\delta\:=0.1\), optimized by an ML model with reward \(\:R\left(t\right)=\alpha\:\cdot\:security\:\left(t\right)-\beta\:\cdot\:overhead\:\left(t\right)\), limit compromised key validity; and (4) aggregation (e.g., sum, average) in Step 6 produces \(\:{a}_{j}\) that obscures individual \(\:{x}_{i}\left(t\right)\), preventing reverse-engineering even by colluding nodes.\(\square\)

Quantum attacks security analysis

The Q-PRADAX framework robustly counters quantum attacks, where adversaries wielding quantum computers attempt to break cryptographic schemes to decrypt sensitive health data (e.g., \(\:{\:x}_{i}\left(t\right)\), such as heart rate) or forge keys, exploiting vulnerabilities in traditional cryptography like RSA and ECC, posing a significant threat to IoMT. Q-PRADAX employs Ring-LWE-based post-quantum cryptography for all cryptographic operations, key generation (Step 1), encryption (Steps 3, 6, 8, 10), and key distribution (Step 7), using parameters \(\:q=12289,\:n=512\), and security parameter \(\: { \leftthreetimes } =256\), alongside zk-SNARKs with quantum-resistant assumptions (e.g., knowledge of exponent) in Steps 3, 6, and 9, ensuring resilience even as TLS transitions to PQC.

Theorem 4

(Quantum Attack Resistance): Under the hardness of Ring-LWE and quantum-resistant zk-SNARK assumptions (e.g., knowledge of exponent), QPRADAX ensures that quantum adversaries cannot decrypt ciphertexts \(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{j}}\left({\:x}_{i}\left(t\right)\right)\)or forge valid zk-SNARK proofs \(\:{\:\pi\:}_{i}\left(t\right)\) with non-negligible probability.

Proof

Q-PRADAX quantum resilience integrates two key mechanisms: (1) Ring-LWE security, based on lattice problems like Shortest Vector Problem (SVP) and Closest Vector Problem (CVP), remains hard for quantum computers, with no known algorithms solving Ring-LWE in polynomial time for \(\:q=12289,\:n=512\), the best quantum attacks require exponential time (\(\:{\approx\:2}^{n/2}\approx\:{2}^{256})\) operations, matching NIST PQC standards like CRYSTALS-KYBER, ensuring ciphertexts \(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{{E}_{j}}}\left({\:x}_{i}\left(t\right)\right)\) in Step 3 are secure; 2) zk-SNARKs’ quantum resilience, using pairing-based cryptography or hash-based commitments with large-field parameters, upholds the knowledge of exponent assumption against quantum adversaries, with negligible forging probability \(\:(<{2}^{-256})\).\(\square\)

Denial-of-Service (DoS) security analysis

The Q-PRADAX framework effectively mitigates Denial-of-Service (DoS) attacks, where adversaries attempt to overload resource-constrained IoMT devices (\(\:{D}_{i})\) or edge nodes (\(\:{E}_{i})\) by triggering excessive data collection, transmission, or processing, aiming to disrupt data aggregation and healthcare operations in IoMT. Q-PRADAX employs resource constraints in Step 2 (\(\:{C}_{i}<{C}_{max}=\)1 FLOPS, \(\:{{E}_{i}\le\:E}_{max}=200\:mAh\)), reliable transmission in Steps 4 and 8 using ARQ with \(\:{\text{P}}_{\text{s}\text{u}\text{c}\text{c}\text{e}\text{s}\text{s}}={e}^{-\gamma\:\cdot\:{SNR}^{-1}}\) and adaptive modulation, cluster size limits in Step 5, and dynamic updates in Steps 7 and 10 to adapt to disruptions by adjusting \(\:{f}_{update}\) and cluster parameters.

Theorem 5

(DoS Resistance): Q-PRADAX ensures that DoS attacks triggering excessive computation or transmission on devices (\(\:{D}_{i})\) or edge nodes (\(\:{E}_{i})\) are mitigated with high probability, leveraging resource constraints, reliable transmission, and adaptive clustering to maintain data aggregation under adversarial overload.

Proof

Q-PRADAX DoS resilience integrates four mechanisms: (1) resource constraints limit malicious triggers, as data collection in Step 2 at \(\:\varDelta\:t=\) 1 s \(\:consumes\approx\:{10}^{4}\) cycles/sample, well within \(\:{C}_{max}\), and transmission energy \(\:{\text{E}}_{\text{t}\text{r}\text{a}\text{n}\text{s},\:\:\text{i}}=\alpha\:\cdot\:{\text{C}\text{o}\text{m}\text{m}}_{\text{i}}+\beta\:\cdot\:{d}_{i,j}^{2}\le\:{\text{E}}_{\text{m}\text{a}\text{x}}\) prevents exhaustion; (2) transmission reliability ensures \(\:{\text{P}}_{\text{s}\text{u}\text{c}\text{c}\text{e}\text{s}\text{s}}\approx\:0.99\), SNR=20dB, with ARQ retries and adaptive modulation (e.g., QPSK to BPSK) countering jamming; (3) cluster size limits restrict edge node processing to \(\:{\text{C}\text{o}\text{m}\text{m}}_{\text{j}}\approx\:260\:kB\), within \(\:{C}_{{E}_{j}}\approx\:10GFLOPS\); and (4) adaptive updates via Step 10 \(\:\text{O}\text{p}\text{t}\text{i}\text{m}\text{i}\text{z}\text{e}(\text{A},\:network\_params(t\left)\right)\) minimize \(\:{Cost}_{system}\), tightening \(\:{\theta\:}^{{\prime\:}}\left(t+1\right)\) and increasing \(\:{f}_{update}\) when \(\:{failures}_{j}\) or \(\:\text{t}\text{h}\text{r}\text{e}\text{a}\text{t}\_\text{l}\text{e}\text{v}\text{e}\text{l}\:\)rise, isolating affected nodes.\(\square\)

Table 3 Security analysis of Q-PRADAX.
Full size table

Experimental setup for Q-PRADAX evaluation

This section details the experimental setup for evaluating the Q-PRADAX system, designed to rigorously assess its performance in IoMT. The evaluation is structured into three subsections: simulation environment and network configuration, Q-PRADAX simulation scenarios, the performance metrics.

Simulation environment and network configuration

The Q-PRADAX system is evaluated using the OMNeT + + 6.0.3 discrete event simulator with the INET 4.5 framework, customized to model IoMT with high accuracy, running on a high-performance computing cluster equipped with a 64-core AMD EPYC processor, 256 GB RAM, and Ubuntu 20.04 LTS operating system. The network consists of \(\:n\)=1000 IoMT devices, \(\:m=\)50 edge nodes, and one cloud server, with devices modeled as 32-bit ARM Cortex-M4 processors (80 MHz clock speed, 512 KB SRAM, 1 MB Flash), powered by 200 mAh batteries and equipped with BLE 5.0/Zigbee radios (10 mW transmit power, 250 kbps data rate, 10-meter range). Edge nodes are configured as Raspberry Pi 4 equivalents (1.5 GHz quad-core CPU, 4 GB RAM, 3000 mAh battery) with Wi-Fi connectivity (1 Mbps), and the cloud server is a virtualized instance with 16 vCPUs and 64 GB RAM. The network topology uses distributed clustering (Step 5), with cluster sizes limited to \(\:\left|{C}_{j}\right|\le\:100\:\)devices, spatial constraints ensuring \(\:Dist({D}_{i},{E}_{j})\le\:\)10 m, and signal-to-noise ratio (SNR) ranging from 10 to 30 dB to simulate interference from co-located networks or medical equipment. Cryptographic parameters include Ring-LWE encryption (\(\:q=12289,\:n=512,\:\chi\:={{\Psi\:}}_{16},\:\text{s}\text{e}\text{c}\text{u}\text{r}\text{i}\text{t}\text{y}\:\text{p}\text{a}\text{r}\text{a}\text{m}\text{e}\text{t}\text{e}\text{r}\: { \leftthreetimes } =256\)), zk-SNARK proofs (Groth16, proof size ~ 0.3 kB, verification time ~0.5 ms), and TLS 1.3 with AES-256-GCM/HMAC-SHA256 for secure channels. Dynamic key updates (Step 7) occur at a frequency \(\:{f}_{update}\) in [0.1,1] updates/hour. Device mobility is modeled at an average speed of 0.5 m/s (e.g., patient movement), with packet loss rates of 1–5% due to channel fading. Simulations run for \(\:T=24\) hours capturing realistic IoMT dynamics such as intermittent connectivity and varying data rates (128-byte payloads every 1 s)25,26,27.

Q-PRADAX simulation scenarios

The Q-PRADAX simulation scenarios, implemented using tailored C + + OMNeT + + modules that model Steps 1–10 within the Sect. 6.1 simulation environment, evaluate the system scalability, security, and efficiency under realistic IoMT conditions across four 24-hour scenarios, testing computational efficiency, energy consumption, communication overhead, and fault tolerance with ciphertext sizes ~ 4 kB, proof sizes ~ 0.3 kB, and aggregation latency ≤ 500 ms, with data integrity ensured by SHA-256 hashes in \(\:{\text{m}\text{e}\text{t}\text{a}\text{d}\text{a}\text{t}\text{a}}_{j}=({t}_{j},{ID}_{{E}_{j}},\:\left|{C}_{j}\right|,\:ag{g}_{type},\:hash\left({c}_{j}\right))\). A Baseline Scenario uses a stable network (n = 1000 devices, m = 50 edge nodes, SNR = 20 dB, no attacks, data collection every Δt = 1 s for heart rate in [40, 180] bpm or glucose levels) to test aggregation functions (sum, average) in Steps 6 and 9; a High-Density Scenario scales to \(\:n=5000\), \(\:\left|{C}_{j}\right|\)≤ 200, with mobility (1 m/s), 2% packet loss, and 256 bytes/s data rates to assess clustering scalability; an Attack-Resilience Scenario introduces 5% compromised devices (50 \(\:{D}_{i}\)), 2 rogue edge nodes (\(\:{E}_{j}\)), eavesdropping, tampering, collusion, and 10% jamming (SNR=10 dB) to evaluate security via zk-SNARK verification (Step 3), TLS/QUIC checks (Step 4), and key updates (Step 7); and an Energy-Constrained Scenario with 100 mAh devices, 1500 mAh edge nodes, \(\:{f}_{update}\)=1/hour, and 5% packet loss tests energy efficiency and resource management (Step 10), with attack detection and uptime recorded to assess resilience.

Performance metrics

The performance evaluation of the Q-PRADAX system focuses on six key metrics to quantitatively assess its efficiency, scalability, reliability, and security across all Q-PRADAX scenarios. The metrics are:

  1. 1.

    Computational Efficiency: Average latency (in milliseconds) for encryption (\(\:{\:c}_{i}\left(t\right)={\text{E}\text{n}\text{c}}_{{pk}_{j}}\left({\:x}_{i}\left(t\right)\right)\)), zk-SNARK proof generation and verification, and aggregation, measured across device and edge workloads.

  2. 2.

    Communication Overhead: Average packet size and bandwidth usage (in kbps per device and cluster) for BLE/Zigbee and 5G/Wi-Fi traffic.

  3. 3.

    Energy Consumption: Energy per packet (in millijoules) for transmission, encryption, and proof generation.

  4. 4.

    Scalability: Cluster size growth and aggregation latency scaling in high-density scenarios (n = 5000 devices), ensuring efficient network expansion.

  5. 5.

    Fault Tolerance: Packet delivery ratio (PDR) under jamming and Byzantine faults (5% compromised devices), and system uptime in attack-resilience scenarios, measured via transmissions and reconfiguration times.

  6. 6.

    Security Metrics: Attack detection rate (e.g., tampering rejection via zk-SNARKs, key update success rate, and false positive rate for invalid data, ensuring protection against eavesdropping, tampering, and collusion.

Result and discussion

This section provides a comprehensive analysis of Q-PRADAX performance, focusing on: Computational Efficiency, Energy Consumption, Communication Overhead, Security cost, Fault Tolerance.

Computational efficiency

Q-PRADAX optimizes the processing of critical health data on resource-constrained IoMT devices (e.g., ARM Cortex-M4, 80 MHz, 512 KB SRAM) and edge nodes (e.g., Raspberry Pi 4, 1.5 GHz, 4 GB RAM), ensuring efficient execution of Ring-LWE encryption, zk-SNARK proof generation/verification, and data aggregation in dynamic IoMT networks. Performance was rigorously evaluated using OMNeT + + 6.0.3 with INET 4.5 on a 64-core AMD EPYC 7742 cluster, simulating 100 independent runs with varying random seeds to measure latency, throughput, and memory usage across four scenarios: Baseline, High-Density, Attack-Resilience, and Energy-Constrained. Key metrics, summarized in Table 4, include encryption latency, proof generation/verification times, aggregation latency, per-device throughput, and memory utilization, validated for 128-byte payloads (e.g., ECG samples at 1 Hz). In the Baseline scenario (1000 devices, 50 edge nodes, SNR = 20 dB, 1% packet loss), Q-PRADAX achieves an encryption latency of 8.1 ms (SD = 0.3 ms), zk-SNARK proof generation of 4.7 ms (SD = 0.2 ms), verification of 0.38 ms (SD = 0.02 ms), aggregation latency of 40 ms (SD = 1.5 ms), throughput of 100 packets/s/device, device memory usage of 400 kB (80% SRAM), and edge node memory of 2.5 GB (63% RAM), demonstrating scalability and efficiency. The High-Density scenario (5000 devices, 2% packet loss) sustains encryption at 8.2 ms, proof generation at 4.8 ms, verification at 0.39 ms, aggregation at 47 ms, throughput at 95 packets/s, device memory at 405 kB, and edge memory at 3 GB (75% RAM), handling increased network load with minimal degradation. The Attack-Resilience scenario (5% compromised devices, 10% jamming) ensures 100% tampering rejection (e.g., invalid heart rate of 250 bpm rejected) with encryption at 8.3 ms, proof generation at 4.7 ms, verification at 0.42 ms, aggregation at 45 ms, throughput at 98 packets/s, device memory at 410 kB, and edge memory at 2.8 GB, maintaining robust security under adversarial conditions. The Energy-Constrained scenario (100 mAh devices, 5 mW transmit power) optimizes for low power, achieving encryption at 8.4 ms, proof generation at 4.8 ms, verification at 0.40 ms, aggregation at 42 ms, throughput at 90 packets/s, and reduced device memory of 380 kB (76% SRAM) by leveraging compressed zk-SNARK proofs (~ 0.3 kB), extending battery life to ~ 6 h. These results, validated across diverse network conditions, confirm Q-PRADAX ability to deliver high computational efficiency, supporting real-time healthcare applications while meeting IoMT stringent resource constraints.

Table 4 Computational efficiency metrics of Q-PRADAX.
Full size table

Energy consumption

Energy efficiency is a cornerstone of Q-PRADAX, enabling battery-powered IoMT devices (e.g., ARM Cortex-M4, 80 MHz, 200 mAh, 3.3 V) and edge nodes (e.g., Raspberry Pi 4, 1.5 GHz, 4 GB RAM) to support continuous health monitoring in resource-constrained environments. Energy consumption was evaluated using OMNeT + + 6.0.3 with INET 4.5 on a 64-core AMD EPYC 7742 cluster, averaging 100 independent runs with random seeds across four scenarios: Baseline, High-Density, Attack-Resilience, and Energy-Constrained. Metrics, summarized in Table 5, include per-packet energy consumption, battery life, and energy efficiency ratio (EER, packets/J) for 128-byte payloads (e.g., ECG samples at 1 Hz). In the Baseline scenario (1000 devices, 50 edge nodes, SNR = 20 dB, 1% packet loss), devices consume 0.40 mJ/packet (transmission: 0.23 mJ, Ring-LWE encryption: 0.10 mJ, zk-SNARK proof: 0.07 mJ; SD = 0.015 mJ), achieving 27.2 h of battery life (22.8 J, 57,600 packets, 79% of 200 mAh capacity) with an EER of 2500 packets/J, while edge nodes use 1.6 mJ/packet (SD = 0.05 mJ, EER: 625), supporting scalable aggregation. The High-Density scenario (5000 devices, 2% packet loss) increases device energy to 0.44 mJ/packet (transmission: 0.26 mJ due to higher contention; SD = 0.018 mJ), yielding 25.0 h (25.3 J, 88% capacity, 56,818 packets, EER: 2273), with edge energy at 1.8 mJ/packet (SD = 0.06 mJ, EER: 556), reflecting robust performance under load. The Attack-Resilience scenario (5% compromised devices, SNR = 10 dB, 10% jamming) consumes 0.46 mJ/packet (transmission: 0.27 mJ with ARQ, success probability = 0.99; SD = 0.020 mJ), providing 23.8 h (26.5 J, 92% capacity, 57,609 packets, EER: 2174) and edge energy at 1.9 mJ/packet (SD = 0.07 mJ, EER: 526), ensuring 100% tampering rejection (e.g., invalid heart rate of 250 bpm rejected). The Energy-Constrained scenario (100 mAh, 360 J, 5 mW TX power) optimizes device energy to 0.38 mJ/packet (transmission: 0.21 mJ, encryption: 0.10 mJ, proof: 0.07 mJ at 0.5 Hz; SD = 0.012 mJ), supporting 6.0 h (20.5 J, 21,600 packets, 85% capacity, EER: 2632), with edge energy at 1.5 mJ/packet (SD = 0.04 mJ, EER: 667) via reduced proof frequency. These results, validated across diverse conditions, demonstrate Q-PRADAX’s ability to maximize battery life and energy efficiency, enabling reliable, long-term health monitoring in IoMT ecosystems.

Table 5 Energy efficiency metrics of Q-PRADAX.
Full size table

Communication overhead

Q-PRADAX optimizes data exchange for battery-powered IoMT devices (e.g., ARM Cortex-M4, 80 MHz, 200 mAh, 3.3 V, BLE/Zigbee at 250 kbps) and edge nodes (e.g., Raspberry Pi 4, 1.5 GHz, 4 GB RAM, 1 Mbps 5G/Wi-Fi), ensuring efficient and scalable communication in dynamic IoMT networks. Communication overhead, bandwidth, and message complexity were evaluated using OMNeT + + 6.0.3 with INET 4.5 on a 64-core AMD EPYC 7742 cluster, averaging 100 independent runs with random seeds across four scenarios: Baseline, High-Density, Attack-Resilience, and Energy-Constrained. Metrics, summarized in Table 6, include per-packet overhead, bandwidth consumption, and messages per operation for 128-byte payloads (e.g., ECG samples at 1 Hz), targeting ≤ 5 kB overhead, ≤ 10 kbps bandwidth, and ≤ 200 messages/operation. In the Baseline scenario (1000 devices, 50 edge nodes, SNR = 20 dB, 1% packet loss), devices achieve a packet overhead of 4.46 kB (128 bytes payload, 4 kB Ring-LWE ciphertext, 0.3 kB zk-SNARK proof, 32 bytes header; SD = 0.05 kB), bandwidth of 4.46 kbps at 1 Hz (SD = 0.04 kbps), and 50 messages/operation (SD = 2), meeting all targets and supporting efficient data exchange. The High-Density scenario (5000 devices, 2% packet loss) increases overhead to 4.59 kB (SD = 0.06 kB) and bandwidth to 4.59 kbps (SD = 0.05 kbps) with 100 messages/operation (SD = 3), reflecting larger payloads (e.g., 150 bytes for multi-vital data) mitigated by adaptive clustering, which maintains 99.7% packet delivery. The Attack-Resilience scenario (5% compromised devices, SNR = 10 dB, 10% jamming) raises overhead to 4.76 kB (SD = 0.07 kB) and bandwidth to 4.76 kbps (SD = 0.06 kbps) with 120 messages/operation (SD = 4) due to ARQ retransmissions (success probability = 0.99), ensuring 100% tampering rejection (e.g., invalid heart rate of 250 bpm rejected). The Energy-Constrained scenario (100 mAh, 360 J, 5 mW TX power) optimizes overhead to 4.43 kB (SD = 0.04 kB), bandwidth to 2.22 kbps (SD = 0.03 kbps), and complexity to 25 messages/operation (SD = 1) by reducing proof frequency to 0.5 Hz (0.15 kB proof), extending battery life to ~ 6 h but limiting data frequency. These low overheads enable scalable IoMT operation (up to 5000 devices), though the Attack-Resilience scenario trades efficiency for security, and the Energy-Constrained scenario’s reduced bandwidth suggests adaptive proof scheduling (e.g., dynamic proof triggers based on data criticality) could further balance monitoring needs.

Table 6 Network overhead metrics of Q-PRADAX.
Full size table

Security cost

The Q-PRADAX framework ensures robust security for sensitive health data in Internet of Medical Things (IoMT) applications through its integration of Ring-LWE encryption (q = 12289, n = 512, λ = 256), Groth16 zk-SNARK proofs, TLS/QUIC secure channels, and dynamic key updates, incurring computational and energy overheads optimized for resource-constrained wearables (ARM Cortex-M4, 200 mAh). Evaluated using OMNeT + + 5.7 with INET 4.3 on a 64-core AMD EPYC cluster (256 GB RAM, Ubuntu 20.04 LTS), security costs were assessed across four scenarios, as summarized in Table 7. In the Baseline scenario (n = 1000 devices, m = 50 clusters, SNR = 20 dB, 1% packet loss, 128-byte payloads), Q-PRADAX achieves a security latency of 12.5 ms/packet (7.8 ms for encryption, 4.5 ms for zk-SNARK proof generation, 0.2 ms for verification), energy consumption of 0.15 mJ/packet (0.08 mJ for encryption), 100% tampering detection (e.g., rejecting blood pressure = 300 mmHg), 100% collusion resistance, a 10 ms key update latency, and a 30% processing ratio, meeting design targets (latency ≤ 15 ms, energy ≤ 0.2 mJ/packet, detection ≥ 99.8%). In the High-Density scenario (n = 5000, 256-byte payloads), latency increases to 13.0 ms/packet and energy to 0.16 mJ/packet, maintaining 100% tampering detection and 99.9% collusion resistance. The Attack-Resilience scenario (5% compromised devices, SNR = 10 dB, 10% jamming) elevates latency to 13.5 ms/packet and energy to 0.17 mJ/packet, with 100% tampering detection and 99.8% collusion resistance, bolstered by enhanced zk-SNARK verification checks to counter adversarial threats. In the Energy-Constrained scenario (100 mAh, 5 mW transmit power), Q-PRADAX optimizes to 12.2 ms/packet latency and 0.14 mJ/packet energy, using reduced proof frequency (0.5 Hz, 0.15 kB proof size), achieving 99.9% tampering detection. These low overheads enable efficient, secure operation for real-time IoMT applications like ECG monitoring, though the Attack-Resilience scenario trades efficiency for enhanced threat mitigation, and the Energy-Constrained scenario lower proof frequency reduces data granularity to prioritize power savings, ensuring patient safety and system reliability in resource-limited environments.

Table 7 Security cost metrics of Q-PRADAX.
Full size table

Fault tolerance

Fault tolerance was rigorously evaluated using OMNeT + + 6.0.3 with INET 4.5 on a 64-core AMD EPYC 7742 cluster, averaging 100 independent runs with random seeds to assess devices (e.g., ARM Cortex-M4, 80 MHz, 200 mAh, BLE/Zigbee at 250 kbps) and edge nodes (e.g., Raspberry Pi 4, 1.5 GHz, 4 GB RAM, 1 Mbps 5G/Wi-Fi). Metrics, summarized in Table 8, include packet delivery rate (PDR), fault recovery time, and data integrity for 128-byte payloads (e.g., ECG samples at 1 Hz), targeting PDR ≥ 99.5%, recovery time ≤ 250 ms, and integrity ≥ 99.9%. In the Baseline scenario (1000 devices, 50 edge nodes, SNR = 20 dB, 1% packet loss), Q-PRADAX achieves a 99.9% PDR (SD = 0.1%), 145 ms recovery time (SD = 5 ms) via adaptive reclustering (Step 5, k-means, ~ 50 ms) and OLSR rerouting (~ 95 ms), and 100% data integrity (e.g., invalid heart rate of 280 bpm rejected by zk-SNARKs), meeting all targets. The High-Density scenario (5000 devices, 2% packet loss) records a 99.7% PDR (SD = 0.15%), 175 ms recovery time (SD = 7 ms) due to increased reclustering overhead (~ 60 ms), and 100% integrity, reflecting scalability challenges under higher network load. The Attack-Resilience scenario (5% compromised devices, SNR = 10 dB, 10% jamming, 5% Byzantine faults) yields a 99.5% PDR (SD = 0.2%), 210 ms recovery time (SD = 10 ms) with enhanced ARQ and Byzantine fault-tolerant consensus (~ 120 ms), and 100% integrity, ensuring robust security against adversarial conditions. The Energy-Constrained scenario (100 mAh, 360 J, 5 mW TX power) optimizes to a 99.8% PDR (SD = 0.12%), 135 ms recovery time (SD = 4 ms) via lightweight reclustering (~ 45 ms), and 99.9% integrity with reduced proof frequency (0.5 Hz, 0.15 kB proof), trading minor integrity for power efficiency critical for wearables (6-hour battery life. These robust metrics, validated across diverse conditions, confirm Q-PRADAX’s reliability for IoMT, though the Attack-Resilience scenario’s longer recovery time reflects a security-efficiency trade-off, and the Energy-Constrained scenario’s reduced proof frequency suggests adaptive proof scheduling could further optimize integrity and power balance.

Table 8 Fault tolerance metrics of Q-PRADAX.
Full size table

Comparison with related work

In this section, we compare our Q-PRADAX system with related works, The results are summarized in Table 9. Q-PRADAX demonstrates superior performance over state-of-the-art IoMT frameworks14,15,16,17,18,19,20, including DAQFL14, a lightweight XOR-based system15, a federated learning (FL) system16, a blockchain-based framework17, FedSparsity18, a secure aggregation protocol19, and BFL20, as evaluated through re-simulations in OMNeT + + 6.0.3 with INET 4.5 on a 64-core AMD EPYC cluster (256 GB RAM, Ubuntu 20.04 LTS), with metrics scaled to match Q-PRADAX conditions (n = 1000–5000 devices, 128–256-byte payloads, SNR = 10–20 dB, 1–10% packet loss); in the Baseline scenario (n = 1000, SNR = 20 dB), Q-PRADAX achieves 94.5% diagnostic accuracy for ECG and glucose monitoring, surpassing DAQFL (88.0%), FL (73.0%), FedSparsity (85.0%), and BFL (91.0%), driven by 100% tampering detection via zk-SNARK proofs (Groth16, ~ 0.3 kB) and SHA-256 hashing, while its energy consumption of 0.40 mJ/packet outperforms DAQFL (0.45 mJ), FL (0.50 mJ), blockchain (1.00 mJ), FedSparsity (0.48 mJ), secure aggregation (0.60 mJ), and BFL (0.55 mJ), though trailing the XOR-based system (0.16 mJ) due to its lightweight but less secure design; in the High-Load scenario (n = 5000, 1 m/s mobility, 10% jamming), Q-PRADAX maintains 92.0% accuracy and 0.60 mJ/packet, better than DAQFL (85.0%, 0.68 mJ), FL (70.0%, 0.75 mJ), and others, while its communication overhead (8.92 kB/packet, including 4 kB ciphertext) aligns with BFL (9.0 kB) but exceeds lighter frameworks (0.4–7.0 kB); in the Low-Power scenario (100 mAh devices, 5 mW transmit power), Q-PRADAX achieves 96.0% accuracy and 0.25 mJ/packet, outperforming most competitors (75.0–93.0%, 0.28–0.62 mJ), with a packet delivery rate of 99.95% matching BFL and surpassing others (92.0–98.0%); Q-PRADAX security latency (12.5 ms/packet, including 7.8 ms encryption) matches BFL but is higher than DAQFL (8.0 ms) and others (5.0–10.0 ms), reflecting the cost of quantum-resilient Ring-LWE encryption (q = 12289, λ = 256) and zk-SNARKs, which ensure robust security absent in15,16; overall, Q-PRADAX high accuracy, energy efficiency, and 99.9% packet delivery, supported by adaptive clustering and TLS 1.3, make it ideal for secure IoMT healthcare, despite trade-offs in overhead, with future optimizations like CoAP or ROHC proposed to enhance scalability.

Table 9 Comparison of Q-PRADAX with related Work.
Full size table

Limitations and future works

Q-PRADAX establishes a robust, secure, and reliable framework for data aggregation in the Internet of Medical Things (IoMT), achieving 94.5% diagnostic accuracy for cardiac and diabetes monitoring, 100% tampering detection, and 99.9% packet delivery ratio (PDR) in the Baseline scenario (1000 devices, 50 edge nodes, SNR = 20 dB, 1% packet loss), as validated in OMNeT + + 6.0.3 simulations (Tables 4, 5, 6, 7 and 8). Leveraging Ring-LWE encryption (n = 512, q = 12289, σ = 3.2, 128-byte payload) and zk-SNARK proofs (~ 0.3 kB, Groth16) on resource-constrained ARM Cortex-M4 devices (80 MHz, 200 mAh, 3.3 V), Q-PRADAX ensures HIPAA/GDPR compliance through SHA-256-based auditable logging, supporting real-time health monitoring with 256-bit post-quantum security. However, trade-offs impact efficiency: in the Energy-Constrained scenario (100 mAh, 5 mW TX power), encryption and proof generation incur 12.5 ms/packet security latency (SD = 0.5 ms) and 0.15 mJ/packet energy (SD = 0.01 mJ), limiting wearable battery life to ~ 6 h (Table 5). The High-Density scenario (5000 devices, 2% packet loss) generates 4.59 kB/packet overhead (SD = 0.06 kB), straining 250 kbps BLE/Zigbee bandwidth and extending fault recovery to 175 ms (SD = 7 ms), constraining scalability in hospital settings (Table 6). The Attack-Resilience scenario (5% compromised devices, 10% jamming) increases energy to 0.46 mJ/packet (SD = 0.02 mJ) due to ARQ retransmissions (success probability = 0.99), reducing device lifespan under persistent attacks (Table 5). The adaptive clustering algorithm, optimized for 1 m/s mobility, loses flexibility in dynamic scenarios (e.g., ambulances at 5 m/s), and the absence of differential privacy risks data inference in federated settings. Future enhancements include adopting Bulletproofs to reduce zk-SNARK complexity (~ 500 operations, ~ 2 ms proof generation), cutting latency and energy by ~ 50%. CoAP or ROHC compression can lower overhead to ~ 2 kB/packet, enhancing scalability for 10,000 + devices. Forward error correction (FEC) or AI-driven fault prediction could reduce recovery times to < 100 ms, while differential privacy16 or homomorphic encryption20 will mitigate inference risks. Dynamic routing inspired by19 will support 1–5 m/s mobility, and CRYSTALS-Dilithium signatures will reinforce quantum resilience, positioning Q-PRADAX as a leading standard for secure, scalable, and privacy-preserving IoMT healthcare ecosystems.

Conclusion and future works

The Q-PRADAX framework redefines secure and reliable data aggregation for the Internet of Medical Things (IoMT), delivering exceptional performance for real-time health monitoring applications, such as cardiac arrhythmia detection and glucose level tracking. Evaluated using OMNeT + + 6.0.3 with INET 4.5 on a high-performance computing cluster (64-core AMD EPYC, 256 GB RAM, Ubuntu 20.04 LTS), Q-PRADAX achieves a diagnostic accuracy of 94.5%, 100% tampering detection (e.g., rejecting heart rate = 280 bpm), and 99.9% packet delivery rate in the Baseline scenario (n = 1000 devices, 128-byte payloads, SNR = 20 dB), outperforming state-of-the-art IoMT frameworks like DAQFL (88.0% accuracy), FedSparsity (85.0%), and BFL (91.0%), as detailed in Sect. 8. By integrating quantum-resilient Ring-LWE encryption (q = 12289, n = 512, security parameter λ = 256), compact Groth16 zk-SNARK proofs, and adaptive clustering, Q-PRADAX ensures HIPAA/GDPR-compliant data security and reliable operation on resource-constrained wearable devices (ARM Cortex-M4, 200 mAh), with energy consumption of 0.40 mJ/packet in the Baseline scenario (27.2 h battery life) and 0.25 mJ/packet in the Low-Power scenario (100 mAh, 5 mW transmit power, 6.0 h battery life), as per Table 5. Despite its strengths, Q-PRADAX communication overhead (4.46–8.92 kB/packet) and security latency (12.5 ms/packet) are higher than lightweight protocols, necessitating future optimizations. Future work will enhance Q-PRADAX by integrating Bulletproofs, which reduce zk-SNARK computational complexity from ~ 4000 to ~ 500 operations through logarithmic proof sizes and batch verification, lowering energy consumption for proof generation on IoMT devices. Adopting CoAP or ROHC compression will minimize communication overhead by leveraging header compression and lightweight messaging, improving scalability for high-density networks (n = 5000+). Differential privacy, inspired by federated learning approaches, will mitigate inference risks by adding controlled noise to aggregated data, preserving privacy with minimal energy overhead. Homomorphic encryption will enable secure computation on encrypted vitals, feasible with optimized schemes like CKKS for IoMT analytics. Implementing Dilithium signatures, a NIST-standardized post-quantum scheme, will enhance authentication efficiency, reducing energy costs compared to Ring-LWE key exchanges. Dynamic routing protocols, building on secure aggregation techniques, will support variable mobility (1–5 m/s) in dynamic settings like ambulances, maintaining reliability with low power draw. These enhancements, validated through future simulations, aim to position Q-PRADAX as a global standard for secure, patient-centric IoMT healthcare.