Approaching the Communication Constraints of Ethereum-Based Decentralized Applications

Those working on Blockchain technologies have described several new innovative directions and novel services in the Internet of things (IoT), including decentralized trust, trusted and verifiable execution of smart contracts, and machine-to-machine communications and automation that reach beyond the mere exchange of data. However, applying blockchain principles in the IoT is a challenge due to the constraints of the end devices. Because of fierce cost pressure, the hardware resources in these devices are usually reduced to the minimum necessary for operation. To achieve the high coverage needed, low bitrate mobile or wireless technologies are frequently applied, so the communication is often constrained, too. These constraints make the implementation of blockchain nodes for IoT as standalone end-devices impractical or even impossible. We therefore investigated possible design approaches to decentralized applications based on the Ethereum blockchain for the IoT. We proposed and evaluated three application architectures differing in communication, computation, storage, and security requirements. In a pilot setup we measured and analyzed the data traffic needed to run the blockchain clients and their applications. We found out that with the appropriate designs and the remote server architecture we can strongly reduce the storage and communication requirements imposed on devices, with predictable security implications. Periodic device traffic is reduced to 2400 B/s (HTTP) and 170 B/s (Websocket) from about 18 kB/s in the standalone-device full client architecture. A notification about a captured blockchain event and the corresponding verification resulted in about 2000 B of data. A transaction sent from the application to the client resulted in an about 500 B (HTTP) and 300 B message (Websocket). The key store location, which affects the serialization of a transaction, only had a small influence on the transaction-related data. Raw transaction messages were 45 B larger than when passing the JSON transaction objects. These findings provide directions for fog/cloud IoT application designers to avoid unrealistic expectations imposed upon their IoT devices and blockchain technologies, and enable them to select the appropriate system design according to the intended use case and system constraints. However, for very low bit-rate communication networks, new communication protocols for device to blockchain-client need to be considered.

Download Full-text

A Strongly Unforgeable Certificateless Signature Scheme and Its Application in IoT Environments

Sensors ◽

10.3390/s19122692 ◽

2019 ◽

Vol 19 (12) ◽

pp. 2692 ◽

Cited By ~ 4

Author(s):

Xiaodong Yang ◽

Xizhen Pei ◽

Guilan Chen ◽

Ting Li ◽

Meiding Wang ◽

...

Keyword(s):

Security Requirements ◽

Widespread Application ◽

Random Oracles ◽

Replay Attacks ◽

Security Research ◽

Viable Solution ◽

Iot Devices ◽

Certificateless Signature ◽

The Internet Of Things ◽

Strong Unforgeability

With the widespread application of the Internet of Things (IoT), ensuring communication security for IoT devices is of considerable importance. Since IoT data are vulnerable to eavesdropping, tampering, forgery, and other attacks during an open network transmission, the integrity and authenticity of data are fundamental security requirements in the IoT. A certificateless signature (CLS) is a viable solution for providing data integrity, data authenticity, and identity identification in resource-constrained IoT devices. Therefore, designing a secure and efficient CLS scheme for IoT environments has become one of the main objectives of IoT security research. However, the existing CLS schemes rarely focus on strong unforgeability and replay attacks. Herein, we design a novel CLS scheme to protect the integrity and authenticity of IoT data. In addition to satisfying the strong unforgeability requirement, the proposed scheme also resists public key replacement attacks, malicious-but-passive key-generation-centre attacks, and replay attacks. Compared with other related CLS schemes without random oracles, our CLS scheme has a shorter private key, stronger security, and lower communication and computational costs.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

International Journal of Smart Security Technologies ◽

10.4018/ijsst.2019010102 ◽

2019 ◽

Vol 6 (1) ◽

pp. 15-30 ◽

Cited By ~ 1

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

In the recent years, the Internet of Things (IoT) has been widely deployed in different daily life aspects such as home automation, electronic health, the electric grid, etc. Nevertheless, the IoT paradigm raises major security and privacy issues. To secure the IoT devices, many research works have been conducted to counter those issues and discover a better way to remove those risks, or at least reduce their effects on the user's privacy and security requirements. This article mainly focuses on a critical review of the recent authentication techniques for IoT devices. First, this research presents a taxonomy of the current cryptography-based authentication schemes for IoT. In addition, this is followed by a discussion of the limitations, advantages, objectives, and attacks supported of current cryptography-based authentication schemes. Finally, the authors make in-depth study on the most relevant authentication schemes for IoT in the context of users, devices, and architecture that are needed to secure IoT environments and that are needed for improving IoT security and items to be addressed in the future.

Download Full-text

Contemporary Physical Clone-Resistant Identity for IoTs and Emerging Technologies

Cryptography ◽

10.3390/cryptography5040032 ◽

2021 ◽

Vol 5 (4) ◽

pp. 32

Author(s):

Emad Hamadaqa ◽

Saleh Mulhem ◽

Wael Adi ◽

Mladen Berekovic

Keyword(s):

Communication Networks ◽

Public Key Cryptography ◽

Security Requirements ◽

Secret Key ◽

Open Communication ◽

Secret Keys ◽

Iot Devices ◽

Classical Means ◽

Future Technologies ◽

Identification Techniques

Internet of things (IoT) technologies have recently gained much interest from numerous industries, where devices, machines, sensors, or simply things are linked with each other over open communication networks. However, such an operation environment brings new security threats and technology challenges in securing and stabilizing such large systems in the IoT world. Device identity in such an environment is an essential security requirement as a secure anchor for most applications towards clone-resistant resilient operational security. This paper analyzes different contemporary authenticated identification techniques and discusses possible future technologies for physically clone-resistant IoT units. Two categories of identification techniques to counteract cloning IoT units are discussed. The first category is inherently cloneable and includes the classical identification mechanisms based on secret and public key cryptography. Such techniques deploy mainly secret keys stored permanently somewhere in the IoT devices as classical means to make units clone-resistant. However, such techniques are inherently cloneable as the manufacturer or device personalizers can clone them by re-using the same secret key (which must be known to somebody) or reveal keys to third parties to create cloned entities. In contrast, the second, more resilient category is inherently unclonable because it deploys unknown and hard to predict born analog modules such as physical unclonable functions (PUFs) or mutated digital modules and so-called secret unknown ciphers (SUCs). Both techniques are DNA-like identities and hard to predict and clone even by the manufacturer itself. Born PUFs were introduced two decades ago; however, PUFs as analog functions failed to serve as practically usable unclonable electronic identities due to being costly, unstable/inconsistent, and non-practical for mass application. To overcome the drawbacks of analog PUFs, SUCs techniques were introduced a decade ago. SUCs, as mutated modules, are highly consistent, being digital modules. However, as self-mutated digital modules, they offer only clone-resistant identities. Therefore, the SUC technique is proposed as a promising clone-resistant technology embedded in emerging IoT units in non-volatile self-reconfiguring devices. The main threats and expected security requirements in the emerging IoT applications are postulated. Finally, the presented techniques are analyzed, classified, and compared considering security, performance, and complexity given future expected IoT security features and requirements.

Download Full-text

Assesing the Services, security Threaths, Challenges and Solutions in the Internet of Things

Scalable Computing Practice and Experience ◽

10.12694/scpe.v20i3.1544 ◽

2019 ◽

Vol 20 (3) ◽

pp. 457-484 ◽

Cited By ~ 2

Author(s):

Syed Rameem Zahra ◽

Mohammad Ahsan Chishti

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

Wireless Sensor ◽

Personal Health ◽

Security Threats ◽

Recent Past ◽

The World ◽

Iot Devices ◽

The Internet Of Things

The purpose of this paper is to chalk out the criticality of the most important pillar of Internet of Things (IoT),i.e., Security and Privacy (S&P). IoT has seen its journey from implausible and impossible to sustainable and tenable. Its rateof expansion into various grounds from agriculture to sports; personal health to intelligent trac detection; waste managementto smart homes is astonishing, dramatic and unforeseen. With such vast adaptability and functionality, its security remains thebiggest concern because in contrast to the traditional networks, IoT faces huge vulnerabilities some of which are inherent and othersexplicit. The existing security solutions cannot be implemented in IoT because of its unique characteristics. Therefore, there is adire need to develop novel security procedures betting IoT. This paper spots the features that are peculiar to IoT and concurrentlyanalyzes the security threats and challenges they pose. This work also provides a glimpse of the major IoT implementations withtheir particular security requirements and challenges. Moreover, this paper critically evaluates the proposed countermeasures tosecurity attacks on dierent features and why they cannot be used in IoT environments. Also, it is found that most of the securitysolutions used in IoT devices are inspired from Wireless Sensor Networks (WSN) but the striking dierences among the two makethem inadequate in IoT. The security requirements and challenges peculiar to various IoT services are also identied. To assist theresearchers in remaining up-to-date, we for the rst time have thoroughly expressed some of the most famous and practical attacksfaced across the world in the recent past, how much damage they caused, how much nancial losses were faced, etc.

Download Full-text

A Survey of Authentication Schemes in the Internet of Things

Research Anthology on Blockchain Technology in Business, Healthcare, Education, and Government ◽

10.4018/978-1-7998-5351-0.ch093 ◽

2021 ◽

pp. 1715-1732

Author(s):

Yasmine Labiod ◽

Abdelaziz Amara Korba ◽

Nacira Ghoualmi-Zine

Keyword(s):

Internet Of Things ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Privacy And Security ◽

Depth Study ◽

Authentication Schemes ◽

Iot Devices ◽

Privacy Issues ◽

The Internet Of Things

Download Full-text

A Secure Architecture For Resource Constrained Iot Environment

Journal of University of Shanghai for Science and Technology ◽

10.51201/jusst/21/09535 ◽

2021 ◽

Vol 23 (09) ◽

pp. 248-264

Author(s):

Omar Farooq ◽

◽

Parminder Singh ◽

Keyword(s):

Significant Rise ◽

Learning Approach ◽

Data Traffic ◽

Resource Constrained ◽

Iot Applications ◽

Digital Currency ◽

Machine Learning Approach ◽

Cloud Environments ◽

Iot Devices ◽

The Internet Of Things

One of the most exciting emerging concepts nowadays is the Internet of Things. However, digital currency has run into issues with how quickly it has been adopted. The number of IoT devices is increasing exponentially, and presently we have more than 20000 million objects connected to the network. The amount of data and complexity circulating across networks is also growing exponentially. IoT plays a measure role in this growth rate of IoT data traffic, resulting in a significant rise in data traffic reaching the cloud or data centers. The response time of IoT systems is affected by the growth of data traffic as this may not be appropriate for sensitive environments. This paper presents a framework and a machine learning approach for the data management of IoT edge-cloud environments with resource-constrained IoT applications. In this paper, the security aspect has also been discussed for the resource-constrained IoT framework.

Download Full-text

Predicting Internet of Things (IOT) Security and Privacy Risks – A Proposal Model: توقع مخاطر أمن وخصوصية إنترنت الأشياء (IOT) – نموذج مقترح بحثي

Journal of engineering sciences and information technology - مجلة العلوم الهندسية و تكنولوجيا المعلومات ◽

10.26389/ajsrp.q070621 ◽

2021 ◽

Vol 5 (3) ◽

pp. 133-112

Author(s):

Awad Saad Al-Qahtani, Mohammad Ayoub Khan Awad Saad Al-Qahtani, Mohammad Ayoub Khan

Keyword(s):

Internet Of Things ◽

Security Management ◽

Cyber Attacks ◽

Security Requirements ◽

Security And Privacy ◽

The Internet ◽

Security Risks ◽

Iot Security ◽

Iot Devices ◽

The Internet Of Things

The Internet of things (IOT) users lack awareness of IOT security infrastructure to handle the risks including Threats, attack and penetration associated with its use. IOT devices are main targets for cyber-attacks due to variable personally identifiable information (PII) stored and transmit in the cyber centers. The security risks of the Internet of Things aimed to damage user's security and privacy. All information about users can be collected from their related objects which are stored in the system or transferred through mediums among diverse smart objects and may exposed to exposed dangerous of attacks and threats if it lack authentication so there are essential need to make IOT security requirements as important part of its efficient implementation. These requirements include; availability, accountability, authentication, authorization, privacy and confidentiality, Integrity and Non-repudiation. The study design is a survey research to investigate the visibility of the proposed model of security management for IOT uses, the security risks of IOT devices, and the changes IOT technology on the IT infrastructure of IOT users through answering of the research questionnaires. This work proposes a model of security management for IOT to predict IOT security and privacy threats, protect IOT users from any unforeseen dangers, and determine the right security mechanisms and protocols for IOT security layers, as well as give the most convenient security mechanisms. Moreover, for enhancing the performance of IOT networks by selecting suitable security mechanisms for IOT layers to increase IOT user's security satisfaction.

Download Full-text

VerSA

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2021070105 ◽

2021 ◽

Vol 15 (3) ◽

pp. 65-82

Author(s):

Oladayo Olufemi Olakanmi ◽

Kehinde Oluwasesan Odeyemi

Keyword(s):

Communication Networks ◽

Wireless Communication Networks ◽

Security Risks ◽

Batch Verification ◽

Wide Range ◽

Augmented Reality Technology ◽

Data Grouping ◽

Aggregation Scheme ◽

Iot Devices ◽

The Internet Of Things

The advent of the internet of things (IoT) and augmented reality technology not only introduces a wide range of security risks and challenges but also increases traffic on the existing wireless communication networks. This is due to the enormity of the traffics generated by the connected IoT devices whose number keeps increasing. Therefore, any IoT network requires an effective security solution capable of securing data and minimizing traffic on the IoT networks. To address these, the authors propose a practicable secure data aggregation scheme, VerSA, based on data grouping aggregation, batch verification through the aggregated signature ratios, and symmetric encryption with a pairing free key distribution. The scheme is capable of grouping and aggregating sub-network data into homogeneous and heterogeneous groups, detecting and filtering injected false data. The results show that the proposed scheme is not only secure against IoT related attacks but also has the lowest computational and communication overheads compared to the recent state-of-the-art schemes.

Download Full-text

Decentralized Data Aggregation: A New Secure Framework Based on Lightweight Cryptographic Algorithms

Wireless Communications and Mobile Computing ◽

10.1155/2021/5565663 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Xin Xie ◽

Yu-Chi Chen

Keyword(s):

Data Aggregation ◽

Data Privacy ◽

Differential Privacy ◽

Security Requirements ◽

Cryptographic Primitives ◽

Privacy And Security ◽

System A ◽

Iot Devices ◽

Access Data ◽

The Internet Of Things

Blockchain has become very popular and suitable to the Internet of Things (IoT) field due to its nontamperability and decentralization properties. The number of IoT devices and leaders (who own IoT devices) is increased exponentially, and thus, data privacy and security are undoubtedly significant concerns. In this paper, we summarize some issues for the BeeKeeper system, a blockchain-based IoT system, proposed by Zhou et al., and then aim for presenting an improved solution for decentralized data aggregation (DDA) on IoT. Firstly, we formally state the security requirements of DDA. Secondly, we propose our basic DDA system by using secret sharing to improve its efficiency and smart contracts as the computing processors. Moreover, the proposed full-fledged system achieves data sharing (e.g., a leader to access data of others’ devices), which is realized by using local differential privacy and cryptographic primitives such as token-based encryption. Finally, to show the feasibility, we provide some implementations and experiments for the DDA systems.

Download Full-text

IoT Device Identification Protocol based on Degraded Flash Memory

Telecom IT ◽

10.31854/2307-1303-2020-8-2-20-31 ◽

2020 ◽

Vol 8 (2) ◽

pp. 20-31

Author(s):

S. Vladimirov ◽

D. Berestovoy

Keyword(s):

Communication Networks ◽

Flash Memory ◽

Error Correcting Codes ◽

Practical Relevance ◽

Research Subject ◽

Transport Protocols ◽

Device Identification ◽

Testing Method ◽

Iot Devices ◽

The Internet Of Things

Research subject. The article presents a protocol for identifying IoT devices developed by the authors and the results of its testing. Method. Simulation was performed to determine the probabilistic charac-teristics of 8-bit error-correcting codes. The principles of their coding and decoding are considered. Core results. The features of the developed identification protocol when transmitting packets over the transport protocols TCP and UDP are determined. Practical relevance. The application of the devel-oped protocol for identifying network devices of the Internet of things in local and global communication networks is proposed.

Download Full-text