Blockchain for IoT Security Enhancement
The interconnection of massive physical devices has made individual life very convenient. However, this gift by the IoT has also brought about potential risks. An enormous amount of data is generated by applications such as home automation, mobile health care, intelligent vehicles, etc. All these require a robust security mechanism for proper protection, in order to provide ubiquitous computing. In recent years, blockchain has been sought as a descriptive technology that can play a major role in the control, management, and security of IoT devices . In general, these centralized systems face numerous challenges, owing to some of the intrinsic characteristics of the IoT. The vulnerability lies with the centralized server, whose failure could paralyze the entire network . Also, centralized servers are susceptible to revealing sensitive information, due to the need for management authority, and due to the hacking of unencrypted data . Apart from achieving an acceptable level of quality of service (QoS) and energy efficiency, several parameters should be focused upon for the secure deployment of ubiquitous IoT .
- • Privacy, confidentiality, and data integrity: The reason lies with the multiple hops of data in the network.
- • Authenticity, accountability, and traceability: Due to the need for secure communication in the shared network and a record of the usage of shared resources.
Blockchain is a decentralized publicly available immutable transaction database that is replicated in all the nodes . It has revolutionized the way financial transactions are carried out, without the need for a central authority. Also, blockchain-based systems incur minimal security monitoring costs, while providing security against adversaries . Blockchain is a sequence of blocks that store the information related to all transactions. Each block of the chain is linked via the hash of the previous block. Generally, a block consists of a body and a header. The block’s body stores a transaction and a counter value for the transaction. The header stores metadata, such as a timestamp, parent block hash, Merkle tree root hash. etc. In order to validate the transaction’s authenticity, blockchain employs an asymmetric cryptography mechanism. The Bitcoin and Ethereum blockchains are the most popular application domains. The Bitcoin blockchain is a cryptocurrency-based application, whereas the Ethereum blockchain implements smart contracts, a computerized transaction protocol that executes the terms of the contract. These smart-contract-based blockchains have the potential to manage, control, and secure IoT devices.
Potential Blockchain Solutions
This section presents some of the intrinsic features of blockchain that can be utilized for IoT security.
Blockchain Address Space: In contrast to the 128-bit IPV6 address space, the blockchain has a 160-bit address space . This allows around 4.3 billion unique identifications for IoT devices and in turn decreases the collision probability.
Data authentication, integrity and traceability: Due to the design constraints of blockchain, the data transmitted by IoT devices will always be cryptographically proven and signed by the legitimate sender with a unique key. This provides authentication and integrity. Also, the transactions of IoT devices will be recorded on a blockchain ledger that can provide traceability.
Authenticity, authorization, and privacy: Blockchain’s smart contract has the ability to set access rules and conditions, to allow' users on machines to control, or have access to, data in transit or at rest. It can also assign different rights to IoT devices and change the rules. This way, it provides authorization and privacy. Also, since all devices involved in a transaction possess a dedicated blockchain address, the blockchain-based solution avoids false authentication.
Secure communication: IoT application communication protocols, such as HTTP, and XMPP, and routing protocols such as RPL. and 6L0WPAN, are not secure. To provide secure messaging and communication, these have to be wrapped within security protocols such as TLS or IPsec, for safe routing. All these protocols are complex in terms of storage and computation and are based on centralized management. Blockchain eliminates key management and distribution. This also leads to the evolution of simpler security protocols and hence, reduces the requirements for computation and storage.
Improved availability: There is no vulnerable central point in the blockchain- based solution and hence, it possesses built-in availability features. The decentralized connected device enables the network to remain alive, in case of multiple machine faults . Blockchain is a decentralized system, where the entire transaction database is replicated in all the nodes. Blockchain was initially used for cryptocurrency transactions, but these days, it is coming up with many applications, including in education, health care, business enterprises, and smart computing .