Elsevier

Computers & Security

Volume 78, September 2018, Pages 126-142
Computers & Security

Bubbles of Trust: A decentralized blockchain-based authentication system for IoT

https://doi.org/10.1016/j.cose.2018.06.004Get rights and content

Abstract

There is no doubt that Internet of Things (IoT) occupy a very important role in our daily lives. Indeed, numerous objects that we use every time, are being equipped with electronic devices and protocol suites in order to make them interconnected and connected to the Internet. In IoT, things process and exchange data without human intervention. Therefore, because of this full autonomy, these entities need to recognize and authenticate each other as well as to ensure the integrity of their exchanged data. Otherwise, they will be the target of malicious users and malicious use. Due to the size and other features of IoT, it is almost impossible to create an efficient centralized authentication system. To remedy this limit, in this paper, we propose an original decentralized system called bubbles of trust, which ensures a robust identification and authentication of devices. Furthermore, it protects the data integrity and availability. To achieve such a goal, our approach relies on the security advantages provided by blockchains, and serves to create secure virtual zones (bubbles) where things can identify and trust each other. We also provided a real implementation of our mechanism using the C++ language and Ethereum blockchain. The obtained results prove its ability to satisfy IoT security requirements, its efficiency, and its low cost.

Section snippets

Introduction and problem statement

Currently, over the world, Internet of Things (IoT) is involved in almost all the fields of our daily life. According to a recent Gartner study, 50 billion connected devices1 will be deployed by 2020 (Gartner, 2016).2

Background

A blockchain is defined as a distributed database (ledger) that maintains a permanent and tamper-proof record of transactional data. A blockchain is completely decentralized by relying on a peer-to-peer network. More precisely, each node of the network maintains a copy of the ledger to prevent a single point of failure. All copies are updated and validated simultaneously.

Current blockchain functioning was created to solve the double spending problem in crypto-currency (Nakamoto, 2008). However,

Security requirements

An IoT scheme must fulfill numerous security requirements in order to ensure the sustainability and resiliency of the ecosystem. Thus, in this section we describe the main security goals, and we introduce the criteria needed to evaluate the suitability of authentication schemes for securing IoT use cases.

Integrity: Maintaining integrity is the crucial requirement that each scheme must ensure. In our context, integrity is divided into two parts:

  • 1.

    Messages (transactions/communications) integrity:

Related works

Recently, numerous works have been interested in the integration of blockchains into IoT ecosystems. However, very few works were interested in how blockchains can help in meeting IoT security requirements. In this section we survey almost all the works that intend to realize such an integration and show the rarity of works that realize the integration in order to meet security needs.

Christidis and Devetsikiotis (2016) provide a description of how blockchains and smart contracts can be

Proposed approach

The main goal of our approach is to create secure virtual zones in IoT environments. Each device must communicate only with devices of its zone, and considers every other device as malicious. We call these zones bubbles of trust. Thus, a bubble of trust is a zone, where all its members can trust each other. It is protected and inaccessible for non-member devices. In order to achieve such a system we rely on a public blockchain that implements smart contracts. We use a public blockchain instead

Context and use case scenarios

As described above, the power of our proposed approach relies in its suitability to the majority of IoT scenarios, all within ensuring an easy integration of new devices, services and use cases. In this section we evaluate our approach regarding its execution time, energy consumption as well as the financial cost of some use cases. The use cases considered in the financial cost study are:

Smart house: is a house equipped with special structured wiring to enable occupants to remotely control or

Open issues

Our approach suffers from three main issues:

Not adapted to real time applications: our approach relies on a public blockchain. In the latter, according to the consensus protocol, the transactions (blocks) are validated each a certain defined period of time (consensus needed time), e.g. 14 s in Ethereum. Thus, transactions (messages) sent by devices will be validated only after this period. There are many IoT scenarios where this period is not tolerated. However, this issue can be resolved if a

Conclusion and future works

IoT and its applications are quickly becoming part of our everyday life. Indeed, its usage is on the rise, which leads to the emergence of many IoT devices and services. Each device must be reachable and produce content that can be retrieved by any authorized user regardless of his location. In many cases, access to these devices and their communication exchanges should be secure.

In this paper, we have proposed an original approach called bubbles of Trust, in which secure virtual zones are

Mohamed Tahar Hammi is a Ph.D. student at Institut MinesTelecom ParisTech. He received his Master’s degree in “computer science and network security” at the University of Paris Descartes in 2015. His current research interests are about securing the Internet of Things.

References (58)

  • M. Castro et al.

    Practical byzantine fault tolerance

    Proceedings of symposium on operating system design and implementation, OSDI

    (1999)
  • ChangS.j. et al.

    Third-round report of the sha-3 cryptographic hash algorithm competition

    NIST Interagency Report 7896

    (2012)
  • K. Christidis et al.

    Blockchains and smart contracts for the internet of things

    IEEE Access

    (2016)
  • E. De Win et al.

    On the performance of signature schemes based on elliptic curves

    Proceedings of international algorithmic number theory symposium

    (1998)
  • D. Dolev et al.

    On the security of public key protocols

    IEEE Trans Inf Theory

    (1983)
  • A. Dorri et al.

    Blockchain in internet of things: challenges and solutions

    arXiv preprint arXiv:160805187

    (2016)
  • A. Dorri et al.

    Blockchain for iot security and privacy: the case study of a smart home

    Proceedings of the 2017 IEEE international conference on pervasive computing and communications workshops, PerCom Workshops

    (2017)
  • J.R. Douceur

    The sybil attack

    Proceedings of international workshop on peer-to-peer systems

    (2002)
  • Ethereum community. Ethereum homestead documentation. Online http://wwwethdocsorg/en/latest/indexhtml...
  • Ethereum community. Ethash. Etherium, wiki https://githubcom/ethereum/wiki/wiki/Ethash...
  • Ethereum

    Ethereum development tutorial

    Technical Report

    (2017)
  • Ethereum foundation. Solidity documentation;...
  • Fast Ethereum RPC client for testing and development. Online Test RPC https://githubcom/ethereumjs/testrpc...
  • D. Ferraiolo et al.

    Role-based access control (rbac): features and motivations

    Proceedings of 11th annual computer security application conference

    (1995)
  • FIPS PUB

    FIPS PUB 140–2. security requirements for cryptographic modules

    (2001)
  • R. Fujdiak et al.

    Using genetic algorithm for advanced municipal waste collection in smart city

    Proceedings of 2016 10th international symposium on communication systems, networks and digital signal processing, CSNDSP

    (2016)
  • Gartner

    Gartner says by 2020, more than half of major new business processes and systems will incorporate some element of the internet of things

    Technical Report

    (2016)
  • B. Hammi et al.

    A factorial space for a system-based detection of botcloud activity

    Proceedings of 2014 6th international conference on new technologies, mobility and security, NTMS

    (2014)
  • B. Hammi et al.

    Internet of Things (IoT) technologies for smart cities

    IET Netw

    (2017)
  • Cited by (547)

    • Exploring Blockchain-driven security in SDN-based IoT networks

      2024, Journal of Network and Computer Applications
    View all citing articles on Scopus

    Mohamed Tahar Hammi is a Ph.D. student at Institut MinesTelecom ParisTech. He received his Master’s degree in “computer science and network security” at the University of Paris Descartes in 2015. His current research interests are about securing the Internet of Things.

    Badis Hammi is a Post Doc fellow in Institut Mines Telecom ParisTech in France. He received his Master’s degree in University of Valenciennes and of Hainaut Cambresis (2011) and his Ph.D. in Troyes University of Technology in 2015. His main research topics of interest are in Security in wireless environments, Intrusion Detection in Wireless Environments and in Cloud Computing.

    Patrick Bellot is professor at Telecom ParisTech since 1992 and a member of the LTCI laboratory. During this time, he spent two years in Vietnam to manage the institute and to implement research at lInstitut de la Francophonie pour l Informatique in Hanoi, Vietnam. Before joining Telecom ParisTech, he spent five years in IBM where he was the project leader of the development of AD/Cycle IBM Prolog/2 Program Product. He got a Ph.D. from Paris 6 University and has been awarded Best French Young Researcher in Computer Sciences in 1987. He is a specialist of formal and programming languages. His research topics cover very theoretical matters such as theory of combinators, lambda-calculus and logic. His current research topics includes autonomous and self-healing overlay networks dedicated to smart routing and file storage. He is now currently developing an IoT middleware with robust security based on OPC-UA machine-to-machine communication protocol for industrial automation.

    Ahmed Serhrouchni received his Ph.D. in computer science in 1989 and Habilitation Diriger des Recherches in 2010 both from the University Pierre & Marie Curie (UPMC). He is currently a Full Professor with Telecom ParisTech, CNRS-UMR 5141. He is/was leading or involved in many research projects in security Networking in France and Europe. His research focuses on computer network security, security for vehicular networks and security for Industrial Control System.

    View full text