A formally verified blockchain-based decentralised authentication scheme for the internet of things

With the proliferation of intelligent devices in the Internet of Things (IoT), the security of IoT devices is becoming a major concern as an attacker can exploit network services via network capture or deployment of malicious devices. Therefore, IoT device authentication is a key security requirement. Conventional authentication approaches have proved insufficient in dealing with a large number of IoT devices because of various shortcomings, such as centrally designed architectures and expensive cryptographic primitives. Blockchain technology has led to the creation of decentralised IoT authentication solutions with their desirable characteristics. Due to the integration of IoT and Blockchain technology, however, performance is one of the significant challenges. Existing Blockchain-based authentication schemes create extra storage, computing and communication overheads on the Blockchain which restricts its use for different IoT networks. In this paper, we design an efficient decentralised Blockchain-based authentication scheme aimed at achieving a secure authentication for IoT devices using the token mechanism. We design the Ethereum Blockchain network model to implement our scheme, in which smart contracts provide secure connectivity between miner nodes and IoT devices. We demonstrate our proposed scheme with an IoT-based smart home case study, which shows significant performance in computation and communication overheads compared with existing Blockchain-based authentication schemes. The modelling, analysis and verification of the proposed scheme, using high level Petri nets (HLPNs) and Z3 SMT solver are also provided to prove correctness and to verify the claims of our model.

[1]  Yiyang Bian,et al.  Blockchain Security: A Survey of Techniques and Research Directions , 2022, IEEE Transactions on Services Computing.

[2]  Ke Xu,et al.  Blockchain-Assisted Secure Device Authentication for Cross-Domain Industrial IoT , 2020, IEEE Journal on Selected Areas in Communications.

[3]  Soohyung Kim,et al.  Managing IoT devices using blockchain platform , 2017, 2017 19th International Conference on Advanced Communication Technology (ICACT).

[4]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[5]  Mohammad Ayoub Khan,et al.  An evolutionary multi-hidden Markov model for intelligent threat sensing in industrial internet of things , 2020 .

[6]  Wei Peng,et al.  A Blockchain-Based Authentication and Security Mechanism for IoT , 2018, 2018 27th International Conference on Computer Communication and Networks (ICCCN).

[7]  Khaled Salah,et al.  A User Authentication Scheme of IoT Devices using Blockchain-Enabled Fog Nodes , 2018, 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA).

[8]  Ong Bi Lynn,et al.  Internet of Things (IoT): Taxonomy of security attacks , 2016, 2016 3rd International Conference on Electronic Design (ICED).

[9]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[10]  Ahmed Serhrouchni,et al.  Bubbles of Trust: A decentralized blockchain-based authentication system for IoT , 2018, Comput. Secur..

[11]  Jacques Pasquier-Rocha,et al.  Decentralized web of trust and authentication for the internet of things , 2017, IOT.

[12]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[13]  Deepak Puthal,et al.  The Blockchain as a Decentralized Security Framework [Future Directions] , 2018, IEEE Consumer Electronics Magazine.

[14]  Theodore Tryfonas,et al.  The Internet of Things: a security point of view , 2016, Internet Res..

[15]  Thar Baker,et al.  A decentralized lightweight blockchain-based authentication mechanism for IoT systems , 2020, Cluster Computing.

[16]  Alan Kai-Hau Yeung,et al.  Blockchain-Based Authentication in IoT Networks , 2018, 2018 IEEE Conference on Dependable and Secure Computing (DSC).

[17]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[18]  Salim Hariri,et al.  Autonomic Identity Framework for the Internet of Things , 2017, 2017 International Conference on Cloud and Autonomic Computing (ICCAC).

[19]  Ranesh Kumar Naha,et al.  FogAuthChain: A secure location-based authentication scheme in fog computing environments using Blockchain , 2020, Comput. Commun..

[20]  Kurt Lautenbach,et al.  System Modelling with High-Level Petri Nets , 1981, Theor. Comput. Sci..

[21]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[22]  P. Jiang,et al.  Blockchain-empowered sustainable manufacturing and product lifecycle management in industry 4.0: A survey , 2020 .

[23]  Sharad Malik,et al.  Boolean Satisfiability Solvers and Their Applications in Model Checking , 2015, Proceedings of the IEEE.

[24]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[25]  Nikolaj Bjørner,et al.  Satisfiability Modulo Theories: An Appetizer , 2009, SBMF.

[26]  Ivan Kotuliak,et al.  Management and Monitoring of IoT Devices Using Blockchain † , 2019, Sensors.

[27]  Gaurav Kapoor,et al.  Security of lightweight mutual authentication protocols , 2020, The Journal of Supercomputing.

[28]  Reza Fotohi,et al.  Multi-level trust-based intelligence schema for securing of internet of things (IoT) against security threats using cryptographic authentication , 2020, The Journal of Supercomputing.

[29]  Rida Khatoun,et al.  An adaptive authentication and authorization scheme for IoT’s gateways: a blockchain based approach , 2018, 2018 Third International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC).

[30]  Jong-Hyouk Lee,et al.  BIDaaS: Blockchain Based ID As a Service , 2018, IEEE Access.

[31]  Hokeun Kim,et al.  Authentication and Authorization for the Internet of Things , 2017, IT Professional.

[32]  Grzegorz Rozenberg,et al.  High-level Petri Nets: Theory And Application , 1991 .

[33]  Saurabh Sharma,et al.  Security explorations for routing attacks in low power networks on internet of things , 2020, The Journal of Supercomputing.

[34]  Prateek Saxena,et al.  Making Smart Contracts Smarter , 2016, IACR Cryptol. ePrint Arch..

[35]  B. Sivakumar,et al.  An intelligent internet of things-based secure healthcare framework using blockchain technology with an optimal deep learning model , 2021, The Journal of Supercomputing.

[36]  Antonio Puliafito,et al.  Blockchain and IoT Integration: A Systematic Survey , 2018, Sensors.

[37]  Kurt Jensen High-Level Petri Nets , 1982, European Workshop on Applications and Theory of Petri Nets.

[38]  Zibin Zheng,et al.  An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends , 2017, 2017 IEEE International Congress on Big Data (BigData Congress).

[39]  Baijian Yang,et al.  Internet of things: Survey on security , 2017, Inf. Secur. J. A Glob. Perspect..

[40]  Jorge Sousa Pinto,et al.  Verification conditions for source-level imperative programs , 2011, Comput. Sci. Rev..

[41]  Sanjit A. Seshia,et al.  Beaver: Engineering an Efficient SMT Solver for Bit-Vector Arithmetic , 2009, CAV.

[42]  Pinchen Cui,et al.  Ensuring Proof-of-Authenticity of IoT Edge Devices Using Blockchain Technology , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[43]  Hany F. Atlam,et al.  Chapter Three - Intersections between IoT and distributed ledger , 2019, Adv. Comput..

[44]  Melanie Swan,et al.  Blockchain Thinking : The Brain as a Decentralized Autonomous Corporation [Commentary] , 2015, IEEE Technol. Soc. Mag..

[45]  Zhongyang Yu,et al.  The service architecture of Internet of things terminal connection based on blockchain technology , 2021, The Journal of Supercomputing.

[46]  Geir M. Køien,et al.  Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks , 2015, J. Cyber Secur. Mobil..

[47]  Armin Biere,et al.  Boolector: An Efficient SMT Solver for Bit-Vectors and Arrays , 2009, TACAS.

[48]  Wei Cao,et al.  Blockchain-Secured Smart Manufacturing in Industry 4.0: A Survey , 2021, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[49]  Alberto Griggio,et al.  The MathSAT5 SMT Solver , 2013, TACAS.

[50]  Saurabh Kumar Garg,et al.  Cloud Computing in natural hazard modeling systems: Current research trends and future directions , 2019, International Journal of Disaster Risk Reduction.

[51]  Aleksander Berentsen Aleksander Berentsen Recommends “Bitcoin: A Peer-to-Peer Electronic Cash System” by Satoshi Nakamoto , 2019, 21st Century Economics.

[52]  Ki-Hyung Kim,et al.  Implementation of IoT system using block chain with authentication and data protection , 2018, 2018 International Conference on Information Networking (ICOIN).

[53]  Gautam Srivastava,et al.  Data storage security for the Internet of Things , 2020, The Journal of Supercomputing.

[54]  Imed Romdhani,et al.  Blockchain for Cybersecurity and Privacy , 2020 .