LRCoin: Leakage-Resilient Cryptocurrency Based on Bitcoin for Data Trading in IoT

Currently, the number of Internet of Things (IoT) devices making up the IoT is more than 11 billion and this number has been continuously increasing. The prevalence of these devices leads to an emerging IoT business model called Device-as-a-service, which enables sensor devices to collect data disseminated to all interested devices. The devices sharing data with other devices could receive some financial reward, such as Bitcoin. However, side-channel attacks, which aim to exploit some information leaked from the IoT devices during data trade execution, are possible since most of the IoT devices are vulnerable to be hacked or compromised. Thus, it is challenging to securely realize data trading in IoT environment due to the information leakage, such as leaking the private key for signing a Bitcoin transaction in Bitcoin system. In this paper, we propose LRCoin, a kind of leakage-resilient cryptocurrency based on bitcoin in which the signature algorithm used for authenticating bitcoin transactions is leakage-resilient. LRCoin is suitable for the scenarios where information leakage is inevitable, such as IoT applications. Our core contribution is proposing an efficient bilinear-based continual-leakage-resilient ECDSA signature. We prove the proposed signature algorithm is unforgeable against adaptively chosen messages attack in the generic bilinear group model under the continual leakage setting. Both the theoretical analysis and the implementation demonstrate the practicability of the proposed scheme.

[1]  Rajasekhar Mungara,et al.  A Routing-Driven Elliptic Curve Cryptography based Key Management Scheme for Heterogeneous Sensor Networks , 2014 .

[2]  Peng Jiang,et al.  A Survey on the Security of Blockchain Systems , 2017, Future Gener. Comput. Syst..

[3]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[4]  Tommaso Melodia,et al.  Securing the Internet of Things: New Perspectives and Research Challenges , 2018, ArXiv.

[5]  Mohsen Guizani,et al.  Transactions papers a routing-driven Elliptic Curve Cryptography based key management scheme for Heterogeneous Sensor Networks , 2009, IEEE Transactions on Wireless Communications.

[6]  Frank Kargl,et al.  KopperCoin - A Distributed File Storage with Financial Incentives , 2016, ISPEC.

[7]  Mengyuan Li,et al.  You Can Jam But You Cannot Hide: Defending Against Jamming Attacks for Geo-Location Database Driven Spectrum Sharing , 2016, IEEE Journal on Selected Areas in Communications.

[8]  Asaf Shabtai,et al.  Incentivized Delivery Network of IoT Software Updates Based on Trustless Proof-of-Distribution , 2018, 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[9]  Xinwen Fu,et al.  A Survey on Big Data Market: Pricing, Trading and Protection , 2018, IEEE Access.

[10]  Khaled Salah,et al.  IoT security: Review, blockchain solutions, and open challenges , 2017, Future Gener. Comput. Syst..

[11]  Jiayu Zhou,et al.  Distributed Data Vending on Blockchain , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[12]  Yong Yu,et al.  Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage , 2017, IEEE Transactions on Information Forensics and Security.

[13]  Kim-Kwang Raymond Choo,et al.  Fuzzy Identity-Based Data Integrity Auditing for Reliable Cloud Storage Systems , 2019, IEEE Transactions on Dependable and Secure Computing.

[14]  Elgar Fleisch,et al.  When Money Learns to Fly: Towards Sensing as a Service Applications Using Bitcoin , 2014, ArXiv.

[15]  Guillermo Navarro-Arribas,et al.  A Fair Protocol for Data Trading Based on Bitcoin Transactions , 2017, IACR Cryptol. ePrint Arch..

[16]  Wei Zhang,et al.  Securing Consumer IoT in the Smart Home: Architecture, Challenges, and Countermeasures , 2018, IEEE Wireless Communications.

[17]  Arvind Narayanan,et al.  Threshold-Optimal DSA/ECDSA Signatures and an Application to Bitcoin Wallet Security , 2016, ACNS.

[18]  Yevgeniy Dodis,et al.  Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model , 2009, CRYPTO.

[19]  Moti Yung,et al.  Signatures Resilient to Continual Leakage on Memory and Computation , 2011, IACR Cryptol. ePrint Arch..

[20]  Mohsen Guizani,et al.  An effective key management scheme for heterogeneous sensor networks , 2007, Ad Hoc Networks.

[21]  Yevgeniy Dodis,et al.  Cryptography against Continuous Memory Attacks , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[22]  Wei Zhang,et al.  WiVo: Enhancing the Security of Voice Control System via Wireless Signal in IoT Environment , 2018, MobiHoc.

[23]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[24]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[25]  Franz J. Hauck,et al.  Design of a Privacy-Preserving Decentralized File Storage with Financial Incentives , 2017, 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[26]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[27]  Davor Svetinovic,et al.  Security and Privacy in Decentralized Energy Trading Through Multi-Signatures, Blockchain and Anonymous Messaging Streams , 2018, IEEE Transactions on Dependable and Secure Computing.

[28]  Srinivas Vivek,et al.  A Leakage-Resilient Pairing-Based Variant of the Schnorr Signature Scheme , 2013, IMACC.

[29]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, Theory of Cryptography Conference.

[30]  Alex Pentland,et al.  Enigma: Decentralized Computation Platform with Guaranteed Privacy , 2015, ArXiv.