An Out-of-band Authentication Scheme for Internet of Things Using Blockchain Technology

While the rapid development of IoT devices is changing our daily lives, some particular issues hinder the massive deployment of IoT devices. For example, current network ID management system cannot handle so many new terminals; there is no agreed security standards for IoT manufacturers to follow when designing their products. The whole IoT industry is expecting the breakthrough in network infrastructure and the development of novel security mechanisms that can enable the flexible, secure and reliable access and management of IoT devices. Bitcoin, first released in 2009, breeds the decentralized Blockchain technology. The decentralization, anonymity and proof of security characteristics of Blockchain can prevent collusion and single point failure of a centralized server. We believe that the application of Blockchain into the IoT system can clear the obstacles facing the development of IoT architecture and security. To this end, we propose an out-of-band two-factor authentication scheme for IoT devices based on Blockchain infrastructure. We implemented the IoT and Blockchain integrated system with Eris Blockchain and equivalent computing devices to emulate IoT devices. The overheads to run Blockchain and smart contract services on the emulator devices are measured. The BeagleBone Black and Raspberry Pi 3 nodes have an average memory usage of 29.5M, and the CPU usage of 29.55% and 13.35%, respectively.

[1]  Phillip H. Griffin Security for Ambient Assisted Living: Multi-factor Authentication in the Internet of Things , 2015, 2015 IEEE Globecom Workshops (GC Wkshps).

[2]  Longfei Wu,et al.  A Survey on Security and Privacy Issues in Internet-of-Things , 2017, IEEE Internet of Things Journal.

[3]  Grant Hernandez,et al.  Smart Nest Thermostat A Smart Spy in Your Home , 2014 .

[4]  Xiaojiang Du,et al.  An Location-aware Authentication Scheme for Cross-domain Internet of Thing Systems , 2018, 2018 International Conference on Computing, Networking and Communications (ICNC).

[5]  Jie Wu,et al.  Wormhole defense for cooperative trajectory mapping , 2012, Int. J. Parallel Emergent Distributed Syst..

[6]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[7]  Mohsen Guizani,et al.  Stream-based cipher feedback mode in wireless error channel , 2009, IEEE Transactions on Wireless Communications.

[8]  Mohsen Guizani,et al.  Transactions papers a routing-driven Elliptic Curve Cryptography based key management scheme for Heterogeneous Sensor Networks , 2009, IEEE Transactions on Wireless Communications.

[9]  Xiaojiang Du,et al.  Permission-combination-based scheme for Android mobile malware detection , 2014, 2014 IEEE International Conference on Communications (ICC).

[10]  Gongjun Yan,et al.  Trust On the Security of Wireless Vehicular Ad-hoc Networking , 2015, Ad Hoc Sens. Wirel. Networks.

[11]  Xiaojiang Du,et al.  Adaptive cell relay routing protocol for mobile ad hoc networks , 2006, IEEE Transactions on Vehicular Technology.

[12]  Jie Wu,et al.  Sybil defenses in mobile social networks , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[13]  Matthew Green,et al.  Decentralized Anonymous Credentials , 2014, NDSS.

[14]  Qing Yang,et al.  On the Security of Information Dissemination in the Internet-of-Vehicles , 2017 .

[15]  Kenji Takahashi,et al.  Authentication using multiple communication channels , 2005, DIM '05.

[16]  Danda B. Rawat,et al.  Detection of False Data Injection Attacks in Smart Grid Communication Systems , 2015, IEEE Signal Processing Letters.

[17]  Xiaojiang Du,et al.  A Novel Traceroute-Based Detection Scheme for Wi-Fi Evil Twin Attacks , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[18]  Xiaojiang Du,et al.  A Lightweight Multicast Authentication Mechanism for Small Scale IoT Applications , 2013, IEEE Sensors Journal.

[19]  Xiaojiang Du,et al.  Implementation and performance analysis of SNMP on a TLS/TCP base , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[20]  Xiaojiang Du,et al.  Self-healing sensor networks with distributed decision making , 2007, Int. J. Sens. Networks.

[21]  Rajasekhar Mungara,et al.  A Routing-Driven Elliptic Curve Cryptography based Key Management Scheme for Heterogeneous Sensor Networks , 2014 .

[22]  Mohsen Guizani,et al.  An effective key management scheme for heterogeneous sensor networks , 2007, Ad Hoc Networks.

[23]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[24]  Jie Wu,et al.  A Survey of Sybil Attacks in Networks , 2013 .

[25]  Xiaojiang Du,et al.  Security in wireless sensor networks , 2008, IEEE Wireless Communications.