When it comes to the Internet of Things, a blockchain can be provide a platform to handle device authentication process and thereby prevent a spoofing attack by malicious parties who may impersonate some other device to launch an attack to steal data or cause some other mayhem.Blockchain will allowdirect communication between two or more devices so that they are able to transact without going through a third-party intermediary, and in effect make spoofing more cost prohibitive. This White Paper explains how blockchain can improve the security of IOT devices.
Injustice - Developers Among Us (SciFiDevCon 2024)
How blockchain will defend iot
1. www.itsblockchain.com Hitesh Malviya
1 | P a g e
How Blockchain will Defend IOT
White Paper
Hitesh Malviya
www.itsblockchain.com
contact@hiteshmalviya.com
2. www.itsblockchain.com Hitesh Malviya
2 | P a g e
About Author
Hitesh Malviya is renowned for his work in information security, building start-ups and Digital
Identity. His Expertise includes Blockchain, Information Security, Agile Product development
and Start-ups. He has authored 10+ research papers on topics related to credit card security,
cloud computing security and web application security. His work has been recognized by
defence ministry of South Africa in past. He writes articles on Blockchain technology and its
Use-cases at itsblockchain.com
3. www.itsblockchain.com Hitesh Malviya
3 | P a g e
Abstract
Blockchain technology is the missing link to settle scalability, privacy, and reliability concerns in
the Internet-of-Things. Blockchain technologies could perhaps be the silver bullet needed by
the IoT industry. Blockchain technology can be used in tracking billions of connected devices,
enable the processing of transactions and coordination between devices, allow for significant
savings to IoT industry manufacturers. This decentralized approach would eliminate single
points of failure, creating a more resilient ecosystem for devices to run on. The cryptographic
algorithms used by blockchains, would make consumer data more private.
4. www.itsblockchain.com Hitesh Malviya
4 | P a g e
Contents
1. Introduction .............................................................................................4
2. Internet of things .....................................................................................4
3. Challenges to secure IOT Deployment ....................................................5
4. Dealing with challenges and threats .......................................................5
5. The Blockchain Approach ........................................................................6-7
6. How Blockchain will secure the IOT ........................................................7-9
7. Blockchain in IOT Use-Cases ....................................................................9-10
8. Conclusion ................................................................................................10
9. References ................................................................................................11
5. www.itsblockchain.com Hitesh Malviya
5 | P a g e
Introduction
Blockchain has been under-rated since innovated. But its future, with regard to investments,
use-cases and startups, is bright and promising. LTP has always been at the forefront, hiding
every update of financial space. Assets of real-world can be linked to the blockchain and traded
digitally in numerous ways. Yet, the best non-financial use case of blockchain is its application in
IoT.
Blockchain has variety of applications for IoT and smart systems. When linked with Internet of
Things, the concept of blockchain paves way for inventions. Blockchain technology can be used
in investigating the history of individual devices. It may be used for transactions and
coordination between participating devices. The technology lead to independence of IoT
devices by recording the ledger of data exchanges between devices, services and human users,
and by enabling them to conduct transactions.
Internet of things
IoT is broadening scope and adding more to the competitive advantage in current and new
markets. It spreads its wings everywhere—not just the data, but how, when, where and why
you collect it. The creators of Internet of Things aren’t just revolutionizing the internet, but
evolving things connected to the internet—the devices and gateways on the edge of the
network that are now able to request a service or start an action without human intervention at
almost every stage.
Since the generating and analysing data is integral to the IoT, protecting data throughout its life
cycle must be given consideration. But managing information at every step is a tedious task
because data flows across countless administrative boundaries, each of them having different
policies and intents.
IoT is a system-of-systems because of the various technological and physical components that
constitute IoT ecosystem. The architecting of these systems that provide business value to
organizations will often be a complex undertaking, as enterprise architects work to design
integrated solutions that include edge devices, applications, transports, protocols, and analytics
capabilities that make up a fully functioning IoT system. This complexity brings along with itself,
challenges to secure IoT, and ensuring that a particular instance of the IoT cannot be used as a
jumping off point to attack other enterprise information technology (IT) systems.
International Data Corporation (IDC) says that around 90% of organizations that put IoT into
practice will have to bear an IoT-based breach of back-end IT systems by the year 2017.
6. www.itsblockchain.com Hitesh Malviya
6 | P a g e
Challenges to Secure IoT Deployments
Irrespective of the role Internet of Things ecosystem has to play in your business— device
manufacturer, solution provider, cloud provider, systems integrator, or service provider—you
require have knowledge of getting greatest benefit from this new technology that offers a
highly diverse and rapidly changing opportunities.
Managing such huge amount of existing and projected data is unnerving. And then, dealing with
the inevitable complexities of connecting to a seemingly unlimited list of devices is even more
complex. Further, the target of turning the deluge of data into valuable actions is next to
impossible because of the many obstacles that come across. The prevalent security
technologies will help in eliminating IoT risks but they are not sufficient. The target is to send
data to the right place securely in time, in the right format.
Dealing with the Challenges and Threats
Gartner predicted, ’more than 20% of businesses will deploy security solutions for protecting
their IoT devices and services by 2017, IoT devices and services will expand the surface area for
cyber-attacks on businesses, by turning physical objects that used to be offline into online
assets communicating with enterprise networks. Businesses will have to respond by broadening
the scope of their security strategy to include these new online devices.’
Businesses will have to customize security in accordance with each IoT deployment and the
unique capabilities of the devices involved and the risks linked to networks connected to those
devices. BI Intelligence is expecting to spend on solutions to safeguard IoT devices and systems
to grow five fold over the next four years.
The Optimum Platform
Creating successful solutions for the Internet of Things requires unprecedented collaboration,
coordination, and connectivity for each piece in the system, and also the system as a whole. All
devices need to function with co-ordination with all other devices, and all devices must
communicate effortlessly and securely. Not impossible but expensive, time consuming, and
tough, till an innovative way to IoT security arises.The Problem with the Current Centralized
Model and Decentralizing IoT Networks have been discussed in detail in the previous article:
7. www.itsblockchain.com Hitesh Malviya
7 | P a g e
The Blockchain Approach
Blockchain is a “distributed ledger” technology that has underpinned bitcoin and has become
an area of immense interest in not only the tech industry but also beyond it. Blockchain
technology comes with a way of saving and securing transactions or any other digital
interaction that has to be made secure, transparent, highly resistant to outages, auditable, and
efficient; as such, it has a potential of disrupting industries and helping new business models
grow. The technology is evolving exponentially fast; however, global commercialization is still a
thing of future. Present day decision makers should pay heed now and start investigating
applications of the technology.
What is Blockchain?
Blockchain is a digital ledger that up keeps a record of ever-growing set of data. It is a
decentralized system, i.e., there is no master computer managing the entire chain. Instead, all
participating nodes have a copy of the chain.
A blockchain consists of two types of elements:
1. Transactions are created by the participants of the system.
2. Blocks record these transactions in the correct sequence and do not allow any tampering.
Blocks also record a time stamp when the transactions were added.
What are Some Advantages of Blockchain?
1. The greatest advantage of blockchain is being public. Every participant has the access to
blocks and the transactions stored in them. There is a twist in the plot. Well! Everyone can’t see
the actual content of your transaction; that’s protected by your private key.
2. A blockchain is decentralized, so no single authority has the discretion to approve the
transactions or set rules. That means there’s a huge amount of trust involved since all the
participants in the network have to reach a consensus to accept transactions.
3. Most importantly, it’s secure. The database can only be extended and previous records
cannot be changed (at least, there’s a very high cost if someone wants to alter previous
records).
8. www.itsblockchain.com Hitesh Malviya
8 | P a g e
How Does it Work?
When someone wants to add a transaction to the chain, all the participants in the network will
validate it. They do this by applying an algorithm to the transaction to verify its validity. What
exactly is understood by “valid” is defined by the blockchain system and can differ between
systems. Then it is up to a majority of the participants to agree that the transaction is valid.
A set of approved transactions are then bundled in a block, which gets sent to all the nodes in
the network. They in turn validate the new block. Each successive block contains a hash, which
is a unique fingerprint, of the previous block.
Two Main Types of Blockchain
1. In a public blockchain, everyone can read or write data. Some public blockchains limit the
access to just reading or writing. Bitcoin, for example, uses an approach where anyone can
write.
2. In a private blockchain, all the participants are known and trusted. This is useful when the
blockchain is used between companies that belong to the same legal mother entity.
How Blockchain will secure the internet of things
Blockchain is a way of securing financial data which is flexible enough to make an entreaty with
any high-stake record keeping.’
The technological slip into implementing the Internet of Things’ in common man’s life, bodies,
homes and almost everything, has blessed them with efficiency, flexibility and convenience in
their routine lives. Connectivity is remarkable, but data security is in a questionable state as
yet! However, Wi-Fi-enabled security cameras can help in gaining real-time information. This
applies to internet-connected alarm systems as well. Also, a smart TV has valuable information
as information on Netflix and Amazon accounts can lead to a credit card or identity details. Of
course, the smart phone has given birth to all identity concerns.
It is a centralised resource of account information that has the ability to connect with almost all
smart devices, a smart home and even a car – something that becomes even more vulnerable
as the age of self-driving cars approaches. Recently, a CBS 60-Minutes story threw light on the
widespread capabilities of a hacker that only has a person’s phone number.
It’s evident that the Internet of Things hides in itself security concerns in ways that
unimaginable a decade ago. The blockchain may pose as the root of almost all solutions.
9. www.itsblockchain.com Hitesh Malviya
9 | P a g e
Earlier developed to support digital currency, the bitcoin, the open blockchain model has innate
transparency and permanence. These qualities are necessary to design a secure method of
direct authentication between smart devices. The present model of Bitcoin can span into many
applications – any industry that requires archival integrity can adopt the blockchain.
When it comes to the Internet of Things, a blockchain can be provide a platform to handle
device authentication process and thereby prevent a spoofing attack by malicious parties who
may impersonate some other device to launch an attack to steal data or cause some other
mayhem. Blockchain will allow direct communication between two or more devices so that
they are able to transact without going through a third-party intermediary, and in effect make
spoofing more cost prohibitive.
This type of authentication would apply to an open blockchain, not permissioned or private.
The model permits users to synchronise numerous devices against a single system of authority
that is distributed and censorship resistant. The identity chain, created for each device, holds a
permanent record. Cryptography allows only validated devices to access. When new devices
are added, their identity records are registered with blockchain for permanent reference. Any
changes in device configuration will be also be authenticated in the context of the blockchain
validation model, ensuring that any falsified records can be prevented. This new technology will
take some time to be put into practice. Although many industry leaders and governments will
begin testing this year.
Not just tech workers, but also stakeholders will need to get on board. An industry agreeing on
a blockchain design would make a difference. It’s not necessary that every Internet of Things
device manufacturer or software developer write data to the same blockchain – instead, it
could go further upstream and be an agreement between OEM manufacturers of essential
components that are used in the authentication process flow. The blockchain has extra features
to create records of any data it generates – “for example, a smart front door lock can have a
transaction log of video activation when someone exits/enters the home or unlocks it remotely.
Each item in the history creates another historical link in its respective identity chain that can
provide further data to use for authentication matching. If someone with malicious intent was
to try and change the protocol of the door lock without the correct credentials or there was a
change in the configuration, the blockchain validation model would not allow for the door lock
to be changed.”
Essentially, blockchain’s effectiveness is attributed to its standing as a public record, with user
nodes all auditing the same record. Though this creates privacy concerns over sensitive data;
however, the blockchain provides protection against this through the use of one-way hashes. A
cryptographic hash function is an algorithm to mapdata and minimize its size to a bit string, “a
10. www.itsblockchain.com Hitesh Malviya
10 | P a g e
hash function”, which is also created to be one-way and impossible to invert. This means it is
almost impossible to get through the content of a hash without the source data.
The Internet of Things is still a budding industry, but has potential to become pervasive and
significant as technology advances. At an early stage, it’s unfavorable to set up a feasible
solution that will help the industry grow as the volume of connected devices. Blockchain brings
up special solutions-like establishment as a secure means of protecting financial data but
flexible enough to be applied to any high-stakes record keeping. With the Internet of Things
demonstrating the ability to connect every aspect of a person’s life, it truly doesn’t get any
more high stakes than that.
Blockchain in IOT Use-cases
Reputed technology firms and startups are investigating multiple ways of using these use
cases. They are investing extensively to research all possible solutions that the technology could
be leveraged into. The main aim of these use-cases is to link the home network to the cloud
and electrical devices nearby (home automation). Some of these firms are:
1. IBM
IBM is one of the earliest companies to announce prospection of blockchain. It has developed
multifarious partnerships at every stage proving their interest in blockchain. It has published a
report claiming blockchain as an elegant solution for the IoT. In January 2015, it revealed a
proof-of-concept for ADEPT, a research project for IoT using P2P blockchain technology. It has
also partnered with Samsung for establishing a proof-of-concept system for the next generation
of the IoT. The system will be based on IBM’S ADEPT (Autonomous Decentralized Peer-to-Peer
Telemetry). The ADEPT platform consists of three elements: Etherum, Telehash and BitTorrent.
With the platform, both the companies wish to innovate a set of devices which can
automatically signal operational problems and retrieve software updates without any human
intervention. These devices will also have the ability to communicate with other neighboring
devices in order to facilitate battery powering and energy efficiency.
2. Filament
The company brought up a sensor device TAP which enables the deployment of a secure, all-
range wireless network in seconds. The device can directly communicate to another TAP device
at up to 10 miles, and can connect directly to a phone, tablet, or computer. The company is
extending operations on its blockchain-based Technology Stack. Blockchain technology allows
Filament devices to transact and enable smart contracts ensuring the trust in transactions
11. www.itsblockchain.com Hitesh Malviya
11 | P a g e
independently. Founded in 2012, the company recently raised $5 M in Series A funding which
was led by Bullpen Capital, Verizon Ventures and Samsung Ventures.
3. Ken Code – e plug
ePlug is a Ken Codeproduct. According to a white paper by Ken Code, ‘ePlug is a tiny circuit
board that resides inside “ePlug-certified” electrical outlets and light switches’. The product has
a wide expanse of options for Meshnet, distributed computing, end-to-end data encryption,
dead zone-free Wi-Fi, timer, USB ports, temperature, touch, light and motion sensors for safety
and security, and LEDs for notifications and night lighting. The product uses blockchain-based
login to ensure security. Upon entering the correct Internet address/URL, the ePlug owner will
be presented with a login screen. Initially, blockchain platforms such as OneName.io and
KeyBase.io will be used for ID authentication and access to the ePlug.
4. Tilepay
The company has successfully designed a micropayments platform. Tilepay is a decentralized
payment system based on the bitcoin blockchain. It can be downloaded to a user’s personal
computer, laptop or mobile phone. Every IoT device will have a unique authentication token
that can accept payments via blockchain technology.
Conclusion
Blockchain is a relatively new concept. To set its feet deeper into our lives and make an impact,
it will require some time and effort by all stakeholders. Blockchain is established as a secure
means of protecting financial data but it is flexible enough to be applied to any high-stakes
record keeping. And the domain of Internet of Things is one great platform for any technology.
Hence, it would be an interesting quest for the blockchain to find its place in the industry.
12. www.itsblockchain.com Hitesh Malviya
12 | P a g e
References
1. http://itsblockchain.com/2016/10/22/iot-will-cause-serious-damage-future-solution/
2. http://itsblockchain.com/2016/11/03/blockchain-will-defend-internet-things/
3. http://itsblockchain.com/2016/11/04/applying-blockchain-concept-world-iot-offers-
fascinating-possibilities/
4. https://techcrunch.com/2016/06/28/decentralizing-iot-networks-through-blockchain/
5. https://datafloq.com/read/securing-internet-of-things-iot-with-blockchain/2228