【Abstract】With the rapid increase in the number of Internet of Things (IoT) devices in recent years, massive amounts of sensitive IoT data are being generated and transmitted over the Internet. Despite its growing adoption in various fields, IoT security remains a major challenge requiring further research. IoT authen-tication is an essential security mechanism for building trust in IoT systems. However, conventional authentication approaches use expensive cryptographic primitives that do not align with the resource-constrained nature of IoT devices. Furthermore, centralized authentication schemes have proven to be inapplicable for cross-domain authentication and do not limit the scalability of IoT networks. Recently, blockchain technology has been applied to building decentralized authentication between IoT devices. Nevertheless, most existing blockchain-based authentication approaches incur high overhead in IoT com-putation, storage, and energy consumption. Authentication time is another critical issue in real-time IoT systems. When numerous IoT authentication requests are transferred to the blockchain, an additional time delay is imposed, in addition to the high computational cost of the blockchain caused by the con-sensus mechanism. This study proposes a hybrid centralized and blockchain-based authentication archi-tecture for IoT systems. Edge servers are deployed to provide centralized authentication for associated IoT devices. A blockchain network of centralized edge servers is then established to ensure decentralized authentication and verification of IoT devices that belong to different and heterogeneous IoT systems. Lightweight cryptographic methods are implemented to achieve efficient authentication, in which limit-ing the consumption of IoT resources is required. The architecture is demonstrated using a local Ethereum blockchain network. The results indicate that the proposed method achieves significant improvements in terms of computation cost, execution time, and power consumption for IoT compared with centralized and blockchain-based authentication schemes. A security analysis proves the ability of our architecture to mitigate attacks and satisfy the IoT security requirements. & COPY; 2023 The Author(s). Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
【Abstract】With the emergence of Industry 4.0, the features of the technologies that are utilized in broad range of areas are obliged to change according to the new necessities. Especially, the network requirements have to be adopted accordingly in terms of efficiency, transparency, faster pay-outs and asset security. The blockchain technology promises to fulfill the requirements these key aspects of networking impose with the advantages it provides. However, the technology has certain limitations regarding its scalability and its transaction throughput rate. The advantages in security provided by blockchain comes at a cost in terms of scalability and transaction throughput rate. In this paper, a novel decentralized and distributed network architecture is presented. With its novel approach the proposed architecture aims to address these issues with network scalability and to provide an increased transaction throughput rate. Without introducing any centralization with its clusters, the proposed architecture allows the network to utilize its resources much more efficiently and effectively, which allows the participants to focus their efforts on mining, increasing the performance of the network. The architecture also proposes a novel communication handling promoting bulk communications and random workload distribution over the entire network to reduce the bottlenecking that occurs on the peers. A comparison to other state-of-theart works, namely Bitcoin [1] and Community Clustering [2], is also presented in this paper. The comparison of the collected data shows that the proposed architecture in this paper is able to reduce the overall network latency and provide an increase in the transaction throughout of the network.
【Abstract】The traditional system designed by incorporating the Wireless Sensor Network (WSN) suffers from important issues such as centralization of information, single source of trust, and fails to provide a trusted data-auditing solution due to the involvement of Third Party Auditor (TPA). This article proposes a novel solution by leveraging the concept of blockchain and Distributed Data Storage Service (DDSS) system to mitigate the issues mentioned above. In our model, the sensor nodes are accountable for their activity because the blockchain permanently records the logs of sensor nodes. The proposed solution provides the decentralized authentication of sensor nodes and the information stored in the fully distributed system. Furthermore, a decentralized data -auditing scheme without involving the TPA is also suggested, which finally benefits the user in terms of bandwidth and money. The formal verification of the proposed protocol is done using the Scyther simulator tool, which indicates that the protocol is safe and can protect against the relevant attacks with 100% accuracy. We have estimated the proposed scheme's time complexity and computational efficiencies and compared them with the existing one. The computation and communication overhead of the proposed method is reduced by 22.143% and 12.5% compared with the Khalid et al. (2020) scheme. Lastly, the ethereum platform simulates our solution, confirming that less than USD 2 is required to execute the proposed solution.
【Abstract】With the increase in intelligent voice phishing and the increasing reliance on open banking systems, there has been a rise in cases where individuals' personal information has been exposed, resulting in significant financial losses for the victims. Non-face-to-face transactions in the financial sector face challenges such as customer identification, ensuring transaction integrity and preventing transaction rejection. Blockchain-based distributed ledgers have been proposed as a solution but their adoption is limited due to the difficulty of managing private keys and the burden of gas fees management. This paper proposes a non-face-to-face P2P real-time token payment system that minimizes the risk of key loss by storing private keys in a keystore file and database through a server-based key management module. The proposed system simplifies token creation and management through a server-based token management module and implements an automatic gas-charging function for smooth token transactions. Transaction integrity and non-repudiation are ensured through a transaction confirmation module that uses transaction IDs without exposing personal information. Furthermore, advanced security measures such as blocking foreign IP access and DDoS defense are implemented to securely protect user data. The proposed system aims to provide a convenient, secure and accessible online payment solution to the public by implementing a self-authentication function using a web application that is not limited to smartphones or application platforms.
【Abstract】Trilemma in blockchain refers to the infamous problem of simultaneously not delivering the three critical aspects of a ledger: security, scalability, and decentralisation. While security and scalability hinder decentralisation, security is jeopardised if the scalability is escalated. This deficiency of not maintaining a balance among these three crucial factors restricts the broader adoption of blockchain technology and cryptocurrencies in the industries. This paper proposes a solution to the blockchain trilemma by implementing a public ledger using The InterPlanetary File System (IPFS) and a newly introduced strategy called the double-chain technique. The scalability and decentralisation features are guaranteed by the distributed file system of IPFS and the public nature of the blockchain suggested in this study. Although any consensus can be plugged into our system, the proof-of-work consensus is utilised to ensure that the security is not compromised while stabilising scalability and decentralisation.
