TY - JOUR
T1 - Blockchain based privacy-preserving software updates with proof-of-delivery for Internet of Things
AU - Zhao, Yanqi
AU - Liu, Yiming
AU - Tian, Aikui
AU - Yu, Yong
AU - Du, Xiaojiang
N1 - Publisher Copyright:
© 2019 Elsevier Inc.
PY - 2019/10
Y1 - 2019/10
N2 - A large number of IoT devices are connected via the Internet. However, most of these IoT devices are generally not perfect-by-design even have security weaknesses or vulnerabilities. Thus, it is essential to update these IoT devices securely, patching their vulnerabilities and protecting the safety of the involved users. Existing studies deliver secure and reliable updates based on blockchain network which serves as the transmission network. However, these approaches could compromise users privacy when updating the IoT devices. In this paper, we propose a new blockchain based privacy-preserving software update protocol, which delivers secure and reliable updates with an incentive mechanism while protects the privacy of involved users. A vendor delivers the updates and makes a commitment by using smart contract to provide financial incentive to the transmission nodes who deliver the updates to its IoT devices. A transmission node can get financial incentive by providing a proof-of-delivery. In order to obtain the proof-of-delivery, the transmission node uses double authentication preventing signature (DAPS) to carry out fair exchange. Specifically, the transmission node uses the DAPS to exchange an attribute-based signature (ABS) of one IoT device. Then, it uses the ABS as proof-of-delivery to receive financial incentives. Generally, to generate an ABS, the IoT device has to execute complex computations which is intolerable for resource limited devices. We propose a concrete outsourced attribute-based signature (OABS) scheme to overcome the weakness. Then, we prove the security of the proposed OABS and the protocol. Finally, we implement smart contract in Solidity to demonstrate the validity of the proposed protocol.
AB - A large number of IoT devices are connected via the Internet. However, most of these IoT devices are generally not perfect-by-design even have security weaknesses or vulnerabilities. Thus, it is essential to update these IoT devices securely, patching their vulnerabilities and protecting the safety of the involved users. Existing studies deliver secure and reliable updates based on blockchain network which serves as the transmission network. However, these approaches could compromise users privacy when updating the IoT devices. In this paper, we propose a new blockchain based privacy-preserving software update protocol, which delivers secure and reliable updates with an incentive mechanism while protects the privacy of involved users. A vendor delivers the updates and makes a commitment by using smart contract to provide financial incentive to the transmission nodes who deliver the updates to its IoT devices. A transmission node can get financial incentive by providing a proof-of-delivery. In order to obtain the proof-of-delivery, the transmission node uses double authentication preventing signature (DAPS) to carry out fair exchange. Specifically, the transmission node uses the DAPS to exchange an attribute-based signature (ABS) of one IoT device. Then, it uses the ABS as proof-of-delivery to receive financial incentives. Generally, to generate an ABS, the IoT device has to execute complex computations which is intolerable for resource limited devices. We propose a concrete outsourced attribute-based signature (OABS) scheme to overcome the weakness. Then, we prove the security of the proposed OABS and the protocol. Finally, we implement smart contract in Solidity to demonstrate the validity of the proposed protocol.
KW - Attribute-based signatures
KW - Blockchain
KW - IoT
KW - Privacy-preserving
KW - Software update
UR - http://www.scopus.com/inward/record.url?scp=85067258270&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85067258270&partnerID=8YFLogxK
U2 - 10.1016/j.jpdc.2019.06.001
DO - 10.1016/j.jpdc.2019.06.001
M3 - Article
AN - SCOPUS:85067258270
SN - 0743-7315
VL - 132
SP - 141
EP - 149
JO - Journal of Parallel and Distributed Computing
JF - Journal of Parallel and Distributed Computing
ER -