Blockchain based privacy-preserving software updates with proof-of-delivery for Internet of Things

Yanqi Zhao, Yiming Liu, Aikui Tian, Yong Yu, Xiaojiang Du

Research output: Contribution to journalArticlepeer-review

43 Scopus citations

Abstract

A large number of IoT devices are connected via the Internet. However, most of these IoT devices are generally not perfect-by-design even have security weaknesses or vulnerabilities. Thus, it is essential to update these IoT devices securely, patching their vulnerabilities and protecting the safety of the involved users. Existing studies deliver secure and reliable updates based on blockchain network which serves as the transmission network. However, these approaches could compromise users privacy when updating the IoT devices. In this paper, we propose a new blockchain based privacy-preserving software update protocol, which delivers secure and reliable updates with an incentive mechanism while protects the privacy of involved users. A vendor delivers the updates and makes a commitment by using smart contract to provide financial incentive to the transmission nodes who deliver the updates to its IoT devices. A transmission node can get financial incentive by providing a proof-of-delivery. In order to obtain the proof-of-delivery, the transmission node uses double authentication preventing signature (DAPS) to carry out fair exchange. Specifically, the transmission node uses the DAPS to exchange an attribute-based signature (ABS) of one IoT device. Then, it uses the ABS as proof-of-delivery to receive financial incentives. Generally, to generate an ABS, the IoT device has to execute complex computations which is intolerable for resource limited devices. We propose a concrete outsourced attribute-based signature (OABS) scheme to overcome the weakness. Then, we prove the security of the proposed OABS and the protocol. Finally, we implement smart contract in Solidity to demonstrate the validity of the proposed protocol.

Original languageEnglish
Pages (from-to)141-149
Number of pages9
JournalJournal of Parallel and Distributed Computing
Volume132
DOIs
StatePublished - Oct 2019

Keywords

  • Attribute-based signatures
  • Blockchain
  • IoT
  • Privacy-preserving
  • Software update

Fingerprint

Dive into the research topics of 'Blockchain based privacy-preserving software updates with proof-of-delivery for Internet of Things'. Together they form a unique fingerprint.

Cite this