Professional Documents
Culture Documents
Using The Blockchain For Key Management in The Internet of Things
Using The Blockchain For Key Management in The Internet of Things
Abstract—The blockchain, distributed and unalterable ledger, more cumbersome. The lower cost, increased usability and
has lowered the cost of ownership records. This mechanism transparency make this method suitable for IoT devices.
that required the involvement of notaries and was once re- Additionally, we propose to use the basic ownership
served for expensive items can now be used for every type of recording mechanism to exchange device-related secrets,
assets. We propose to use it to keep track of the ownership thus enabling remote configuration of the devices and fa-
of IoT (Internet of Things) devices. By registering devices cilitating the management of multiple device-related secret
and their transfer into the blockchain, we build a chain of for a single owner.
ownership that can be used to prove ownership before a sale Ownership tracking via a blockchain has already been
and transfer ownership after a purchase, or to track and warn implemented. On the Bitcoin blockchain, Colored Coins [5]
owners of security threats faced by their devices. can be used to track asset exchanges. On the Ethereum
The blockchain produces a recording system that does not blockchain [6], smart contracts [7] can be programmed
depend on the storing infrastructure of a third party, nor does
to do similar things. Other blockchains such as NXT [8]
provide a native asset exchange. These implementations are
it require trust while the infrastructure cost is divided amongst
not IoT-specific but their general-purpose tokens are IoT-
users. Additionally, the proof of ownership is pseudonymous
compatible. They are however only focused on ownership
and ownership changes are publicly advertized. This last
record and cannot be used for key management or to share
aspects can lead to the automation of access right revocation
configurations.
when a device changes hands.
In the academic literature, the transfer of ownership in
An extension is proposed that facilitates remote configura- the IoT is addressed at the device level [9], [10]. Ownership
tion and key management. Indeed, when a single owner must transfer is defined [11] as “the capability to pass ownership
configure a great number of devices, the same mechanism can of a tag to a third party without compromising backward
be used to register an ownership change and communicate untraceability for the said party or forward untraceability
secrets needed for remote device configuration. Once the new for the previous owner.” The focus is on key management
owner has set up its IoT devices, the blockchain can be used and domain boundaries. The devices that are concerned by
to store and manage device-related secret. these protocols are RFID tags. No record is kept of past
owners. Our solution precisely focuses on these ownership
records.
1. Introduction Section 2 presents the bases of our blockchain-based
ownership record mechanism. Section 3 enables remote
In 2008, Bitcoin [1], the decentralized, digital currency, configuration and secret management. Finally, section 4
first cryptocurrency, introduced the blockchain to the world. concludes this document.
Public ledger that enables the decentralized and persistent
recording of transactions, the blockchain has since found 2. Asset Ownership
applications outside of the financial world. We can cite for
instance voting [2], online games [3], ride sharing [4], etc. Motivations. Asset ownership is a common
One of the most immediate application of the blockchain blockchain application. It is usually applied to expensive
is the recording of asset ownership. We propose to apply this assets such as houses, art work or cars, assets which
principle to IoT devices. The blockchain offers a cheaper ownership would otherwise be recorded using traditional
alternative to classic ownership recording methods that in- means i.e. notaries. The blockchain lowers the cost and
volve a third party (e.g. notaries for land titles) and are administrative hassle associated to these transactions, thus
Figure 2. Proof of ownership and ownership transfer
Figure 1. Ownership records expressed as blockchain transactions
4. Conclusion
The blockchain has made the tracking of asset’s owner-
ship relatively inexpensive. It does not have to be reserved
for houses and boats any longer. We therefore propose to
use it to track the ownership of IoT devices. The chain of
ownership can be augmented by adding additional informa-
tion to transfer transactions. That information can be used
to help owners manage their devices and the corresponding
secrets.
References
[1] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.
[Online]. Available: http://www.cryptovest.co.uk/resources/Bitcoin%
20paper%20Original.pdf
[2] “Follow my vote,” https://followmyvote.com/, last checked Feb, 16th
2018.
[3] “First blood,” https://firstblood.io/, last checked Feb, 16th 2018.
[4] “Arcade City,” https://arcade.city/, last checked Feb, 16th 2018.
[5] M. Rosenfeld, “Overview of colored coins,” White paper, bitcoil. co.
il, p. 41, 2012.
[6] V. Buterin et al., “Ethereum white paper,” https://github.com/
ethereum/wiki/wiki/White-Paper, 2013, last checked : 23/09/2016.
[7] N. Szabo, “Formalizing and securing relationships on public
networks,” First Monday, vol. 2, no. 9, 1997. [Online]. Available:
http://szabo.best.vwh.net/formalize.html
[8] “Nxt,” https://nxtplatform.org/, last checked: February, 23th 2018.
[9] K. Osaka, T. Takagi, K. Yamazaki, and O. Takahashi, “An efficient
and secure rfid security method with ownership transfer,” in RFID
security. Springer, 2008, pp. 147–176.
[10] B. R. Ray, J. Abawajy, M. Chowdhury, and A. Alelaiwi, “Universal
and secure object ownership transfer protocol for the internet of
things,” Future Generation Computer Systems, vol. 78, pp. 838–849,
2018.
[11] E. Rekleitis, P. Rizomiliotis, and S. Gritzalis, “How to protect security
and privacy in the iot: a policy-based rfid tag management protocol,”
Security and Communication Networks, vol. 7, no. 12, pp. 2669–2683,
2014.