National Institute of Standards and Technology における超伝導研究及び生活

The paradigm of Internet of Things (IoT) is paving the way for a world, where many of our daily objects will be interconnected and will interact with their environment in order to collect information and automate certain tasks. Such a vision requires, among other things, seamless authentication, data privacy, security, robustness against attacks, easy deployment, and self-maintenance. Such features can be brought by blockchain, a technology born with a cryptocurrency called Bitcoin. In this paper, a thorough review on how to adapt blockchain to the specific needs of IoT in order to develop Blockchain-based IoT (BIoT) applications is presented. After describing the basics of blockchain, the most relevant BIoT applications are described with the objective of emphasizing how blockchain can impact traditional cloud-centered IoT applications. Then, the current challenges and possible optimizations are detailed regarding many aspects that affect the design, development, and deployment of a BIoT application. Finally, some recommendations are enumerated with the aim of guiding future BIoT researchers and developers on some of the issues that will have to be tackled before deploying the next generation of BIoT applications.

A Review on the Use of Blockchain for the Internet of Things

Cloud storage enables users to remotely store their data and enjoy the on-demand high quality cloud applications without the burden of local hardware and software management. Though the benefits are clear, such a service is also relinquishing users' physical possession of their outsourced data, which inevitably poses new security risks toward the correctness of the data in cloud. In order to address this new problem and further achieve a secure and dependable cloud storage service, we propose in this paper a flexible distributed storage integrity auditing mechanism, utilizing the homomorphic token and distributed erasure-coded data. The proposed design allows users to audit the cloud storage with very lightweight communication and computation cost. The auditing result not only ensures strong cloud storage correctness guarantee, but also simultaneously achieves fast data error localization, i.e., the identification of misbehaving server. Considering the cloud data are dynamic in nature, the proposed design further supports secure and efficient dynamic operations on outsourced data, including block modification, deletion, and append. Analysis shows the proposed scheme is highly efficient and resilient against Byzantine failure, malicious data modification attack, and even server colluding attacks.

/pdf/toward-secure-and-dependable-storage-services-in-cloud-1h1z2suddd.pdf

Toward Secure and Dependable Storage Services in Cloud Computing

Medical care has become one of the most indispensable parts of human lives, leading to a dramatic increase in medical big data. To streamline the diagnosis and treatment process, healthcare professionals are now adopting Internet of Things (IoT)-based wearable technology. Recent years have witnessed billions of sensors, devices, and vehicles being connected through the Internet. One such technology—remote patient monitoring—is common nowadays for the treatment and care of patients. However, these technologies also pose grave privacy risks and security concerns about the data transfer and the logging of data transactions. These security and privacy problems of medical data could result from a delay in treatment progress, even endangering the patient’s life. We propose the use of a blockchain to provide secure management and analysis of healthcare big data. However, blockchains are computationally expensive, demand high bandwidth and extra computational power, and are therefore not completely suitable for most resource-constrained IoT devices meant for smart cities. In this work, we try to resolve the above-mentioned issues of using blockchain with IoT devices. We propose a novel framework of modified blockchain models suitable for IoT devices that rely on their distributed nature and other additional privacy and security properties of the network. These additional privacy and security properties in our model are based on advanced cryptographic primitives. The solutions given here make IoT application data and transactions more secure and anonymous over a blockchain-based network.

https://www.mdpi.com/1424-8220/19/2/326/pdf

A Decentralized Privacy-Preserving Healthcare Blockchain for IoT

A Charter of Fundamental Rights for the European Union

On perspective of security and privacy-preserving solutions in the internet of things

The Internet of Things (IoT) employs smart devices as its building blocks for developing a ubiquitous communication framework. It thus supports a wide variety of application domains, including public safety, healthcare, education, and public transportation. While offering a novel communication paradigm, IoT finds its requirements closely connected to the security issues. The role of security following the fact that a new type of devices known as wearables constitute an emerging area. This paper delivers an applicability study of the state-of-the-art cryptographic primitives for wearable IoT devices, including the pairing-based cryptography. Pairing-based schemes are well-recognized as fundamental enablers for many advanced cryptographic applications, such as privacy protection and identity-based encryption. To deliver a comprehensive view on the computational power of modern wearable devices (smart phones, watches, and embedded devices), we perform an evaluation of a variety of them utilizing bilinear pairing for real-time communication. In order to deliver a complete picture, the obtained bilinear pairing results are complemented with performance figures for classical cryptography (such as block ciphers, digital signatures, and hash functions). Our findings show that wearable devices of today have the needed potential to efficiently operate with cryptographic primitives in real time. Therefore, we believe that the data provided during this research would shed light on what devices are more suitable for certain cryptographic operations.

Feasibility characterization of cryptographic primitives for constrained (wearable) IoT devices

The basic concept behind the emergence of Internet of Things (IoT) is to connect as many objects to the Internet as possible in an attempt to make our lives better in some way. However, connecting everyday objects like your car or house to the Internet can open up major security concerns. In this paper, we present a novel security framework for the Message Queue Transport Telemetry (MQTT) protocol based on publish/subscribe messages in order to enhance secure and privacy-friendly Internet of Things services. MQTT has burst onto the IoT scene in recent years due to its lightweight design and ease of use implementation necessary for IoT. Our proposed solution provides 3 security levels. The first security level suits for lightweight data exchanges of non-tampered messages. The second security level enhances the privacy protection of data sources and data receivers. The third security level offers robust long-term security with mutual authentication for all parties. The security framework is based on light cryptographic schemes in order to be suitable for constrained and small devices that are widely used in various IoT use cases. Moreover, our solution is tailored to MQTT without using additional security overhead.

A Secure Publish/Subscribe Protocol for Internet of Things

In power analysis, many different statistical methods and power consumption models are used to obtain the value of a secret key from the power traces measured. An interesting method of power analysis based on multi-layer perceptron was presented in [1] claiming a \(90\,\%\) success rate. The theoretical and empirical success rates were determined to be \(80\,\%\) and \(85\,\%\), respectively, which is not sufficient enough. In the paper, we propose and realize an optimization of this power analysis method which improves the success rate to almost \(100\,\%\). The optimization is based on preprocessing the measured power traces using the calculation of the average trace and the subsequent calculation of the difference power traces. In this way, the prepared power patterns were used for neural network training and of course during the attack. This optimization is computationally undemanding compared to other methods of preprocessing usually applied in power analysis, and has a great impact on classification results. In the paper, we compare the results of the optimized method with the original implementation. We highlight positive and also some negative impacts of the optimization on classification results.

/pdf/optimization-of-power-analysis-using-neural-network-ujldqacmty.pdf

Optimization of Power Analysis Using Neural Network

Attribute-based credentials are cryptographic schemes designed to enhance user privacy. These schemes can be used for constructing anonymous proofs of the ownership of personal attributes. The attributes can represent any information about a user, e.g., age, citizenship or birthplace. The ownership of these attributes can be anonymously proven to verifiers without leaking any other information. The problem of existing credential schemes is that they do not allow the practical revocation of malicious or expired users when slow off-line devices (for example, smart-cards) are used for storing attributes. This prevents existing systems from being used on eIDs (electronic ID cards), employees' smart-cards or, for example, library access cards. In this paper, we propose a novel cryptographic scheme which allows both expired user revocation and de-anonymization of malicious users on commercially available smart-cards. In addition to the full cryptographic specification of the scheme, we also provide implementation results on .NET V2+ and MultOS smart-card platform.

/pdf/unlinkable-attribute-based-credentials-with-practical-3pny523ydr.pdf

Jan Hajny

Papers

On perspective of security and privacy-preserving solutions in the internet of things

Feasibility characterization of cryptographic primitives for constrained (wearable) IoT devices

A Secure Publish/Subscribe Protocol for Internet of Things

Optimization of Power Analysis Using Neural Network

Unlinkable attribute-based credentials with practical revocation on smart-cards