scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs.

30 Apr 2021-Sensors (Multidisciplinary Digital Publishing Institute)-Vol. 21, Iss: 9, pp 3119
TL;DR: In this paper, the authors propose the use of non-fungible tokens (NFTs) to represent IoT devices, which are physical smart assets, and demonstrate their use on ESP32-based devices and Ethereum blockchain.
Abstract: Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF.

Content maybe subject to copyright    Report

Citations
More filters
Journal ArticleDOI
TL;DR: In this article , the authors discuss the marketing implications of non-fungible tokens (NFTs) using a modified AIDA hierarchy, which can give marketing managers and executives guidelines on how to persuade consumers to purchase NFTs owing to their unique characteristics.

23 citations

Journal ArticleDOI
01 Jul 2022-Sensors
TL;DR: An updated review of authentication mechanisms by categorizing centralized and distributed architectures, and the security issues regarding the authentication of these IoT-enabled smart devices are discussed.
Abstract: Smart devices have become an essential part of the architectures such as the Internet of Things (IoT), Cyber-Physical Systems (CPSs), and Internet of Everything (IoE). In contrast, these architectures constitute a system to realize the concept of smart cities and, ultimately, a smart planet. The adoption of these smart devices expands to different cyber-physical systems in smart city architecture, i.e., smart houses, smart healthcare, smart transportation, smart grid, smart agriculture, etc. The edge of the network connects these smart devices (sensors, aggregators, and actuators) that can operate in the physical environment and collects the data, which is further used to make an informed decision through actuation. Here, the security of these devices is immensely important, specifically from an authentication standpoint, as in the case of unauthenticated/malicious assets, the whole infrastructure would be at stake. We provide an updated review of authentication mechanisms by categorizing centralized and distributed architectures. We discuss the security issues regarding the authentication of these IoT-enabled smart devices. We evaluate and analyze the study of the proposed literature schemes that pose authentication challenges in terms of computational costs, communication overheads, and models applied to attain robustness. Hence, lightweight solutions in managing, maintaining, processing, and storing authentication data of IoT-enabled assets are an urgent need. From an integration perspective, cloud computing has provided strong support. In contrast, decentralized ledger technology, i.e., blockchain, light-weight cryptosystems, and Artificial Intelligence (AI)-based solutions, are the areas with much more to explore. Finally, we discuss the future research challenges, which will eventually help address the ambiguities for improvement.

9 citations

Journal ArticleDOI
TL;DR: In this article , the authors conducted various econometric analyses to determine if this technical dependence induces a financial linkage to the risk, return, and prices of assets, and they found that NFTs do not demonstrate idiosyncratic features in their price developments and thus they cannot be considered as a separate asset class.

8 citations

Book ChapterDOI
01 Jan 2021
TL;DR: This chapter covers the introduction, technical aspects, security impacts, use cases, and successful implementations of NFTs in various realms.
Abstract: Tokenizing assets through the use of blockchain is the next big thing in digital currency markets. Securing the assets in the world of the internet is challenging as most of them can easily be copied and sold in the secondary market. Protecting the rights of the asset owner is one of the challenging research areas. NFTs (non-fungible tokens) are very useful in representing the ownership of unique items for any assets. NFTs ensure that an asset can have only one official owner at any point in time with the help of Ethereum-based blockchain network. Ethereum NFTs can ensure that no one can modify the ownership rights or copy and paste the digital assets. NFTs are a boon to the artists, musicians, and others who want to create impressive digital assets. The objective of this chapter is to take you to the world of NFTs and to explain how the NFTs are going to impact digital transactions in a bigger way in the future. This chapter covers the introduction, technical aspects, security impacts, use cases, and successful implementations of NFTs in various realms.

8 citations

Journal ArticleDOI
01 Nov 2022-Sensors
TL;DR: In this article , the authors study the market dynamics of non-fungible tokens (NFTs) and NFT marketplaces, and analyze the challenges faced by NFTs and marketplaces in terms of security, transparency, scalability, and consequences leading to these issues and how they will address them.
Abstract: Non-fungible Tokens (NFTs) are ownership records stored on a blockchain, and they are typically digital items such as photos and videos. In many ways, an NFT is like a conventional proof-of-purchase document, such as a paper invoice or an electronic receipt. NFTs are attractive among other things because of verifiability; each sale is recorded as a blockchain transaction, allowing ownership to be tracked. Also, NFTs can be used to transfer digital assets between two mutually distrusting parties, since both the crypto payment and the asset transfer take place in one transaction. With NFTs, all marketplaces can freely trade with the help of decentralized applications (DApps). It is currently estimated that there are over 245 NFT marketplaces (NFTM) listed with over 1000 blockchains as of August 2022 with 68 million blockchain wallet users. With the expansion of markets, they must face challenges and issues. The objective of this review is to study the market dynamics of NFT ecosystems. It also focuses on technical components that enable NFTs and their marketplace. The review provides a deeper understanding of its components, how they are related, and why they are important. The paper analyses the challenges faced by NFTs and marketplaces in terms of security, transparency, scalability, and the consequences leading to these issues and how they will address them, as well as future opportunities.

8 citations

References
More filters
Journal ArticleDOI
02 Oct 2020-Sensors
TL;DR: It is argued that by adhering to the proposed requirements, an IoT system can be designed securely by achieving much of the promised benefits of scalability, usability, connectivity, and flexibility in a practical and comprehensive manner.
Abstract: There has been a tremendous growth in the number of smart devices and their applications (e.g., smart sensors, wearable devices, smart phones, smart cars, etc.) in use in our everyday lives. This is accompanied by a new form of interconnection between the physical and digital worlds, commonly known as the Internet of Things (IoT). This is a paradigm shift, where anything and everything can be interconnected via a communication medium. In such systems, security is a prime concern and protecting the resources (e.g., applications and services) from unauthorized access needs appropriately designed security and privacy solutions. Building secure systems for the IoT can only be achieved through a thorough understanding of the particular needs of such systems. The state of the art is lacking a systematic analysis of the security requirements for the IoT. Motivated by this, in this paper, we present a systematic approach to understand the security requirements for the IoT, which will help designing secure IoT systems for the future. In developing these requirements, we provide different scenarios and outline potential threats and attacks within the IoT. Based on the characteristics of the IoT, we group the possible threats and attacks into five areas, namely communications, device/services, users, mobility and integration of resources. We then examine the existing security requirements for IoT presented in the literature and detail our approach for security requirements for the IoT. We argue that by adhering to the proposed requirements, an IoT system can be designed securely by achieving much of the promised benefits of scalability, usability, connectivity, and flexibility in a practical and comprehensive manner.

86 citations

Journal ArticleDOI
TL;DR: A blockchain-based certificate authority framework that can be used to manage critical chip information such as electronic chip identification, chip grade, and transaction time is proposed that can mitigate most threats of the electronics supply chain, such as recycling, remarking, cloning, and overproduction.
Abstract: Electronic systems are ubiquitous today, playing an irreplaceable role in our personal lives, as well as in critical infrastructures such as power grids, satellite communications, and public transportation. In the past few decades, the security of software running on these systems has received significant attention. However, hardware has been assumed to be trustworthy and reliable “by default” without really analyzing the vulnerabilities in the electronics supply chain. With the rapid globalization of the semiconductor industry, it has become challenging to ensure the integrity and security of hardware. In this article, we discuss the integrity concerns associated with a globalized electronics supply chain. More specifically, we divide the supply chain into six distinct entities: IP owner/foundry (OCM), distributor, assembler, integrator, end user, and electronics recycler, and analyze the vulnerabilities and threats associated with each stage. To address the concerns of the supply chain integrity, we propose a blockchain-based certificate authority framework that can be used to manage critical chip information such as electronic chip identification, chip grade, and transaction time. The decentralized nature of the proposed framework can mitigate most threats of the electronics supply chain, such as recycling, remarking, cloning, and overproduction.

51 citations

Journal ArticleDOI
04 Mar 2021-Sensors
TL;DR: In this article, the authors proposed an alternative approach to creating trust in supply chains with diverse IoT elements, which simplifies data sharing and reduces computational, storage, and latency requirements while increasing the security of the IoT-based supply chain management.
Abstract: Accurate data and strategic business processes are crucial to all parties in a supply chain system. However, the absence of mutual trust can create a barrier to implementation. Several studies have shown that supply chains face challenges arising from a lack of trust with respect to the sharing of data. How well each party trusts the data they receive can have a profound influence on management decisions. Blockchain technology has been widely used to process cryptocurrency transactions. Recently, it has also proved to be effective in creating trust in the Internet of things (IoT) domain. Blockchain technology can facilitate mutual trust between parties who would otherwise have been doubtful of each other's data, allowing for more effective and secure sharing of data. However, if the blockchain is not IoT-optimized, companies can experience significant delays and the need for extensive computational capacity. Moreover, there are still some limitations regarding the consensus between the nodes in the traditional consensus approaches. Here, we propose an alternative approach to creating trust in supply chains with diverse IoT elements. Our streamlined trust model simplifies data sharing and reduces computational, storage, and latency requirements while increasing the security of the IoT-based supply chain management. We evaluate the suggested model using simulations and highlight its viability.

45 citations

Journal ArticleDOI
16 Jul 2020-Sensors
TL;DR: EdgeBoT, a proof-of-concept smart contracts based platform for the IoT built on top of the ethereum blockchain, enables a wider variety of interaction topologies between nodes in the network and external services while guaranteeing ownership of data and end users’ privacy.
Abstract: With an increasing penetration of ubiquitous connectivity, the amount of data describing the actions of end-users has been increasing dramatically, both within the domain of the Internet of Things (IoT) and other smart devices. This has led to more awareness of users in terms of protecting personal data. Within the IoT, there is a growing number of peer-to-peer (P2P) transactions, increasing the exposure to security vulnerabilities, and the risk of cyberattacks. Blockchain technology has been explored as middleware in P2P transactions, but existing solutions have mainly focused on providing a safe environment for data trade without considering potential changes in interaction topologies. we present EdgeBoT, a proof-of-concept smart contracts based platform for the IoT built on top of the ethereum blockchain. With the Blockchain of Things (BoT) at the edge of the network, EdgeBoT enables a wider variety of interaction topologies between nodes in the network and external services while guaranteeing ownership of data and end users' privacy. in EdgeBoT, edge devices trade their data directly with third parties and without the need of intermediaries. This opens the door to new interaction modalities, in which data producers at the edge grant access to batches of their data to different third parties. Leveraging the immutability properties of blockchains, together with the distributed nature of smart contracts, data owners can audit and are aware of all transactions that have occurred with their data. we report initial results demonstrating the potential of EdgeBoT within the IoT. we show that integrating our solutions on top of existing IoT systems has a relatively small footprint in terms of computational resource usage, but a significant impact on the protection of data ownership and management of data trade.

33 citations

Journal ArticleDOI
TL;DR: The Meas scheme is presented, which combines ideas from fresh re-keying and authentication trees by storing encryption keys in a tree structure to thwart first-order DPA without the need for DPA-protected cryptographic primitives.
Abstract: Memory encryption is used in many devices to protect memory content from attackers with physical access to a device. However, many current memory encryption schemes can be broken using differential power analysis (DPA). In this work, we present Meas—the first Memory Encryption and Authentication Scheme providing security against DPA attacks. The scheme combines ideas from fresh re-keying and authentication trees by storing encryption keys in a tree structure to thwart first-order DPA without the need for DPA-protected cryptographic primitives. Therefore, the design strictly limits the use of every key to encrypt at most two different plaintext values. Meas prevents higher-order DPA without changes to the cipher implementation by using masking of the plaintext values. Meas is applicable to all kinds of memory, e.g., NVM and RAM. For RAM, we give two concrete Meas instances based on the lightweight primitives Ascon, PRINCE, and QARMA. We implement and evaluate both instances on a Zynq XC7Z020 FPGA showing that Meas has memory and performance overhead comparable to existing memory authentication techniques without DPA protection.

21 citations