All Articles

• It is strongly tamper-resistant
• If is highly scalable due to not having any single point of failure and being peer-to-peer network
• It can serve as a immutable system of records for all stake holders

( Read More: Incident Response: How To Respond To A Security Breach During First 24 Hours (Checklist) )

How IoT can leverage blockchain technology

With IoT started getting into mainstream industry, the key challenges of the technology is fast emerging. One of the key areas of IoT deployment is security. Following are the key security challenges for IoT infrastructure and services:

• With the prospect of devices in the infrastructure growing exponentially, it is a huge challenge to identify, authenticate and secure the devices.
• A centralised security model will be very difficult and expensive to scale, maintain and manage. 
• A centralised security infrastructure will introduce single point of failure and will be easy target for DDoS attack.
• Centralised infrastructure will be difficult to implement in industrial setup where the edge nodes are wide spread geographically

Blockchain technology seems to be a viable alternative due to the key strengths described above.

Cases where blockchain can be used

It can be used to create secured mesh network that will allow IoT devices to connect securely and reliably avoiding the threats of device spoofing and impersonation.

Every IoT node can be registered in the blockchain and will have a blockchain id which will uniquely identify a device in the universal namespace. For a device to connect another device, one will use the blockchain id as URL and will use its local blockchain wallet to raise a identity request. The wallet will create a digitally signed request and send to the target device which will use blockchain services to validate the signature using public key  of the sender. In this way, M2M authentication can take place without the need of any centralised arbitrator or service. 

For device that are constrained by resource can be connected to proxies where the wallet can be stored. This will introduce some form of aggregation but it will be fairly limited.

The above possible solution will be applicable to a wide range of IoT services. Some of the examples will be: intelligent healthcare connected vehicles, logistics, transportation etc.

Cases where blockchain is not the best solution

One key benefit of using blockchain technology is its use as a distributed recording system. It allows to securely write immutable records. To do that, it used strong cryptography and replication. For example, in supply change management, a consignment has to go via a series of activities and the status of the piece of item can be monitored via RFID and recorded using blockchain technology.

However, this comes with its overhead. The replication introduces latency. Getting a block sometimes take longer. Strong cryptographic processes introduce latency. The latencies are not acceptable in a near-time and real-time service situation. Hence, blockchain is not best suited in recording of raw data at source.

With quantum computer becoming reality, the fear is that it would break public key encryption. Leading organisations in the world e.g. NIST has started initiatives to develop post quantum cryptography (http://csrc.nist.gov/groups/ST/post-quantum-crypto/). So, that raises question: how safe will blockchain technology remain in future? Difficult to answer. I will rather present some relevant data. D-Wave system announced  the availability of 2000 qbit system (https://www.dwavesys.com/press-releases/d-wave-systems-previews-2000-qubit-quantum-system). Now, to factor 1024 bit RSA key, it takes 2000 qbits and majority uses RSA key size larger than that. Given, that D-Wave technology is disputed by experts and the scaling quantum computer is not similar to a normal computer, it is not deterministic how long before a large RSA key (> 1024 bits) can be brute forced.