Deakin University
Browse

File(s) under permanent embargo

Towards decentralized IoT updates delivery leveraging blockchain and zero-knowledge proofs

Version 2 2024-06-03, 11:52
Version 1 2020-11-18, 13:33
conference contribution
posted on 2024-06-03, 11:52 authored by Edoardo Puggioni, Arash Shaghaghi, Robin Ram Mohan DossRobin Ram Mohan Doss, Salil S Kanhere
Internet of Things (IoT) devices are being deployed in huge numbers around the world, and often present serious vulnerabilities. Accordingly, delivering regular software updates is critical to secure IoT devices. Manufactures face two predominant challenges in providing software updates to IoT devices: 1) scalability of the current client-server model and 2) integrity of the distributed updates - exacerbated due to the devices' computing power and lightweight cryptographic primitives. Motivated by these limitations, we propose CrowdPatching, a blockchain-based decentralized protocol, allowing manufacturers to delegate the delivery of software updates to self-interested distributors in exchange for cryptocurrency. Manufacturers announce updates by deploying a smart contract (SC), which in turn will issue cryptocurrency payments to any distributor who provides an unforgeable proof-of-delivery. The latter is provided by IoT devices authorizing the SC to issue payment to a distributor when the required conditions are met. These conditions include the requirement for a distributor to generate a zero-knowledge proof, generated with a novel proving system called zk-SNARKs. Compared with related work, CrowdPatching protocol offers three main advantages. First, the number of distributors can scale indefinitely by enabling the addition of new distributors at any time after the initial distribution by manufacturers (i.e., redistribution among the distributor network). The latter is not possible in existing protocols and is not account for. Secondly, we leverage the recent common integration of gateway or Hub in IoT deployments in our protocol to make CrowdPatching feasible even for the more constraint IoT devices. Thirdly, the trustworthiness of distributors is considered in our protocol, rewarding the honest distributors' engagements. We provide both informal and formal security analysis of CrowdPatching using Tamarin Prover.

History

Pagination

1-10

Location

Online from Cambridge, Mass.

Start date

2020-11-24

End date

2020-11-27

ISBN-13

9781728183268

Language

eng

Publication classification

E1 Full written paper - refereed

Editor/Contributor(s)

[Unknown]

Title of proceedings

NCA 2020 : 2020 IEEE 19th International Symposium on Network Computing and Applications

Event

Network computing and applications. Symposium (19th : 2020 : Online from Cambridge, Mass)

Publisher

IEEE

Place of publication

Piscataway, N.J.

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC