Pbft blockchain stocks
They are designed so that a leaf value can be checked against a publicly known root value by supplying the values of the corresponding pairs in the leaf path to the root.
In Blockchain, it is used to efficiently summarize transactions. Using it, is necessary to produce hashes, where is the number of transactions. Therefore, it provides a very efficient process for checking whether a transaction is in a block. To build this tree, you must start with the leaves, which contain the transactions hash.
As it is a full binary tree, in which all internal nodes have two children and all leaves are at same level, if there is an odd number of transactions to summarize, the last transaction hash will be duplicated to create an even number of leaf nodes.
Then the leaves are grouped by two and their hash produces a parent node. The parent nodes are then grouped into pairs and experience the same process so that this process continues until there are no more pairs, thus generating a root node called the Merkle root, according to Figure 4. To prove that a transaction is included in a block, we just provide the path that the transaction will go through in the tree.
This path consists of the complementary nodes with the same height in the tree. This hash enables us to perform this scan quickly in the middle of thousands of transactions. This is particularly useful because to verify if a transaction is in a particular block, it is not necessary to request the entire block from the network, just the block header and the path to the transaction. As we saw earlier, a simplified node does not have the stored Blockchain.
If this node needs to confirm a transaction, it needs the complete node help. For example, in Figure 4 , each leaf corresponds to a transaction hash. The gray values correspond to the path to prove that this transaction is on the block.
To prove that transaction 3 is on the block the complete node will send the block header and the hash 4 , hash 12 , and hash to simplified node. With this data, it is possible to calculate the Merkle tree root and compare it with the Merkle root value on the block header. The simplified node will calculate the hash 3 , which together with the hash 4 will calculate the hash Take the value of the hash 12 and get the hash and finally use the hash to calculate the root whose value is hash Mining is the process responsible for updating Blockchain, whereby some particular nodes, called miners, include transactions in a block and generate a valid header for those transactions.
The miners spend much energy to perform the proof of work, which is why they need to be rewarded. The first transaction of the block is always a special transaction called Coinbase. It has two purposes, to include new coins in the system and reward the miner. In the Bitcoin network, mining has two purposes. First, include new currencies into the system and secondly protect the transactions made. To generate this heading, the miners must calculate the Merkle tree of the transactions, check the difficulty established, including the timestamp, and perform a series of calculations in order to find a nonce that satisfies the difficulty in force.
This process will describe the importance of the difficulty and how it adjusts automatically, as well as showing a step-by-step process of the mining process. Mining consists in generating a new block.
It is in this draft that it will work until it gets a viable block to be sent to all nodes in the network. The draft is the data structure that will hold the header data and the transactions.
After creating this blank structure, the miner fills in some header fields: The miner then also calculates the root of the Merkle tree and the nonce and groups the transactions. Transactions, when generated by a given node, flood the network, sending via broadcast to all neighboring nodes and these nodes forward to their neighbors, and so on and so forth.
When miners receive a message with a transaction, they store these transactions in a database of transactions that have not yet been mined. Transactions remain temporarily in a sort of priority queue, based on fee taxes and arrival time, until they are removed to be included in a new block. Each miner has a different queue of transactions and can select which transactions it will include in that new block. After selecting which transactions to include, it will generate a Merkle tree and include the value of its root in the header.
Now it is missing the value of the nonce that will be part of the new block; this is the time-consuming stage of the process, requiring a tremendous computational power from the miners and consequently a considerable energy expenditure, as explained in the previous section.
To have an idea of the time to find a valid hash, with this equipment and the current Bitcoin network difficulty, it would take 13 years to find a valid hash. The nonce is incremented after each failure until a valid hash is found.
An example result is as follows: In this example, the hash function applied of the message concatenated with the nonce generates a hash value that meets the target difficulty. It is important to note that there are other nonce values that generate valid results, such as The draft is complete when the nonce is found and therefore a new block is ready to be sent to all other nodes. They receive, validate, and then propagate the new block.
As soon as the block is disseminated in the network, each mining node adds it to its own chain, extending it to a new height. As the mining nodes receive and validate the block, they stop their efforts to find a block of the same height and immediately begin computing the next block.
We will see in Section 3. Full nodes only accept new valid blocks, and the miners remove the validated transactions from temporary queue. In this way, a distributed mechanism for synchronizing the nodes is implemented. The Blockchain does not have a central authority. Blocks are created independently by network miners. The nodes using information transmitted through insecure connections can reach the same conclusion and fabricate the same public record as all other nodes, achieving a global consensus.
The complete nodes store the entire chain with the blocks that have been validated by it. When several nodes have the same blocks in their main chain, they are considered to have reached consensus. This subsection describes the validation rules of each block and how consensus is reached and maintained.
We also explain some other consensus mechanisms that are currently used. The consensus mechanism consists of two steps: These two steps are performed independently by each node. The blocks are broadcast on the network, and each node receiving a new block retransmits it to its neighbors. But, before this retransmission, the node performs a block validation to ensure that only valid blocks are propagated.
There is an extensive checklist to follow including the following: By definition of Blockchain, each block has only one parent, but there may be a situation where one or more miners generate new blocks almost at the same time, causing one or more children to have one parent.
In this case, it is understood that a fork, a bifurcation, occurred in the chain. The last consensus mechanism step is to select which of these blocks will be part of the main chain and which will be discarded.
This is possible because of the proof of work, which will be discussed in this section, fundamental to the consensus mechanism adopted because, as we saw earlier, to generate the block, miners spend much energy in search of a valid block. Since it is possible for bifurcations to occur, the nodes store the blocks without a parent orphan Rare and temporary situation and maintain two chains, one main and one secondary.
Orphan blocks occur when two blocks are generated in short time frames and arrive in reverse order: It is stored for a period; if the node receives a block that is the parent of the orphan, it will be included in the chain in its correct order.
Note that in this case there was no bifurcation; the blocks were only received out of order. As there are several miners generating blocks in a decentralized way, the new blocks sent by them can reach different nodes at different times, which can result in different views. When two miners generate blocks with reference to the same parent the fork occurs, and the other miners must choose which block they will adopt as a reference.
If one part of the miners adopts one block and another part adopts the other, these two chains will coexist until one becomes larger than the other. To resolve this situation, nodes that behave honestly, according to the consensus mechanism, will always adopt the largest chain and the fork will be solved. The mainstream is the most extensive chain, the one where there is the highest amount of work accumulated.
In Figure 5 , the gray blocks branched out of the main chain; as they reached a higher height, they became the main chain.
White blocks , , and are discarded, and their transactions are considered unconfirmed and should be included in other blocks in the future. One of the most common concerns for digital coin systems is the possibility of double spending when one malicious user spends the same value on two different transactions in the chain.
Note that a bifurcation is necessary to cause a double expense attempt because if the expense occurs in the same chain when the new block is created, it will not pass in the initial checks of consistency and will be discarded.
With the fork, the malicious user makes an expense and sends it to the network, spends the same amount again elsewhere, and starts mining on that expense. In this way, there is the possibility that he can mine a block and perform the fork.
From this moment, the network will be divided, and as previously mentioned, there will be a race that will be won by the biggest chain. One of the transactions will be discarded, and the double spend will be rejected. As one of the strings will be accepted by the network and the other discarded, eventually the double expense will be detected. It is usually accepted in the Bitcoin network that a transaction is considered confirmed when there are six new blocks with a higher height than yours because it will take much effort to change it.
With the ability to mine most blocks, attacking miners can spawn deliberate bifurcations in Blockchain, generate double-spend transactions, or perform denial of service attacks DoS against specific addresses or transactions. A bifurcation attack or double-spend attack is an attack where the attacker causes already confirmed blocks to be invalidated by bifurcating a level below them, with a later reconvergence in an alternate chain.
With enough power, an attacker can invalidate six or more blocks in a sequence, invalidating transactions that were previously considered immutable with six acknowledgments. Making a double spend of the transaction itself is profitable when, by invalidating a transaction, the attacker can receive an irreversible payment or product without having to pay for it.
Achieving consensus in a distributed system is a challenge. Consensus algorithms must be resilient to node failures, network partitioning, message delays, and messages that arrive out of order and corrupted. They also have to deal with selfishly and deliberately malicious nodes. Several algorithms have been proposed to solve this, each realizing the set of necessary assumptions regarding synchrony, message transmissions, failures, malicious nodes, performance, and security of the exchanged messages.
For a Blockchain network, achieving consensus ensures that all nodes in the network agree on a consistent global state of the Blockchain.
According to [ 23 , 24 ], a consensus protocol has three fundamental properties by which its applicability and effectiveness can be determined: The impossibility result of Fischer Lynch Paterson FLP states that a deterministic asynchronous consensus system can have at most two of these three properties.
This is a proven result. Any consensus system distributed on the Internet should sacrifice one of these properties [ 25 ]. However, there are a number of other mechanisms that offer certain desired advantages over the original model: A system is used where the user must prove that he has spent some time to find some answer that satisfies some requirement that the verifier asks for, to achieve that goal. The task of finding such an answer is based on two principles.
Firstly, PoW has to be difficult and laborious, but not impossible; and secondly, the verification of that evidence should be much faster and easier to perform.
This concept was first proposed by Back [ 29 ] and is used by several test systems and also by Bitcoin. In Bitcoin, when a transaction is initiated, the transaction data is fitted into a block with a maximum capacity of 1 megabyte and then duplicated across multiple nodes called miners on the network. The miners verify the legitimacy of the transactions in each block. To carry out this verification, the miners need to solve a computational puzzle, known as the proof of work problem.
The first miner to decrypt each block transaction problem gets rewarded with coin. Once a block of transactions has been verified, it is added to the Blockchain. The PoW is generated as follows: The SHA [ 30 ] is used by Bitcoin.
He repeats the procedure by varying the nonce until he finds this answer. As it is relatively difficult to find such an answer, upon receiving the message, every user will be able to verify that there has been a great effort by the sender to generate it. When deciphering the problem, the miner generates a new block. The difficulty of the proof of work is adjusted every blocks, to generate on average one block every ten minutes.
Its concept states that a node can mine or validate block transactions according to how many coins it holds; this means that the more currency owned by a miner, the more mining power it has.
PoS is a proposed alternative to replace the PoW that requires a great deal of computing power to run different cryptographic calculations to unlock its computational challenges. The PoS solve this issue by attributing mining power to the proportion of coins held by a miner. Thus, instead of utilizing energy to answer PoW puzzles, a PoS miner is limited to mining a percentage of transactions that is reflective of his or her ownership stake.
In PoS encryption, blocks are usually validated rather than mined, and it works in this way: The process of creating and agreeing to new blocks is then done through a consensus algorithm that all current validators can participate in. There are many kinds of consensus algorithms implementation and one of this is the chain-based proof of stake.
In chain-based proof of stake, the algorithm pseudo-randomly selects a validator during each time slot e. Several different selection methods were planned. Nxt [ 31 ] and BlackCoin [ 32 ] use randomization to predict the next block generator, using a formula that looks for the lowest hash value in combination with the size of participation. Since bets are public, each node can predict, with reasonable accuracy, which account will gain the right to validate a block.
One of these threats is the simultaneous arbitrary failure, one of Byzantine fault types, of multiple network nodes. Using PBFT, a network of Blockchain nodes can tolerate faulty nodes up to , where is a known arbitrary fraction of the total number of nodes, with a state machine replicated on different nodes a replica being defined as primary.
The PBFT algorithm works as follows: As the total number of nodes needs to be known, the PBFT is not suitable for public systems and is only used in private systems. A PBFT network ensures data consistency and integrity when Byzantine failures occur in up to of network nodes.
In other words, PBFT ensures that a minimum of nodes reach consensus on the order of transactions before attaching them to the shared ledger. The rule has the following implications: We need a minimum of nodes to reach a consensus before proceeding to the next block. The ledger on any additional node beyond will be temporarily delayed. This delay in synchronization of the general ledger shared across all nodes is an unavoidable limitation on any PFBT network.
PoET uses a random election model of a leader, who will validate or mine the blocks. It essentially works as follows: Each validator or miner requests a timeout for this hardware.
The validator with the shortest waiting time for a given block is elected the leader and waits this given time to validate the block. After this, the block will be included in the chain and the process repeats itself.
This model is proposed for use in private Blockchains since in theory, the validators are honest. PoET uses these features to ensure the security and randomness of the leader election process, without requiring an expensive investment in energy; it occurs in PoW.
The PoET leader election algorithm meets the criteria for a good lottery algorithm and the probability of election is proportional to the resources contributed for example, processing power. Randomness in generating waiting times ensures that the leader function is evenly distributed among all validators. The low cost of participation makes it feasible the participation of large numbers of validators, increasing the robustness of the consensus algorithm.
A disadvantage of this algorithm is the specific hardware dependency. Blockchain can be classified based on data access and participation of the consensus mechanism on any proposed changes in its ledger as follows: The purpose of a chain without permission is to allow anyone to contribute data. This creates the so-called censorship resistance, which means that no actor can prevent a transaction from being added to the chain. Participants maintain chain integrity by reaching consensus on their status.
Anyone can join the network and participate in the block verification process to build consensus and also create smart contracts. Having a system without permission implies that there may be no trust between nodes, so a strongly distributed consensus mechanism must be enforced.
In such a system, there is the possibility of a Sybil attack [ 33 ], where a network node tries to appear as several distinct nodes creating a large number of pseudo-identities. A disproportionately large influence by a single node is a threat, so the introduction of PoW in transaction validation is logically justified and necessary. When a new record is added, the integrity of the ledger is verified by a consensus process conducted by a limited number of trusted actors; this makes keeping a shared record much simpler than the consensus process without permission.
Allowed Blockchain provides highly verifiable data sets because the consensus process creates a digital signature, which can be seen by all parties. The features that derive from reliable systems may open the possibility of avoiding a computationally demanding consensus protocol such as PoW.
Many projects were started to do Blockchain more popular and viable for different business models and applications, leveraging existing categories. Table 1 summarizes the key features of some Blockchain-based applications. Bitcoin and Ethereum [ 34 ] are examples of Blockchain permissionless and Hyperledger [ 35 ] and Ripple [ 36 ] are examples of permissioned Blockchain.
It is possible to check a critical difference between these two categories which is the underlying mining model. Blockchains permissionless use the PoW where the power of hashing is offered to create trust.
Permissioned Blockchains do not need to use computational energy-based mining to reach consensus. The devices in the IoT collect, generate, and process data and send this information via the Internet, producing a considerable mass of information to be used by various services. Despite the benefits, critical issues related to privacy may emerge.
The Blockchain can play a crucial role in the development of decentralized applications that will run into billions of devices. Understand how and when this technology can be used to provide security and privacy is a challenge, and several authors point out these problems [ 37 — 39 ]. The authors have been discussing the applicability of connecting Blockchain and IoT, specifically regarding the following issues: Therefore, there is need for investigating when both technologies can be applied appropriately.
In that sense, the literature [ 9 , 37 , 39 — 43 ] has been addressing the following: All of the above discussion is about applicability and solutions for connecting Blockchain and IoT. In this way, it becomes necessary to know the main weaknesses to which Blockchain is exposed and to keep it in mind when developing new applications. In this section, we will explore how Blockchain can be used to benefit security applications for the IoT.
Such as decentralized applications which enable the smart objects to interact with security, establish payments mechanisms [ 44 ], create public key infrastructure PKI services [ 45 , 46 ], perform Multiple Secure Computation MPC [ 17 ], support Smart Ambient [ 43 ], and provide privacy in storage systems [ 47 ].
Also, we will describe how the block propagation latency and the block rate [ 48 ] may influence the safety of the consensus mechanism and present the most common attacks discussed in the literature, such as selfish miner [ 49 , 50 ]; double-spend [ 48 ]; and Eclipse [ 51 ]. Finally, we will introduce the stalker attacks.
Developing IoT applications that use an existing and stable Blockchain is one of the proposals [ 37 , 52 ], in which PoW and a large number of honest miners would guarantee integrity and privacy. Firstly, it is worth mentioning that the anonymity provided by the use of Blockchain is not absolute, so it is commonly called pseudo-anonymity. It is possible, in certain circumstances, to deanonymize the transaction owner or its IP address.
To deanonymize transactions there are some specific techniques, according to [ 37 ]which can be divided into four types: In other cases, it is needed to save the total wallet balance in a single account. It is possible to carry out the transfer of lowers balance to a single account; this procedure is called multiple entries transaction; to accomplish this transaction, it is necessary to have the private keys of each input.
So, we can assume that all accounts belong to the same user. From this moment we can associate the addresses to a user. This approach was used in [ 53 — 55 ]. If the value of the transaction is less than the balance assigned to the key, this transaction will generate change. The change value has to return to the owner. This is done by indicating the change as an output to himself. Also, it is possible to correlate with secondary sources of information such as social networking sites.
These are the approach used in [ 53 — 55 ], to deanonymize transaction and users. In [ 56 ], the author listens to network traffic and uses a clustering algorithm and was capable of associating the IP address with the user. Some authors [ 54 , 57 ] think this is a privacy risk. These outsourced services can leak identities or resources. According to [ 37 ], extra care is needed to mitigate these problems. The IoT devices must always be configured to use a different address to receive change, always generate a new address for each receiving resources, and do not use outsourced services.
These measures are not sufficient to provide total anonymity but will give a degree of security to preserve identities. We can also use the Blockchain in data storage and to provide access control.
Suppose that a presence sensor wants to save daily history in the Blockchain. It will generate a transaction with the data to be stored and will sign this transaction, so everyone will know which sensor produced this data.
The sensor will indicate as transaction output the public keys with the right to data read. It sends this transaction to network miners, which authenticate and include it in the next block.
As the Blockchain is public, all users have access to transactions and know that a particular user has the right to read the history produced by the presence sensor. However, only those who have the private keys will be able to read the daily history which was released by the sensor. The model has some actors: The transactions are used to provide access control, and the Blockchain uses it for storing and reading the permissions.
The owner controls resource access through transactions. So, to grant access to a user, it makes a grant access transaction specifying a user who has the right to access the camera, as if he were selling a product using Bitcoin.
One miner will include this transaction in the Blockchain. From this point, the user will directly access the resource, so it will verify in the Blockchain if there is a transaction that ensures his access, in which case the user will be able to use the camera. One of the main criticisms to storage in the Blockchain is the use of data structures that were not designed to store large amounts of information. Thus, if we use the block for this purpose, we will get several copies of the same file in the network.
To use the security provided by Blockchain, Zyskind et al. The storage uses a DHT distributed hash table , where there are a set of nodes, selected beforehand, responsible for maintaining it.
The data is replicated efficiently to ensure high availability. No node has the entire file. The Blockchain is then used to manage where these data is, and who has access to them. For this reason, two new types of transaction are generated, one to provide access control and another to control the data distribution in the DHT. As the Blockchain has no central point of failure and is not governed by a single entity, it enables a new class of applications and decentralized services, for example, a DNS root server or an enterprise root certification authority.
These benefits have motivated Ali et al. The Blockstack decouples the name record and property from the availability of associated data, separating the control and data. The control plane defines a protocol for name registration, creating links name, hash. The control plane consists of a block and a layer logically separated from the control plane, being responsible for the storage. All data stored shall be signed by the name owner key.
The IoT future is to become a network of autonomous devices that can interact with each other and with their environment, making intelligent decisions without human interaction. In this place, the Blockchain can help leverage the IoT and form a foundation that will support the shared economy, based on machine-to-machine M2M communications.
There is a vast set of proposals, prototypes, and proofs of concept which pointed out how IoT can take advantage of the Blockchain qualities and use it to trade goods and data [ 2 , 41 , 42 , 58 — 61 ].
Blockchain technology can provide a way to track the unique history of each device, recording data exchange. It can also allow intelligent devices to become independent agents that autonomously conduct a variety of transactions. Applications for IoT can use Blockchain benefits: Each device will manage its roles and behaviors, resulting in the Internet of Decentralized, Autonomous Things.
In [ 42 ], the authors described a prototypical implementation of data exchange by electronic money, between a sensor and a client, using the Bitcoin network.
The system is composed of three parts: An entry in the sensors repository must contain at least the sensor address, what data he offers, the price, and additional metadata like the location. In [ 2 ], the authors propose an architecture for electronic commerce explicitly designed for IoT devices, based on the Bitcoin protocol.
In this model, the users can negotiate with DACs, using cryptocurrencies. As shown in Figure 6 , there are four proposed layers for the IoT e-commerce model, which are basic technical layer, infrastructure layer, content layer, and exchange layer.
The basic technical layer includes the module of the goods classification mechanism, the credit algorithm module to manage the portfolios, and the Blockchain Bitcoin module, which was the cryptocurrency adopted by the project.
The infrastructure layer contains the IoT information service platform and the smart contracts platform. The content layer includes two parts: Entities consist of DACs and human beings. Commodities are smart properties and data collected from sensors. The smart properties can be works of art, durable goods such as cars, homes, and energy as electricity, water, gas, and oil that can be controlled and quantified by digital devices via electronic keys or access control systems.
Some proposals addressed the use of Blockchain for the functionality of economic transactions for IoT, including the following: The ADEPT uses the Blockchain to provide the system backbone, using a mix of proof of work and proof of stake for secure transactions.
This platform was tested in several scenarios, including one that involves a smart washing machine that can automatically buy and pay for detergent with Bitcoin or Ether and can negotiate the best price of cleaning products based on the owner preferences.
This washing machine uses smart contracts to issue commands to a detergent reseller when it needs supplies. Also, the devices involved can directly exchange value. For example, they could sell data about environmental conditions for a forecasting agency. The goal is to create a directory of smart devices that allow the IoT Filament devices to communicate securely, send microtransactions, and execute smart contracts.
The Filament uses five technologies: Devices can create a unique identifier that is stored in a built-in chip and recorded in the block. The TeleHash, in turn, provides encrypted communications from end-to-end devices, and BitTorrent allows the file share. The smart contracts are responsible for dealing with the payments for the devices use.
The Filament uses a protocol based on the Bitcoin for microtransactions, called Pennybank. Due to specific restrictions of IoT devices, the Pennybank creates a warranty service between two devices IoT, allowing them to settle transactions when they are online.
Each transaction can be checked, avoiding disputes and ensuring that each partner is responsible for their roles in the global transaction. They provide a Blockchain network infrastructure that replicates the data to the device and validates the transaction through smart contract insurance. The main idea is that a node must first execute a series of transaction checks to approve them and only then carry out a transaction.
There is no differentiation between nodes. All of them are responsible for approving the transactions. According to the author, this ensures a higher scalability: In the IoT platforms that use Blockchain, there are some different proposals regarding their design. But, it is still a proof of concept with several challenges to overcome, including scalability and the nature of cryptocurrency development.
Filament [ 41 ] focuses on the industrial infrastructure, to make it smart and connected. Its main feature is the adoption of a secure element on each device, with a host set of keys that get burned into a write-once or one-time-programmable OTP memory. Thus, the Filament IoT device is naturally more expensive due to its secure tamper-proof capabilities. It has an API to provide its services for to IoT devices, but it works within a cloud infrastructure.
The main advantage is the ability to provide the use of Blockchain for heterogeneous devices. Iota [ 61 ] has a huge disadvantage since it does not support smart contracts. Since there is no nodes differentiation, all of them have the burden of transaction validation. In this system, in order to perform a transaction, a node has to validate at least two other transactions and with the network growth, the system is expected to provide good scalability.
There are some other use cases involving data monetization with Blockchain and IoT devices. Nasdaq and Chain of Things lead the research on applications that can help make renewable sources of energy available to the general public, where the energy produced by solar IoT panels generates cryptocurrency registered in the Blockchain.
So, anyone who joins the network can make investments in renewable energy technology. Consider the following problem: The MPC is the generalization of this solution for multiple participants. We can define it as the problem of participants to calculate a function with private entries in a safe manner, where security means ensuring the correctness and privacy of entries, even with the presence of some malicious participants.
In the end, each participant will get only the result function and will not be able to know the entries of other participants. It opens the way for a variety of applications like Internet vote, data mining, and data sharing. Starting from the principle that with additive and multiplicative circuits we can perform any function, we merely need building these MPC blocks and then use these blocks for any other arithmetic functions.
The participants exchange messages to perform these functions on the additives circuits. The number of this message grows linearly with the number of participants, but on the multiplicative circuits, communications are needed. This fact makes the MPC implementation restricted to few participants and specific scenarios. Over the years there have been proposals to optimize the solutions and increase the number of participants [ 17 , 64 , 65 ].
In the problems formulation, two types of protocols are commonly adopted: Enigma [ 17 ] is a platform for MPC with privacy guarantee. It uses the Blockchain as a network controller, managing access control, and serving as log event to secret sharing.
It can compute functions in both models and is scalable. Each node receives and records his inputs using Blockchain. There exist groups for each task, so each parcel performs a job, and at the end joining it.
This partitioning allows a greater data replication control, improving the system scalability and allowing a more substantial number of participants. Other work [ 66 ] uses the Blockchain to perform access control and storage of patient data. The author believes that the use of the data of patients without their consent is a privacy problem but also describes the importance of the use of these data for medical research. He sorts the data into two types: Any researcher or governmental entity may use the public data.
To use the private data they have to do it via MPC. This makes it possible to extract data knowledge without revealing the patient privacy. However, the received data from smart homes represent personal and sensitive information and can often disclose the complete living behavior. Ideally, analysis of encrypted data would be a perfect solution for preserving privacy. However homomorphic encryption [ 68 ] scheme has computation and storage overhead and has to be carefully evaluated.
It becomes necessary to devise a system that would allow execution of analytic data algorithms while preserving the privacy of monitored individuals. One of its possible solutions for using IoT devices that deal with sensitive data is the scheme like Enigma [ 47 ].
It uses the Blockchain to perform computation and extract knowledge from sensitive data generated without revealing it. Approaches based on Blockchain offer decentralized security and privacy but involve excessive consumption of energy and delays, which are not suitable for most IoT devices with limited resources. This work proposes a method to adopt Blockchain in the context of IoT, eliminating the proof of work and the currencies mentality.
The author uses it to exemplify a smart home implementation, consisting of three main structures: Each smart home is equipped with higher power computer that is always online.
This computer maintains a private Blockchain, which is used to control and audit the communications and provide access control between devices. All the IoT devices are in the smart home layer, which are managed by a miner. In this scenario, the PoW becomes unnecessary, because only one device will have the job of keeping the Blockchain.
The others house devices receive a key pair so that they can perform transactions. As an example, if a presence sensor wants to turn the lamp on it will send a transaction to the lamp, which will check into Blockchain if that sensor is allowed to light it.
The overlay network consists of the smart home layer along with Service Providers SP , cloud storages, and smartphones. The overlay network is grouped into clusters to minimize latency and each cluster elects its cluster head CH. The miners maintain all the transactions in an immutable ledger which is the private Blockchain for each smart home network. There are different kinds of transactions like store, access, monitor, genesis, and remove which handle different operations and data sharing in the network.
This work mostly focuses on data store and access use cases, by IoT devices. The transactions in the Blockchain are data storage and access transactions. The public keys are fixed with the cluster heads and are immutable. In their security analysis, they analyze their model for DDOS attack and linking attack. They also measure the overhead for using their model over traditional message exchange. A smart home is an excellent example of how to combine IoT and Blockchain.
Blockchain-based sharing services can evolve and contribute to smart cities and shared economies. Shared economy is an economic-social model in which diverse population sectors can share underutilized assets [ 58 ].
Citizens, objects, and assets would connect transparently to exchange assets and status share. In this paradigm, people seek trust, access rather than ownership, the reliability of shared services, security, and privacy. Beyond the natural protection of stored data and typical attacks on distributed systems, Blockchain needs specific security mechanisms. Blockchain, by itself, can be considered secure and guarantees the block integrity and availability.
But, the rest of the process before transaction validation or even a block if there are attacks that fork the chain is not safe in a natural way. Blockchain is not itself capable of detecting fraudulent activity. Any system or network can suffer an attack; Blockchain-based systems are no different. The types of attacks that makes Blockchain vulnerable are a bit different: In this way, it becomes necessary to know the main weaknesses to which Blockchain is exposed.
As we argue in Sections 4. This fact arouses the interest in attacks on both technologies. By this way, it is important to know which IoT solutions will be affected, so we can exhaustively test the applications with a safe development process to mitigate potential vulnerabilities. In the Bitcoin world, transactions are considered valid when they are in a block and confirmed when there are some blocks with higher height in the chain.
The accumulated PoW in the chain does not permit us to change that transaction without a substantial computational power. However, bifurcations may arise. We choose the most extended chain to revolve the bifurcations. The majority bifurcations occur naturally, with no evil intention, causing delay to validating discarded transactions. In this case, the consensus rules do adopt the alternative chain instead of the main, from the point of bifurcation.
As widely discussed, up to now the security of the Bitcoin depends on the consensus reached by distributed proof of work. However, this assumption is questionable. First, the miners began to be organized in groups, called mining pool. They join forces and share the rewards.
Secondly, there is no regulatory entity, and neither miner is required to follow the protocol. A mining pool with a majority computational power can change the consensus. By doing this, the miners who do not participate in the cooperative will probably be forced to join it when their revenues start to fall. The honest miners will have their blocks ignored and, therefore, lose the payments.
The mining pool behavior can perform a denial of service to any miner or any transaction. Because they have the power not to include these transactions in any blocks, and if other miners do, they can generate forks, thus rejecting a transaction. The malicious miners can divert their behavior not to disclose immediately newly mined blocks.
First, it is needed to understand how the blocks propagation latency and the time target for the inclusion of new blocks affect the consensus mechanism. Before starting the transmission, he makes extensive checks to ensure the propagation has only valid blocks. Each node that receives a new block makes these verifications. After that, the node sends an inventory INV message to informing their neighbors who have a new block and its height.
Only then the transmission of new block will start Figure 7. The sum of all checking and spreading times, during the spread of a block, is the latency. Decker and Wattenhofer [ 70 ] made a time analysis of 10, blocks with different sizes. The author found that the median latency time was 6. The smaller this interval, the greater the number of blocks generated and consequently the greater the probability of forks occurrence and orphans blocks.
Decker and Wattenhofer [ 70 ] observed an occurrence of forks at 10, blocks in the Bitcoin chain, that is, 1. If an attacker decides to deviate from standard behavior and keep mining in a secret chain, he needs to adopt a heuristic for choosing the best moment to unveil these blocks. At the moment, everyone, including the attacker, is mining on the block.
When performing this action, if the attacker is able to produce the next block, he has an advantage, even without having power majority, because he can start next mining process block before everyone.
As he began before, there is a high probability of releasing the block before the other miner, generating a fork with higher height than the main chain. As the remaining nodes behave honestly, they will also adopt this chain and the attacker will reach his goal.
Otherwise, if he receives a block, he may decide to adopt this block and throw away his work or ignore the received block and continued mining in the private chain. Figure 8 shows a simple fork scheme, where after releasing the blocks and by the attacker the honest nodes have embraced this chain and produced the block.
With probability , the attacker finds a new block and go to state 1 private chain one block ahead. With probability , the public network discovers a block, and the attacker resets his private chain to the public chain. With probability , the attacker advances to state 2 private chain two blocks ahead. There are now two competing chains, both one block long. With probability , the attacker will discover another block, converging the network to private chain.
The attacker gains a revenue of 2, and the system resets to state 0. The attacker and the network gain a revenue of 1, and the system resets to state 0. With probability , the honest finds a block on top of public chain, the network gains a revenue of 2, and the system resets to state 0.
The attacker earns a revenue of 2. With probability , the attacker falls back to state. A large part of latency time is due to the block checking obligation by every node. If an attacker controls some nodes, he can amplify the selfish miner attack. The slave nodes can be configured not to undertake blocks verification mined by the attacker and retransmit them as soon as they arrive.
The attacker could make the honest nodes work for him by unveiling his blocks as soon as he receives a new block. This is so because individuals and countries are taking constructing massive coin mining facilities so as to win the race to complete transaction puzzles and thereby generate revenue.
As a result, states such as Wyoming and Oregon have adopted legislation which attempts to encourage miners to move operations to their states using the incentive of cheap electricity. The potential environmental effects posed by proof of work blockchain-powered cryptocurrencies is overwhelming. Today, BitCoin alone requires the same amount of electricity as three million homes.
Scientists theorize that by , the energy required to power BitCoin would be equivalent to the amount of electricity currently used by the entire world. Coin mining centers are usually set up in places which offer the cheapest electricity. China , which has comparatively cheap energy provided by coal, has been able to mine the largest number of coins. While there are potential environmental downsides associated with blockchain technology when used to power cryptocurrencies, the technology itself could positively affect society in the long-term.
PBFT, endorsed by companies such as IBM and Intel, utilizes a voting system where other users vote on a member to validate each transaction, thereby eliminating the competition required by the proof of work system. The appeal of the technology has garnered an equal amount of attention from the commercial sector, which has been followed by the filing of a copious number of blockchain patents from different areas of industry.