Next Article in Journal
Graphol: A Graphical Language for Ontology Modeling Equivalent to OWL 2
Next Article in Special Issue
A Bidirectional Trust Model for Service Delegation in Social Internet of Things
Previous Article in Journal
Forecasting Students Dropout: A UTAD University Study
Previous Article in Special Issue
CNN for User Activity Detection Using Encrypted In-App Mobile Data
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Utilizing Blockchain for IoT Privacy through Enhanced ECIES with Secure Hash Function

1
School of Computing, Mathematics and Engineering, Charles Sturt University, Melbourne 3062, Australia
2
College of Science, Department of Computer Science, The University of Duhok, Duhok 42001, Iraq
*
Author to whom correspondence should be addressed.
Future Internet 2022, 14(3), 77; https://doi.org/10.3390/fi14030077
Submission received: 10 January 2022 / Revised: 10 February 2022 / Accepted: 24 February 2022 / Published: 28 February 2022
(This article belongs to the Special Issue Security and Privacy in Blockchains and the IoT)

Abstract

:
Blockchain technology has been widely advocated for security and privacy in IoT systems. However, a major impediment to its successful implementation is the lack of privacy protection regarding user access policy while accessing personal data in the IoT system. This work aims to preserve the privacy of user access policy by protecting the confidentiality and authenticity of the transmitted message while obtaining the necessary consents for data access. We consider a Modified Elliptic Curve Integrated Encryption Scheme (ECIES) to improve the security strength of the transmitted message. A secure hash function is used in conjunction with a key derivation function to modify the encryption procedure, which enhances the efficiency of the encryption and decryption by generating multiple secure keys through one master key. The proposed solution eliminates user-dependent variables by including transaction generation and verification in the calculation of computation time, resulting in increased system reliability. In comparison to previously established work, the security of the transmitted message is improved through a reduction of more than 12% in the correlation coefficient between the constructed request transaction and encrypted transaction, coupled with a decrease of up to 7% in computation time.

1. Introduction

With the recent advances in technology, several Internet of Things (IoT) devices are being developed and implemented in our day to day life. These IoT devices collect personal data from the user to carry out different processes across several applications. Given the involvement of these devices in our daily life, the collected data are prone to a variety of security and privacy threats [1,2], in particular the monitoring of user’s activities and profile creation [3]. Moreover, users do not have control over their data and necessary information regarding how it is being collected and how it is further processed. It thus becomes essential to protect the privacy rights of the users and facilitate them with the ability to control their transmitted data under the IoT landscape.
Data profiles can be utilised for individual identification purposes and therefore, collecting data and creating user data profiles pose a severe threat towards privacy and personal integrity. Even if the IoT data are not connected directly to an individual, it is possible to collect IoT data and create profiles of individuals. These profiles can be used to identify individuals or groups of individuals and pose a direct threat to user privacy. If data from IoT devices are combined with data from other sources such as social media, the identification of groups and/or individuals becomes much easier. One of the most critical parts of data collection via IoT devices is that most of the time, consumers are not aware of what data are being collected and how they are being used. Even in cases where consumers agree to the collection of data for a specific application, it is difficult for them to perceive the number of ways that data may be used in the future. The work of [4] investigates the possibilities to recognise a user based on when they communicate, what kind of applications they use, the type of devices they are surrounded by and their geographical location.
Traditionally, a user’s sensitive data are stored on centralized servers [5], which can be easily tampered by the third party resulting in additional security and privacy threats, since user data was accessible without obtaining consent from the user. To address this issue, Blockchain-based solutions have been proposed in the IoT system, where several approaches have been advocated to protect user privacy [6,7,8,9,10]. Blockchain technology has dramatically enhanced user privacy and data access owing to its decentralized nature, enabling all participating nodes in the Blockchain to provide services equally [11]. In case of a node failure, other nodes keep providing the service, removing single point of failure that is a major problem in the traditional methods. The immutability feature of blockchain technology protects the data from being tampered and safely store the data in the form of blocks [12]. These features of blockchain technology eliminate the limitations of traditional centralized servers used in IoT applications. However, they still suffer from issues such as privacy protection and behavior regulation of access policy. In order to trace the real identity in an unusual transaction and preserve the privacy of the user in the data access policy, it is necessary to protect authenticity and confidentiality of the transmitted message while obtaining the consent needed for data access in the IoT system.
Our focus in this work is on protecting the confidentiality and authenticity of user consents during data transmission in IoT systems. We aim to preserve user privacy by maintaining the integrity of user consents before data transmission takes place in the IoT network. To improve the security strength of the encryption and decryption keys of the request transaction and response, we propose a two-pronged approach. Firstly, we proposed the use of a Secure Hash Function (SHF) [13] to derive private and public keys and secondly, we recommend the use of Key Derivation Function (KDF) to derive multiple keys to prevent the attacker from detecting the actual key value. The improved security strength decreases the correlation coefficient between constructed request transactions and encrypted transactions, enhancing user privacy in IoT systems. The proposed solution also improves the reliability of the system compared to a recent work of Lin et al. [14] by eliminating user-dependent variables and reducing the computation time.
The rest of the paper is organized as follows: Section 2 discusses in detail the recent advances in blockchain security measures, with a focus on its application in the IoT landscape. We detail the proposed scheme in Section 3, providing the major steps and associated details. Section 4 discusses the benefits of the proposed scheme, providing comparison to related works. In Section 5, we present analysis and detailed results of our scheme, demonstrating the efficacy in terms of average correlation coefficient and computation time, whereas the interim results on different datasets are also provided. Finally, the paper is concluded in Section 6, provisioning some future research directions.

2. Related Works

Blockchains are tamper evident and tamper resistant digital ledgers implemented in a distributed fashion, usually without a central authority. At their basic level, they enable a community of users to record transactions in a shared ledger such that under normal operation of the blockchain network, no transaction can be changed once published [15]. Unlike traditional methods, blockchain enables peer-to-peer transfer of digital assets without any intermediaries. Blockchain is often regarded as a public ledger in which all committed transactions are stored in a chain of blocks, and this chain continuously grows when new blocks are appended to it. The blockchain technology’s key characteristics include decentralisation, persistency, anonymity and auditability.

2.1. Ethereum Public Blockchain

Ethereum represents a blockchain providing an abstract layer that enables all users to create their own rules for ownership, formats of transactions, and state transition functions, which is achieved through the use of smart contracts [16]. The consensus in the Ethereum network is based on modified GHOST protocol. Ethereum is created to tackle the issue of stale blocks in the network since the GHOST protocol includes stale blocks into calculations of the longest chain. The authors in [17] enhanced user privacy in a mobile crowdsensing system with spatial location privacy-preserving and greedy algorithms to improve data quality and preserve location privacy. They constructed a blockchain-based location privacy-preserving mobile crowdsensing system where the decentralization and immutability of Blockchain avoids security issues. However, the algorithm used in this scheme is based on the estimated value, so any inaccurate estimate may lead to significant problems and does not ensure data quality and reliability of the system.
In [18], the focus was on enhancing a smart healthcare system using a blockchain to preserve the privacy of the health data and ensure that diagnoses are not tempered. The proposed solution decreases the computation and communication cost comparing to the traditional system when preserving privacy in smart healthcare. However, the computation time is not fixed as the scheme requires users to update their key each time the transaction is updated. The researchers in [19] designed and implemented a decentralized reputation system to develop trust in the public fog nodes for enabling the IoT devices to rely on them securely. It provides safety against security vulnerabilities associated with IoT data and maintains the integrity of the data. The method uses the opinions of multiple users regarding the performance of public fog nodes to calculate reputation score for the future user to uses this system, which shows the unreliability of the system performance since the change in users’ opinions changes the reputation score and increases the computation cost. Several computing task offloading schemes in mobile edge computing for IoT devices have been developed in [20]. The developed system uses a Blockchain-enabled edge computing framework and non-dominated sorting genetic algorithm to maintain data integrity while performing a task offloading process. Moreover, it adopts simple additive weighting and multi-criteria decision making techniques to select the most suitable offloading schemes. The task offloading system consumes 5% less energy than compared methods and decreases offloading time and energy consumption with data integrity and privacy protection. However, this work does not consider the security of VM instances while moving from one edge computing device to another device for obtaining load balance.

2.2. Consortium Blockchain

Consortium blockchain is a type of blockchain with authorized nodes to maintain distributed shared databases. Constructed by several organizations, the consortium blockchain is partially decentralized as only a small portion of nodes would be selected to determine the consensus. Among other advantages, recent works [21] have shown that it offers high potential for the establishment of decentralized electricity trading system with moderate cost. The authors of [22] propose a blockchain-based secure and privacy-preserving personal health information sharing scheme for diagnosis improvements in e-Health systems, where private and consortium blockchain are constructed by devising their data structures, and consensus mechanisms. In order to achieve data security, access control, privacy preservation and secure search in this work, all the data including the health information, keywords and the patients’ identities are public key encrypted with keyword search. In [23], the authors construct a consortium blockchain framework for detecting malicious codes in malware and extracting the corresponding evidences in mobile devices. The work performs feature modelling by utilizing statistical analysis method, where the framework is composed of a detecting consortium chain shared by test members and a public chain shared by users. The authors also design a multi-feature detection method of Android-based system for detecting and classifying malware, and establish a fact-base of distributed Android malicious codes by blockchain technology.

2.3. Hyperledger Fabric Blockchain

Hyperledger Fabric is an implementation of a distributed ledger platform for running smart contracts, leveraging familiar and proven technologies, with a modular architecture allowing pluggable implementations of various functions [24]. Designed as an extensible general-purpose permissioned blockchain, Hyperledger Fabric is the first blockchain system that supports the implementation of distributed applications written in standard programming languages [25]. This essentially allows them to be executed consistently across many nodes, giving impression of execution on a single globally-distributed blockchain computer, making Fabric the first distributed operating system for permissioned blockchains. The authors of [26] showed that the security can be enhanced by using proof of block and trade consensus algorithms to validate trade and blocks before allocating them to the ledger. Their solution uses a lightweight consensus algorithm, resulting in reduced computation time. However, it is resource intensive as it requires each trade to be validated before and at the time of block formation.
In [27], the authors proposed to improve privacy in industrial IoT with a Blockchain-based secure data sharing model for distributed multiple parties. They used federated learning algorithms to transform raw data generated in industrial IoT into the corresponding data model and share it. This model helps prevent data leakage, and data owners can assess before giving access to share their data in Industrial IoT. It provides high efficiency and enhanced security over traditional solutions. However, stable accuracy is difficult to achieve with the increase in the number of data providers. Also, an increase in the number of data providers requires a system to scale data for performing the computation. The consensus protocol is enhanced in [28] by checking the data loss before the data transmission to the blockchain network. This system uses a gossip-based diffusion function that guarantees the data collected from the sensor device are transmitted to the honest node of the blockchain network. However, this system does not consider the traffic that may increase in the network when the nodes are busy in replicating the processing outcome. The improvement of privacy with novel blockchain-based distributed key management scheme was discussed in [29], which eliminates the potential threat caused by a trusted third party. It uses multi-blockchain network that improves verification and saves storage space for IoT devices. The results showed that the scalability of the system is suitable to resource constrained IoT systems. However, a preshared key strategy in asymmetric cryptography is used, resulting in increased computation and communication overhead.

2.4. Blockchain Mechanisms for IoT Security

Blockchain-based frameworks to preserve user privacy in IoT have been proposed in a majority of works. The authors of [30] proposed a blockchain-based data acquisition scheme for a secure collection of data from IoT devices using Unmanned Aerial Vehicles (UAVs). This solution was researched by collecting data from IoT devices using UAV and storing safely in blockchain through mobile edge computing. However, in this approach, the required verification increases the latency. The researchers in [31] enhanced privacy in IoT with the Hyperledger Fabric Blockchain framework and Attribute Based Access Control (ABAC) to ensure efficient access control even under large number of requests in the IoT environment. The performance of this approach is analysed using two terminals which may increase the computational cost. The authors of [5] enhanced the publish/subscribe model with a blockchain-based secure publish/subscribe system to protect the privacy of publishers and subscribers. This model uses the Ethereum platform to ensure identity protection of the publisher and subscriber, using public key encryption with an equality test to guarantee the confidentiality of IoT data transmitted in the blockchain network. Though the authors present a promising way to preserve privacy in IoT system, the use of Diffie–Hellman protocol for encryption procedure does not resist security attack, causing the user to compromise the security of their personal data.
Based on consortium blockchain, the security and privacy in IoT were enhanced in [32] with a novel attribute-based access control scheme. This scheme avoids the need to maintain an access control list in the IoT system as compared to traditional access control technologies. The access policies are made up of attributes and stored in the form of transaction in the blockchain. The performance analysis of their system shows storage overhead increases linearly with an increase in the number of attributes, whereas the computation overhead is also linear in the number of attributes. The security analysis shows that their scheme provides resistance to various security attacks in the IoT system. However, the key pair developed for authentication of the transaction does not boost the security strength of the encrypted transactions. In [14], the authors enhanced user privacy preservation in the IoT system with a novel secure mutual authentication system to provide traceability and privacy protection of access policy and user consent. The use of ECIES protects the confidentiality and privacy of request transaction message and response data that is transmitted to obtain necessary consents before data transmission in IoT. It gives a correlation coefficient of 0.34499 between constructed request transactions and encrypted transaction with a computation time of 102.733 ms. The ECIES is implemented to generate the public/private keys for encrypting and decrypting the request transaction data and response data. However, keys generated from the publicly exposed point on the elliptic curve result in violating user privacy.
A major concern regarding the adoption of blockchain technology in IoT networks is the enormous energy consumption associated with blockchains. This perception inevitably raises concerns about the further adoption of this technology, a fact that inhibits rapid uptake of what is widely considered to be a ground-breaking and disruptive innovation [33]. This fact, along with the significant increase in energy consumption caused by IoT networks has created a new challenge and diverted the focus towards creating an eco-friendlier IoT ecosystem, which provides energy efficient services and enables the production and use of renewable energy [34]. The combination of blockchains and a green IoT is focused on reducing energy consumption and adopting renewable resources rather than on energy generated by fossil fuels. Furthermore, recent studies [33,35] have shown that blanket statements about the energy consumption related to blockchains should be reviewed with care. Although Bitcoin and other proof-of-work blockchains do indeed consume a lot of power, alternative blockchain solutions with significantly lower power consumption are already available today, and new promising concepts are being tested that could further reduce the power consumption of large blockchain networks.

3. Modified ECIES with Secure Hash Function

The proposed scheme is intended to protect the integrity of transmitted messages while obtaining necessary consents for data transmission in IoT. Moreover, it provides resistance against different attacks and ensures reliable auditing of the user data access policy. To provide confidentiality and authentication of the transmitted data, both the request transaction and response data are authenticated once they are encrypted. We have chosen the proposed method in Lin et al. [14] as the basis for our designed solution. The mutual authentication system shows the access request transaction and response data while obtaining necessary consents. It protects against any data leakage and data loss, ensures reliable behavior auditing and protects the user access policy, preventing any malicious attack and possibility of consents versioning. The request transaction data are encrypted using ECIES and authenticated using message authentication code. The access request transaction and response data are firmly secured and authenticated, providing enhanced security while managing user data access policy and consents [18].
The use of an SHF to generate private and public keys prevents an attacker from detecting the actual values of the keys from which it is derived, even in the case where the hash function is known. This feature enhances the privacy preservation in IoT, providing resistance to detect the actual value of the key is used to encrypt the message. A detailed flow diagram of the proposed scheme is shown in Figure 1. In the following, we detail the major stages involved in our proposed scheme.
System Setup—The setup and enroll algorithm is invoked in this step to obtain keys for signing and verifying the transaction. After taking in the security parameters, λ n , to obtain the public parameters, σ n , we first generate a hash to ensure the security of the derived key, since the generated hash function is used to compute the private and public keys, denoted by δ R and δ P , respectively. The unique hash generation, corresponding to message m, is denoted as:
h ( m ) = ψ ( m ) | ψ : { 0 , 1 } { 0 , 1 } 256 ,
where ψ is the unique hash generation function [30,36], and we have used SHA-256. In some works, for example, [14], the private and public key is calculated from publicly exposed points on the elliptic curve that can be easily detected by the attacker, and user privacy can be compromised. The security strength of the key ensures the confidentiality and authenticity of the transmitted message for obtaining the user consents before processing the user data.
The security strength of the key ensures the confidentiality and authenticity of the transmitted message for obtaining the user consents before processing user data in IoT. Thus, if SHF is used to determine the value for the key rather than choosing publicly exposed points on the elliptic curve, the transmitted message will be highly protected. The secure hash value is used to generate the private key rather than randomly choosing a publicly exposed point on the elliptic curve as a private key and computing public key from the chosen private key. The private key δ R is generated based on the hash function using the key generator function Γ ( · ) , given as:
δ R = Γ ( h ) | Γ : { 0 , 1 } { 0 , 1 } κ ,
where κ is the designated key size [30,36]. After the generation of private key δ R from the hash h ( m ) , corresponding to message m, the public key δ P is calculated based on:
δ P = δ R ( E x , E y ) ,
where ( E x , E y ) corresponds to the x and y coordinates of the point P on the elliptic curve E of finite field and P has the order of large prime number q [30]. Hence, the use of the hash function protects the value of the key being detected even if the hash function is known. As a result, private and public keys are secured and provide resistance to several security attacks enhancing user privacy protection.
Request Control—Once access request is published, new public and private keys are produced to avoid replay attack and profiling [14], where the uniquely generated hash is used to compute the private key instead of a randomly chosen key. The transaction to access the data is constructed and signed using the GSign algorithm. Request transaction data are then encrypted and verified using different keys. Since the randomly generated points on the elliptic curve can be detected by any attacker as multiple keys to encrypt the transmitted message, the proposed solution uses a KDF algorithm [37] to derive multiple keys from one secured master key. KDF follows an iterative process to derive multiple keys and ensure that an attacker is not able to identify origin of the master key [32]. After keys are generated, request transaction data are encrypted using the Enc. algorithm of ECIES and is authenticated using the MAC algorithm, where the encryption process is given by:
C P = E n c r y p t ( T r , δ P ) ,
and C P represents the encrypted access request transaction data that is then uploaded to the blockchain network.
State Delivery—In this phase, consensus nodes in the blockchain network monitor the access request, checking the transaction verification using a signature verification algorithm. If the transaction is verified, it is decrypted using the Dec algorithm of ECIES and private key [14,30], which provides target device information and control orders, given by:
( D i , C ) = D e c r y p t ( C P , δ R ) ,
and D i and C represent the target device and control information, respectively. The consensus node of the blockchain network formats the data request to ensure the data access request is received from a valid requestor. The information access request to the user and response from the user is encrypted and authenticated. The authentication tag is recomputed to ensure the response is received from a valid user. If the authentication tag matches, only then the response from the user is decrypted to obtain response information about the request.
Chain Transaction—The transactions are retrieved in the smart contract of the block-chain network, where signatures are verified to check the validity of the transaction. If the transaction is valid, they are collected, and the block is formed. The consensus nodes use the Practical Byzantine Fault Tolerance consensus mechanism to chain the blocks [38]. The user access policy is then updated, which helps in managing consents set by the user.
Dispute Handling—The unusual transactions are traced by detecting abnormal and unusual behavior, where GTrace algorithm is executed to reveal the real identity in the unusual transactions. It helps to prevent impersonation attacks by identifying unusual behavior and showing the real identity of the attacker.
The flow of the modified ECIES is shown in Figure 2, whereas the steps of the proposed scheme are shown in Algorithm 1.
Algorithm 1 Proposed ECIES with Secure Hash Utilization.
Input: Security parameter λ n and Transactional Request Data T r
Output: Response Data
1:
Generate  σ n λ n
2:
Compute  h ( m ) m
3:
Compute  δ R h ( m )
4:
Compute  δ P δ R ( E x , E y )
5:
ConstructT δ P
6:
Encryption  C P E n c r y p t ( T r , δ P )
7:
Authentication Check
     if Tags Match
           ( D i , C ) D e c r y p t ( C P , δ R )
     else Reject C P
     end

Computation Time for Proposed Scheme

In this section, we calculate the computation time of the proposed scheme, which is given as:
T = T b + T c ,
where T is the final computation time, T b is a computation time for transaction generation and verification, and T c is the initial computation time. Here, T b is given as:
T b = i = 1 T r T r i ( t ) + i = 1 N s 2 + 1 N s i ( t ) ,
where T r i ( t ) is a time for generation of one trade, and N s i ( t ) is a time for verification by session node. Moreover, T c is given by:
T c = T 1 + T h + T 2 ,
where T h is the time for generation of hash function, and T 1 and T 2 correspond to the time of public/private key calculation and public parameter generation.

4. Benefits of Modified ECIES with SHF

The proposed solution helps improve the confidentiality and authenticity of the transferred message to obtain consents protected by using an SHF to generate private and public keys. This improves the correlation coefficient between transmitted messages and encrypted transactions. Along with this, it also ensures that the attacker is not able to detect the value of the key even in case hash function is known to the attacker because points on the elliptic curve are the order of a large prime number. In some of previous woks, the computation time is affected by the number of users, thus with the increase in the number of users, the computation time also increases, indicating the unreliability of the system. In the proposed scheme, the computation time is calculated by eliminating the user dependent variable, showing a higher system reliability.
SHF is utilized to generate private and public keys for improving the security strength of the transmitted message. The private key is generated from the SHF based on SHA-256, while the public key is calculated from the private key and points on the elliptic curve of the finite field that is the order of a large prime number. Hence, if the attacker tries to compute the point on the curve, they will not be able to detect the value of the key. In order to improve the efficiency of the encryption and decryption, the KDF is used to generate secured multiple keys from one master key. Some previous works [14] randomly select the publicly exposed point on the curve as a value of the key resulting in several security vulnerabilities that impact user privacy. Using publicly exposed points on the curve that are vulnerable to several attacks as a private and public key, will exploit the user privacy in IoT. Hence, the use of SHF will guarantee that the integrity of the key is protected, and the attacker is not able to detect the actual value of the key. In the proposed scheme, we have kept a regard for the authenticity and integrity protection of the transmitted message while consent management for enhancing user privacy in IoT by using ECIES with an SHF generation.

5. Results and Discussion

This section presents the analysis and results of the proposed scheme. Considering the relevance of Lin et al. [14] to our work, we provide a detailed comparison of our work with the results presented in Lin et al. [14]. MATLAB R2019a was used to implement and evaluate the prototype of the proposed model on a personal computer (PC). For the implementation, ‘secp256r1’ is used as the elliptic curve domain parameter [39] to develop the public parameter of the elliptic curve, whereas SHA-256 is used to secure the hash function generation. Four groups of 50, 150, 250, 500 device information were used as a dataset, where these datasets were taken from online resources [40]. Ten samples of device information from each group are taken to construct the request transactions. We considered attributes such as device_ID, device_Type, device_Model, and device_SN (serial number) from the device information for creating the tansaction request. The completed request transaction is encrypted and decrypted for both Lin et al. [14] and the proposed scheme. The strength of the transmitted message is measured in terms of the correlation coefficient between the constructed request transaction and encrypted request transaction. The performance evaluation of the proposed scheme is based on the comparison of correlation coefficient and computation time with that of Lin et al. [14].
We note that the correlation coefficient measures the closeness between the mapped points on the elliptic curve for the constructed request transaction and encrypted request transaction. The lower the value of the correlation coefficient, the more secure the encrypted transaction. We compared samples taken from our result with the device ID attribute of the 50-device group set from the dataset. This result consisted of the encrypted transaction for request transactions in the request control stage for both Lin et al. [14] and the proposed scheme, where the comparison is based on the correlation coefficient between constructed request transactions and encrypted request transactions.
Table 1 includes the device ID attribute of three samples; the constructed request transaction for each device ID and encrypted request transaction in Lin et al. [14] and our proposed scheme. The measured correlation coefficient here improves from 0.3451 to 0.3052 in the first sample of device ID attributes, which clearly demonstrates the improved security strength of the encrypted transaction due to the lower correlation coefficient. Apart from the device ID samples, we tested other attributes of the device information such as device_Type, device_Model, and device_SN attributes. Ten samples were taken from each of the datasets of 50-, 150-, 250-, and 500-device group set. The results are obtained during the request control stages before uploading the request transaction into the smart contract of the blockchain network, and are shown in Table 2, Table 3, Table 4 and Table 5, respectively. It is evident from the provided tables that the proposed solution improves the correlation coefficient between the constructed request transaction and encrypted transaction, providing increased security strength of the encrypted transaction.
We also calculate the average values of the correlation coefficient and computation time for the proposed scheme and for Lin et al. [14], as shown in Table 6. The result shows a noticeable improvement in both the correlation coefficient and the computation time compared to Lin et al. [14]. Figure 3 shows the average correlation coefficient results for the proposed scheme and for Lin et al. [14], which demonstrates the security strength of the transmitted message. The results for Lin et al. [14] are shown in blue, while the orange color indicates the result for the proposed solution. Every paired blue-orange bar represents the correlation coefficient of the 50-, 150-, 250-, and 500- device group sets with the attributes device_ID, device_Type, device_Model, and device_SN, respectively. The average correlation coefficient for the proposed scheme for device_ID samples of the 50-device group dataset is reduced to 0.30122, whereas it is 0.34499 for Lin et al. [14]. Similarly, the average correlation coefficient for device_Model samples of 250-device group dataset is also reduced to 0.30359, whereas it is 0.34853 for Lin et al. [14]. Finally, the average correlation coefficient for device_SN samples of 500-device group dataset for the proposed solution is reduced to 0.30089 comparing to the record of 0.34433 for Lin et al. [14]. We attribute the degree of improvement in the correlation coefficient to the modified private and public keys for encryption in the proposed scheme. The proposed scheme improves the correlation coefficient from 0.04344 to 0.04377 between constructed request transactions and encrypted request transaction, which shows increased security strength of the transmitted message.
Figure 4 shows the average computation time results for both the proposed scheme and for Lin et al. [14] by calculating the execution time for each sample. The blue color indicates the results for Lin et al. [14], and the dark orange color indicates the result for the proposed solution. The paired blue-orange bars represent the average computation time for the 50-, 150-, 250-, and 500- device groupsets with the attributes device_ID, device_Type, device_Model, and device_SN, respectively.
  • The average computation time for the proposed scheme of the device_ID samples of the 50-device group dataset is reduced to 95.48 ms, whereas it is 102.733 ms for Lin et al. [14];
  • The average computation time for device_Type samples of 150-device group dataset is reduced to 92.447 ms compared to 98.967 ms of Lin et al. [14];
  • The average computation time for device_Model samples of 250-device group dataset is 98.745 ms, which is less than the recorded value of 105.68 ms for Lin et al. [14];
  • The average computation time for device_SN samples of 500-device group dataset. for the proposed solution is equal to 98.615 ms comparing to 103.766 ms for Lin et al. [14].
A comparison between our proposed scheme and Lin et al. [14] is presented in Table 7. Both solutions are based on ECIES that protect the confidentiality and privacy of request transaction messages and response data before data transmission in IoT. While Lin et al. [14] is mutually authenticated with ECIES, our proposed model modified the ECIES with an SHF. Using an SHF to derive private and public keys reduces the correlation coefficient, which improves the security strength of the request transaction data. Our contribution relies on the fact that SHF improves the strength of encryption/decryption of the transmitted message by adding new features for calculating private and public keys from the safer elliptic curve point, as compared to the case of Lin et al. [14], which does not use hash function generation in the process of calculating the private and public keys. Moreover, in Lin et al. [14], the security strength of the key was compromised, resulting in the violation of user privacy in IoT. However, to enhance the privacy and reliability of the processed user data in IoT, the new features adopted in the proposed scheme greatly enhance user privacy in the IoT system. The use of KDF during the encryption procedure of the request control stage introduces key stretching capability in the proposed scheme, which helps to derive multiple keys from a single master key. This feature decreases the number of iterations while deriving keys for authentication. As a result, the proposed scheme achieves a reduction in encryption and decryption time. The computation time calculated in the proposed scheme eliminates user dependent variables by including time for transaction generation and verification to calculate computation time. This feature ensures the reliability of the proposed scheme with reduced computation time compared to Lin et al. [14] by an average of 7 ms per number of transactions.

6. Conclusions and Future Work

Data security and user privacy have been the emerging needs in the IoT system. In this work, we presented a Blockchain-based scheme to preserve user privacy in IoT. The proposed scheme provides a secure platform that allows the access requester to send the request transaction data and receive the response data for the corresponding request. We propose to use ECIES with SHF, which is the new feature adapted from Lin et al. [14], to protect the confidentiality and authenticity of the transmitted request transaction and response data. The use of an SHF to derive private and public keys enhanced user privacy in IoT. This enhancement could improve the security strength of the request transaction data, which helps to derive multiple keys from the single master key; decreasing the number of iterations while deriving keys for authentication and elimination. As a result, it reduces the computation time in the proposed solution by an average of 7ms per number of transactions compared to the work of Lin et al. [14]. In the future, we need to explore other cryptographic approaches to provide a secure platform for users and data requester to exchange their data in the IoT environment. Future research needs to focus on issues other than protecting the confidentiality and authenticity of the request transaction data and response data to enhance user privacy in IoT, such as investigating and utilizing different techniques to integrate within the blockchain network for achieving enhanced privacy in the IoT system.

Author Contributions

Conceptualization, Y.P.K.; Methodology, K.S.; Project administration, A.A. and S.U.R.; Resources, S.U.R.; Supervision, A.A., A.B.A.-K., P.W.C.P., S.U.R. and R.I.; Writing—original draft, Y.P.K. and K.S.; Writing—review & editing, K.S. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

Not applicable, the study does not report any data.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Stoyanova, M.; Nikoloudakis, Y.; Panagiotakis, S.; Pallis, E.; Markakis, E.K. A survey on the internet of things (IoT) forensics: Challenges, approaches, and open issues. IEEE Commun. Surv. Tuts 2020, 22, 1191–1221. [Google Scholar] [CrossRef]
  2. Sfar, A.R.; Natalizio, E.; Challal, Y.; Chtourou, Z. A roadmap for security challenges in the Internet of Things. Digit. Commun. Netw. 2018, 4, 118–137. [Google Scholar] [CrossRef]
  3. Rantos, K.; Drosatos, G.; Kritsas, A.; Ilioudis, C.; Papanikolaou, A.; Filippidis, A.P. A blockchain-based platform for consent management of personal data processing in the IoT ecosystem. Secur. Commun. Netw. 2019, 2019, 1431578. [Google Scholar] [CrossRef]
  4. Fernquist, J.; Fängström, T.; Kaati, L. IoT data profiles: The routines of your life reveals who you are. In Proceedings of the European Intelligence and Security Informatics Conference (EISIC), Athens, Greece, 11–13 September 2017; pp. 61–67. [Google Scholar]
  5. Lv, P.; Wang, L.; Zhu, H.; Deng, W.; Gu, L. An IoT-oriented privacy-preserving publish/subscribe model over blockchains. IEEE Access 2019, 7, 41309–41314. [Google Scholar] [CrossRef]
  6. Minoli, D.; Occhiogrosso, B. Blockchain mechanisms for IoT security. Internet Things 2018, 1–2, 1–13. [Google Scholar] [CrossRef]
  7. Khan, M.A.; Salah, K. IoT security: Review, blockchain solutions, and open challenges. Future Gener. Comput. Syst. 2018, 82, 395–411. [Google Scholar] [CrossRef]
  8. Alfandi, O.; Khanji, S.; Ahmad, L.; Khattak, A. A survey on boosting IoT security and privacy through blockchain. Clust. Comput. 2020, 24, 37–55. [Google Scholar] [CrossRef]
  9. Roy, S.; Ashaduzzaman, M.; Hassan, M.; Chowdhury, A.R. Blockchain for IoT security and management: Current prospects, challenges and future directions. In Proceedings of the IEEE International Conference on Networking, Systems and Security (NSysS), Dhaka, Bangladesh, 18–20 December 2018; pp. 1–9. [Google Scholar]
  10. Bisogni, C.; Iovane, G.; Landi, R.E.; Nappi, M. ECB2: A novel encryption scheme using face biometrics for signing blockchain transactions. J. Inf. Secur. Appl. 2021, 59, 102814. [Google Scholar] [CrossRef]
  11. Hammi, M.T.; Hammi, B.; Bellot, P.; Serhrouchni, A. Bubbles of Trust: A decentralized blockchain-based authentication system for IoT. Comput. Secur. 2018, 78, 126–142. [Google Scholar] [CrossRef]
  12. Gai, K.; Wu, Y.; Zhu, L.; Zhang, Z.; Qiu, M. Differential privacy-based blockchain for industrial internet-of-things. IEEE Trans. Ind. Inform. 2019, 16, 4156–4165. [Google Scholar] [CrossRef]
  13. Gnatyuk, S.; Kinzeryavyy, V.; Kyrychenko, K.; Yubuzova, K.; Aleksander, M.; Odarchenko, R. Secure hash function constructing for future communication systems and networks. In Proceedings of the International Conference of Artificial Intelligence, Medical Engineering, Education, Moscow, Russia, 6–8 October 2018; pp. 561–569. [Google Scholar]
  14. Lin, C.; He, D.; Kumar, N.; Huang, X.; Vijayakumar, P.; Choo, K.-K.R. Homechain: A blockchain-based secure mutual authentication system for smart homes. IEEE Internet Things J. 2019, 7, 818–829. [Google Scholar] [CrossRef]
  15. Yaga, D.; Mell, P.; Roby, N.; Scarfone, K. Blockchain technology overview. arXiv 2019, arXiv:1906.11078. [Google Scholar]
  16. Buterin, V. Ethereum White Paper: A Next Generation Smart Contract & Decentralized Application Platform; 1st version. 2014, Volume 53. Available online: https://translatewhitepaper.com/wp-content/uploads/2021/04/EthereumOrijinal-ETH-English.pdf (accessed on 9 January 2022).
  17. Zou, S.; Xi, J.; Wang, H.; Xu, G. Crowdblps: A blockchain-based location-privacy-preserving mobile crowdsensing system. IEEE Trans. Ind. Inform. 2019, 16, 4206–4218. [Google Scholar] [CrossRef]
  18. Xu, J.; Xue, K.; Li, S.; Tian, H.; Hong, J.; Hong, P.; Yu, N. Healthchain: A blockchain-based privacy preserving scheme for large-scale health data. IEEE Internet Things J. 2019, 6, 8770–8781. [Google Scholar] [CrossRef]
  19. Debe, M.; Salah, K.; Rehman, M.H.U.; Svetinovic, D. IoT public fog nodes reputation system: A decentralized solution using Ethereum blockchain. IEEE Access 2019, 7, 178082–178093. [Google Scholar] [CrossRef]
  20. Xu, X.; Zhang, X.; Gao, H.; Xue, Y.; Qi, L.; Dou, W. BeCome: Blockchain-enabled computation offloading for IoT in mobile edge computing. IEEE Trans. Ind. Inform. 2019, 16, 4187–4195. [Google Scholar] [CrossRef]
  21. Kang, J.; Yu, R.; Huang, X.; Maharjan, S.; Zhang, Y.; Hossain, E. Enabling localized peer-to-peer electricity trading among plug-in hybrid electric vehicles using consortium blockchains. IEEE Trans. Ind. Inform. 2017, 13, 3154–3164. [Google Scholar] [CrossRef]
  22. Zhang, A.; Lin, X. Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. J. Med. Syst. 2018, 42, 1–18. [Google Scholar] [CrossRef]
  23. Gu, J.; Sun, B.; Du, X.; Wang, J.; Zhuang, Y.; Wang, Z. Consortium blockchain-based malware detection in mobile devices. IEEE Access 2018, 6, 12118–12128. [Google Scholar] [CrossRef]
  24. Cachin, C. Architecture of the hyperledger blockchain fabric. In Workshop on Distributed Cryptocurrencies and Consensus Ledgers; 2016; Volume 310, pp. 1–4. Available online: https://allquantor.at/blockchainbib/pdf/cachin2016architecture.pdf (accessed on 9 January 2022).
  25. Androulaki, E.; Barger, A.; Bortnikov, V.; Cachin, C.; Christidis, K.; Caro, A.D.; Enyeart, D.; Ferris, C.; Laventman, G.; Manevich, Y.; et al. Hyperledger fabric: A distributed operating system for permissioned blockchains. In Proceedings of the 13th EuroSys Conference, Porto, Portugal, 23–26 April 2018; pp. 1–15. [Google Scholar]
  26. Biswas, S.; Sharif, K.; Li, F.; Maharjan, S.; Mohanty, S.P.; Wang, Y. PoBT: A lightweight consensus algorithm for scalable IoT business blockchain. IEEE Internet Things J. 2019, 7, 2343–2355. [Google Scholar] [CrossRef]
  27. Lu, Y.; Huang, X.; Dai, Y.; Maharjan, S.; Zhang, Y. Blockchain and federated learning for privacy-preserved data sharing in industrial IoT. IEEE Trans. Ind. Inform. 2019, 16, 4177–4186. [Google Scholar] [CrossRef]
  28. He, S.; Tang, Q.; Wu, C.Q.; Shen, X. Decentralizing IoT management systems using blockchain for censorship resistance. IEEE Trans. Ind. Inform. 2019, 16, 715–727. [Google Scholar] [CrossRef]
  29. Ma, M.; Shi, G.; Li, F. Privacy-oriented blockchain-based distributed key management architecture for hierarchical access control in the IoT scenario. IEEE Access 2019, 7, 34045–34059. [Google Scholar] [CrossRef]
  30. Islam, A.; Shin, S.Y. BUAV: A blockchain based secure UAV-assisted data acquisition scheme in Internet of Things. J. Commun. Netw. 2019, 21, 491–502. [Google Scholar] [CrossRef]
  31. Liu, H.; Han, D.; Li, D. Fabric-IoT: A blockchain-based access control system in IoT. IEEE Access 2020, 8, 18207–18218. [Google Scholar] [CrossRef]
  32. Ding, S.; Cao, J.; Li, C.; Fan, K.; Li, H. A novel attribute-based access control scheme using blockchain for IoT. IEEE Access 2019, 7, 38431–38441. [Google Scholar] [CrossRef]
  33. Sedlmeir, J.; Buhl, H.U.; Fridgen, G.; Keller, R. The energy consumption of blockchain technology: Beyond myth. Bus. Inf. Syst. Eng. 2020, 62, 599–608. [Google Scholar] [CrossRef]
  34. Sharma, P.K.; Kumar, N.; Park, J.H. Blockchain technology toward green IoT: Opportunities and challenges. IEEE Netw. 2020, 34, 263–269. [Google Scholar] [CrossRef]
  35. Sedlmeir, J.; Buhl, H.U.; Fridgen, G.; Keller, R. Recent Developments in Blockchain Technology and their Impact on Energy Consumption. arXiv 2021, arXiv:2102.07886. [Google Scholar]
  36. Hakeem, S.A.A.; Abd El-Gawad, M.A.; Kim, H. A decentralized lightweight authentication and privacy protocol for vehicular networks. IEEE Access 2019, 7, 119689–119705. [Google Scholar] [CrossRef]
  37. Krawczyk, H. Cryptographic extraction and key derivation: The HKDF scheme. In Annual Cryptology Conference; Springer: Berlin/Heidelberg, Germany, 2010; pp. 631–648. [Google Scholar]
  38. Sankar, L.S.; Sindhu, M.; Sethumadhavan, M. Survey of consensus protocols on blockchain applications. In Proceedings of the IEEE International Conference on Advanced Computing and Communication Systems, Coimbatore, India, 19–20 March 2017; pp. 1–5. [Google Scholar]
  39. Brown, D.R. Sec 2: Recommended Elliptic Curve Domain Parameters. Standards for Efficient Cryptography. 2010. Available online: https://ci.nii.ac.jp/naid/10027922258/ (accessed on 9 January 2022).
  40. Hang, L.; Kim, D.H. Design and implementation of an integrated iot blockchain platform for sensing data integrity. Sensors 2019, 19, 2228. [Google Scholar] [CrossRef] [PubMed] [Green Version]
Figure 1. Flow Diagram of the Proposed Scheme—Modified ECIES with Secure Hash Function.
Figure 1. Flow Diagram of the Proposed Scheme—Modified ECIES with Secure Hash Function.
Futureinternet 14 00077 g001
Figure 2. Flowchart of the Proposed Elliptic Curve Integrated Encryption Scheme with SHF.
Figure 2. Flowchart of the Proposed Elliptic Curve Integrated Encryption Scheme with SHF.
Futureinternet 14 00077 g002
Figure 3. Average Correlation Coefficient results for Proposed Scheme and Lin et al. [14].
Figure 3. Average Correlation Coefficient results for Proposed Scheme and Lin et al. [14].
Futureinternet 14 00077 g003
Figure 4. Average Computation Time results for Proposed Scheme and Lin et al. [14].
Figure 4. Average Computation Time results for Proposed Scheme and Lin et al. [14].
Futureinternet 14 00077 g004
Table 1. Constructed Request Transaction and Encrypted Request Transaction in Lin et al. [14] and the Proposed Scheme.
Table 1. Constructed Request Transaction and Encrypted Request Transaction in Lin et al. [14] and the Proposed Scheme.
SampleEncrypted Request Transaction Samples from Lin et al. [14]Encrypted Request Transaction Samples—Proposed Scheme
Device_IDConstructed Request TransactionEncrypted TransactionConstructed Request TransactionEncrypted Transaction
5c504f286301||pk1||5c504f2863||onMgxrrzzltep01||pk1||5c504f2863||o#M25*^gh%@sEj_N
7j533g378501||pk2||7j533g3785||rVzBsirblemqxj01||pk2||7j533g3785||r&2bgh?+5f*63^”bL+
2p488d493601||pk3||2p488d4936||cblskQohnerJk01||pk3||2p488d4936||cOx32?@><ghtSE21
Table 2. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Scheme—Device ID Samples.
Table 2. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Scheme—Device ID Samples.
S. No.Device_ID SamplesConstructed Request TransactionLin et al. [14]Proposed Scheme
Encrypted TransactionCorrelation CoefficientComputation Time (ms)Encrypted TransactionCorrelation CoefficientComputation Time (ms)
15c504f286301||pk1||5c504f2863||onMgxrrzzltep0.3451108.45#M25*^gh%@sEj_N0.305297.87
27j533g378501||pk2||7j533g3785||rVzBsirblemqxj0.3287102.67&2bgh?+5f*63^”bL+0.288195.35
32p488d493601||pk3||2p488d4936||cblskQohnerJk0.3695110.88Ox32?@><ghtSE210.3197100.01
43r622h267801||pk4||3r622h2678||wkGniopHcqts0.3586105.5&&4*^xo78?//@br0.307497.36
58x923a099501||pk5||8x923a0995||rpxtrJvnerKlsgh0.3218100.3Xx(+09%#<>P582j#0.282190.8
65z307b230501||pk6||5z307b2305||oSzhioFnopsltr0.3524109.2553>BJIO@+*29_ba0.311799.3
71k408m727701||pk7||1k408m7277||rzcxvtDlfspqrv0.324798.6pM@0873##ghi++0.285197.2
84v978x035501||pk8||4v978x0355||rQlnioghTsrvbe0.361896.33ST<**3789#(j;st_bt0.312591.78
96g388k566901||pk9||6g388k5669||otwchjkioAans0.349999.24C5!(^78#”gmRb+5230.307193.68
109s028n608201||pk10||9s028n6082||cifniodfXtcrnig0.337496.11+93x0”^&pSq*?84((+0.293391.45
Table 3. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Scheme—Device Type Samples.
Table 3. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Scheme—Device Type Samples.
S. No.Device_Type SamplesConstructed Request TransactionLin et al. [14]Proposed Scheme
Encrypted TransactionCorrelation CoefficientComputation Time (ms)Encrypted TransactionCorrelation CoefficientComputation Time (ms)
1Lamp01||pk1||lamp||ohdlOxcjsmkbfaxb0.3365100.25@2e78(^:xvyio#0.292391.48
2Fan01||pk2||fan||cIDvislzxkrFthjcs0.351896.46vM*{14s<”QJixh%j0.309190.01
3Air-conditioner01||pk3||ac||rlpCivzodalfioeLt0.3624109.84##hj89!kb(**vm%l0.3147101.21
4Television01||pk4||tv||rglaQivtsjiwecbmf0.3267104.3F4!{9(&&Hjck”b_10.286596.45
5Freezer01||pk5||freezer||oiozxJstovhgmcIDf0.337898.8Ox5%zkLR++8**d”0.293493.26
6Camera01||pk6||camera||cbchjShBixmveloz0.341397.65++fg^*294(siX3!%K0.298492.68
7Doorbell01||pk7||doorbell||coxGjzbkdIvsohja0.364995.38&&59gX+jq6^^d!0.316689.59
8Door01||pk8||door||rmrXbjiwedjlHaMb0.367294.713!cAm#]za!_vD8**0.319389.45
9Clock01||pk9||clock||rVbihKzrajioxbfk0.329195.162!_xjdO(+”8fYios”0.289189.78
10Speaker01||pk10||speaker||oaKleioshBzerjioc0.353497.1256@kWx”67!++^*8)0.311290.56
Table 4. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Solutions—Device Model Samples.
Table 4. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Solutions—Device Model Samples.
S. No.Device_Model SamplesConstructed Request TransactionLin et al. [14]Proposed Scheme
Encrypted TransactionCorrelation CoefficientComputation Time (ms)Encrypted TransactionCorrelation CoefficientComputation Time (ms)
1RX35001||pk1||RX350||oVbxdjklopStpd0.3587106.23P#5!hbn2e<k”0.313898.45
2HS720A01||pk2||HS720A||crbpMiosgtkbdji0.3393109.04++dfg*7D$%j{0.295499.34
3ZT880801||pk3||ZT8808||rpbfKlacTrxkfdv0.3718113.96J9_}ndb^&10f0.3215103.85
4XY290P01||pk4||XY290P||rKgankobhmenx0.3425105.428g(7!kvy>?lb0.297198.67
5HDR6E01||pk5||HDR6E||oAchjeoPvmftugy0.3274104.55“fs9!45@kcql++0.288796.77
6CBT26Z01||pk6||CBT26Z||cZxjdriobstJbci0.3368110.75#46e%Jcmp8!(*0.2932101.48
7PB485D01||pk7||PB485D||ooxchksDLnfkwcy0.3451100.30x^{gno**57(%0.299597.26
8AVV56E01||pk8||AVV56E||rGbjiochtgjFcodef0.3596104.78rDk##99!hsi_4%!0.315297.73
9BM506001||pk9||BM5060||cabfdelUbjiotHny0.341799.343!(gOx<@2dn+*>0.295195.87
10CR203001||pk10||CR2030||orvpmRtzderighj0.3624102.45+8cY{&269f##k!0.316498.03
Table 5. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Solutions—Device Serial Number Samples.
Table 5. Correlation Coefficient and Computation Time Comparison of Lin et al. [14] and Proposed Solutions—Device Serial Number Samples.
S. No.Device_SN SamplesConstructed Request TransactionLin et al. [14]Proposed Scheme
Encrypted TransactionCorrelation CoefficientComputation Time (ms)Encrypted TransactionCorrelation CoefficientComputation Time (ms)
17202019080500101||pk1||72020190805001||rcwkzAldOxvionc0.3472103.75oxK*3#”4z89!Ws<k#0.307297.33
27202019080500201||pk2||72020190805002||crcksiKlwgnoxhtVm0.3381107.22@hs53!jL;(“bKx>++0.295199.58
37202019080500301||pk3||72020190805003||rMxjkdiyqosdGrdH0.3564109.55##gP34{*oX629_jb*D0.3115102.67
47202019080500401||pk4||72020190805004||oldfivrskTaovhxGc0.3415105.14“lB*{@793!_jf+>VG0.297398.97
57202019080500501||pk5||72020190805005||obJoxjdlqieczgeorl0.326199.34PW(+*51U_”vz#A9<h0.286196.88
67202019080500601||pk6||72020190805006||cxjloFaicehpbhowc0.3347109.159^qxc*{_fk@bi56!0.2937101.45
77202019080500701||pk7||72020190805007||oLpwvnjxzaioerm0.364199.62++7Ox37”#bsT^y>*0.314297.13
87202019080500801||pk8||72020190805008||rmhykdgyerioskzt0.3572104.01*fV%g_h!{“6do>&r0.311698.35
97202019080500901||pk9||72020190805009||caQiocdjkguzpljXo0.348798.15Ix{&85+^dy@<>g#0.308197.01
107202019080501001||pk10||72020190805010||rPfsklchioxDgerzbj0.3293101.73&jc*;31k4!+M_”*5%#0.284196.78
Table 6. Average Correlation Coefficient and Average Computation Time Results of Lin et al. [14] and Proposed Scheme (from tested samples).
Table 6. Average Correlation Coefficient and Average Computation Time Results of Lin et al. [14] and Proposed Scheme (from tested samples).
DatasetSamplesNo. of Tests TakenLin et al. [14]Proposed Scheme
Average Correlation CoefficientAverage Computation Time (ms)Average Correlation CoeffcientAverage Computation Time (ms)
50-Device Group SetDevice_ID100.34499102.7330.3012295.48
150-Device Group SetDevice_Type100.3471198.9670.3030692.447
250-Device Group SetDevice_Model100.34853105.680.3035998.745
500-Device Group SetDevice_SN100.34433103.7660.3008998.615
Table 7. Comparison between Proposed Scheme and Lin et al. [14].
Table 7. Comparison between Proposed Scheme and Lin et al. [14].
ApproachProposed Scheme
Modified ECIES with a SHF
Approach of Lin et al. [14]
Mutual Authentication with ECIES
Encryption/Decryption StrengthThe strength of the encryption/decryption is measured in terms of the correlation coefficient.
The improvement in the correlation coefficient is from 0.34499 to 0.30122
Provides an average correlation coefficient of 0.34499.
Computation timeComputation time is measured in terms of execution time.
The computation time decreases from 102.733 ms to 95.48 ms, reducing the encryption/decryption time from 39.925 ms and 41.513 ms to 34.444 ms and 35.859 ms.
Provide an average computation time of 102.733 ms with average encryption decryption time of 39.925 ms and 41.513 ms.
Contribution 1The generation of an SHF increases the security strength of the key by adding new features for calculating private and public keys from the safer elliptic curve points. With the generation of an SHF, the security strength of the transmitted message is improved, which enhances the user privacy in IoT.Does not use hash function generation for computing private and public keys for encrypting the transmitted message in IoT, which results in the violation of user privacy.
Contribution 2The KDF introduces key stretching capability and decreases the number of iterations processes while deriving keys for authentication. This reduces the time for encryption and decryption.The computation time is affected by the number of users showing the system unreliability.
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Khanal, Y.P.; Alsadoon, A.; Shahzad, K.; Al-Khalil, A.B.; Prasad, P.W.C.; Rehman, S.U.; Islam, R. Utilizing Blockchain for IoT Privacy through Enhanced ECIES with Secure Hash Function. Future Internet 2022, 14, 77. https://doi.org/10.3390/fi14030077

AMA Style

Khanal YP, Alsadoon A, Shahzad K, Al-Khalil AB, Prasad PWC, Rehman SU, Islam R. Utilizing Blockchain for IoT Privacy through Enhanced ECIES with Secure Hash Function. Future Internet. 2022; 14(3):77. https://doi.org/10.3390/fi14030077

Chicago/Turabian Style

Khanal, Yurika Pant, Abeer Alsadoon, Khurram Shahzad, Ahmad B. Al-Khalil, Penatiyana W. C. Prasad, Sabih Ur Rehman, and Rafiqul Islam. 2022. "Utilizing Blockchain for IoT Privacy through Enhanced ECIES with Secure Hash Function" Future Internet 14, no. 3: 77. https://doi.org/10.3390/fi14030077

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop