Towards a Secure Signature Scheme Based on Multimodal Biometric Technology: Application for IOT Blockchain Network

: Blockchain technology has been commonly used in the last years in numerous ﬁelds, such as transactions documenting and monitoring real assets (house, cash) or intangible assets (copyright, intellectual property). The internet of things (IoT) technology, on the other hand, has become the main driver of the fourth industrial revolution, and is currently utilized in diverse ﬁelds of industry. New approaches have been established through improving the authentication methods in the blockchain to address the constraints of scalability and protection in IoT operating environments of distributed blockchain technology by control of a private key. However, these authentication mechanisms do not consider security when applying IoT to the network, as the nature of IoT communication with numerous entities all the time in various locations increases security risks resulting in extreme asset damage. This posed many di ﬃ culties in ﬁnding harmony between security and scalability. To address this gap, the work suggested in this paper adapts multimodal biometrics to strengthen network security by extracting a private key with high entropy. Additionally, via a whitelist, the suggested scheme evaluates the security score for the IoT system with a blockchain smart contract to guarantee that highly secured applications authenticate easily and restrict compromised devices. Experimental results indicate that our system is existentially unforgeable to an e ﬃ cient message attack, and therefore, decreases the expansion of infected devices to the network by up to 49 percent relative to traditional schemes.


Introduction
As life shifts rapidly online, one of the problems confronting internet users is making a transaction in an atmosphere where they cannot meet or trust each other. This eventually raises the demand for a cost-effective, safe data transmission setting. Blockchain is a peer-to-peer network that is cryptographically protected, irreversible, and modified only through peer agreement [1]. It is a authority to safeguard consumer privacy and avoid identity fraud [2]. Transaction ownership is defined by digital keys, user identities, and digital signatures [3]. Digital signature authentication safeguards the blockchain transaction by ensuring the transaction author has a valid private key [4]. Unfortunately, in some sensitive fields where strict authentication is needed, this strategy does not guarantee that a transaction maker is an authorized person, as there is a possibility that an attacker may capture the secret and produce unauthorized transactions.
Early blockchain networks are being applied to Distributed Ledger Technology (DLT), which indicates that in a decentralized network without authorization, the users are exposed to each other, rather than private, and thus completely untrustworthy [5]. Thus, although participants are not willing to trust each other entirely, the network may be run on the basis of a governance model centered on the trust between participants, for instance, a legal arrangement or a conflict settlement system. This type of network needed participants to be known, high transaction efficiency, and low transaction confirmation duration, privacy, and transaction secrecy. Permissioned blockchain [6] work for a large variety of business uses, including accounting, finance, insurance, healthcare, human resources, supply chain, and even digital music.
To define and retain a blockchain participant's proof of ownership of some digital properties, a blockchain is built on asymmetric cryptography [7,8] and a digital signature system; each consumer owns a pair of private keys and a public key. This scheme includes two phases: the signing and verification process. In the signing phase, a sender produces a transaction that contains the cryptographic signature of the sender (hash value extracted from the transaction, then encrypts it using its private key) and the public key of the recipient. In the verification phase, the digital signature of the sender is checked in the previous transaction by the public key of the sender and the hash by the same hash function as senders. If these two values are the same, the sender has already signed the contract, and the transaction will need to be legitimate, else the transaction is rejected [9]. This verification scheme is a key blockchain tool. In a traditional blockchain, users or membership servers handle private keys or store them at wallets to maintain security. Private keys, however, threaten leakage. The blockchain technology gets insecure. Figure 1 exemplifies a Blockchain transaction [10]. Several strategies were introduced in digital wallets [11] that attempt to force strict protection to handle key pairs to solve the above problems. Wallet software uses the cryptographic protocol to sign a private key transaction. The computer normally contains private keys. However, missing or revealing these private keys prevents a person from accessing funds [12,13]. Because possession of Several strategies were introduced in digital wallets [11] that attempt to force strict protection to handle key pairs to solve the above problems. Wallet software uses the cryptographic protocol to sign a private key transaction. The computer normally contains private keys. However, missing or revealing these private keys prevents a person from accessing funds [12,13]. Because possession of every resource in the blockchain network is checked with private key, the consumer needs to safely protect the private key. One of the interesting ways to solving this problem is to use biometric data [14], including using one's fingerprint, face, and iris as a private key. Since the biometrics of a consumer is part of the human body, it may provide a safer and accessible means of connecting the person with his private key; unlike passwords, it is not forgotten and much harder to hack than cards. Recently, the incorporation of a fuzzy private key in biometric authentication has gained much attention from researchers operating in this field to control vagueness in biometric details [15].
The Internet of things (IoT) offers a more efficient experience by allowing multiple devices to connect and exchange information [16]. IoT devices gather and store different forms of information, including frequent personal and confidential details. However, intrusion and cyber-attacks targeting IoT devices increase every year and, like other low-power and low-performance IoT devices, find it impossible to extend protection methods implemented for conventional PCs to IoT devices, rendering them susceptible to cyber-attacks [17,18]. As IoT devices face such security challenges, it can quickly leak sensitive details, trigger financial damage, and even endanger human life. To solve this dilemma, Blockchain Technology and IoT Incorporation have attracted attention [19].
Motivated by the above-mentioned challenges, we aim in this paper to implement multimodal biometrics technology in the blockchain network for authentication which can safely and automatically broaden IoT products. By utilizing biometrics, the suggested model guarantees that not just the right key but also an authenticated user is in the transaction creator. We present a multi-modal biometric framework to minimize spoofing chance and compensate for shortcomings of biometric unimodal systems. It fuses two attributes and gets the most unique private entropy key. Furthermore, even though the consumer is authenticated to the network, our framework automatically calculates the IoT security score by utilizing the whitelist, and smart contract restricts the scalability of the infected devices while there is a low score and automatically changes the whitelist to improve the security score, which contributes to protect IoT devices being expanded to the network.
The proposed model relies on boosting the overall efficiency of (1) the image analysis used to enhance image properties, identifying edges and points where texture varies, (2) the feature level fusion used to offer quick matching speed with high precision by choosing several strong features, (3) the fuzzy coding based on identity, which is used to distinguish key pairs, (4) the fuzzy matching used in the transaction authorization process to match the digital signature, and (5) the whitelist used for measuring the IoT system protection score and restricting its low score software to maintain the security of the network.
The remainder of this article is structured as follows. Section 2 discusses several of the latest related works. Section 3 provides a detailed description of the proposed model. The results and discussions are given in Section 4. Finally, in Section 5, the conclusion is annotated.

Literature Review
The traditional protection of private blockchain keys is largely carried out in two forms, either by encrypting keys or designing wallets on hardware or software [20]. These are cumbersome, however, and confidentiality cannot be ensured, and all these wallets must synchronize the blockchain, while most existing mobile devices cannot store all blocks. In 2018, Dai et al. [21] suggested a lightweight wallet focused on Trustzone [22], a framework providing hardware-dependent isolation, which can create a stable and consistent code environment needing high protection. It is more compact than the hardware wallet and stronger than the software wallet.
The Internet of things has gained the most support from scholars in recent years [23]. For example, in 2016, the authors [24] create a shared blockchain-to-IoT framework for automated smart contract. This solution proposes a modular, stable, non-centralized authority network. The aim is not just to validate that the right computer produced a blockchain transaction, but also that a consumer can create a blockchain transaction for his purpose. However, verifying the user's purpose from automatically created blockchain transactions is difficult. In another work, in 2017, Balfanz [25] scanned biometric details such as fingerprints, irises, etc. in protected hardware and then triggered the private key. By integrating such security with blockchain, the author guaranteed a secure blockchain. However, it is important to hold a smartphone with registered biometric details and to enter biometric information from dedicated stable hardware.
Krishna in 2019 [26] presented a novel trust model, Vriksh: the Tree of Trust (VTT), tailored for use in IoT. This model aims to provide an embedded device-friendly entity authentication and limit the trust peripheries. With VTT, trust trees group the identities with equal access rights in the system using Merkle trees. The author prototyped the use of VTT with Transport Layer Security (TLS) on raw public keys to compare the energy and resource efficiency of VTT with Public Key Infrastructure (PKI) on an embedded platform. However, to establish VTT as an alternative to PKI, the verification of the revocation methods for VTT and independent security reviews are essential. The PKI certificate provides entity authentication for hyper ledger fabric.
Biswas in 2020 [27] utilized ring signature for the aim of enhancing the privacy of the decentralization identifiers. Ring signature schemes enable the generation of anonymous signatures where the real signer's identity is hidden in a set of possible signers; it could be used for anonymous membership authentication to keep the anonymity of the signer and can be publicly verifiable. Note that the size of any ring signature must grow linearly with the size of the ring since it must list the ring members; this is an inherent disadvantage of ring signatures as compared to group signatures that use predefined groups. In cases like know-your-customer and anti-money laundering, ring signature cannot be used, as the regulations must be followed, such as that participants must be identified/identifiable and networks need to be permissioned. Blockchain's fundamental principles are cryptographic and cryptographic technologies that include efficient, safe, decentralized solutions. Although several recent articles research the use-cases of blockchain in various industrial fields, such as IoT, few studies scrutinize the cryptographic principles used in blockchain. In [28], the authors studied and systematized all cryptographic principles already used in blockchain. They also included potential instantiations of these blockchain principles.
Since blockchain still considers modern technologies, actual implementations can still be made more effective and realistic. According to the above analysis, past research was mainly devoted to (1) creating various styles of wallets, either offline or online, utilizing private key storage and wallet backups, (2) creating modern singing and verification methods by encrypting a private key that also does not guarantee safe authentication, (3) not discussing the differing problem of issuing a transaction from a legitimate user and hacking a private key, and (4) not resolving the problem of expanding the infected device to the network. However, little attention has been paid to advise new optimal methods to merge blockchain and biometrics at the algorithm level to enhance IoT protection and accessibility in the blockchain-based framework.
Our work allows us to construct biometrics over the existing PKI by using a fuzzy identity-based signature. The suggested model uses multimodal biometrics to extract a secret key that varies the secret key every time the user scans his biometric traits. A fuzzy identity-based signature simplifies the key management procedures in case of a fuzzy biometric key in order to improve the privacy solutions in the blockchain network.

Methodology
This paper presents a new paradigm that integrates multimodal biometric and blockchain technologies in a single system focused on a fuzzy identity-based signature to ensure safe IoT application authentication and allow blockchain extension. The suggested model takes into account that each IoT system has security vulnerabilities and is vulnerable to installing infected applications, thus, the devices' security score is measured using the whitelist, which specifies the list of checked applications and then restricts things other than the list [29]. To derive a private key, we apply a modern multimodal biometrics-based feature level fusion of fingerprint and finger vein to obtain a biometric identity vector. In order for the creator of the transaction to send data through their IoT Device, they sign the piece of data with their own private biometric key to create a biometric digital signature, and send the transaction to the blockchain network, which includes the signature and copy of their public key, the content and their hash value, and the transaction with an unconfirmed state. To validate this, a specific strict authentication is implemented using the biometric public key from the previous transition, signature, and content hash. If the proof is true, the block is applied to the Blockchain's public ledger, and data are sent across the network; otherwise, the block is denied. The blockchain system's key diagram is seen in Figure 2. To validate this, a specific strict authentication is implemented using the biometric public key from the previous transition, signature, and content hash. If the proof is true, the block is applied to the Blockchain's public ledger, and data are sent across the network; otherwise, the block is denied. The blockchain system's key diagram is seen in Figure 2.  Despite the benefits of biometric identification, biometric details are significantly challenging to replicate and noisy, since two biometric scans of the same characteristics are seldom equivalent. Therefore, standard protocols cannot guarantee consistency, even when parties are utilizing mutual biometric secrets. We use a fuzzy identity-based signature to solve this issue to sign and validate the blockchain framework. This paper is a substantial extension of our conference paper [30]. Compared with this small version, further details of the suggested method are presented, and a more extensive performance evaluation is conducted. We also give a more comprehensive literature review to introduce the background of the offered method and make the paper more self-contained. Therefore, this version of the paper provides a more comprehensive and systematic report of the previous work.

Signature Scheme Using Fuzzy Identity
A Fuzzy Identity Based Signature (FIBS) [31][32][33][34] is used to produce and validate IoT blockchain transactions. An FIBS uses fuzzy data as a cryptographic key, such as a fingerprint, iris, finger vein, etc., unlike conventional digital signature schemes, which require fixed data as a key, since the individual here can produce a different key each time they want to make a transaction. An FIBS lets a person with identity w create a signature that can be checked with identity w' only if w and w' are within a certain range. By adding biometrics to a blockchain scheme, the protection can be enhanced through the strict checking of the transaction's author. The fuzzy signature scheme for identification consists of the following four steps: In order for user to create and send a transaction to another user in our scheme, they have to go through four phases: biometric key extraction, Registration, Transaction generation, and the Verification phases. Algorithm 1 illustrates the pseudo code of our proposed model.

1-Biometric Key Extraction Phase
Pre-Processing Feature Extraction Feature Level Fusion Return w

2-Registration Phase
Algorithm Setup (n,d) Return PP Algorithm Extract (PP, MK, w) Return K w

3-Transaction Generation Phase
Algorithm Sign (PP, K w , H) Return σ

4-Verification Phase
Algorithm Verify (PP, w', H, σ) Return True or False In terms of internally protecting the IoT device from being compromised due to malicious application installed through inattention of the consumer or hackers, the suggested model calculates the security score dependent on checking a whitelist stored in an agent inserted in a protected region of the system. The whitelist includes all IoT-installed applications. Figure 3 shows the system configuration for evaluating the security score for the IoT device, which is described in the following steps [29]: Step 1: IoT device manufacturers compose whitelist software that is installed on IoT devices.
Step 2: Device manufacturers build a smart contract comprising manufacturers' whitelist and the agent's initial agent hash value (IAHV) that is embedded in an IoT device. The Whitelist Smart Contract (WSC) records this value in the blockchain.
Step 3: The IoT device access the WSC recorded in the blockchain and verifies if the IAHV of the agent matches the Device Agent Hash Value (DAHV) of the current whitelist installed on the device.
Step 4: In the case of successful verification, the device is not infected nor hacked and the security score is set to be high and vice versa.
Step 5: A Scoring Smart Contract (SSC) is created, which involves the security status of the IoT device, which is evaluated by the agent and the device-unique identifier, and is recorded in the blockchain.
Step 6: The SSC of the device can be inquired when the device is connected to other devices. Based on the recording in the blockchain, the IoT device can be extended safely and quickly when connected to other devices. The WSC collects and records in the blockchain the whitelist of each IoT system and the IAHV from the producer. If the WSC tests by matching the IAHV with the device's current hash, it may give a warning message to the IoT and the vendor if they do not fit. The whitelist recorded in the blockchain is then forwarded to the IoT device, and the Agent uses the transmitted details and sends the list of the checked and unverified apps to the SSC [35]. Figure 4 illustrates the concept of WSC. In terms of internally protecting the IoT device from being compromised due to malicious application installed through inattention of the consumer or hackers, the suggested model calculates the security score dependent on checking a whitelist stored in an agent inserted in a protected region of the system. The whitelist includes all IoT-installed applications. Figure 3 shows the system configuration for evaluating the security score for the IoT device, which is described in the following steps [29]: Step 1: IoT device manufacturers compose whitelist software that is installed on IoT devices.
Step 2: Device manufacturers build a smart contract comprising manufacturers' whitelist and the agent's initial agent hash value (IAHV) that is embedded in an IoT device. The Whitelist Smart Contract (WSC) records this value in the blockchain.
Step 3: The IoT device access the WSC recorded in the blockchain and verifies if the IAHV of the agent matches the Device Agent Hash Value (DAHV) of the current whitelist installed on the device.
Step 4: In the case of successful verification, the device is not infected nor hacked and the security score is set to be high and vice versa.
Step 5: A Scoring Smart Contract (SSC) is created, which involves the security status of the IoT device, which is evaluated by the agent and the device-unique identifier, and is recorded in the blockchain.
Step 6: The SSC of the device can be inquired when the device is connected to other devices. Based on the recording in the blockchain, the IoT device can be extended safely and quickly when connected to other devices. The WSC collects and records in the blockchain the whitelist of each IoT system and the IAHV from the producer. If the WSC tests by matching the IAHV with the device's current hash, it may give a warning message to the IoT and the vendor if they do not fit. The whitelist recorded in the blockchain is then forwarded to the IoT device, and the Agent uses the transmitted details and sends the list of the checked and unverified apps to the SSC [35]. Figure 4 illustrates the concept of WSC.

Biometric Key Extraction Phase
This process aims to produce biometric data w by extracting specific features from both the fingerprint and finger vein. The proposed model implements image-enhancing strategies to increase contrast, brightness, and noise removal. Regions of interest (ROIs) are derived for both biometric images. Based on a unified Gabor filters frame, a fingerprint vector and a finger vein vector are created. Then, the two vectors are decreased in dimensionality by implementing Principle Component Analysis (PCA) to construct the private key. The reasons for the combination of fingerprint and finger vein characteristics are that (1) the finger vein and fingerprint are two characteristics borne by one finger and both have completely accurate biometric properties [36], (2) ridge texture specifics dominate all biometric images, and (3) fingerprints and finger veins are complementary in universality, precision, and protection. Figure 5 displays the biometric key extraction graphical diagram. The method of generating the private key is as follows:

Biometric Key Extraction Phase
This process aims to produce biometric data w by extracting specific features from both the fingerprint and finger vein. The proposed model implements image-enhancing strategies to increase contrast, brightness, and noise removal. Regions of interest (ROIs) are derived for both biometric images. Based on a unified Gabor filters frame, a fingerprint vector and a finger vein vector are created. Then, the two vectors are decreased in dimensionality by implementing Principle Component Analysis (PCA) to construct the private key. The reasons for the combination of fingerprint and finger vein characteristics are that (1) the finger vein and fingerprint are two characteristics borne by one finger and both have completely accurate biometric properties [36], (2) ridge texture specifics dominate all biometric images, and (3) fingerprints and finger veins are complementary in universality, precision, and protection. Figure 5 displays the biometric key extraction graphical diagram. The method of generating the private key is as follows:

Biometric Key Extraction Phase
This process aims to produce biometric data w by extracting specific features from both the fingerprint and finger vein. The proposed model implements image-enhancing strategies to increase contrast, brightness, and noise removal. Regions of interest (ROIs) are derived for both biometric images. Based on a unified Gabor filters frame, a fingerprint vector and a finger vein vector are created. Then, the two vectors are decreased in dimensionality by implementing Principle Component Analysis (PCA) to construct the private key. The reasons for the combination of fingerprint and finger vein characteristics are that (1) the finger vein and fingerprint are two characteristics borne by one finger and both have completely accurate biometric properties [36], (2) ridge texture specifics dominate all biometric images, and (3) fingerprints and finger veins are complementary in universality, precision, and protection. Figure 5 displays the biometric key extraction graphical diagram. The method of generating the private key is as follows:

Pre-Processing
The user fingerprint and finger vein images are converted into greyscale images. The main reason why grayscale representations are often used for extracting descriptors instead of operating on color images directly is that grayscale simplifies the algorithm and reduces computational requirements. Then, the image enhancement technique is used to improve the contrast and brightness properties of the images, followed by histogram equalization to eliminate the noise from the images [37]. In order to reliably exploit texture details, stable ROIs corresponding to the fingerprints and finger veins should be extracted at an early stage.
In this scenario, various methods of ROI extraction should be practiced. Core point detection using fingerprint orientation field was used for fingerprint ROI extraction [38], measured using gradient-based technology, and optimized neighborhood averages to produce a smoother field of orientation. Herein, the fingerprint image is cropped into 168 × 168 pixels. For the extraction of finger veins, inter-phalangeal joint prior to finger vein segment ROI is being used [39]. The finger vein image is cropped into 160 × 80 pixels. Some results are shown in Figure 6. The user fingerprint and finger vein images are converted into greyscale images. The main reason why grayscale representations are often used for extracting descriptors instead of operating on color images directly is that grayscale simplifies the algorithm and reduces computational requirements. Then, the image enhancement technique is used to improve the contrast and brightness properties of the images, followed by histogram equalization to eliminate the noise from the images [37]. In order to reliably exploit texture details, stable ROIs corresponding to the fingerprints and finger veins should be extracted at an early stage.
In this scenario, various methods of ROI extraction should be practiced. Core point detection using fingerprint orientation field was used for fingerprint ROI extraction [38], measured using gradient-based technology, and optimized neighborhood averages to produce a smoother field of orientation. Herein, the fingerprint image is cropped into 168 × 168 pixels. For the extraction of finger veins, inter-phalangeal joint prior to finger vein segment ROI is being used [39]. The finger vein image is cropped into 160 × 80 pixels. Some results are shown in Figure 6.

Feature Extraction
Gabor filters were commonly utilized in the spatial domain for study of texture information and recognition functionality. Gabor filters may be divided into a true and imaginary component with the aid of the Euler formula. The real part, also referred to as the Gabor symmetric filters, can be calculated at the border (ridge) of the image [40], while the imaginary part, generally referred to as the Gabor symmetric filters, can be used to detect the border [41]. In order to achieve the optimum effects, the symmetric Gabor filters should also be built according to all styles of textures. Gabor filterbased feature extractor is a Gabor filter bank defined by its parameters, including frequencies, orientations, and smooth parameters of the Gaussian envelope. See [42,43] for more details. Eight filtered images can be generated according by a two-dimensional (2D) convolution between an ROI and Gabor filtered at eight directions. With the Average Absolute Deviation (AAD) of each block 8 × 8/16 × 8, we can construct two features, Up and Uv, which each reflect the local features of a filtered fingerprint/finger-venal image. The matrix Up and Uv of eight orientations are easily rearranged in a row through two one-dimensional (1D) vectors called the fingerprint code and finger vein code .

Feature Level Fusion
In feature-level fusion, feature vectors must be fused into a template to improve human recognition by integrating several features. We use the principal component analysis (PCA) feature fusion to orthogonally turn measurements of a series of correlated variables into a collection of values of linearly uncorrelated variables [44]. PCA is a very popular way to speed up a Machine Learning

Feature Extraction
Gabor filters were commonly utilized in the spatial domain for study of texture information and recognition functionality. Gabor filters may be divided into a true and imaginary component with the aid of the Euler formula. The real part, also referred to as the Gabor symmetric filters, can be calculated at the border (ridge) of the image [40], while the imaginary part, generally referred to as the Gabor symmetric filters, can be used to detect the border [41]. In order to achieve the optimum effects, the symmetric Gabor filters should also be built according to all styles of textures. Gabor filter-based feature extractor is a Gabor filter bank defined by its parameters, including frequencies, orientations, and smooth parameters of the Gaussian envelope. See [42,43] for more details. Eight filtered images can be generated according by a two-dimensional (2D) convolution between an ROI and Gabor filtered at eight directions. With the Average Absolute Deviation (AAD) of each block 8 × 8/16 × 8, we can construct two features, Up and Uv, which each reflect the local features of a filtered fingerprint/finger-venal image. The matrix Up and Uv of eight orientations are easily rearranged in a row through two one-dimensional (1D) vectors called the fingerprint code FP code and finger vein code FV code .

Feature Level Fusion
In feature-level fusion, feature vectors must be fused into a template to improve human recognition by integrating several features. We use the principal component analysis (PCA) feature fusion to orthogonally turn measurements of a series of correlated variables into a collection of values of linearly uncorrelated variables [44]. PCA is a very popular way to speed up a Machine Learning algorithm by extracting associated variables that do not contribute to decisions. Algorithm training time reduces significantly with fewer features. PCA helps with overfitting by reducing the number of features. Because we deal with a private blockchain where all members have identities, in traditional permissioned blockchain they use public key infrastructure to generate cryptographic certificates that are tied to organizations, network components, and end user's applications. In our proposed scheme, we are developing a biometric key infrastructure with a biometric certificate authority to validate participant identities to determine specific resource rights and access to information on the blockchain network.

Registration Phase
The user's biometric private key K w is produced from the user's biometric data w in this process, and its public key associated with the private key is also developed and certified, and recorded in the blockchain network. This is a four-step phase [29,[31][32][33][34]: (1) Confirming the User Identity. Biometric Certificate Authority (BCA) confirms the identity of the user, and then obtains the biometric information after fused into a vector w f used . (2) Generating Public key and Master Key. To setup the system, first, choose g 1 = g y , g 2 G, where G is the prime order p, where p is a large prime number. From this, the value A = e(g 1 , g 2 ) is calculated. Next, choose t 1 , . . . . . . . . . , t n+1 uniformly at random from G. Finally, choose y uniformly at random in Z q , where Z q denotes the group 0, 1, . . . . . . , q − 1 under addition modulo q. (3) Generating Biometric Information Combined with a Private Key. (4) Granting a Public Key Certificate. The Biometric Certificate Authority (BCA) issues a Public Key Certificate (PKC) by assigning the public key to the digital signature, which is a collection of certificate holder attributes such as a user ID (UID), expiry date, and other information. All these features are encrypted by the BCA's private key to invalidate the certificate. Then, the BCA signs and publishes a PKC in the file and publishes it to the network.

Transaction Generation Phase
Herein, the sender creates a new blockchain transaction that includes the owner's PKC (the receiver's PKC), content, and hash value H. Herein, the user signs the message by the hash value for the identity w with using his private key k w to create the new blockchain transaction. After that, the biometric signature S is generated from the hash value H using his biometric information w (fuzzy signature). The sender adds its biometric signature S to the latest blockchain transaction, thus, this new block transaction is added to the ledger waiting for validation or rejection [44].

Transaction Verification Phase
In this step, we use the PP public parameters verification algorithm, a w identity so that |w ∩ w | ≥ d, Hash message H, and the corresponding signature S as an input. It returns a bit b, where b = 1 implies that the signature is correct. The verification is achieved through hierarchical verification with two stages. (1) A transaction verifier checks the expiration date and other attributes of the owner's PKC from the previous blockchain transaction and verifies it using the BCA public key. (2) The transaction verifier calculates a signature verification result. Successful verification means that a blockchain transaction is generated using a correct private key corresponding to the public key. Our scheme does not need to store a user's private key in any device or cloud servers as the user's biometric information acts as a user's private key [45][46][47].

Results and Discussion
No accessible database currently holds fingerprint and finger vein images for the same user. The prepared fingerprint and finger vein database are selected from the University of Shandong SDUMLA-HMT database [48]. We assume that the same individual has different biometric characteristics. Fingerprint and finger vein images from 106 participants have been obtained. The fingerprint archive contains images from both hands' thumb finger, finger index, and middle finger. In total, eight impressions for each of the six fingers were recorded. The finger vein database comprises images obtained from both hands' index finger, middle finger, and ring finger. The set is repeated for each finger six times in order to achieve six finger vein images per finger.
The assessment is carried out using IoT specifications: CPU: Intel Core i7 7500U Processor 2.7 GHz and Memory: 8 GB. Device type: 64-bit Business as an operating system. MATLAB has been used to implement the biometric aspect of the key extraction. The blockchain component of the Hyperledger Fabric [45] open-source blockchain framework was used to build and implement cross-industry blockchain technologies and systems. In addition, in this evaluation, we use the fuzzy identity-based signature as a digital signature algorithm [46].

Security Evaluation
In our framework, we limit the installation of malicious software on the IoT system by automating the assessment on the whitelist and smart contract of the security score and then applying blockchain recording. Our suggested scheme guarantees optimum scalability when the security score is strong and scalability is limited when the security score is poor. We also carry out our tests with the adversary's attacks. The opponent has two common attacks to get these data. One attacks the private key, the other forges the signature.

Experiment 1: Private key Attack or Leakage
In a typical Blockchain network, the private key is the critical value that decides the ownership of the transaction especially if the transaction is serious. Thus, this experiment is run to analyze the robustness when the user's private key has been leaked from an IoT device due to IoT device theft, cyber-attack, etc. Multimodal biometrics based on feature level fusion algorithm are implemented in this study in order to find the most important features to extract a unique private key that helps to make our framework more robust and secure. In the first set of experiments, we analyze the security of our proposed scheme and confirm their effectiveness against common attacks in the blockchain system; additionally, we compare the security level against three signature schemes. In the first experiment, we examined the security and efficacy of our proposed scheme against typical attacks in the blockchain environment and compared the safety level with three signature schemes: the conventional private key based signature scheme (PKSS), the fuzzy key signature scheme based on unimodal biometrics (FKSSU), and our proposed fuzzy identity key signature scheme based on multimodal biometrics (FIKSSM). From Table 1, it can be seen that the proposed model is more secure than the previous methods when it comes to a private key leakage. In PKSS, the IoT device, a cloud service, or wallet controls the long-term private key. Therefore, an adversary threatens to capture the private key by producing a digital signature and making an illicit blockchain transaction. Losing the secret key involves losing the asset's possession permanently, since the private key cannot be restored. This leaves PKSS susceptible to security breaches or cyber threats and offers inadequate security in today's connected and data-driven environment. In FKSSU, however, the private key is not handled in the IoT device. The user's private key arises from biometric knowledge. Thus, FKSSU finds a stable scheme based on just one biometric trait. FKSSU has many challenges in capturing clean data, including noisy data concerns, inter-class variations, spoof attacks, and unreasonable error rates [48]. The FKSSU is not absolutely safe against this attack. In our FIKSSM, the IoT device does not manage the private key like FKSSU. However, we use the user's fingerprint and finger knuckle print to derive a unique private key; using multimodal biometrics increases the amount of data evaluated, helps verify the match accurately, and makes spoofing exponentially more difficult for the opponent, since incorporating several modalities allows identifying and utilizing all the biometric data required to spoof the algorithm harder. This allows our device to be more stable and efficient and can prevent spoofing attacks.

Experiment 2: Forgery of Digital Signatures
This threat is to fake a digital signature in order to create an illicit blockchain transaction and to effectively validate a digital signature. It is possible to manage this threat if we adopt a safe algorithm to create key pairs. When a stable signature algorithm is used in PKSS and FKSSU, which is difficult to forge, these signature schemes are protected. Table 1 indicates that the proposed model is safer in digital signature forgery than the previous approaches. We use a stable fuzzy identity signature algorithm in the FIKSSM, which was proved safe under EUF-CMA (Existential Unforgeability against Chosen Adaptive Message Attacks) [31]. The likelihood of adversaries generating a legitimate signature for a message under a new private key is insignificant in the EUF-CMA model.

Experiment 3: Security Score Evaluation
We have deployed a simulation network of 200 IoT device nodes randomly arranged at a known location to test the efficiency of our proposed model in terms of security score with the number of Unverified Software. The security score is set to all 200 nodes and the agent and the smart contract are believed to be registered in the blockchain. Based on the whitelist upgrade, we determine the security score. All verified software exists in the whitelist; if unverified software is installed on the IoT device, it is said to be infected with a virus and the security score will automatically drop according to the number of unverified software programs. Additionally, when viruses are removed by the whitelist update, it is set to improve scalability by increasing the security score. Table 2 illustrates the connection range comparison of our proposed scheme against the FKSSU signature scheme. The lower the score is, the more restriction to the IoT device to extend to other devices in the network. That is why our proposed system offers different connection ranges depending on the security score of the device. The other comparative scheme is set to extend the IoT device to all the devices within the same connection range regardless of the security score of the device.

Experiment 4: Throughput
For all of the experiments below, the average end-to-end latency and the average throughput are measured to get the ideal results by firstly assuming an ideal network, then assuming infected devices in the network, and next measuring the vulnerability of the total network. Throughput is defined as the result of the successfully transmitted packets divided by the packets' transmission time [49]. As shown in Figure 7, the number of transmitted packets is reduced when the update period becomes longer, resulting in poor network performance, because network scalability is restricted when the update period is set to be excessively long, resulting in a decrease in throughput. On the other hand, the number of transmitted packets is improved only when the update period increases to a certain level. Therefore, based on the simulation results, we will set the basic update period to 10 times as the highest throughput was achieved when 10 connection failures were accumulated, after which the whitelist was updated. As shown in Figure 8, we set the update period to be 10 times to get the highest throughput; in our FIKSSM proposed model, the throughput results measured for a network size of 200 IoT devices achieved a higher throughput performance within the available network resource compared to the other signature schemes, which is a desirable goal in any network.
Symmetry 2020, 12, x FOR PEER REVIEW 13 of 18 get the highest throughput; in our FIKSSM proposed model, the throughput results measured for a network size of 200 IoT devices achieved a higher throughput performance within the available network resource compared to the other signature schemes, which is a desirable goal in any network.

Experiment 5: Scalability
Scalability is defined as the ability of an IoT device to work gracefully without any undue delay and non-productive resource consumption. It is the result of dividing the number of connected IoT devices by the number of physically available connections. As shown in Figure 9, in our FIKSSM proposed model, the scalability is low at the start of the simulation time compared to other signature schemes PKSS and FKSSU; the IoT devices with low-security scores are restricted from extension to the network, as they contain malicious software, resulting in a continuous whitelist update to remove the unverified software. After a certain period of time, the security score increased and restricted devices are able to extend to the network. It took 0.19 s for our proposed scheme to extend the devices' scalability to 90% and above.

Experiment 5: Scalability
Scalability is defined as the ability of an IoT device to work gracefully without any undue delay and non-productive resource consumption. It is the result of dividing the number of connected IoT devices by the number of physically available connections. As shown in Figure 9, in our FIKSSM proposed model, the scalability is low at the start of the simulation time compared to other signature schemes PKSS and FKSSU; the IoT devices with low-security scores are restricted from extension to the network, as they contain malicious software, resulting in a continuous whitelist update to remove the unverified software. After a certain period of time, the security score increased and restricted devices are able to extend to the network. It took 0.19 s for our proposed scheme to extend the devices' scalability to 90% and above.

Experiment 5: Scalability
Scalability is defined as the ability of an IoT device to work gracefully without any undue delay and non-productive resource consumption. It is the result of dividing the number of connected IoT devices by the number of physically available connections. As shown in Figure 9, in our FIKSSM proposed model, the scalability is low at the start of the simulation time compared to other signature schemes PKSS and FKSSU; the IoT devices with low-security scores are restricted from extension to the network, as they contain malicious software, resulting in a continuous whitelist update to remove the unverified software. After a certain period of time, the security score increased and restricted devices are able to extend to the network. It took 0.19 s for our proposed scheme to extend the devices' scalability to 90% and above.

Experiment 6: Vulnerability
Vulnerability in an IoT system is described as the faults or vulnerabilities that expose it to threats. It comes from dividing the number of infected devices by the number of devices in the network. In Figure 10, the horizontal axis reflects the simulated time and, through the relation to other peripheral malicious appliances, the vertical axis represents the amount of infected IoT computers. In PKSS, malicious devices are explicitly connected to all IoT devices in the network, which renders the scheme susceptible to a Distributed Denial of Service (DDOS) attack, in which an intruder uses many infected IoT devices to overload the target node. The FKSSU is still not adequately confident, as the security score of the device when applied to the internet, which renders the device susceptible to malicious applications installed by the user's carelessness or by the hacker, depends only on the security of the user authentication and verification with a unimodal biometric key. Our suggested FIKSSM scheme decreases the number of machines attached to malicious devices to 4%. Compared to PKSS, the number of malicious devices has decreased to 49%. As the link depends on the security level and the agent, and the whitelist continuously checks the software, there is a decrease in the number of malicious devices after the whitelist update.

Experiment 7: Complexity
Herein, the objective is to evaluate the execution factors that influence the complexity of the suggested model. We execute different signature methods and evaluate them in terms of the size of files and processing time. First, we evaluate the file size of the Private Key, Public Key, Public Key Certificate, and the signature in a blockchain transaction. A Private Key includes a fused vector form and a fingerprint and a finger vein pattern, and the file size of a Private Key is 10 Kbyte. This file size is larger than a traditional private key. However, 10 Kbyte is small enough for practical use. The public key includes the public parameters assumed by our scheme and the file size is 1 Kbyte. The file sizes of a public key certificate and signature are the same in all methods, and they are 1 Kbyte and 71 bytes, respectively.
As revealed from Table 3, the processing time of the public key generation is executed one time in initial user registration. Thus, the processing time of 400 ms is fast enough compared to the one used by unimodal biometrics which is 499 ms. We perform signature generation every blockchain transaction generation. The processing time of signature generation is in the PKSS is 78 ms. In the FKSSU, the processing time of signature generation is 1306 ms; this is slower than the PKSS and the FIKSSM, whereas in FIKSSM, the processing time is 74 ms, which is significantly faster. We perform signature verification every blockchain transaction verification. The processing time of signature verification in the FIKSSM is 60 ms, which is faster compared to other blockchain procedures. In this

Experiment 6: Vulnerability
Vulnerability in an IoT system is described as the faults or vulnerabilities that expose it to threats. It comes from dividing the number of infected devices by the number of devices in the network. In Figure 10, the horizontal axis reflects the simulated time and, through the relation to other peripheral malicious appliances, the vertical axis represents the amount of infected IoT computers. In PKSS, malicious devices are explicitly connected to all IoT devices in the network, which renders the scheme susceptible to a Distributed Denial of Service (DDOS) attack, in which an intruder uses many infected IoT devices to overload the target node. The FKSSU is still not adequately confident, as the security score of the device when applied to the internet, which renders the device susceptible to malicious applications installed by the user's carelessness or by the hacker, depends only on the security of the user authentication and verification with a unimodal biometric key. Our suggested FIKSSM scheme decreases the number of machines attached to malicious devices to 4%. Compared to PKSS, the number of malicious devices has decreased to 49%. As the link depends on the security level and the agent, and the whitelist continuously checks the software, there is a decrease in the number of malicious devices after the whitelist update. way, you can see that our proposed scheme achieves practical file size and processing time. Therefore, we can use our scheme for a practical IoT blockchain system.

Experiment 7: Complexity
Herein, the objective is to evaluate the execution factors that influence the complexity of the suggested model. We execute different signature methods and evaluate them in terms of the size of files and processing time. First, we evaluate the file size of the Private Key, Public Key, Public Key Certificate, and the signature in a blockchain transaction. A Private Key includes a fused vector form and a fingerprint and a finger vein pattern, and the file size of a Private Key is 10 Kbyte. This file size is larger than a traditional private key. However, 10 Kbyte is small enough for practical use. The public key includes the public parameters assumed by our scheme and the file size is 1 Kbyte. The file sizes of a public key certificate and signature are the same in all methods, and they are 1 Kbyte and 71 bytes, respectively.
As revealed from Table 3, the processing time of the public key generation is executed one time in initial user registration. Thus, the processing time of 400 ms is fast enough compared to the one used by unimodal biometrics which is 499 ms. We perform signature generation every blockchain transaction generation. The processing time of signature generation is in the PKSS is 78 ms. In the FKSSU, the processing time of signature generation is 1306 ms; this is slower than the PKSS and the FIKSSM, whereas in FIKSSM, the processing time is 74 ms, which is significantly faster. We perform signature verification every blockchain transaction verification. The processing time of signature verification in the FIKSSM is 60 ms, which is faster compared to other blockchain procedures. In this way, you can see that our proposed scheme achieves practical file size and processing time. Therefore, we can use our scheme for a practical IoT blockchain system.

Conclusions and Future Work
In this work, we present a new signature scheme that tackles security and scalability concerns in IoT devices focused on blockchain technologies and multimodal biometrics. The suggested model safely expands the network communication of IoT devices and guarantees that the individual who creates the blockchain transaction is not a fraud. The model suggested increased security in two steps. One is to use multimodal biometric as a private key to authenticate and validate a blockchain transaction using the fuzzy identity signature. Two of them include the implementation of whitelist applications on IoT, and then a smart contract to record all installed software in the blockchain. A list of available software is recorded in the IoT manufacture, and when the IoT devices are used, their security score is evaluated by checking the number of unverified software programs on the whitelist with the manufactured list. This restricts the infected IoT devices; by automatically updating the whitelist, unverified software programs are removed, and the security score is raised, which leads to adding IoT devices to the network. Experiments show that our proposed model reduces the addition of infected devices to the network up to 49% compared to the conventional schemes. The proposed scheme practically achieves high performance in terms of security against spoofing and signature forgery and provide high throughput and low latency. Future work may include (1) Enhancing the biometric authentication accuracy by applying multiple biometric traits; it is expected that it will extract a wider range of information and this leads to a better result, (2) different approaches for feature level fusion and extraction of biometric for private key extraction, and (3) extend the number of peers in the blockchain network to accurately test the scalability of the permissioned network, and its effects on performance.