# A Privacy-Enabled, Blockchain-Based Smart Marketplace

^{1}

^{2}

^{3}

^{4}

^{5}

^{*}

## Abstract

**:**

## 1. Introduction

- The use of multiple accounts and Merkle trees, as in [6,7], is not very successful against blockchain analysis and other similar techniques [1,2,11]. Thus, they can be used to link multiple accounts of a participant to infer the participant’s identity. On the other hand, the implementation of a Merkle tree in a blockchain-based network, such as the Ethereum network, may inevitably require a large-scale computing resource [12].
- Cryptographic approaches, such as the ECDSA and ECC [5,6,8], utilizes time-consuming procedures, such as bilinear pairings [13,14]. The process may lead to high computational and storage overheads, thus posing practical problems due to the resource constraint nature of the smart gateway in smart homes [15,16,17].
- Instead of using an encryption method that often makes the content of the encrypted blocks mutually dependent, Bitmessage encrypts each block individually. Through this, the adversary will be able to rearrange the message blocks in such a way that the recipient can interpret it as a legitimate message [18]. With this, the adversary can infer the transactional data stored in the blocks as well as identify the participants involved in the transactions.

- A protocol is presented to ensure the participant’s anonymity and untraceability during one-to-many trading in the SMP, using public/private pairs of communicating sessional IDs.
- A protocol is also presented to ensure privacy preservation of the transactional data of the participants during one-to-many trading in the SMP at a reduced computational overhead.

## 2. Related Work

## 3. System Model

#### 3.1. Network Model

#### 3.2. Trading Model

#### 3.3. Privacy Requirements

- Participant’s anonymity and untraceability: Protect the identities of participants and make them untraceable in the SMP. Their identities should be protected from identity-related attacks, such as address reuse, Sybil and blockchain analysis attacks during trading in the SMP.
- Transactional data privacy: Ensure protection against transactional data privacy attacks, such as inferential attacks and data leakage.

#### 3.4. Threat Model

- The adversary $\mathcal{A}$ has the ability to influence the means of communication of the SMP and to intercept all messages transmitted between the smart gateways.
- The adversary $\mathcal{A}$ has the ability to capture all of the session IDs in the SMP.
- $\mathcal{A}$ has the ability to launch identity-related attacks and transactional data privacy attacks.
- It was assumed that the smart gateways are temper-proof and therefore cannot be compromised.
- We assumed that the adversary cannot compromise the blockchain.

## 4. Anonymity, Untraceability and Transactional Data Privacy (AUT) Protocol

Algorithm 1: Proposed anonymity and transactional data privacy protection protocol. |

## 5. Security Analysis

#### 5.1. Anonymity and Untraceability

**Proposition**

**1.**

**Proof.**

**Theorem**

**1.**

**Proof.**

**Theorem**

**2.**

**Proof.**

- 1.
- ${\alpha}_{0}$ is the only ID of its owner;
- 2.
- ${\mathcal{A}}^{\tau}$ was not successful in guessing $\delta $.

#### 5.2. Transactional Data Privacy

**Proposition**

**2.**

**Remark**

**1.**

**Proof.**

**Proposition**

**3.**

**Remark**

**2.**

**Proof.**

## 6. Experimental Analysis and Results

#### 6.1. Experimental Set-Up

#### 6.2. Evaluating the Success of $\mathcal{A}$ at Discovering Participant’s Anonymity and Untraceability in the SMP

#### 6.3. Achieving Fast Encryption and Decryption for Transactional Data Privacy

#### 6.4. Security and Privacy Comparison

#### 6.5. Limitations of This Study

## 7. Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Acknowledgments

## Conflicts of Interest

## References

- Conti, M.; Sandeep, K.E.; Lal, C.; Ruj, S. A survey on security and privacy issues of bitcoin. IEEE Commun. Surv. Tutor.
**2018**, 20, 3416–3452. [Google Scholar] [CrossRef] [Green Version] - Hassan, M.U.; Rehmani, M.H.; Chen, J. Privacy preservation in blockchain based IoT systems: Integration issues, prospects, challenges, and future research directions. Future Gener. Comput. Syst.
**2019**, 97, 512–529. [Google Scholar] [CrossRef] - Reyna, A.; Martín, C.; Chen, J.; Soler, E.; Díaz, M. On blockchain and its integration with IoT. Challenges and opportunities. Future Gener. Comput. Syst.
**2018**, 88, 173–190. [Google Scholar] [CrossRef] - Banerjee, M.; Lee, J.; Choo, K.K.R. A blockchain future for internet of things security: A position paper. Digit. Commun. Netw.
**2018**, 4, 149–160. [Google Scholar] [CrossRef] - Kumar, N.M.; Mallick, P.K. Blockchain technology for security issues and challenges in IoT. Procedia Comput. Sci.
**2018**, 132, 1815–1823. [Google Scholar] [CrossRef] - Aitzhan, N.Z.; Svetinovic, D. Security and Privacy in Decentralized Energy Trading Through Multi-Signatures, Blockchain and Anonymous Messaging Streams. IEEE Trans. Dependable Secur. Comput.
**2018**, 15, 840–852. [Google Scholar] [CrossRef] - Dorri, A.; Luo, F.; Kanhere, S.S.; Jurdak, R.; Dong, Z.Y. SPB: A secure private blockchain-based solution for distributed energy trading. IEEE Commun. Mag.
**2019**, 57, 120–126. [Google Scholar] [CrossRef] - Khan, S.; Khan, R.; Al-bayatti, A.H. Secure Communication Architecture for Dynamic Energy Management in Smart Grid. IEEE Power Energy Technol. Syst. J.
**2019**, 6, 47–58. [Google Scholar] [CrossRef] - Warren, J. Bitmessage: A Peer-to-Peer Message Authentication and Delivery System. White Pap. (27 November 2012). 2012, p. 5. Available online: https://bitmessage.org/bitmessage.pdf (accessed on 23 June 2021).
- Shi, L.; Guo, Z.; Xu, M. Bitmessage Plus: A Blockchain-Based Communication Protocol With High Practicality. IEEE Access
**2021**, 9, 21618–21626. [Google Scholar] [CrossRef] - Wright, C.S. Bitcoin: A Peer-to-Peer Electronic Cash System. SSRN Electron. J.
**2019**, 7859, 6–24. [Google Scholar] [CrossRef] - Blockchain, C. Merkle Tree—Necessity or Atavism? Medium. Available online: https://medium.com/@credits/merkle-tree-necessity-or-atavism-d8ff3e263131 (accessed on 11 September 2020).
- Odelu, V.; Das, A.K.; Wazid, M.; Conti, M. Provably Secure Authenticated Key Agreement Scheme for Smart Grid. IEEE Trans. Smart Grid
**2018**, 9, 1900–1910. [Google Scholar] [CrossRef] - Zhang, L.; Zhao, L.; Yin, S.; Chi, C.H.; Liu, R.; Zhang, Y. A lightweight authentication scheme with privacy protection for smart grid communications. Futur. Gener. Comput. Syst.
**2019**, 100, 770–778. [Google Scholar] [CrossRef] - Sousa, T.; Soares, T.; Pinson, P.; Moret, F.; Baroche, T.; Sorin, E. Peer-to-peer and community-based markets: A comprehensive review. Renew. Sustain. Energy Rev.
**2019**, 367–378. [Google Scholar] [CrossRef] [Green Version] - Aggarwal, S.; Chaudhary, R.; Aujla, G.S.; Kumar, N.; Choo, K.K.R.; Zomaya, A.Y. Blockchain for smart communities: Applications, challenges and opportunities. J. Netw. Comput. Appl.
**2019**, 144, 13–48. [Google Scholar] [CrossRef] - Košťál, K.; Helebrandt, P.; Belluš, M.; Ries, M.; Kotuliak, I. Management and Monitoring of IoT Devices Using Blockchain. Sensors
**2019**, 19, 856. [Google Scholar] [CrossRef] [Green Version] - Yakubu, B.M.; Khan, M.I.; Javaid, N.; Khan, A. Blockchain-based secure multi-resource trading model for smart marketplace. Computing
**2021**, 103, 379–400. [Google Scholar] [CrossRef] - Li, Z.; Kang, J.; Yu, R.; Ye, D.; Deng, Q.; Zhang, Y. Consortium blockchain for secure energy trading in industrial internet of things. IEEE Trans. Ind. Inform.
**2018**, 14, 3690–3700. [Google Scholar] [CrossRef] [Green Version] - Li, Z.; Chen, S.; Zhou, B. Electric vehicle peer-to-peer energy trading model based on smes and blockchain. IEEE Trans. Appl. Supercond.
**2012**, 31, 5700804. [Google Scholar] [CrossRef] - Gai, K.; Wu, Y.; Zhu, L.; Qiu, M.; Shen, M. Privacy-preserving energy trading using consortium blockchain in smart grid. IEEE Trans. Ind. Inform.
**2019**, 15, 3548–3558. [Google Scholar] [CrossRef] - Guan, Z.; Si, G.; Zhang, X.; Wu, L.; Guizani, N.; Du, X.; Ma, Y. Privacy-Preserving and Efficient Aggregation Based on Blockchain for Power Grid Communications in Smart Communities. IEEE Commun. Mag.
**2018**, 56, 82–88. [Google Scholar] [CrossRef] [Green Version] - Sober, M.; Scaffino, G.; Schulte, S.; Kanhere, S.S. A blockchain-based IoT data marketplace. Cluster Comput.
**2022**. [Google Scholar] [CrossRef] - Yousafzai, A.; Khan, L.U.; Majeed, U.; Hakeem, O.; Hong, C.S. FedMarket: A Cryptocurrency Driven Marketplace for Mobile Federated Learning Services. IEEE Access
**2022**, 10, 87602–87616. [Google Scholar] [CrossRef] - Zhang, M.; Liu, J.; Feng, K.; Beltran, F.; Zhang, Z. SmartAuction: A blockchain-based secure implementation of private data queries. Future Gener. Comput. Syst.
**2023**, 138, 198–211. [Google Scholar] [CrossRef] - Bracciale, L.; Raso, E.; Gallo, P.; Sanseverino, E.R.; Bianchi, G.; Loreti, P. Privacy in Blockchain-based Smart Grids. In Proceedings of the 2022 Workshop on Blockchain for Renewables Integration (BLORIN), Palermo, Italy, 2–3 September 2022; pp. 37–41. [Google Scholar] [CrossRef]
- Diaconita, V.; Belciu, A.; Stoica, M.G. Trustful Blockchain-Based Framework for Privacy Enabling Voting in a University. J. Theor. Appl. Electron. Commer. Res.
**2023**, 18, 150–169. [Google Scholar] [CrossRef] - Mezquita, Y.; Gil-González, A.B.; Martín del Rey, A.; Prieto, J.; Corchado, J.M. Towards a Blockchain-Based Peer-to-Peer Energy Marketplace. Energies
**2022**, 15, 3046. [Google Scholar] [CrossRef] - Zhang, J.; Zhong, C. Differential Privacy-Based Double Auction for Data Market in Blockchain-Enhanced Internet of Things. Wirel. Commun. Mob. Comput.
**2022**, 2022, 8038846. [Google Scholar] [CrossRef] - Folha, R.; Times, V.; Carvalho, A.; Araújo, A.; Couto, H.; Viana, F. FoodChain: A Food Delivery Platform Based on Blockchain for Keeping Data Privacy. In Database Systems for Advanced Applications; DASFAA 2022. Lecture Notes in Computer Science; Springer: Cham, Switzerland, 2022; Volume 13247. [Google Scholar] [CrossRef]
- Yakubu, B.M.; Chajera, P.; Garko, A.B. Advanced Secure Method for Data Transmission in Manet Using Rsa Advanced Secure Method for Data Transmission in Manet Using Rsa. Int. J. Adv. Technol. Eng. Sci.
**2016**, 2015, 176–185. [Google Scholar] - Iqbal, M.; Matulevičius, R. Exploring sybil and double-spending risks in blockchain systems. IEEE Access
**2021**, 9, 76153–76177. [Google Scholar] [CrossRef] - Paar, C.; Pelzl, J. Understanding Cryptography: A Textbook for Students and Practitioners; Springer Science & Business Media: Berlin, Germany, 2009. [Google Scholar]

Technique | Objectives | Attacks Model | Analysis |
---|---|---|---|

ECC, ECDSA and multi-address [6,8,30] | To protect identity and privacy of participants | Inferential attack, identity and data transaction disclosure | Provides participants anonymity and data privacy. Prone to Sybil attack, high computational overhead and blockchain analysis. |

Merkle tree and multi-account [7] | To preserve participants’ anonymity and untraceability | Inferential attack, identity and data transaction disclosure | Provides participants anonymity and untraceability. Prone to Sybil and blockchain analysis attacks, account or address reuse and high computational overhead. |

Multi-account or address [19,20] | To achieve participants’ anonymity and transaction privacy | Inferential attack, identity linking attacks and double spending | Provides trading transaction monitoring and participant privacy. Prone to blockchain analysis and Sybil attacks. |

Multi-account mapping technique [21] | To achieve transactional data privacy | Inferential attack and identity and data transaction disclosure | Provides participants anonymity. Prone to account or address reuse and blockchain analysis. |

Multi-account grouping [22] | To protect the privacy of participants | Identity linking attacks and address reuse | Provides participants privacy. Prone to Sybil and double spending attack and blockchain analysis. |

Symbols | Definitions |
---|---|

$AC{M}_{track}$ | Actual ID correlation matrix |

$\mathcal{A}$ | Adversary or attacker |

${\mathcal{A}}^{\tau}$ | Attacker who reacts to all game difficulties with statistical inferences |

$\mathcal{C}$ | A challenger who knows the correct assignment of addresses (public keys) to blockchain users |

$\delta $ | An arbitrary bit chosen by $\mathcal{C}$ |

${E}_{track}$ | Consists of extra information which can be extracted from the SMP by $\mathcal{A}$ |

$Succes{s}_{\mathcal{A}}$ | Extra success recorded by $\mathcal{A}$ against ${\mathcal{A}}^{\tau}$ |

$Failur{e}_{\mathcal{A}}$ | Extra failure recorded by $\mathcal{A}$ against ${\mathcal{A}}^{\tau}$ |

${n}_{p}$ | Number of participants in SMP |

${n}_{T}$ | Number of transactions which occurred during time frame $\Delta $, |

$\mathcal{P}$ | Participant in the SMP |

$\Delta $, | Period of time for SMP trading |

e/d | Public or private IDs |

$\{{\alpha}_{0},{\alpha}_{1},...{\alpha}_{n}\}$ | Set of IDs in the SMP |

$Su{c}_{\mathcal{A}}$ | Success of $\mathcal{A}$ in the game |

$\rho $ | The amount of running time of the attacker $\mathcal{A}$ |

$\gamma $ | The fraction of IDs that cannot be correlated with other IDs |

${\omega}_{i}$ | The request message |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Yakubu, B.M.; Khan, M.I.; Khan, A.; Anjum, A.; Syed, M.H.; Rehman, S.
A Privacy-Enabled, Blockchain-Based Smart Marketplace. *Appl. Sci.* **2023**, *13*, 2914.
https://doi.org/10.3390/app13052914

**AMA Style**

Yakubu BM, Khan MI, Khan A, Anjum A, Syed MH, Rehman S.
A Privacy-Enabled, Blockchain-Based Smart Marketplace. *Applied Sciences*. 2023; 13(5):2914.
https://doi.org/10.3390/app13052914

**Chicago/Turabian Style**

Yakubu, Bello Musa, Majid Iqbal Khan, Abid Khan, Adeel Anjum, Madiha Haider Syed, and Semeen Rehman.
2023. "A Privacy-Enabled, Blockchain-Based Smart Marketplace" *Applied Sciences* 13, no. 5: 2914.
https://doi.org/10.3390/app13052914