Blockchain based Internet of Things (Debashis De, Siddhartha Bhattacharyya etc.)

Identity Management in Internet of Things with Blockchain

231

DKPI implementation due to issues regarding trusted third sources, since without

blockchain there was no way of creating an environment of trust not between the

CAs, nor between the users.

Blockchain solves the issue of trust due to the consensus algorithms obligating all

peers to follow a protocol. This way, the ledger acts as a decentralized database and

the peers of the blockchain as the third parties who do not trust each other forcing

them to check the validity of one another. Solutions that are based on blockchain

DPKIs for IoT are discussed below.

4.2.1

Blockchain DPKIs for IoT

TheEthereumnetworkwas theﬁrst publicblockchainnetworkwhichofferedits users

the ability to upload any smart contract they wanted using the speciﬁed programming

language for it, solidity. Obviously, this paved the way for the redesign and further

development of many systems and architectures which originally were based on a

decentralized architecture.

The authors in [45] deploy and compare three different approaches for the authen-

tication of IoT devices. One of the ways uses a blockchain type called Name/Value

Storage (NVS), Emercoin, which binds IoT devices with unique tokens owned by

the owners of the devices, while the other two approaches are based on the Ethereum

network. The ﬁrst demands from the IoT devices to communicate with a node of

the Ethereum network, while the other incorporates a speciﬁc type of Ethereum

node, called Light Sync Mode, within the IoT devices, allowing them to directly

communicate and be part of the network.

All of these approaches rely on a device manager who is responsible for the

registration process of every device. Additionally, the generation of the public keys is

made possible via open-source programming libraries. The keys are used for creating

the corresponding certiﬁcates for the devices, while they are also hashed along with

a random serial number before they are logged in the Ethereum’s ledger.

After comparing and contrasting these deployments, the authors concluded that in

terms of speed the Emercoin implementation is the fastest since the process of authen-

ticating is simpliﬁed using tokens. Either way, all the blockchain-based approaches

are signiﬁcantly faster than using a third trusted CA since the ﬁrst takes at most 10 min

while the second could take several hours or even days for issuing one certiﬁcate [45].

In terms of trust, it is incredibly important to notice that every blockchain-based

implementation of a DPKI enforces the CAs to be authenticated with each other,

hence removing the requirement of end users needing to trust a third party. However,

this might not be the case in the implementation where the IoT devices are not directly

communicating with the network and need a gateway to authenticate themselves.

Another interesting demonstration of NVS blockchain-based PKI focused on IoT

devices is the one in [46]. The authors have designed the IoT-PKI architecture in great

detail regarding the registration and authentication process of IoT devices using

an NVS blockchain such as Emercoin or Namecoin. Similarly, as with the case

in [45], the registration procedure needs a medium for communicating with the