A Certificateless Consortium Blockchain for IoTs

Abstract

Blockchain is multi-centralized, immutable and traceable, thus is very suitable for distributed storage, privacy and security management in IoTs. However, most existing researches focus on the integration of public blockchain and IoTs. In fact, problems such as slow consensus, low transmission throughput, and completely open storage on the public blockchain are intolerable in IoT scenarios. Although consortium blockchain represented by Hyperledger Fabric has improved the transmission rate, its data security completely relies on the PKI-based certificate mechanism, resulting in transmission inefficiency and privacy leakage. In this paper, a key-derived Controllable Lightweight Secure Certificateless Signature (CLS2) algorithm is proposed to significantly improve the transmission efficiency and keep similar computation overhead of consortium blockchain. Compared with the existing certificateless signatures, CLS2 achieves more secure transactions, whose controllable anonymity and key-derived mechanism not only prevents public key replacement attacks and forged signature attacks, but also supports hierarchical privacy protection. Armed with CLS2, we design a consortium blockchain security architecture based on Hyper-ledger Fabric and edge computing. To the best of our knowledge, this is the first implementation of certificateless signature in consortium blockchain. We formally prove the security of our schemes in the random oracle model. Specifically, the security of the proposed scheme is reduced to the Elliptic curve discrete logarithm problem (ECDLP). Security analysis and experiments in IoT scenarios verify the feasibility and effectiveness of CLS2.