Tiger Tally: A secure IoT data management approach based on redactable blockchain

Abstract

Blockchain-based Internet of Things (IoT) data management is increasingly ubiquitous across smart cities, supply chains, e-health and other domains. The immutability of blockchain is crucial to securing these IoT data management systems. In actual application scenarios, redacting the on-chain IoT data is still desired or even legally required. Various redactable blockchain technologies have been suggested for breaking immutability and redacting on-chain data. However, conventional redactable blockchain technologies incur security and performance degradations like redact privileges abuse and key exposure, prior art merely reactively corrects rather than fundamentally forestalling such misuse. In this paper, we rethink the conflict between the immutability and redaction of blockchain-based IoT data systems and propose Tiger Tally as a secure redactable architecture to fundamentally forestall these vulnerabilities. Tiger Tally introduces a novel Targeted Policy-Based Chameleon Hash, along with tokenized redact privileges, to form integrated cryptography and access control mechanisms. We further propose a full lifecycle redactable blockchain framework with rigorous security proofs to instantiate Tiger Tally. Furthermore, to meet its practical needs, we introduce the proposed Tiger Tally to the comprehensive IoT data workflows. At last, proof-of-concept implementation and performance evaluation demonstrate that our Tiger Tally is practical for IoT data management systems and greatly reduces the time overhead caused by malicious modification by at least 73.0% or even 3.26 times at the cost of 5.4% incremental space overhead.