Abstract
Blockchain-based Internet of Things (IoT) data management is increasingly ubiquitous across smart cities, supply chains, e-health and other domains. The immutability of blockchain is crucial to securing these IoT data management systems. In actual application scenarios, redacting the on-chain IoT data is still desired or even legally required. Various redactable blockchain technologies have been suggested for breaking immutability and redacting on-chain data. However, conventional redactable blockchain technologies incur security and performance degradations like redact privileges abuse and key exposure, prior art merely reactively corrects rather than fundamentally forestalling such misuse. In this paper, we rethink the conflict between the immutability and redaction of blockchain-based IoT data systems and propose Tiger Tally as a secure redactable architecture to fundamentally forestall these vulnerabilities. Tiger Tally introduces a novel Targeted Policy-Based Chameleon Hash, along with tokenized redact privileges, to form integrated cryptography and access control mechanisms. We further propose a full lifecycle redactable blockchain framework with rigorous security proofs to instantiate Tiger Tally. Furthermore, to meet its practical needs, we introduce the proposed Tiger Tally to the comprehensive IoT data workflows. At last, proof-of-concept implementation and performance evaluation demonstrate that our Tiger Tally is practical for IoT data management systems and greatly reduces the time overhead caused by malicious modification by at least 73.0% or even 3.26 times at the cost of 5.4% incremental space overhead.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.