Utilizing Blockchain for IoT Privacy through Enhanced ECIES with Secure Hash Function

Yurika Pant Khanal,Penatiyana W C Prasad,Khurram Shahzad,Abeer Alsadoon,Ahmad B Al-Khalil,Rafiqul Islam,Sabih Ur Rehman

doi:10.3390/fi14030077

Yurika Pant Khanal, Penatiyana W C Prasad + Show 5 more

Open Access

https://doi.org/10.3390/fi14030077

Copy DOI

Journal: Future internet	Publication Date: Feb 28, 2022
Citations: 6	License type: CC BY 4.0

Affiliation: Charles Sturt University, University of Duhok

Abstract

Blockchain technology has been widely advocated for security and privacy in IoT systems. However, a major impediment to its successful implementation is the lack of privacy protection regarding user access policy while accessing personal data in the IoT system. This work aims to preserve the privacy of user access policy by protecting the confidentiality and authenticity of the transmitted message while obtaining the necessary consents for data access. We consider a Modified Elliptic Curve Integrated Encryption Scheme (ECIES) to improve the security strength of the transmitted message. A secure hash function is used in conjunction with a key derivation function to modify the encryption procedure, which enhances the efficiency of the encryption and decryption by generating multiple secure keys through one master key. The proposed solution eliminates user-dependent variables by including transaction generation and verification in the calculation of computation time, resulting in increased system reliability. In comparison to previously established work, the security of the transmitted message is improved through a reduction of more than 12% in the correlation coefficient between the constructed request transaction and encrypted transaction, coupled with a decrease of up to 7% in computation time.

Highlights

With the recent advances in technology, several Internet of Things (IoT) devices are being developed and implemented in our day to day life
We proposed the use of a Secure Hash Function (SHF) [13] to derive private and public keys and secondly, we recommend the use of Key Derivation Function (KDF) to derive multiple keys to prevent the attacker from detecting the actual key value
We presented a Blockchain-based scheme to preserve user privacy in IoT

Summary

Introduction

With the recent advances in technology, several Internet of Things (IoT) devices are being developed and implemented in our day to day life. These IoT devices collect personal data from the user to carry out different processes across several applications. Even if the IoT data are not connected directly to an individual, it is possible to collect IoT data and create profiles of individuals. These profiles can be used to identify individuals or groups of individuals and pose a direct threat to user privacy

Objectives

Results

Conclusion