Security continues to be an issue in the development of the Internet of Things. Does the cryptocurrency technology ‘blockhain’ have the answers?
In order to understand what blockchain is, let’s first discuss another buzzword, bitcoin. According to Wikipedia (https://en.wikipedia.org/wiki/Bitcoin), Satoshi Nakamoto invented bitcoin in 2008 in order to create the world’s first decentralized digital currency. This means that the currency is not controlled by a central bank, but rather, by people themselves. Unlike traditional currency, which is based on gold or silver, and printed by a central bank, bitcoin is based on a mathematical formula and is owned by the people. This means that no nation on Earth can just print more of it in order to cover their national debt, which will devaluate the currency. This also means that a country’s central bank can’t just decide to take away your money. It’s out on the internet, out of their reach and control.
Which leads us to a new problem. If the currency is managed by the internet, how can you keep it safe from hackers and other online bad guys who want to steal your money? Also, how do you prevent counterfeiting? If the money is virtual currency, what prevents someone from just making a copy of your bitcoins, which will devaluate the currency? How will anyone even know the difference?
To solve the problem, Satoshi Nakamoto invented blockchain. Blockchain is a distributed public ledger, which contains blocks of data. This means that there are numerous copies of the ledger, all over the internet, and all linked together. Each block contains a pointer to the previous block (except for the very first one!), a timestamp, and the transaction data. Once data is recorded to the ledger, it is permanent and unalterable. Should someone try to tamper with a block chain’s data, it will no longer match the publicly available versions on the internet, and will become invalidated. The public provides the ultimate security. You can alter one single copy of data; however, you can’t simultaneously alter millions and millions of copies. Therefore, the one that’s different will get ousted, leaving your data safe and secure.
Let’s now see how blockchain is applied to bitcoin. Every bitcoin (or part of it, the smallest portion is called a Satoshi, in honor of its founder) has a unique signature and can not be copied. Every bitcoin transaction is stored in a blockchain. The blockchain records that these specific Satoshis or bitcoins belong to you. If a hacker tries to alter the blockchain data to have it show that it belongs to him, his blockchain will get rejected by the public, as being tampered with. The rest of the publicly available copies of the blockchain will retain its data integrity and remain unaltered. With regards to the encryption of blockchain, there seen figures that state it would take 60 years of constant computing power to break a single Bitcoin address. This assumes that computing speeds double every year. If we go by today’s computing power, it would take about 500 million years to do the same hack!
The reason why blockchain is so popular is due to its nature of being impervious to tampering. This creates a wealth of cybersecurity opportunities that would affect entire industries. For example, in IoT, you have companies that are building entire ecosystems of products and solutions and are vying to become industry leaders in their niche. For example, with smart homes, smart cities, and in the Industrial IoT (IIoT) space, integrators are building IoT Gateways and applications that operate with many different vendors’ sensors and devices. Let’s not forget connected autonomous vehicles and passenger drones! The question is, how truly secure are all these devices?
According to Cisco, it estimates that the number of connected devices is expected to grow exponentially, to 50 billion by 2020. Some of the challenges, mentioned by Cisco, that we are facing with this exponential growth, include:
- Many IoT devices are small, inexpensive devices with little to no physical security.
- Crypto algorithms have a limited lifetime before they are broken. This means that the best algorithms can get hacked, and it’s only a matter of time before hackers adapt and learn how to get around them.
In short, it would seem that many, if not all, of IoT’s ecosystems are not truly secure.
One way of securing IoT ecosystems would be through the use of microchips. For example, Amazon Web Services (AWS) partnered with Microchip Technology (based out of Long Island, New York) to develop a secure provisioning platform, and associated microchip to streamline IoT security.
A current challenge with chip manufacturers is that they want to keep their technology to themselves, and lock out anyone else from integrating with it. This makes sense from their perspective, as these companies have invested considerable resources into developing their product, and want to reap the rewards of being the only one who has access to it. However, this approach is short sighted for two reasons:
- Preventing others from playing in your sand box stifles innovation.
- This keeps an ambitious person from creating a killer app (that will sell millions or billions of your microchips).
San Francisco blockchain company Chronicled (https://www.chronicled.com/) introduced a blockchain-based platform that enables companies and manufacturers to register and verify physical items (i.e., IoT Devices) in an irrefutable and decentralized network (i.e., public blockchain). Chronicle’s platform serves companies that manufacture Bluetooth Low Energy (BLE) and Near Field Communication (NFC) microchips.
Companies that want to integrate their solutions with these microchips are able to do so in a secure and tamper-proof way, via Chronicled’s block chain platform. The blockchain will serve as a central authority for registration of the IoT device, as well as verifying its identity (i.e., to ensure you’re not a hacker).
By leveraging publicly verifiable technology such as blockchain, we are able to build secure, interoperable ecosystems for IoT that will support the exponential growth of connected devices for years to come.
Challenges in a connected economy
When you consider the complexity involved in a house, car or workplace that is fully connected with a range sensors from a range of different companies, it becomes clear how difficult it will be for both customers and businesses to manage security and payment issues.
Consider the security challenges involved in safely making an online payment on your phone in a public place. The vulnerability to security breaches is so high that many security checks, secure connections and other measures are necessary. Imagine then a factory floor or connected home that has dozens of these connections transferring data among each other constantly 24 hours a day.
Firstly this presents obvious issues in terms of security. If one node on this network becomes compromised, this puts the whole fabric at risk. Secondly, the different security protocols and requirements of each device make integration slow and difficult at times. Finally, the fact that so many points of failure exist makes monitoring a wide network of IoT devices at best difficult, at worst impossible.
What is possibly most worrying from a consumer perspective is not just the risk of devices being infected with viruses, but also the need for privacy if having dozens of sensors in your home tracking all aspects of your life. Even if it is not used to directly defraud you, connecting your home to the Internet puts your privacy at risk.
When you consider where the IoT market is going, these issues could be big hurdles for homes, vehicles and enterprises that are interwoven with sensor technology – and it is clear that for complete market adoption a more seamlessly secure system is needed.
What Can Blockchain Bring to IoT?
Blockchain technology is the missing link to secured communication in IoT. By adding Blockchain, we can have a secured mesh network that will allow IoT devices to interconnect reliably and avoid the threats that are prevalent in central server models. This decentralized approach would eliminate the single point of failure, creating a more resilient ecosystem for devices to run on. The cryptographic algorithm in Blockchain would make data more private.
Moreover, the ledger developed by Blockchain is tamper-proof and cannot be altered by malicious actors because it doesn’t exist in any single location. Man-in-the-middle attacks cannot happen either, as there is no single line of communication. Blockchain makes peer-to-peer communication possible and bitcoins are a great proof of it.
These capabilities make Blockchain a fundamental element of IoT solutions. It is not a surprise that enterprise IoT Technologies have become one of the early adopters of trust technologies.
Blockchain holds the potential to securely unlock the business and operational value of Internet of Things (IoT) to support common tasks, such as sensing, processing, storing information, and communicating
The future of blockchain
Banks and businesses are currently investing in blockchain technology, largely as a way to decrease long-term costs. Software solutions company Mitek predicts 50% of the leading banks worldwide will have blockchain partnerships by the end of next year. Blockchain applications are currently being built on top of virtualized infrastructure in an effort to decrease experimentation costs and tap into potential use cases. From protecting identities to managing a world of increasingly connected devices, the possibilities of blockchain technology surpass digital currently. Only time will tell if it lives up to the initial hype.