Is blockchain the answer to IoT security?
Imagine this: An electric and autonomous Uber pulls up at a charging station on the side of the road. To receive the charge, the car is required to communicate and pay the station, while the station needs to trust that indeed it will be paid before it starts charging. The two machines need to communicate and transact with each other. In this not-so-distant future, how will authentication, authorization and trust between internet connected machines be established? One could think of a machine having a credit history and a trust score of some sort, based on past performance, that is auto-communicated between these IoT machines — determining authorization or denial.
How will we achieve this type of device-to-device communication and authentication for IoT devices? Blockchain could — and should — be the answer.
IoT and blockchain
We have seen tremendous growth in the IoT sector in the last few years. Gartner research estimates that there will be roughly 20.4 billion IoT connected devices by 2020. An influx of smart devices could pose both security and reliability issues, particularly with devices that thus far have not been connected to the network. Potential risk factors for IoT devices include no visibility, no identity, multiple platforms, unknown processes to upgrade the device, no automation for breach response and more. In the last year or so there has been more talk about using blockchain technology to secure IoT devices and machines.
A tamper-evident record of … everything
Blockchain is considered one of the most promising technologies for the future. It is essentially a decentralized distributed ledger (a database or record book) that records and transfers data in a way that is transparent, safe, auditable and resistant to outages.
Blockchain is likely to disrupt many industries in the next five to 10 years. Some say blockchain will do to banking what the internet did to media, and in support of that, banks are increasingly investing in blockchain startups. Although the blockchain ledger is public, the data inside it is verified and secured using advanced cryptography. This way, the data is less prone to being hacked or changed without authorization.
The blockchain ledger data is stored on computers and business servers around the world, and could be used to record several types of data. Currently, the main use case for blockchain is in the realm of cryptocurrency, sending and receiving money. The technology was first rolled out in January 2009 as the underlying tech for Bitcoin and has since been used for other cryptocurrencies, such as Ethereum.
Other future uses will most likely include storing healthcare information and records, property and contracts, e-notary, collecting taxes, voting in a democracy or republic, buying and selling music, movies and TV shows, file storage, energy usage tracking and so much more.
On the blockchain system, all computers — or end nodes as they are typically called — confirm that a transaction took place and is therefore an authorized occurrence. The end nodes must all agree that everything about the transaction is legitimate before giving an approval. Every copy of the record must match up for all end nodes. Imagine a group of people standing around watching the electric autonomous Uber pull up to the electricity charging station and connect, and all bystanders agree that the money went from the car owner to the charge station.
As with all blockchain implementations, the shared ledger isn’t owned by any one person or organization, and so it is completely transparent and includes all ledger history since its origin, meaning that all transactions and communications between IoT devices of the future will be immutable. In this system, forgery of transactions or communications in the shared ledger is not possible, and attempts at changing any entries would be rejected by the many computers used in the verification process.
Samsung and IBM are currently studying blockchain technology for a new concept called Adept, which will create a decentralized network of IoT devices using blockchain. Operating as a public ledger for many devices would eliminate the need for a centralized location to handle the communications alone. The devices would be able to communicate amongst themselves directly to update software, manage bugs and monitor energy usage, among other things.
The future belongs to peer-to-peer communications
In the next five years, blockchain could include endless device end nodes, and therefore each IoT device can send info directly to another unique device via blockchain, and limitless amounts of registrations would be available. This would provide checks and controls for vast numbers of decentralized IoT devices or machines. Any device or supercomputer can be a node where no man-in-the-middle attacks are possible.
Peer-to-peer communications between globally distributed devices and machines will be provided by blockchain in a relatively simple manner, and any physical item or good can be represented. The best compliance in the world will be available — compliance and governance for autonomous systems, an immutable ledger that can’t be broken. This means there would be free global infrastructure (blockchain infrastructure is reliable) and hack-proof cryptography.
With each day going by, it is becoming clear that blockchain technology can play a huge role in achieving increased security, reliability and trust in IoT networks. These scenarios are going to become part of our normal life routine, so it will be crucial for machines performing transactions to communicate amongst themselves without us humans, and that outstanding solid trust protocols be set in place so that this future can operate seamlessly and securely.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.