APPLICATION OF BLOCKCHAIN TECHNOLOGY TO PROVIDE PROTECTION AND CONTROL OF WIRELESS SENSOR NETWORK NODES
Mikhail G. Gorodnichev,
MTUCI, Moscow, Russia, [email protected] DO 10 24411/2072-8735-2018-10123
Stanislav S. Makhrov,
MTUCI, Moscow, Russia, [email protected]
Elena N. Denisova,
MTUCI, Moscow, Russia, [email protected]
Ilya D. Buldin, Keywords: blockchain technology, blockchain, distributed
Higher school of Economics, Moscow, Russia, [email protected] registry, wireless sensor networks, security, intrusion protection.
A study was made of the possibility of using blockchain technology to ensure the safety of a wireless sensor network (WSN). It has been revealed that it is possible to effectively solve basic security problems of wireless sensor networks through the technology of a blockchain. Proposed ways to solve each of the problems. Currently, wireless sensor networks (WSN) are one of the key components for creating devices according to the concept of "Internet of things" - IoT-devices. Every year the number of loT devices created and functioning according to this concept grows. At the same time, the vulnerability of IoT devices is the protection of nodes and the information circulating in them. Currently existing solutions do not fully ensure the safety of WSN [1]. Blockchain is technology that can be described as a ledger with data (or facts) that is replicated to several nodes that are linked to a peer-to-peer network (P2P). Facts can be anything: from money transactions and to the signing of content. All communications within the network use cryptography to reliably identify the sender and the recipient. When a node wants to add a fact to the ledger, starts consensus algorithm which based on creation of transactions blocks, and blocks are lined up in a sequential blockchain. For describing out approaches for WSN security based on the Blockchain, we clarify some definitions. In the Blockchain used asymmetric cryptography for signing transactions with data -any cryptographic system that generates and uses pair of keys: public key which may be disseminated widely, and private key which are known only to the owner. This accomplishes two functions: encryption and authentication.
1) encryption, where only the paired private key holder can decrypt the message encrypted with the public key;
2) authentication, where the public key verifies that a holder of the paired private key sent the transaction.
Receiver generate pairs of keys: public key and private key. The public key can be openly distributed to any node in the network.
Information about authors:
Mikhail G. Gorodnichev, PhD., Deputy Dean of FPD, Associate Professor Of MC&IT, Moscow Technical University of Communications and Informatics, Moscow, Russia
Stanislav S. Makhrov, PhD, Senior Researcher, Moscow Technical University of Communications and Informatics, Moscow, Russia Elena N. Denisova, Graduate Student, Moscow Technical University of Communications and Informatics, Moscow, Russia Ilya D. Buldin, PhD Student, Higher school of Economics, Moscow, Russia
Для цитирования:
Городничев М.Г., Махров С.С., Денисова Е.Н., Булдин И.Д. Применение технологии блокчейна для обеспечения защиты и контроля узлов беспроводной сенсорной сети // T-Comm: Телекоммуникации и транспорт. 2018. Том 12. №7. С. 64-68.
For citation:
Gorodnichev M.G., Makhrov S.S., Denisova E.N., Buldin I.D. (2018). Application of blockchain technology to provide protection and control of wireless sensor network nodes. T-Comm, vol. 12, no.7, pр. 64-68.
г Г\
Asymmetric cryptography: encryption
Any node encrypt a data using the receiver's public key. That encrypted data can only be decrypted with the receiver's private key. Public keys are actually the "send to" addresses in blockchain, so when node sent data, so it sent to public key.
For example as Fig. 1, Alice sent her public key (A's public) to Bob. Bob can use the public key to encrypt a data. Bob uses Alice's public key and encrypts his data. The encrypted data is sent to Alice. Since only Alice has the private key, only Alice can decrypt the encrypted data. An intruder will not be able to decode the encrypted data [31.
Alice | A'S Public! send copy to Bob
ni
Public
Bob
Encrypted Data
A's Private
Data
i ^ f J
Fig, I. Transferring data by asymmetric cryptography example
Asymmetric cryptography: authentication (digital signature)
To send data, node must prove that it is the true owner of a public key address where data was sent, and node do that by generating a Digital Signature from a data and self private key. Data hashes by hash function H:
hash =H {data). (1)
where H— hash function
Hash is one-way functions that allow to check data integrity after transferring. Usually in blockchain used SHA512.
After forming hash encrypts by Asymmetric Cryptography algorithm;
5 = Endhash,private key), (2)
where S — signature, Enc - encryption algorithm.
Other nodes in the network can use that signature to verily that it corresponds with your public key. Node that received sig-
nature S and fact extracts a hash by decrypting the signature, using public key:
hash = Det(S, public _ key), (3 )
After that node hashes data forming second hash H(data) and comparing it with extracted hash. If received and formed hashes a same, then data has valid Digital Signature and was transferred without any malicious modifications (data integrity check);
hash=ff(data), (4)
where S - signature, H - hash function, Dec - decryption algorithm.
As result Digital Signature is able to verify data integrity and that the sender node is real owner of a private key. In details Digital Signature mechanism presented at Fig. 2.
Blockchain mechanism
Transaction - is any important data which encrypted and signed by Digital Signature (for authentication).
To ensure integrity in the network, it is need a way to reconcile the order of the facts. Consensus algorithm is needed. Consensus algorithms for distributed systems are a very active field for research. Known such algorithms ast Paxos and Raft. A block-system implements another algorithm, a consensus based on proof-of-work that uses blocks forming blockchain.
Block (Transaction block, TB) - is a record of a list of transactions, current block hash, previous block hash (Fig, 3) [4].
Current block hash - is a unique identifier, calculated from list of transactions of this Block, previous block hash and some random value. Usually used SHA512 encryption algorithm:
h cur block - SHA512 x
(5)
x[HpREr buick + transj + trans, +...+transx + RA'D)
where HpREY BLixK - is hash (address) of the previous block, trans, - i-th transaction, RND - some random value.
Block hash used as block address for to provide connection of all blocks in the blockchain [5].
Blocks forming a sequential chain, where each block has own unique address presented as hash hem, block and has refer to previous block by Hprev_BLOck-
Signing
Data
Hash Function
Encryption
Private Key
Verification
1
Data
asdwZ3d aikvdnr5 214jdksf_.
Network (unprotected channel)
Digital Signature
Hash Hash Function
Identical hashes validate data integrity
_ i
asdw23d
aikvdnrS 214jdtef...
Digital Signature
Public Key
Hash
Fig. 2. Digital Signature mechanism
Fig. 3. A chain of blocks of transactions of 3 units
Transactions, combined into blocks not considered confirmed until the blocks are uncotifinned. For confirming blocks in the network there are special nodes called miners. Miners in the blockchain network can collect a set of unconfirmed transactions into a block and broadcast it to the rest of the network as a suggestion for what the next block in the chain should be. Because multiple nodes could create blocks at the same time, there could be several options to choose from.
Solution is that valid block hash (5) must correspond to some cryptographic condition. For example, hash of valid block must have five zeroes et the end. Until a hash matching the condition is received, the miners will calculate the hash of the block. Changing the hash will be achieved by changing the random variable RND at (5).
Security problems of WSN
This study addresses the following important security problems of WSN [21:
• authentication of existing / new devices within the network;
• transaction audit;
• logging the change of ownership of the device (from the manufacturer to the end user).
To solve the above problems, this study proposes to use the technology of distributed registry (blockchain).
Authentication of nodes in the WSN
Protection from intrusion in network nodes intruders will require from nodes in the WSN of the ability to determine on the basis of "your" - "alien". We w ill call a node that is already part of the network as a trusted node. In fact, you will need each node to know the trusted nodes, and if you add a new node to the network, you can verify that it is authorized to enter the existing network. If you need to add a new node, it must pass the authentication procedure.
In order to ensure the authentication of new nodes, blockchain must use public key infrastructure (PKI) based on certification authorities instead P2P authentication [6j:
• the certification authority creates an electronic doeu-ment-a public key certificate, thus, certifying the fact that the private (secrct) key is known exclusively to the owner of this certificate, the public key is freely transferred in the certificate;
• no one trusts each other, but everyone trusts the certifying center;
• the certification authority confirms or denies ownership of the public key to the specified node who holds the corresponding private key [6J.
Authentication security consist of two levels.
Firstly, according to the principles described above each node in the network is stored blocks consisting transactions with data of added trusted nodes. When receiving/transmitting data, the node checks that in blockchain there is data about transmitter/receiver node. If data exists than node is trusted and connection is allowed.
Secondly, miners in the network will be non-autonomous nodes that calculates the HCUR block hash function to confirm the new blocks of transactions. Miner plays the role of certifying center, which will check the digital signatures of nodes. If the node is not trusted, the miner will not confirm the transaction block and the new node w ill not be able to participate in the data exchange inside the WSN. If the miner confirms the transaction block, it will add the public key of the new trusted node to the transaction and digitally sign the transaction (Fig. 4) [4| and will send the data to all other nodes of WSN.
In order to authenticate to the network, the new node sends a transaction that contains its digital signature received earlier from one of the authentication centers. Then, the transaction is confirmed / not confirmed by miner.
Data Signing Algorithm
Data
1
substitute in the hash function
5HÜ512
T
Get the hash
private key (previously generated} KD937SDMJFHAS2
I
ftSAEnaxte (K093J50HJFHAS2, AAHSD62HSFHX761iX5) : 8MHS7fHAtXf«:12
Substitute the private key and the resulting hash in the RSA algorithm arid get the signature
Iri the pre-created block, we insert a new transaction with data and signature
Block #4
Address: J563LK91XM54 Datetime: 14.01.2018 08:00 Hash (binding): 918D...35AS
Transactions list:
Datetime: 15 01.201819:51 Didgital signature; hs7fhajxfs32 Data: encrypted text
Fig. 4. Transaction signing algorithm
Thus, according to the described approach, miners will control the addition of new nodes to the network, playing the roie of the authentication center according to the concept of a distributed registry.
Audit of transactions
Transaction audit is also an important task in the WSN. Blockchain technology, in turn, is a powerful tool in terms of event logging, as transaction data is distributed to all participants in the network. To delete events, you must delete them on each node of the w ireless sensor network.
In accordance with its concept, blockchains are resistant to modification of any stored data. Functionally, the chain of trans-
action blocks can serve as an open, distributed registry that can record transactions between two parties with the ability to constantly monitor them in real lime.
Logging the change of the owner of the device
Logging of the change of ownership will allow each manufacturer to identify its device and store data from the moment of production, transfer to the supplier, seller, buyer, etc. This w ill prove the warranty obligations in respect of the digital device, as it will be visible its history.
Summary
The technology of distributed registry (blockchain) is currently one of the most promising for security, control and audit. Blockchain is a type of distributed data storage that uses 3 previously known technologies: peer-to-peer networks, encryption and databases. The database consists of a chain of blocks, w hich in a special way is encrypted and stored on all nodes of the network in the same view (replication - exact copy). Communication between blocks is provided by a binding hash, and as a consequence it is almost impossible to forge information in blocks.
Blockchain allows you to securely distribute and / or proccss data between multiple nodes over an untnisted network.
At the current stage of the study, described in the article, the possibility of using blockchain technology to solve the security problems of WSN, namely: to authenticate existing/new devices within the network; audit transactions; logging the change of ownership of the device (the path from the manufacturer to the end user). As a result, effective ways to use blockchain technology to solve each of the problems are proposed. In the next stage of the study it is planned to develop a model of data transfer protocol based on blockchain technology for use in the WSN.
References
1. Dorri A„ Kanhere S.S., Jurdak R. and Gauravaram P. (2017). Blockchain for ioT security and privacy: The case study of a smart hoirie. 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Kona, HI, pp. 618-623. doi: 10.1109/PERCOMW.2017.7917634.
2. Halpin H. and Piekarska M. (2017). introduction to Security and Privacy on the Blockchain. 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Paris, pp. 1-3. doi: 10.1 l09/EuroSPW.2017.43.
3. Zheng Z., Xie S., Dai H., Chen X. and H. Wang. (2017). An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends. 2017 IEEE International Congress on Big Data (BigData Congress), Honolulu, Hi, pp. 557-564. doi: 10.1 l09/BigDataCongress.2017.85.
4. Blockchain: possibilities, structure, F,DS and task for the student, part 1: [Electronic resource] II Habrahabr. - URL: https://habraliabr.ru/post/348014/ (reference date: 19/02/2018).
5. Blockchain: organization of the network, verification of the signature and task for the student, part 2: [Electronic resource] // Habrahabr. -URL: https://habrahabr.ru/post/348020/ (reference date: 19/02/2018).
6. Polyanskaya O.Yu., Gorbatov V.S. (2007). Infrastructure of public keys. Textbook., Moscow. ISBN 978-5-94774-602-0.
ПРИМЕНЕНИЕ ТЕХНОЛОГИИ БЛОКЧЕЙНА ДЛЯ ОБЕСПЕЧЕНИЯ ЗАЩИТЫ И КОНТРОЛЯ УЗЛОВ БЕСПРОВОДНОЙ СЕНСОРНОЙ СЕТИ
Городничев Михаил Геннадьевич, Московский технический университет связи и информатики, Москва, Россия,
Махров Станислав Станиславович, Московский технический университет связи и информатики, Москва, Россия,
Денисова Елена Николаевна, Московский технический университет связи и информатики, Москва, Россия,
Булдин Илья Дмитриевич, Высшая школа экономики, Москва, Россия, [email protected]
Аннотация
Произведено исследование возможности применения технологии блокчейна для обеспечения безопасности беспроводной сенсорной сети (БСС). Выявлено, что посредством технологии блокчейна представляется возможным эффективно решить основные проблемы безопасности беспроводных сенсорных сетей. Предложены способы решения каждой из проблем.
Ключевые слова: технология блокчейна, блокчейн, распределенный реестр, беспроводные сенсорные сети, безопасность, защита от вторжений.
Литература
1. Dorri A., Kanhere S.S., Jurdak R. and Gauravaram P. Blockchain for loT security and privacy: The case study of a smart home / 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Kona, HI, 2017, pp. 618-623. doi: I0.II09/PERC0MW.20I7.79I7634.
2. Halpin H. and Piekarska M. Introduction to Security and Privacy on the Blockchain / 20I7 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), Paris, 20I7, pp. I-3. doi: I0.II09/EuroSPW.20I7.43.
3. Zheng Z., Xie S., Dai H., Chen X. and H. Wang. An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends / 2017 IEEE International Congress on Big Data (BigData Congress), Honolulu, HI, 2017, pp. 557-564. doi: I0.II09/BigDataCongress.20I7.85.
4. Блокчейн: возможности, структура, ЭЦП и задание для студента, часть I: [Электронный ресурс] Хабрахабр. Режим доступа: https://habrahabr.ru/post/3480I4/ (Дата обращения: I9.02.20I8).
5. Блокчейн: организация сети, проверка подписи и задание для студента, часть 2: [Электронный ресурс] Хабрахабр. Режим доступа: https://habrahabr.ru/post/348020/ (Дата обращения: I9.02.20I8).
6. Полянская О.Ю., Горбатов В.С. Инфраструктуры открытых ключей. Учебное пособие, Москва, 2007. ISBN 978-5-94774-602-0.
Информация об авторах:
Городничев Михаил Геннадьевич, к.т.н., зам. декана ФПК, доцент кафедры МКиИТ, Московский технический университет связи и информатики, Москва, Россия
Махров Станислав Станиславович, к.т.н., старший научный сотрудник, Московский технический университет связи и информатики, Москва, Россия
Денисова Елена Николаевна, магистрант, Московский технический университет связи и информатики, Москва, Россия Булдин Илья Дмитриевич, аспирант, Высшая школа экономики, Москва, Россия
7Т\