Blockchain based security framework for device authentication and data communication in decentralized IoT network

Internet of Things (IoT) networks, which are large peer-to-peer networks of small devices, require a competent security system that can scale and adapt to the limited resources of the IoT devices. Node authentication is a crucial part of IoT security. Owing to the centralized nature of IoT networks, the current internet security solutions are deemed to be insufficient to meet their security requirements and might even generate more potential points of failure. Existing blockchain structures can provide a decentralized solution for IoT security but their complicated computation requirements exceed the limited resources of IoT devices. This research work addresses the need for a blockchain structure with lower computational requirements that can be applied to IoT device authentication. This structure also addresses the issue of potential points of failure and offers a solution for data availability. The blockchain structure requires a consensus algorithm that is lightweight, efficient and meets the computational limitations of the IoT devices. In light of the aforementioned issues, this thesis presents a lightweight, scalable, and secure authentication framework for IoT networks based on blockchain technology. First, this thesis proposes a clustering algorithm for IoT devices based on the device energy residues, the device location relative to other devices in the network, and the device computational ability. The devices are arranged in a hierarchical structure of blockchains according to the clusters. In addition, this work presents a data communication scheme based on the Interplanetary File System (IPFS) where the data is shared between the devices and managed in a decentralized way. A simplified consensus algorithm is then proposed in the thesis. It offers an identity-based encryption to create a key pair for each device. The device would send a signed authentication request to the devices in the network, and if the request is verified a block containing this request is added to the cluster blockchain. The authentication process proposed in this thesis uses the block hash and block index of the block that contains the device authentication request. These values are stored in tables in each device in the network. The block hash of the sending device is transmitted with the message. The receiver would compare the hash value to that stored in the authentication table to authenticate the sender. The performance evaluation is conducted through simulation and testbed measurement where the results have shown that the proposed blockchain structure has decreased the processing load by 45.8% and reduces the message size required for blockchain consensus by 45% compared to linear blockchain. Furthermore, the adoption of IPFS has not only boosted the accessibility of data files on the network but has also demonstrated a remarkable reduction in data sharing time, with a 27% decrease in upload times and a 23.67% decrease in download times when compared to File Transfer Protocol (FTP). The consensus algorithm has also substantially reduced the block creation time. The proposed authentication protocol has reduced the time required for authentication by 12.5% compared to similar blockchain based authentication protocols. Finally, the informal analysis and software analysis of the proposed authentication protocol has shown that it has immunity against possible security attacks where the probability of successful majority attack has been reduced by 40% compared to Bitcoin. Owing to the enhanced performance of the proposed solutions, particularly in terms of security, scalability, and complexity, it paves the way for the implementation of decentralized security in IoT applications within the realms of healthcare and agriculture.