Revamped Dual-key Stealth Address Protocol for IoT Using Encryption and Decentralized Storage

Full Text (PDF, 948KB), PP.14-25

Views: 0 Downloads: 0

Author(s)

Justice Odoom 1,* Huang Xiaofang 1 Samuel Akwasi Danso 2 Richlove Samuel Soglo 1 Benedicta Nana Esi Nyarko 3

1. Southwest University of Science and Technology/Department of Computer Science and Technology, Mianyang, 621010, China

2. Ghana Communication Technology University/Faculty of Engineering, Accra, PMB 100, Ghana

3. Southwest University of Science and Technology/Department of Information Engineering, Mianyang, 621010, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2023.01.02

Received: 17 Dec. 2021 / Revised: 6 Jul. 2022 / Accepted: 14 Sep. 2022 / Published: 8 Feb. 2023

Index Terms

Blockchain, Decentralized Storage, Encryption, Privacy, Stealth Address

Abstract

Blockchain technology unarguably has over a decade gained widespread attention owing to its often-tagged disruptive nature and remarkable features of decentralization, immutability and transparency among others. However, the technology comes bundled with challenges. At center-stage of these challenges is privacy-preservation which has massively been researched with diverse solutions proposed geared towards privacy protection for transaction initiators, recipients and transaction data. Dual-key stealth address protocol for IoT (DkSAP-IoT) is one of such solutions aimed at privacy protection for transaction recipients. Induced by the need to reuse locally stored data, the current implementation of DkSAP-IoT is deficient in the realms of data confidentiality, integrity and availability consequently defeating the core essence of the protocol in the event of unauthorized access, disclosure or data tampering emanating from a hack and theft or loss of the device. Data unavailability and other security-related data breaches in effect render the existing protocol inoperable. In this paper, we propose and implement solutions to augment data confidentiality, integrity and availability in DkSAP-IoT in accordance with the tenets of information security using symmetric encryption and data storage leveraging decentralized storage architecture consequently providing data integrity. Experimental results show that our solution provides content confidentiality consequently strengthening privacy owing to the encryption utilized. We make the full code of our solution publicly available on GitHub.

Cite This Paper

Justice Odoom, Huang Xiaofang, Samuel Akwasi Danso, Richlove Samuel Soglo, Benedicta Nana Esi Nyarko, "Revamped Dual-key Stealth Address Protocol for IoT Using Encryption and Decentralized Storage", International Journal of Computer Network and Information Security(IJCNIS), Vol.15, No.1, pp.14-25, 2023. DOI:10.5815/ijcnis.2023.01.02

Reference
[1]Nakamoto, S., Bitcoin: A Peer-to-Peer Electronic Cash System. Whitepaper (2008). 2009.
[2]Wood, G.J.E.p.y.p., Ethereum: A secure decentralised generalised transaction ledger. 2014. 151: p. 1-32.
[3]Cachin, C. Architecture of the hyperledger blockchain fabric. in Workshop on distributed cryptocurrencies and consensus ledgers. 2016.
[4]Sultan, K., U. Ruhi, and R.J.a.p.a. Lakhani, Conceptualizing Blockchains: Characteristics & Applications. 2018.
[5]Zheng, Z., et al. An overview of blockchain technology: Architecture, consensus, and future trends. in 2017 IEEE International Congress on Big Data (BigData Congress). 2017. IEEE.
[6]Joshi, A.P., M. Han, and Y.J.M.F.o.C. Wang, A survey on security and privacy issues of blockchain technology. 2018. 1(2): p. 121-147.
[7]Islam, M.R., et al. A Review on Blockchain Security Issues and Challenges. in 2021 IEEE 12th Control and System Graduate Research Colloquium (ICSGRC). 2021. IEEE.
[8]Harshini Poojaa, K. and S. Ganesh Kumar, Scalability Challenges and Solutions in Blockchain Technology, in Inventive Computation and Information Technologies. 2022, Springer. p. 595-606.
[9]Möser, M., et al., An empirical analysis of traceability in the monero blockchain. 2018. 2018(3): p. 143-163.
[10]Meiklejohn, S., et al. A fistful of bitcoins: characterizing payments among men with no names. in Proceedings of the 2013 conference on Internet measurement conference. 2013.
[11]Motamed, A.P. and B.J.A.N.S. Bahrak, Quantitative analysis of cryptocurrencies transaction graph. 2019. 4(1): p. 1-21.
[12]Gaihre, A., Y. Luo, and H. Liu. Do bitcoin users really care about anonymity? an analysis of the bitcoin transaction graph. in 2018 IEEE International Conference on Big Data (Big Data). 2018. IEEE.
[13]Goldfeder, S., et al., When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies. 2018. 2018(4): p. 179-199.
[14]Yuen, T.H., et al., Efficient linkable and/or threshold ring signature without random oracles. 2013. 56(4): p. 407-421.
[15]Malina, L., et al. Lightweight Ring Signatures for Decentralized Privacy-preserving Transactions. in Proceedings of the 15th International Joint Conference on e-Business and Telecommunications, Porto, Portugal. 2018.
[16]Liu, J.K., et al., Linkable ring signature with unconditional anonymity. 2013. 26(1): p. 157-165.
[17]Yang, X., et al. Lightweight anonymous authentication for ad hoc group: A ring signature approach. in International Conference on Provable Security. 2015. Springer.
[18]Wang, L., et al., Cryptographic primitives in blockchains. 2019. 127: p. 43-58.
[19]Miers, I., et al. Zerocoin: Anonymous distributed e-cash from bitcoin. in 2013 IEEE Symposium on Security and Privacy. 2013. IEEE.
[20]Danezis, G., et al. Pinocchio coin: building zerocoin from a succinct pairing-based proof system. in Proceedings of the First ACM workshop on Language support for privacy-enhancing technologies. 2013.
[21]Mizel, P., F. Raetz, and G.J.A.F. Schmuck, Zug, Switzerland, Tech. Rep, Asure: First scalable blockchain network for decentralized social security systems. 2018.
[22]Sasson, E.B., et al. Zerocash: Decentralized anonymous payments from bitcoin. in 2014 IEEE Symposium on Security and Privacy. 2014. IEEE.[23] Andrychowicz, M., et al. Secure multiparty computations on bitcoin. in 2014 IEEE Symposium on Security and Privacy. 2014. IEEE.
[24]Cramer, R., I.B. Damgård, and J.B. Nielsen, Secure multiparty computation. 2015: Cambridge University Press.
[25]ByteCoin. Untraceable transactions which can contain a secure message are inevitable. 2011,  Bitcoin Development & Technical Discussion Forum.
[26]Courtois, N.T. and R. Mercer. Stealth Address and Key Management Techniques in Blockchain Systems. in ICISSP. 2017.
[27]Al-Fawa'reh, M. and M.J.I.J. Al-Fayoumi, Detecting stealth-based attacks in large campus networks. 2020. 9(4).
[28]Fan, X. Faster dual-key stealth address for blockchain-based internet of things systems. in International Conference on Blockchain. 2018. Springer.
[29]Todd, P. Stealth Addresses. 2014, Available online: http://www.mailarchive.com/bitcoindevelopment@lists.sourceforge.net/msg03613.html, Accessed: June 8, 2020.
[30]Hasan, H.R. and K.J.I.A. Salah, Combating Deepfake Videos Using Blockchain and Smart Contracts. 2019. 7: p. 41596-41606.
[31]Hasan, H.R. and K.J.I.A. Salah, Proof of delivery of digital assets using blockchain and smart contracts. 2018. 6: p. 65439-65448.
[32]Nguyen, D.C., et al., Blockchain for secure ehrs sharing of mobile cloud based e-health systems. 2019. 7: p. 66792-66806.
[33]Cao, S., et al., Cloud-assisted secure eHealth systems for tamper-proofing EHR via blockchain. 2019. 485: p. 427-440.
[34]Wang, Y., et al., Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain. 2019. 7: p. 136704-136719.
[35]Verizon, Verizon: 2019 Data Breach Investigations Report. Computer Fraud & Security, 2019. 2019(6): p. 4.
[36]Symantec, Internet Security Threat Report. 2019, Available online: https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf, p. 1-61.
[37]Yu, G.J.I.C.e.A., Blockchain Stealth Address Schemes. 2020. 2020: p. 548.
[38]Williamson, Z.J., The aztec protocol. Available online: https://github.com/AztecProtocol/AZTEC , 2018.
[39]Bernabe, J.B., et al., Privacy-preserving solutions for Blockchain: review and challenges. 2019. 7: p. 164908-164940.
[40]Nieles, M., K. Dempsey, and V. Pillitteri, An introduction to information security. 2017, National Institute of Standards and Technology.
[41]Benet, J., Ipfs-content addressed, versioned, p2p file system, arXiv preprint arXiv:1407.3561 2014.
[42]IPNS. Inter-Planetary Name System. 2019; Available from: https://docs.ipfs.io/guides/concepts/ipns/.
[43]Zhong, P., et al. Privacy-Protected Blockchain System. in 2019 20th IEEE International Conference on Mobile Data Management (MDM). 2019. IEEE.
[44]Yadav, V. and R. Mathew. Analysis and Review of Cloud Based Encryption Methods. in International conference on Computer Networks, Big data and IoT. 2019. Springer.
[45]Miao, F., et al., A (t, m, n)-group oriented secret sharing scheme. 2016. 25(1): p. 174-178.
[46]Courtois, N.T. Anonymous Crypto Currency-Stealth Address,Ring Signatures, Monero. Comparison to Zero.Cash. 2017, Available from: http://www.nicolascourtois.com/bitcoin/paycoin_privacy_monero_6g_Paris28032017.pdf.
[47]Vuejs. Vue.js: The Progressive JavaScript Framework. 2021; Available from: https://github.com/vuejs/vue.
[48]Crypto-js: JavaScript library of crypto standards. 2017; Available from: https://github.com/brix/crypto-js.
[49]Stallings, W., Cryptography and network security: principles and practice. 2017: Pearson Upper Saddle River.
[50]Bonnetain, X., M. Naya-Plasencia, and A.J.I.T.o.S.C. Schrottenloher, Quantum security analysis of AES. 2019: p. 55-93.
[51]Rachmat, N. Performance Analysis of 256-bit AES Encryption Algorithm on Android Smartphone. in Journal of Physics: Conference Series. 2019. IOP Publishing.