The Internet of Things (IoT) has various definitions across the research community. A network connecting various devices called “Things” that are responsible for various tasks not limited to collecting data from the environment, is called “Internet of Things”. The devices referred as “Things” can be any object, sensor, human or other device. According to various definitions of the IoT, for a device in the network to be considered a “Thing”, it should have communication capabilities. With their advantages, different IoT architectures have become a backbone for a wide variety of applications ranging from smart healthcare to industrial IoT and smart cities [1, 2]. Specifically in a smart city, millions of sensors and things are critical for the IoT which build its various components [3, 4]. All these frameworks will have security requirements which this work envisions to be addressed through the use of blockchain technology.
Based on the IoT architecture, individual devices are identified with their own ID in a network and it is not necessary to follow the TCP/IP communication protocol stack. There are several other communication protocols for lightweight and low bandwidth systems to build to-end communication in an IoT network . One of the major concerns in an IoT architecture is data collection, while processing is performed at a lower level which uses low performance devices such as single board computers. Collecting environmental variables or data can be done using middleware for better performance in collection and transmission . In a server-based scenario, an edge layer is introduced for near real-time data processing , which includes Edge Datacenters (EDCs). These EDCs are not centralized and hence do not have any dependencies, which makes the IoT architectures suitable for emergency data processing [8, 9]. The integration of IoT and distributed edge networks is a good fit for the application oriented deployment.
With the help of Edge Datacenters, IoT architectures can be designed with such resource constrained and low performance devices which are capable of low power consumption. Such architectures aid various mission-critical applications including military, industrial IoT, event detection. In such applications, attaining real-time data processing and secure data transfer are of paramount importance. Of all the attributes of such environments, security should be given highest priority. Research is already actively being conducted and many algorithms were developed for this purpose which involves cryptography [10, 11]. In the two categories of cryptography, symmetric cryptography gives a 1000 times increase in performance compared to asymmetric cryptography and this is one of the reasons it is widely adopted for IoT architectures [12, 13]. For both of these cryptography approaches, a central entity plays a vital role during the security initialization phase, such as acting as a key distribution center for symmetric cryptography and acting as the certificate authority for asymmetric cryptography. A failure at this single point can lead to a catastrophic failure in the entire system and compromise the entire network.
The requirement of a central entity to organize and perform cryptographic operations or other tasks can be achieved with the implementation of a blockchain. In fact, the blockchain’s primary contribution is the resolution of the age-old problem of achieving a consensus via Proof-of-Work authentication. The blockchain uses a decentralized public ledger for organizing the data and executing transactions. The ledger is decentralized in nature, such that individual peers in the network possess a copy of the entire or part of the ledger, depending on its architecture, after block validation by the miners. A blockchain is cryptographically anchored and tamper-proof and is a record of the different transactions that occurred among the participants in the network . There are various applications of the blockchain as shown in Fig. 1.
Blockchain technology replaces a centralized entity with consensus algorithms among the participants to secure the system in a decentralized fashion. This consensus allows the participants to trust each other and complete the transfer or transactions among the participants . All the blocks are connected to the previous blocks with the help of cryptographic hash algorithms and hence the transactional values cannot be tampered with once the block has been added to the blockchain. Proof-of-Work (PoW), Proof-of-Stake (PoS) and others are some of the consensus algorithms that are implemented in the blockchain. However, one of the major concerns of PoW and PoS is the cost of calculation. They require high computational power and energy which makes them unsuitable for IoT applications that choose the blockchain as a means of decentralization. Hence this paper proposes a new algorithm, Proof-of-Authentication (PoAh), which can be incorporated into resource constrained distributed systems. To the best of the authors’ knowledge, this is the first attempt towards a lightweight blockchain consensus approach for scalable IoT deployment.
The rest of the paper is organized in the following manner: Section 2 presents the contributions of this work. A brief overview of blockchain technology and relevant research is presented in Section 3. The proposed novel Proof-of-Authentication (PoAh) algorithm is discussed in Section 4. A brief discussion on the analysis of the proposed consensus algorithm is presented in Section 5. Experimental results are presented in Section 6. Conclusions and future directions are summarized in Section 7.
2 Contributions of this Work
2.1 Problem Definition
Fig. 2 shows the process of generation, validation and addition of a block to the blockchain and the issues present in the blockchain. Once a transaction is initiated, it is broadcast to a network of devices. Each device in the network will have a copy or part of the ledger in its respective local storage. Whether to maintain a copy of the entire ledger, or only the recent blocks is determined by the node administrators based on storage and power considerations. However, miner nodes always contain the entire blockchain. The miners will then validate each transaction and create a block comprising of multiple transactions, as shown in Fig. 2. The transaction validation and block validation consume energy as they require the processing power from various devices. Then, the validated block gets added to the blockchain. The local storage of the devices also becomes a bottleneck as over time, a big block size consumes a lot of memory which is limited in IoT devices.
It is estimated that by 2022 there will be 18 billion devices spread across the global network, with the majority of them being smart devices and small sensors. The widespread adoption of the IoT brings forward new technological challenges in data privacy and security .
The most promising solution to this issue is the implementation of blockchain technology into IoT networks. Blockchain is the technology that has maintained the integrity and security of cryptocurrencies since the introduction of Bitcoin in 2009 . This technology is predicted to be able to:
However, general IoT systems have different requirements than cryptocurrencies. Some everyday tasks and applications cannot be solved with a blockchain implementation . Various issues must be resolved for successful integration of the blockchain into such systems. These can include:
Blockchain implementation into the IoT is a field that is currently receiving a lot of attention from the academic and industrial communities due to its promise, with many researchers designing new architectures and solutions to implement the blockchain into IoT [23, 16, 24].
The blockchain promises to be a possible solution to the privacy and security issues posed by IoT systems. The primary goal of this research project is the creation of an original IoT architecture, with blockchain implementation to secure user access to data and the system.
This paper focuses upon the utilization of a private blockchain network in an IoT system. This is due to several advantages that private blockchains have over public blockchains, when implemented into IoT systems. Private blockchain networks generally have lower network delay. This is due to the measures public blockchains have to utilize to motivate peers. In addition there are also fewer issues of trust, resulting in lower security measures required between nodes . This leads to a more responsive network, which may be desirable for some implementations of the IoT. Another advantage of a private blockchain implementation is that system data are contained entirely within the network, which allows network owners full control of their personal data .
There are always security threats in the IoT from both inside and outside attackers [9, 10, 11]. Considering the available cryptographic security solutions, both symmetric and asymmetric cryptography require a centralized dependency for initialization. Therefore, one point failure can lead to compromise of the entire system. To overcome such possible hazards, the blockchain provides a decentralized framework to secure the system. The problem with existing consensus algorithms is that they are not scalable for IoT systems with a very large number of nodes. We address this problem in this work and we are proposing a novel scalable blockchain consensus for the IoT. The proposed consensus approach is described in the following section.
2.2 Proposed Novel Solution
Integrating the blockchain with the IoT is still a challenging task due to the resource constrained nature of IoT devices. At the same time, the IoT system demands a decentralized security solution due to the distributed and untrusted environment. To address these issues, this paper implements a novel blockchain consensus algorithm called PoAh for IoT systems. The novel aspects of the proposed consensus algorithm towards blockchain technology are listed as follows:
Proof-of-Authentication (PoAh) is introduced as a cryptographic authentication mechanism for lightweight blockchain.
PoAh is a new consensus algorithm and is validated for resource-constrained devices in IoT and edge computing.
Finally, PoAh is validated theoretically and evaluated in both simulation and real-time hardware testbeds for performance.
3 State of the Art of Blockchain Technology
3.1 Scalability Issue of Proof of Work Based Decentralized Blockchain
Bitcoin was the first implementation of the blockchain technology. It is a cryptocurrency which uses the concept of a decentralized distributed ledger at its core to remove the central entity for performing transactions between different participants in the network . Since then many other cryptocurrencies have appeared which use blockchain technology, such as Etherium which uses Smart Contracts . The main intention of all these blockchain consensus algorithms and cryptocurrencies is the removal of the common entity which oversees the transactions. Every participant in the network will have a complete or partial copy of the ledger with the necessary transactions. They implement cryptographic hashes which allow them to be irreplaceable or irreversible once added to the blockchain. All the participants in the network use consensus algorithms for validating the transactions, and once a transaction is validated it is broadcast to every participant in the network and everyone updates the blockchain ledger . Along these lines, notwithstanding its remarkable strengths which incorporate decentralization, validation, transparency and immutability, the blockchain stretches security and privacy at all points in time.
In distributed networks participants can be any kind of client, establishment or association sharing a copy of the ledger containing their real transactions in a progressive succession. A sequence of blocks within in a ledger is shown in Fig. 3. Blocks are connected together with hash values in a sequential order for data immutability. Individual blocks comprise of sets of transactions, and individual transactions are digitally signed by the source and verified by other devices in the network before being added into the chain. Some features of the blockchain are now discussed.
Digital Signatures: Individual nodes digitally sign the transactions and broadcast them to the network for verification by the miners of the network. Each block contains multiple transactions, and participants sign them if they wish to broadcast them to the network and include them to the blockchain.
Consensus: The novelty of the blockchain is decentralized storage or management, where there are no central dependencies. The consensus algorithm plays a vital role in this operation to keep the transactions in a block and validate them for further processing.
Proof-of-work: This consensus algorithm searches for values generating a given cryptographic hash. This process essentially solves a cryptographic “puzzle” to validate blocks. As a result, PoW provides greater security to the overall system. PoW requires intense resources i.e., electricity consumption is equivalent to 1.5 times the overall household electricity for one day in the USA . It is estimated that bitcoin transactions will consume close to the electricity in Denmark by 2020  because of the computational power needed.
Cryptographic Hashes: After successful proof-of-work, the block is broadcast to the network and all the participants compute a hash (such as SHA-256 for normal blockchain) to be used as the previous hash (“Hash_Prev” in Fig. 3) for the next block.
3.2 Related Prior Research on Blockchain Scalability
The blockchain can use several consensus algorithms, such as proof-of-stake, proof-of-work, proof-of-relevance and proof-of-activity. A lightweight consensus algorithm named Proof of Authentication has been briefly introduced in [26, 27]. Fig. 4 shows the various blockchain consensus algorithms and their classification. The following section provides technical details about the proposed PoAh algorithm.
3.2.1 Security Concerns in IoT Systems
The major concern in the widespread adoption of IoT networks is the security of deployed systems . The use of IoT networks is expected to grow in both the public and private domains and the abundance and value of data from both public and private IoT networks will attract attackers who will attempt the theft of this information. Within an insecure system, attackers can also potentially gain control of networked IoT devices which can have disastrous effects . As an example, within a private home IoT network, an attacker can potentially gain control of lights, TV or connected cameras. Insufficient security can also lead to injury or even death when IoT systems become trusted with the control of larger machines, such as self-driving cars.
3.2.2 Blockchain Implementation in IoT Systems
Blockchain is the technology that enforces the integrity and value of Bitcoin and other cryptocurrencies. Since its introduction in 2008 by Satoshi Nakamoto (a pseudonym), the blockchain has proven to be reliable in protecting the value and integrity of cryptocurrencies . The secure properties of blockchain technology complement well with the security and privacy vulnerabilities of the current generation IoT systems .
Blockchain technology features the decentralization of data, which means control of the system is distributed amongst the peers within the network . This ensures that the user maintains control of their data as there is no central authority being sent gathered information from sensors. Decentralization of the data can also benefit the security of IoT networks as access control information is shared amongst all devices within the network . If an attacker attempts to infiltrate a blockchain-secured IoT network, depending on the architecture of the system, more than half of the connected devices will need to be hacked simultaneously.
IoT systems with blockchain implementation is a new area of study, currently receiving significant research attention. The use of the blockchain in IoT systems has yet to be standardized. A detailed discussion on the advantages offered by the Blockchain technology when integrated into an IoT architecture and Smart Cities is presented in . The current challenge for engineers and researchers attempting to implement this system is the creation of functional architectures that can effectively merge these two technologies together, keeping the function of IoT systems while maintaining the privacy and security features of blockchain technology. A cross-chain framework which integrates multiple architectures of blockchain for robust and secure data management for IoT environments is presented in . Similar implementations were also proposed in , and . A new blockchain based IoT architecture is proposed in  which can be deployed in a smart home, but the overhead added to the communication is high, which makes it unsuitable for various environments. A blockchain consensus algorithm which can authenticate the identity of the IoT device and maintain data protection was proposed in .
3.3 Existing Architectures of IoT Systems with Blockchain Implementation
The fusion of blockchain and IoT technologies is still a new research topic and standards for implementing these two technologies have not yet been determined. There have been many architectures and proposed solutions for the implementation of the blockchain into the IoT and the design of these systems can vary significantly.
3.3.1 Decentralized Access Control System
Novo, in  details an IoT system which avoids the integration of IoT devices into the blockchain network and only the access control system of the network is managed and distributed by blockchain technology. This control system allows for lower power devices that cannot participate in the blockchain to be used within the system. To describe this design very simply, sensor networks collect data and send this information encrypted to the management hub. The management hub then transforms the information sent from the sensors into a format understandable by the rest of the blockchain network. The smart contract is secured with blockchain technology and is managed by public or private miners. It contains access control information which determines the devices that can access the sensor network controlled by the management hub.
3.3.2 Fair Access Architecture
The fair access framework  is an IoT system which allows a number of organizations or people to access each other’s data. The access control of the data is managed by the same blockchain network, in which all members are connected to. Each member has a “Wallet” containing their access information and also contains all keys pertaining to the information they are allowed to view. To explain this system simply, if member A wants to request a resource that member B possesses, they would send their request and all related keys to the blockchain network. The blockchain network would then determine if member A has permission to access the resource form member B through mining. If member A is authorized to receive the information, then member B would transmit the data.
Blockchain implementation in IoT systems is a newly researched technology. While at the moment this technology seems promising, proper implementation can prove to be not viable or not even possible. This increases the risk of implementing prototype projects as the lack of support and preexisting modules available will significantly increase the difficulty of the task. Another problem with blockchain technology is that it is currently designed around mining cryptocurrencies and can take up to 12 minutes to validate a transaction, depending on the protocol used. While most delays are shorter, this waiting period can make the blockchain nonviable for some IoT systems that require fast response.
4 The Proposed Novel Consensus Algorithm - Proof of Authentication
The proposed Proof-of-Authentication is a new consensus algorithm proposed in this paper to build a lightweight and sustainable blockchain for resource-constrained devices. This consensus algorithm introduces an authentication mechanism during block validation. In other respects, it follows traditional communications.
Fig. 5 provides a comparative overview of the proposed PoAh with the more common Proof-of-Work and Proof-of-Stake consensus algorithms. At the very beginning of the process, network precipitants generate transactions (Trx) with the sensed or collected data assembled to form a block. In the figure blocks are represented as . The nodes broadcast the blocks for further evaluation and/or validation by trusted nodes in the network. We follow the standard IoT deployment steps to create the initial trusted node set based on geographical location. Trusted nodes are reachable from any part of the network. The proposed model adopts the ElGamal crypto-system for encryption and decryption, i.e. where is the private key PrK and is the public key PuK. The large prime numbers for modulus operation and generator function are publicly known to all the network devices. Prior to block broadcast, the network user makes the public key PuK, i.e. , available to the network and signs the block using its own private key PrK, i.e. .
The proposed protocol is specifically designed for resource constrained distributed networks, such as the IoT, where there will be limited number of trusted nodes initialized during the network deployment with a minimum trust value and other network devices with a zero trust value i.e. ‘tr = 0’. With successful block authentication, an authenticated node’s trust value is increased by 1. Similarly, each fake block authentication will result in decreasing the trust value by ‘tr = 1’. After node authentication by the trusted node, other untrusted nodes in the network can also identify the authenticated block to gain trust value i.e. ‘tr = 0.5’. Importantly, identifying false block authentication can gain high trust value i.e. ‘tr = 1’. With this trusted evaluation process, a trusted node can be out of the process when its trust value is lower than a threshold ‘tr th’, and a normal node can be part of the authentication process. Here, a threshold ‘th = 5’ is considered and an initial trust value ‘tr = 10’ is assigned to trusted nodes. The procedure for authentication is as shown in Fig. 6.
Upon receiving the block for validation, the trusted node finds the source public key, i.e. for signature verification. This work uses asymmetric cryptography, where the public key is used for signature validation. An attacker cannot extract the private key, i.e. , when all other things are publicly available. This is the discrete log problem. After successful signature verification, the trusted node evaluates the Media Access Control (MAC) address and compares it with the received one for a second round of evaluation. After successful authentication, validated blocks are broadcast by the trusted nodes with PoAh identification. Subsequently, individual users in the network verify the PoAh information to add blocks into the chain. After acceptance of a valid block, the user computes a hash value to link the next block and retrieves the previous block hash value to save into the current block. All the nodes in a network follow this property to maintain the chain as shown in Fig. (c)c. The technical steps of the PoAh consensus algorithm are presented in Algorithm 1.
5 Analysis of The Proposed PoAh Consensus Algorithm
The Proof-of-Authentication (PoAh) algorithm implements an authentication mechanism in contrast to the validation process used by other consensus algorithms. Authentication uses fewer resources and less energy than other mechanisms, which can be highly advantageous in case of a resource-constrained environment like IoT architectures.
For the implementation of the PoAh algorithm, the block contains the payload data, which can be environmental data collected by the sensors, the identification of the node which is invoking the transaction and the time stamp at which the transaction is initiated. In the current paper, all the devices in the network are connected through a wired or wireless network using a router. Hence the MAC addresses of the devices are used as identification while initiating the transaction. Once a transaction is initiated, the trusted node receives the transactions and starts the validation process. After validating the transaction, the trusted node or the miner adds the block to the local blockchain and retransmits the block to the other nodes in the network. All the other participants add the block only if the block is sent by the trusted node. Once the nodes get blocks from trusted nodes, they add them to the local blockchain ledger in the database. This work makes the following claims for PoAh to validate its scalability, while Section 6 presents the simulated and testbed evaluations of the PoAh algorithm.
Claim - 1: PoAh utilizes minimal resources for block validation.
Proof: PoW works as a traditional consensus algorithm for the blockchain, where individual nodes can generate data blocks and miners validate them before being added to the chain. The miner process is nothing but the computation of the inverse of a hash, and it takes the equivalent energy consumed by two households in one day to validate a block . Utilizing this much energy is not feasible, when it comes to an IoT system. In the IoT, devices are resource constrained with minimal computing power and energy supply. PoAh is proposed to address this issue of evaluating blocks with minimal energy. PoAh introduces an authentication mechanism using a digital signature process. In a cryptographic context, digital signature and hash (not inverse hash) computation is very fast and utilizes minimal energy. This fact is reflected in the experimental results in the following section.
Claim - 2: PoAh requires minimal time compared to PoW without compromising security threats.
Proof: From the above claim, it is found that PoW consumes significant energy while validating a block. In addition to this, PoW takes approximately 10 minutes to evaluate a block . This is not acceptable in any kind of IoT application. IoT applications are mainly deployed for real-time monitoring purposes and 10 minutes to evaluate a block is not acceptable under any circumstances. PoAh proposes to address this issue to evaluate blocks in minimal time. As PoAh utilizes authentication to validate blocks, cryptographic authentication takes significantly less time. From experimental evaluations, it is found that PoAh taking time in seconds, i.e. it is 1000 times faster. Integration of cryptographic authentication and digital signatures ensure the security level of PoAh . Hence, it can be concluded that PoAh is ideally suited for IoT applications.
Claim - 3: PoAh provides substantial security while integrating a blockchain based decentralized security solution to the IoT.
Proof: By introducing PoAh as a consensus algorithm for the blockchain in IoT, the proposed decentralized security solution provides sustainable security infrastructure. The IoT does not requires the same level of security as required for cryptocurrencies . IoT applications require real-time security with proper authentication of data and source, wherein a cryptographic solution is sufficient protection. PoAh integrates with the existing cryptographic concept of PoW but ignores the block evaluation of computing the inverse of a hash. With the SHA-256 hash (from Algorithm – 1) and digital signatures, the proposed PoAh provides a decentralized security solution by providing the same level of security as asymmetric cryptography.
Furthermore, we are addressing two major weaknesses of current blockchain consensus, namely unstable network connectivity (which may prevent all peers from communicating), and the 51% attack in the network. In PoAh, all the network devices are eligible to generate blocks, whereas only trusted nodes are authenticating them. In any unfavorable situation arising from these weaknesses, are not broadcast to all peers. Only reachable (solves the unstable network problem) and already trusted peers (solves the 51% attack issue) can authenticate and add blocks into the chain. As a result, the 51% attack weakness of PoW is addressed due to the dynamic nature of trust values.
Claim - 4: PoAh provides a better platform for IoT compared to other blockchain consensus algorithms.
Proof: The consensus algorithm is the backbone of the blockchain and makes the network and the process decentralized. However, current consensus algorithms widely used, such as Proof of Work (PoW), Practical Byzantine Fault Tolerance (PBFT), Proof of Authority (PoAu), and Proof of Elapsed Time (PoET) are very expensive in terms of security and resource requirements . PoW requires approximately 10 minutes to valid a block and approximately 1 hour for the block to become accepted in the chain. PBFT requires at least 2/3 of the network devices to behave honestly by signing transactions and message overhead may increase significantly as the size of the network increases, affecting both speed and scalability. PoAu consensus represents a more centralized approach most appropriate for governing or regulatory bodies, and is currently also proving popular with utility companies in the energy sector. PoET is developed by Intel, meaning that trust is still required towards a single authority .
PoAh is developed to address the above consensus drawbacks for scalable IoT deployment.
6 Experimental Evaluations
The proposed PoAh consensus algorithm has been validated using a simulation environment (for large scale study), as well as a hardware based experimental test-bed for real-life scenarios. The details of both options, including the experimental setup to validate the proposed model’s sustainability, and results analysis are presented in this Section.
6.1 Simulation Evaluation
The proposed PoAh algorithm is simulated to evaluate its sustainability in the Python programming language. In this experimental setup, an environment of five nodes in the network has been used, where two nodes are trusted nodes to work as miners and 35 bytes are taken as the size of block. Multiple transactions are incorporated into a block before being broadcast. This work uses the ElGamal cryptographic system for signature, verification, MAC and encryption. In the simulation, the block format is created as Source ID, “Signature”, MAC, Trx1, Trx2, for PoAh testing. The output screenshot of the PoAh evaluation is shown in Fig. 7.
The network users generate blocks and sign them using own their private key and broadcast them for validation. Trusted nodes use the source node public key to validate blocks. If blocks are authenticated successfully, the trusted node broadcasts the blocks again to add into the chain. In this simulation environment, results from 500 iterations show that the average time for PoAh is 3.34 seconds. The 500 iteration results from the simulation are listed in Fig. 8, where they are computed from the Algorithm 1 steps.
6.2 Testbed Evaluation
The Proof-of-Authentication (PoAh) consensus algorithm was implemented in a real-time hardware testbed for evaluation of performance. The testbed included 6 Raspberry Pi single board computers, where five boards were collecting the environmental data using various sensors. Among the five Raspberry Pis, three of them were Raspberry Pi 1 Model B+ and the other two were Raspberry Pi 3 Model B. This was considered to evaluate the performance of the consensus algorithm when different processing powers were utilized. The Raspberry Pi 1 Model B+ is equipped with a 700 MHz Cortex single core processor with 512 MB of RAM whereas the Raspberry Pi 3 Model B is equipped with a Quad Core 1.2 GHz ARM Cortex - A53 CPU and 1 GB LPDDR2 RAM. These Raspberry Pi boards were used for collecting the data and for validating it. In addition, a trusted node was deployed in the network. As a trusted node, a Raspberry Pi 3 Model B+ was deployed which is equipped with a Quad Core 1.4 GHz ARM Cortex A53 CPU and 1GB of LPDDR2 RAM. The trusted module also has the capability of connecting to a 5 GHz wireless network which gave it the advantage of better and faster connectivity to the network. This testbed is of sufficient complexity to allow real-time evaluation of the PoAh algorithm and is not intended as a commercial deployment demonstration.
For the experimental setup, the single-board computers that are connected using Ethernet cables are the Raspberry Pi 1 Model Bs as they do not have wireless communication capabilities. All the devices are connected through a router and are connected using wired and wireless connectivity wherever possible. Once all the devices are connected to each other, the PoAh algorithm will start authenticating the transactions performed by the nodes. The load of the transactions is the time stamp, the environmental data collected and the identity of the node that is collecting the data. Every participant in the network stores the blockchain ledger locally using an SQLite database. For real-time evaluation, 300 transactions were performed by all the nodes and various parameters were observed for each transaction as discussed in the following subsections.
The Node-RED development tool is used for prototyping the PoAh blockchain consensus algorithm on the Raspberry Pi. Node-RED is a flow-based programming tool used for the development of IoT applications. The interface can be accessed through a web browser which makes it optimal for a distributed work environment like the implementation of the PoAh consensus algorithm. The server and the client node software was developed and deployed using the Node-RED interface on the Raspberry Pi single board computers. The Node-RED development environment is not confined by the operating system, which makes the development of PoAh deployable on various environments and not restricted to the Raspberry Pi. Fig. 9 shows the implementation of the PoAh algorithm on a Raspberry Pi Mode 3B+. As shown in the figure, once the data is received from the network, the hash of the previous block is fetched from the blockchain and is sent cascading it to the data received. After authentication of the device that sent the data, the server then calculates the hash of the entire block which contains the data received and the previous hash. This is then added to the blockchain at the server and transmitted to the other nodes to be added to their respective blockchains. The details of the Node-RED program are shown in Fig. 10.
It needs to be noted that we tried to run PoW and PoS in the real-life resource-constrained IoT devices available in our testbed. We observed that even one mining process could not be completed for these heavy-duty algorithms. We observed that the testbed hardware platform doesn’t complete even after running it for days. This indicates that it is impossible to run these heavy-duty consensus algorithms in resource-constrained IoT devices. If we run these IoT devices under the assumption that they are deployed in possibly remote locations in real-life applications, like smart cities  and powered by batteries, then obviously the battery won’t last enough to even complete one mining process for these heavy-duty algorithms.
6.3 Transaction Time
Fig. 11 shows the time taken by a transaction to reach the miner or trusted node. The transactions have taken around 100ms to 200ms and this depends on the connection type that was used for the transaction. Fig. 12 presents the time taken by the miner or the trusted node to authenticate the data sent and add to the blockchain at the validation node locally. Once the validation is complete, the trusted node will broadcast the transaction back to the network nodes at this point. Once the other nodes obtain the transaction from the trusted node or the miner, they add the transaction to their local blockchain. Once this is done, a transaction is considered complete. The time taken for the transaction to be completed is presented in Fig. 13.
Fig. (a)a and Fig. (b)b show the time required for 300 transactions to be added by different Raspberry Pis. Fig. (a)a shows the data pertaining to the Raspberry Pi 2 Model B+. Once the Raspberry Pi 2 Model B+ receives the data from a miner or validator node, the time consumed by that single board computer to check the identity of the sender and add to the blockchain is shown in Fig. (a)a. Similarly, in the case of a Raspberry Pi 1 Model B, the time taken by the single board computer to check the received data and add it to the blockchain is presented in Fig. (b)b.
As shown in Fig. 10, various timestamps were generated during the process for calculating the time consumed for various processes. At the server node, a timestamp is generated when the message is received at the node. When the message traverses through various functions in NodeRed, timestamp is generated at the server and timestamps and are generated at the client. The time required for authentication by the server is:
where is the timestamp after validation and hashing are complete at the server.
The time required by the client to check if the message is sent by the server and add it to the blockchain is:
where is the timestamp generated when the authenticated message is received at the client and
is the timestamp generated when the message is added to the blockchain at the client node. The mean and standard deviations presented in Table2 and Table 3 are using and calculated over a period of 300 transactions.
The timestamps , , and are also used for calculating the time required for communication between the devices during the transactions. This helps in finding the latency and the overhead added by different communication mechanisms. When the sensor data is collected by the client node and a transaction is initiated, an initial timestamp is added to the block, . The time taken to complete one transaction is the following:
where is the corresponding client node timestamp where the transaction is added to the blockchain.
6.4 Power Consumption
Besides the time consumed and the processing power of the entire system, another major challenge in the case of a blockchain network is the power consumption. Fig. 15 shows the experimental setup for measuring the power consumption of the system. The minimum and maximum power consumption of different Raspberry Pis is listed in Table 1. An electrical meter is used to measure the power consumption of the Raspberry Pis as shown in the figure. It is connected to the power outlet and the Raspberry Pi board power supply is connected through the electrical meter. Two measurements were considered during the experiment. Once when the system is idle and once when the Raspberry Pi is processing or adding the block to the blockchain.
Fig. 16 shows the power consumption results. The minimum power consumption is when the Raspberry Pis are waiting for the data to arrive. In the case of a client node, they are collecting the data and transmitting at a 10 sec interval. The minimum power consumption is when the nodes are neither collecting the data nor they are adding the blocks to the blockchain. The maximum power consumption is when the CPU usage is at its maximum which indicates that the nodes are collecting the data and adding a received block to the blockchain. Fig. 16 results are abstracted from the testbed as shown in Fig. 15 and the energy consumption is listed in Table 1. In the case of a miner or validator node, the minimum power consumption is when it is idle, i.e. when no communication reaches the node and it is not adding any new blocks to the blockchain. The maximum power consumption is when the block is being validated, added to the blockchain and broadcast to the rest of the network. The times required to add blocks are tabulated in Table 2 while the times required for communication are tabulated in Table 3. The frequency plots of the measured results for the block addition and communication are shown in Fig. 17 and Fig. 18, respectively. A comparative analysis of the proposed PoAh algorithm to other consensus algorithms is given in Table 4, in which, we have presented the mining process, possible attacks and power consumption in comparison to PoAh. It is clear that the PoW mining process took around 538 KW energy and is impossible to deploy in recourse constraints IoT devices. Further we tested PoS, which is cutting the energy consumed by a hundredfold (i.e. around 99%). As a result, the PoS mining process is taking around 5.5 KW and IoT applications sill demands novel blockchain consensus for resource constraint devices. Compared to the above most promising blockchain consensus, the proposed PoAh is introducing authentication mechanisms and taking a maximum of 3.5 Watts energy for block authentication. PoAh is much faster compared to PoW and PoS, and suitable for IoT devices, which is experimented and validated in the in-lab hardware testbed.
|Power Types||Raspberry Pi 1||Raspberry Pi-2||Raspberry Pi-3|
|Max Power consumption in Watts||1.8||2.5||3.6|
|Min Power consumption in Watts||1.5||2||3.1|
|Single Board Computer||Mean (Milliseconds)||Standard Deviation (Milliseconds)|
|ClearPi (Raspberry Pi 2 Model B+)||85||36|
|ClearPi (Raspberry Pi 1 Model B+)||162.4||98.6|
|Single Board Computer||Mean (Milliseconds)||Standard Deviation (Milliseconds)|
|ClearPi (Raspberry Pi 2 Model B+)||116.35||12.3|
|ClearPi (Raspberry Pi 1 Model B+)||246||33|
|Consensus Algorithm||Year||Blockchain Type||Mining||Prone To Attacks||Power Consumption|
|Proof-of-Work ||2008||Permission-Less||Based on Computation Power||Bribe attack, Sybil attack, 51% attack||538 KWh Electricity consumption|
|Proof-of-Stake ||2012||Permission-Less||Validation||DoS, Sybil attack||5.5 KWh Electricity consumption|
|Ripple ||2014||Permissioned||Vote Based Mining||DoS attack, Sybil attacks||-|
|Proof-of-Vote ||2017||Consortium||Vote Based Mining||-||-|
|Proof-of-Trust ||2018||Permission Based||Probability and Vote Based Mining||DDoS attack||-|
|Proof of PUF-Enabled Authentication (PoP) [41, 42]||2019||Permission Based||Authentication||No Known Attacks||5 W (Ultra Low Power Consumption)|
|Proof-of-Authentication (PoAh) (The Current Paper)||2019||Permission Based||Authentication||No Known Attacks||3.5 W (Ultra Low Power Consumption)|
This paper provides a novel consensus algorithm named Proof-of-Authentication (PoAh) for sustainable and lightweight blockchain for resource-constrained distributed systems, such as IoT and edge computing. Furthermore, the proposed algorithm bypasses centralized dependencies by building a lightweight decentralized security solution. The proposed algorithm is validated in terms of security and sustainability in three steps: (i) theoretical validation, (ii) simulation results, and (iii) real-time test-bed deployment. The proposed PoAh, while running in limited computer resources and using minimal energy (e.g. single-board computing devices like the Raspberry Pi) has a latency in the order of few secs. Thus PoAh is scalable for largescale IoT deployed in the smart cities. In future work, the PoAh algorithm will be evaluated in big data scenarios for large scale networks. We are also planning a comparative study of various benchmark security solutions in large scale networks, as well as evaluation of various threat attack scenarios.
The authors would like to sincerely thank Dr. Gautam Das for his feedback on conference version of this work.
-  M. S. Castanho, F. A. F. Ferreira, E. G. Carayannis, and J. J. M. Ferreira, “SMART-C: Developing a “Smart City” Assessment System Using Cognitive Mapping and the Choquet Integral,” IEEE Transactions on Engineering Management, pp. 1–12, 2019.
-  J. Corbett, K. Wardle, and C. Chen, “Toward a sustainable modern electricity grid: The effects of smart metering and program investments on demand-side management performance in the US electricity sector 2009-2012,” IEEE Transactions on Engineering Management, vol. 65, no. 2, pp. 252–263, May 2018.
-  Y. Hsiao, M. Wu, and S. C. Li, “Elevated Performance of the Smart City-A Case Study of the IoT by Innovation Mode,” IEEE Transactions on Engineering Management, pp. 1–15, 2019.
-  S. P. Mohanty, U. Choppali, and E. Kougianos, “Everything You wanted to Know about Smart Cities,” IEEE Consum. Electron. Mag., vol. 5, no. 3, pp. 60–70, July 2016.
-  A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT Security and Privacy: The Case Study of a Smart Home,” in Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), 2017, pp. 618–623.
-  M. V. Moreno, F. Terroso-Saenz, A. Gonzalez-Vidal, M. Valdes-Vela, A. F. Skarmeta, M. A. Zamora, and V. Chang, “Applicability of Big Data Techniques to Smart Cities Deployments,” IEEE Transactions on Industrial Informatics, vol. 13, no. 2, pp. 800–809, April 2017.
W. Shi, J. Cao, Q. Zhang, Y. Li, and L. Xu, “Edge Computing: Vision and Challenges,”IEEE Internet of Things Journal, vol. 3, no. 5, pp. 637–646, 2016.
-  A. Zanella, N. Bui, A. Castellani, L. Vangelista, and M. Zorzi, “Internet of Things for Smart Cities,” IEEE Internet of Things journal, vol. 1, no. 1, pp. 22–32, 2014.
-  D. Puthal, S. Nepal, R. Ranjan, and J. Chen, “Threats to networking cloud and edge datacenters in the internet of things,” IEEE Cloud Computing, vol. 3, no. 3, pp. 64–71, 2016.
-  D. Minoli, K. Sohraby, and J. Kouns, “IoT Security (IoTSec) Considerations, Requirements, and Architectures,” in Proceedings of the 14th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2017, pp. 1006–1007.
-  J.-H. Lee and H. Kim, “Security and Privacy Challenges in the Internet of Things [Security and Privacy Matters],” IEEE Consumer Electronics Magazine, vol. 6, no. 3, pp. 134–136, 2017.
-  T. Xu, J. B. Wendt, and M. Potkonjak, “Security of IoT Systems: Design Challenges and Opportunities,” in Proceedings of the IEEE/ACM International Conference on Computer-Aided Design, 2014, pp. 417–423.
-  D. Puthal, S. Nepal, R. Ranjan, and J. Chen, “DLSeF: A Dynamic Key-Length-Based Efficient Real-Time Security Verification Model for Big Data Stream,” ACM Transactions on Embedded Computing Systems (TECS), vol. 16, no. 2, p. 51, 2017.
-  D. Puthal, N. Malik, S. P. Mohanty, E. Kougianos, and C. Yang, “The Blockchain as a Decentralized Security Framework,” IEEE Consumer Electronics Magazine, vol. 7, no. 2, pp. 18–21, 2018.
-  G. Zyskind, O. Nathan, and A. S. Pentland, “Decentralizing Privacy: Using Blockchain to Protect Personal Data,” in Proceedings of the IEEE Security and Privacy Workshops. IEEE, 2015, pp. 180–184.
-  O. Novo, “Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT,” IEEE Internet of Things Journal, vol. 5, no. 2, pp. 1184–1195, 2018.
-  Z. Huang, X. Su, Y. Zhang, C. Shi, H. Zhang, and L. Xie, “A Decentralized Solution for IoT Data Trusted Exchange Based-on Blockchain,” in Proceedings of the 3rd IEEE International Conference on Computer and Communications (ICCC), 2017, pp. 1180–1184.
-  A. Nayak and K. Dutta, “Blockchain: The Perfect Data Protection Tool,” in Proceedings of the International Conference on Intelligent Computing and Control (I2C2), 2017, pp. 1–3.
-  N. Kshetri, “Can Blockchain Strengthen The Internet of Things?” IT Professional, vol. 19, no. 4, pp. 68–72, 2017.
-  Y. Wang and Q. M. Malluhi, “The Limit of Blockchains: Infeasibility of a Smart Obama-Trump Contract,” Communications of the ACM, vol. 62, no. 5, pp. 64–69, 2019.
-  W. Xin, T. Zhang, C. Hu, C. Tang, C. Liu, and Z. Chen, “On Scaling and Accelerating Decentralized Private Blockchains,” in Proceedings of the IEEE 3rd International Conference on Big Data Security on Cloud (bigdatasecurity), IEEE international conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), 2017, pp. 267–271.
-  A. Kuzmin, “Blockchain-Based Structures for a Secure and Operate IoT,” in Proceedings of the Internet of Things Business Models, Users, and Networks, 2017, pp. 1–7.
-  A. Ouaddah, A. Abou Elkalam, and A. Ait Ouahman, “FairAccess: A New Blockchain-Based access Control Framework for the Internet of Things,” Security and Communication Networks, vol. 9, no. 18, pp. 5943–5964, 2016.
-  S. Biswas, K. Sharif, F. Li, S. Maharjan, S. P. Mohanty, and Y. Wang, “PoBT: A Light Weight Consensus Algorithm for Scalable IoT Business Blockchain,” IEEE Internet of Things Journal, pp. 1–1, 2020.
-  S. King and S. Nadal, “Ppcoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake,” self-published paper, August, vol. 19, 2012.
-  D. Puthal and S. P. Mohanty, “Proof of Authentication: IoT-Friendly Blockchains,” IEEE Potentials Magazine, vol. 38, no. 1, pp. 26–29, January 2019.
-  D. Puthal, S. P. Mohanty, P. Nanda, E. Kougianos, and G. Das, “Proof-of-Authentication for Scalable Blockchain in Resource-Constrained Distributed Systems,” in Proceedings of the 37th IEEE International Conference on Consumer Electronics (ICCE), 2019.
-  J. Sun, J. Yan, and K. Z. K. Zhang, “Blockchain-Based Sharing Services: What Blockchain Technology Can Contribute to Smart Cities,” Financial Innovation, vol. 2, no. 1, p. 26, Dec 2016.
-  Y. Jiang, C. Wang, Y. Wang, and L. Gao, “A Cross-Chain Solution to Integrating Multiple Blockchains for IoT Data Management,” Sensors, vol. 19, no. 9, 2019.
-  G. Sagirlar, B. Carminati, E. Ferrari, J. D. Sheehan, and E. Ragnoli, “Hybrid-IoT: Hybrid Blockchain Architecture for Internet of Things - PoW Sub-Blockchains,” arXiv, 04 2018.
-  O. Alphand, M. Amoretti, T. Claeys, S. Dall’Asta, A. Duda, G. Ferrari, F. Rousseau, B. Tourancheau, L. Veltri, and F. Zanichelli, “IoTChain: A Blockchain Security Architecture for The Internet of Things,” in Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC), April 2018, pp. 1–6.
-  A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT Security and Privacy: The Case Study of a Smart Home,” in Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), March 2017, pp. 618–623.
-  D. Li, W. Peng, W. Deng, and F. Gai, “A Blockchain-Based Authentication and Security Mechanism for IoT,” in Proceedings of the 27th International Conference on Computer Communication and Networks (ICCCN), 2018, pp. 1–6.
-  M. Andoni, V. Robu, D. Flynn, S. Abram, D. Geach, D. Jenkins, P. McCallum, and A. Peacock, “Blockchain technology in the energy sector: A systematic review of challenges and opportunities,” Renewable and Sustainable Energy Reviews, vol. 100, pp. 143–174, 2019.
-  A. Hertig, “Intel is Winning Over Blockchain Critics By Reimagining Bitcoin’s DNA,” https://www.coindesk.com/intel-winning-blockchain-critics-reimagining-bitcoins-dna, 2016, last Visited 07 Sep 2019.
-  S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” last Accessed on 19 April 2019. [Online]. Available: https://bitcoin.org/bitcoin.pdf
-  S. King and S. Nadal, “PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake,” 2012, last Accessed on 17 May 2019. [Online]. Available: https://decred.org/research/king2012.pdf
-  D. Schwartz, N. Youngs, and A. Britto, “The Ripple Protocol Consensus Algorithm,” Ripple Labs Inc White Paper, vol. 5, 2014.
K. Li, H. Li, H. Hou, K. Li, and Y. Chen, “Proof of Vote: A
High-Performance Consensus Protocol Based on Vote Mechanism & Consortium
Proceedings of the IEEE 19th International Conference on High Performance Computing and Communications; IEEE 15th International Conference on Smart City; IEEE 3rd International Conference on Data Science and Systems (HPCC/SmartCity/DSS), Dec 2017, pp. 466–473.
-  J. Zou, B. Ye, L. Qu, Y. Wang, M. A. Orgun, and L. Li, “A Proof-of-Trust Consensus Protocol for Enhancing Accountability in Crowdsourcing Services,” IEEE Transactions on Services Computing, pp. 1–14, 2018.
-  S. P. Mohanty, V. P. Yanambaka, E. Kougianos, and D. Puthal, “PUFchain: Hardware-Assisted Blockchain for Sustainable Simultaneous Device and Data Security in the Internet of Everything (IoE),” arXiv Computer Science, vol. 1909.06496, Sep 2019.
-  S. P. Mohanty, V. P. Yanambaka, E. Kougianos, and D. Puthal, “PUFchain: Hardware-Assisted Blockchain for Sustainable Simultaneous Device and Data Security in Internet of Everything (IoE),” IEEE Consumer Electronics Magazine, vol. 9, no. 2, pp. 8–16, March 2020.
Deepak Puthal (M’16) received the Ph.D. degree in computer science from the University of Technology Sydney (UTS), Australia. He is currently a Lecturer at School of Computing, Newcastle University, Newcastle upon Tyne, UK. He is an author/co-author of more than 100 peer-reviewed publications in international conferences and journals, including ACM and IEEE transactions. His research interests include cyber security, Internet of Things, distributed computing, and edge/fog computing. He has been a Program Chair and a Program Committee member in several IEEE and ACM sponsored conferences. He was a recipient of the 2017 IEEE Distinguished Doctoral Dissertation Award from the IEEE Computer Society and STC on Smart Computing. He served as a Co-Guest Editor of several reputed journals, including Concurrency and Computation: Practice and Experience, Wireless Communications and Mobile Computing, and Information Systems Frontier. He is an Associate Editor of the IEEE Transactions on Big Data, and IEEE Consumer Electronics Magazine.
Saraju P. Mohanty (SM’08) received the bachelor’s degree (Honors) in electrical engineering from the Orissa University of Agriculture and Technology, Bhubaneswar, in 1995, the master’s degree in Systems Science and Automation from the Indian Institute of Science, Bengaluru, in 1999, and the Ph.D. degree in Computer Science and Engineering from the University of South Florida, Tampa, in 2003. He is a Professor with the University of North Texas. His research is in “Smart Electronic Systems” which has been funded by National Science Foundations (NSF), Semiconductor Research Corporation (SRC), U.S. Air Force, IUSSTF, and Mission Innovation Global Alliance. He has authored 300 research articles, 4 books, and invented 4 U.S. patents. His has Google Scholar citations with an h-index of 34 and i10-index of 124 with 5000+ citations. He was a recipient of 11 best paper awards, IEEE Consumer Electronics Society Outstanding Service Award in 2020 for leadership contributions, the IEEE-CS-TCVLSI Distinguished Leadership Award in 2018 for services to the IEEE and to the VLSI research community, and the 2016 PROSE Award for Best Textbook in Physical Sciences and Mathematics category from the Association of American Publishers for his Mixed-Signal System Design book published by McGraw-Hill. He has delivered 9 keynotes and served on 5 panels at various International Conferences. He has been serving on the editorial board of several peer-reviewed international journals, including IEEE Transactions on Consumer Electronics (TCE), and IEEE Transactions on Big Data (TBD). He is currently the Editor-in-Chief (EiC) of the IEEE Consumer Electronics Magazine (MCE). He has been serving on the Board of Governors (BoG) of the IEEE Consumer Electronics Society, and has served as the Chair of Technical Committee on Very Large Scale Integration (TCVLSI), IEEE Computer Society (IEEE-CS) during 2014-2018. He is the founding steering committee chair for the IEEE International Symposium on Smart Electronic Systems (iSES), steering committee vice-chair of the IEEE-CS Symposium on VLSI (ISVLSI), and steering committee vice-chair of the OITS International Conference on Information Technology (ICIT). He has mentored 2 post-doctoral researchers, and supervised 11 Ph.D. dissertations, 26 M.S. theses, and 10 undergraduate projects.
Venkata P. Yanambaka (M’19) received the Bachelor of Technology degree in electronics and communications from the JNTU, India, in 2014. He obtained his Ph.D. at the System Electronic Systems Laboratory (SESL) at the Department of Computer Science and Engineering, University of North Texas. He is currently an Assistant Professor in the School of Engineering and Technology, Central Michigan University. His research interests are in Security in Internet of Things (IoT), Energy-Efficient Circuits and Systems, and Application-Specific Systems Design. He has authored of a 12 research articles which include multiple journals/transactions articles. He has a regular reviewer of various peer-reviewed journals and conferences.
Elias Kougianos (SM’07) received a BSEE from the University of Patras, Greece in 1985 and an MSEE in 1987, an MS in Physics in 1988 and a Ph.D. in EE in 1997, all from Louisiana State University. From 1988 through 1997 he was with Texas Instruments, Inc., in Houston and Dallas, TX. Initially he concentrated on process integration of flash memories and later as a researcher in the areas of Technology CAD and VLSI CAD development. In 1997 he joined Avant! Corp. (now Synopsys) in Phoenix, AZ as a Senior Applications engineer and in 2001 he joined Cadence Design Systems, Inc., in Dallas, TX as a Senior Architect in Analog/Mixed-Signal Custom IC design. He has been at UNT since 2004. He is a Professor in the Department of Electrical Engineering, at the University of North Texas (UNT), Denton, TX. His research interests are in the area of Analog/Mixed-Signal/RF IC design and simulation and in the development of VLSI architectures for multimedia applications. He is an author of over 120 peer-reviewed journal and conference publications.