Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2021 Apr 30;21(9):3119.
doi: 10.3390/s21093119.

Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs

Javier Arcenegui  1 Rosario Arjona  1 Roberto Román  1 Iluminada Baturone  1
Affiliations

Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs

Javier Arcenegui et al. Sensors (Basel). .

Abstract

Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF.

Keywords: Ethereum; IoT security; blockchain technology; non-fungible tokens (NFTs); physical unclonable functions (PUFs); secure boot; smart contracts; trusted hardware.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
State diagram of smart NFTs.
Figure 2
Figure 2
The manufacturer binds the IoT device to its smart NFT.
Figure 3
Figure 3
Steps in successful owner and device mutual authentication.
Figure 4
Figure 4
Steps in a successful user and device mutual authentication.
Figure 5
Figure 5
Proposed secure boot process of the IoT device.
Figure 6
Figure 6
Configuration of our proof of concept in Infura. The Pycom Wipy 3.0 board is also shown.
Figure 7
Figure 7
Structure of the communication between the IoT device and the DApps.
Figure 8
Figure 8
(a) Manufacturer DApp, (b) owner DApp, and (c) user DApp.
Figure 8
Figure 8
(a) Manufacturer DApp, (b) owner DApp, and (c) user DApp.
See this image and copyright information in PMC

References

    1. Pal S., Rabehaja T., Mukhopadhyay S. Security requirements for the internet of things: A systematic approach. Sensors. 2020;20:5897. doi: 10.3390/s20205897. - DOI - PMC - PubMed
    1. Novo O. Blockchain meets IoT: An architecture for scalable access management in IoT. IEEE Internet Things J. 2018;5:1184–1195. doi: 10.1109/JIOT.2018.2812239. - DOI
    1. Dhananjay S., Jong-Hoon K., Madhusudan S. Blockchain Technologies. Springer Nature; New York, NY, USA: 2020.
    1. Longo R., Podda A.S., Saia R. Analysis of a Consensus Protocol for Extending Consistent Subchains on the Bitcoin Blockchain. Computation. 2020;8:67. doi: 10.3390/computation8030067. - DOI
    1. Sun T., Yu W. A Formal Verification Framework for Security Issues of Blockchain Smart Contracts. Electronics. 2020;9:255. doi: 10.3390/electronics9020255. - DOI

LinkOut - more resources