THE FUTURE OF BLOCKCHAIN WITH IOT Ama Asare
user-centric, Internet-connected, complex
IOT HEADLINES Creepy IoT teddy bear leaks >2 million parents and kids voice messages [2017] IoT gadgets flooded DNS biz Dyn to take down big name websites [2016] Hackers Remotely Kill a Jeep on the Highway With Me in It [2015]
SECURITY? Time to market is a higher priority 357 companies in home automation 60% submitted data 76% < 10 employees Who focuses on security?
SECURITY? Privacy Anonymity Liability Trust
MAJOR GROUPINGS OF VULNERABILITIES LAN Trust Environment Trust Weak/No Authentication App Over-Privilege
IOT NETWORK TV
IOT NETWORK Sensor TV
IOT NETWORK Sensor TV
IOT NETWORK Sensor Relay TV
IOT NETWORK Sensor Relay TV
IOT NETWORK Sensor Relay Management Cloud TV
IOT NETWORK Sensor Relay Management Cloud TV
IOT NETWORK Sensor Relay Management User Interaction Cloud TV
ATTACK POINTS OF BREACHES (2010-2016) 30 22.5 Attack Points DoS Privacy Leakage Function Control Device Control 15 7.5 0 Actuator/Sensor Delegate/Relay User Interaction Point Attack Count
EFFECTS OF BREACHES (2010-2016) 14 10.5 DoS Privacy Leakage Function Control Device Control Effects Attack Count 7 3.5 0 2010 2011 2012 2013 2014 2015 2016
GROWTH PROJECTIONS 80,000,000,000 Connected Devices Number of Connected Devices 60,000,000,000 40,000,000,000 20,000,000,000 0 2016 2020 2025 Year
GROWTH PROJECTIONS 80,000,000,000 Number of Connected Devices 60,000,000,000 40,000,000,000 20,000,000,000 0 2016 2020 2025 Year
GROWTH PROJECTIONS 80,000,000,000 Number of Connected Devices 60,000,000,000 40,000,000,000 20,000,000,000 0 2016 2020 2025 Year
SO BLOCKCHAIN?
BLOCKCHAIN!= BITCOIN
A BLOCKCHAIN IS DISTRIBUTED LEDGER
A BLOCKCHAIN IS DISTRIBUTED LEDGER TRANSPARENCY
A BLOCKCHAIN IS DISTRIBUTED LEDGER TRANSPARENCY AUTHENTICATION
A BLOCKCHAIN IS DISTRIBUTED LEDGER TRANSPARENCY AUTHENTICATION AUDITING
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Data: Give Prev: 0000000000000 Hash: 00003d224234
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Block: # 2 Nonce: 206501 Data: Give Data: Ama Prev: 0000000000000 Prev: 00003d2242343 Hash: 00003d224234 Hash: 0000a8c0ca912
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Block: # 2 Nonce: 206501 Block: # 3 Nonce: 22397 Data: Give Data: Ama Data: $3 Prev: 0000000000000 Prev: 00003d2242343 Prev: 0000a8c0ca912 Hash: 00003d224234 Hash: 0000a8c0ca912 Hash: 000084343a9e
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Data: Give Prev: 0000000000000 Hash: 00003d2242343
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Block: # 2 Nonce: 206501 Data: Give Data: Sally Prev: 0000000000000 Prev: 00003d2242343 Hash: 00003d2242343 Hash: f0f33d22423437
BLOCKCHAIN CONSTRUCTION Block: # 1 Nonce: 29684 Block: # 2 Nonce: 206501 Block: # 3 Nonce: 22397 Data: Give Data: Sally Data: $3 Prev: 0000000000000 Prev: 00003d2242343 Prev: f0f33d22423437 Hash: 00003d2242343 Hash: f0f33d22423437 Hash: fd73d22423437
PROGRAMMING ON BLOCKCHAINS Platforms Ethereum, RSK Smart Contracts Not legal contracts Self executing Self enforcing Live on the blockchain Solidity
INDEPENDENCE CONSENSUS PROCESS
INDEPENDENCE CONSENSUS PROCESS
INDEPENDENCE CONSENSUS PROCESS
BLOCKCHAIN SECURITY Able to reconstruct state by itself - biggest advantage Trust is within (trustless) INDEPENDENCE Autonomous entities Fault tolerant
BLOCKCHAIN SECURITY Validation of proposed transactions Transactions are immutable CONSENSUS Tamper proof PROCESS
BETTER SECURITY ON IOT WITH BLOCKCHAIN Consortium blockchains More control as opposed to public blockchains Self enforcing smart contracts Tamperproof
BETTER SECURITY ON IOT WITH BLOCKCHAIN Security by design & default Verification of nodes on the network Verification of transactions
BETTER SECURITY ON IOT WITH BLOCKCHAIN Consensus Process: Proof of Work/ Proof of Stake Make it hard to DDOS Man-in-themiddle is obsolete
EXAMPLE: IOT & BLOCKCHAIN Monitoring secure assets using IOT devices Possible vulnerabilities Device impersonation Function control Doctored data
EXAMPLE: IOT & BLOCKCHAIN IOT device on a blockchain network Store device ID on blockchain Can function without internet Data is immutable, tamper proof, blockchain is trustless Device function is autonomous with the use of a smart contract All interested parties can verify data without need for trusted central authority
USING BLOCKCHAIN Sensors of today can handle software stacks Ethereum
CHALLENGES USING BLOCKCHAIN Still WIP Time to consensus and user experience Bitcoin takes over 2 hours Ethereum about15s Scalability A blockchain to cater to hundreds of billions of devices needs to be scalable Verifying information from outside the blockchain network
IOT DEVICES USING BLOCKCHAIN IRL
IOT DEVICES USING BLOCKCHAIN IRL Active Ingredient National & Regional Wholesalers Raw Materials Finished Drug Hospitals & Pharmacies Patients Inactive Ingredient Smaller Wholesalers
IOT DEVICES USING BLOCKCHAIN IRL
THE FUTURE IS ENDLESS Blockchain voting Sharing machinery in a community (3D printers, self driving cars) Power regulation
SOURCES Data from connected CloudPets teddy bears leaked and ransomed, exposing kids' voice messages Cloud Pets Commercial Hackers Remotely Kill a Jeep on the Highway With Me in It DDoS attack that disrupted internet was largest of its kind in history, experts say Understanding IoT Security Through the Data Crystal Ball: Where We Are Now and Where We Are Going to Be, Foundations For The Next Economic Revolution, Filament