IoT paranoia: can your devices trust the other IoT devices that help them?

For the Internet of Things (IoT) to function well then lots of IoT devices need to work together properly. But how can these other devices be trusted? Blockchain technologies might be the answer.

Lego block and chain a

The idea of any device with a chip and a web connection working with any other device has lots of potential. At home your freezer could partner with your cooker to swap ideas for meals and precise cooking instructions that are based on what is actually in your freezer and how your cooker best heats up food.

At work your office devices could work together to help you and your colleagues.  Your car could be operated by your phone and vice versa. The Internet Of Everything means any device could potentially work very closely with any other device.

The trust problem

But what happens if one of these devices has been hacked? Maybe your phone has a virus. Or if you need your car to communicate with someone else’s car – to organise routes or a place to meet up – then maybe the other car will infect yours? So how can we make the IoT secure?

The problem of ‘trust’ is bigger than just avoiding infection. How can you trust a device that you do not own or control? Maybe a toll booth will charge you incorrectly, maybe a person will use a phone app to pretend to be someone else. Maybe an IoT device will just give bad information. The cause might not even be hacking, maybe just a software bug, human error or biases caused by differences in peoples’ taste or perspective.  How can all these be avoided?

The coordination problem

Also, whatever your IoT project is about, the issue is more than just about whether you can trust some device. There is also a coordination problem. The potential of an IoT ecosystem lies in the combined sensors and capabilities of many devices. For example, many cars sharing congestion information is much more valuable than the information from just two cars. So the problem is to get many devices to work appropriately with many other devices. Trust and appropriate behaviour need to be guaranteed for all the devices that work on a particular problem or service.

It all boils down to two problems. How can you trust your own devices not to be hacked and how can you trust devices that you do not control to do what they are supposed to do – in a joined-up way?

How can we be sure of the identities, past behaviours and current permissions of other people and devices? How can we coordinate many devices so that they work in a joined-up way? And how can our devices do this checking automatically?

Fortunately a similar problem has already come up with digital currencies like Bitcoin. Digital currencies also need to be trusted and they need many people to join-up in agreeing that a particular buyer owns the digital cash to be able to pay for something. Buyers want to choose from lots of sellers so all the sellers have to agree that they trust the currency – even though the amount of cash each buyer and seller owns changes each time someone buys something.

Cryptocurrencies, like Bitcoin, solve this problem by using a distributed ledger like blockchain . A distributed ledger is a database of transactions that is shared and checked across many computers. And transactions can be money transfers or they can be IoT devices sharing data with each other.

Solution: You are what you do and what you do can be recorded

Blockchain technology is much more than the foundation of Bitcoin. Transaction data can include peoples’ identities, devices’ identities or any other useful data such as how they behave. Recording transactions makes it possible to know the real identity of every device and what it has done in the past.

New transactions are cryptographically recorded into blocks and each block in the chain of blocks is cryptographically linked to the previous block to stop tampering. The data in each block is encoded and part of that code is based on the contents of the previous block. To successfully tamper with this record would mean hacking all the computers in the network simultaneously, whilst at the same time guessing how to decrypt each block and the links between them.

Blockchain technology preserves trust in three ways: multiple copies of a single blockchain are shared and continuously checked; the data in each block is encrypted and to decode one block you need to decode the preceding blocks.

So, the problem of IoT devices trusting each other could be solved by using a blockchain technology to encrypt recordings of past behaviours and current permissions. And the problem of coordinating many devices could be solved by sharing a single blockchain database across a network of devices.

Of course there are many distributed ledger technologies and many types of blockchains. My point is that technologies like blockchain solve the trust problem by continuously checking multiple copies of a database that is securely synced.  And automatically synchronising multiple copies of the same database is also a strong basis for coordinating multiple devices.

Trust and coordination are two things that IoT ecosystems will badly need. So blockchain technology looks like it will be a foundation of the IoT ecosystem and much more.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s