Paper 5

This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/MCE.2021.3061808, IEEE Consumer
Electronics Magazine
IEEE CONSUMER ELECTRONICS MAGAZINE 1
BPAF: Blockchain-Enabled Reliable and

Privacy-Preserving Authentication for
Fog-Based IoT Devices
Can Zhang∗ , Liehuang Zhu† , Member, IEEE, Chang Xu†
∗ Schoolof Computer Science and Technology, Beijing Institute of Technology
† School of Cyberspace Science and Technology, Beijing Institute of Technology
Abstract—The development of IoT and fog com- public key for verification by authentication ter-
puting promotes various kinds of authentication minals such as fingerprint collectors. Traditional
mechanisms for IoT devices. However, the centralized authentication schemes are based on centralized
architecture of traditional authentication schemes architectures, where all the users’ public keys are
leads to the issues of security, privacy, and relia-
stored on the centralized server. All the terminals
bility. Despite the efforts to introduce blockchain
to achieve decentralized authentication in existing
should query the participant’s public key from the
schemes. Unfortunately, they cannot be directly used server during the authentication process. However,
under the fog-based IoT environment which consists centralized authentication presents security, privacy,
of resource-constrained IoT devices. To mitigate these and reliability issues because of the centralized
issues, we present a blockchain-enabled reliable, and and untrusted authentication server, which leads to
privacy-preserving authentication for fog-based IoT single-point of failure and malicious behaviors.
devices, named BPAF. BPAF achieves reliable authen-
tication of fog nodes without violating the privacy of The decentralization and immutable property
authenticated users during the authentication pro- [4] makes blockchain a natural carrier of secure
cess. Security analysis and experimental evaluations and reliable authentication. In recent years, some
show that BPAF achieves privacy-preserving and blockchain-based solutions have been presented
reliable authentication with high efficiency for both which aim to solve the issues of the traditional
the fog nodes and full nodes participating in the centralized authentication schemes.
authentication process.
However, all the mentioned schemes are based
on full nodes, which means they do not support
the authentication based on IoT devices because
I. I NTRODUCTION
they only have limited storage and computation
W ITH the proliferation of consumer Internet

of Things (IoT), privacy issues have become
more and more non-negligible [1]. Effective authen-
resources. Hence, deploying blockchain full nodes
onto IoT devices is impossible due to resource con-
straints [5]. Fortunately, these devices can be im-
tications should be implemented to prevent system plemented as thin-clients to access the blockchain
violations from unauthorized adversaries. The de- networks. Instead of full blockchain nodes, the thin-
velopment of IoT and fog computing brings out the clients cannot store the complete blockchain data or
diversity of IoT devices (as fog nodes) that enables participate in the consensus protocol due to their
numerous authentication types. For example, a sys- limited storage and computation capacity. Hence,
tem can use small IoT-based fingerprint collectors in blockchain-based authentications, the thin-clients
for fingerprint authentication. In the existing user need to send a request to the full node to query
authentication solutions, each user has a unique the participant’s public key, which leads to pri-
private key (which is related to the user’s real-world vacy leakage. More specifically, the malicious full
identity [2] or biometric characteristics [3]) to gen- node can infer that an authentication behavior has
erate authentication requests and the corresponding happened under the queried public key, and the
2162-2248 (c) 2021 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Authorized licensed use limited to: Queens University Belfast. Downloaded on May 17,2021 at 06:55:34 UTC from IEEE Xplore. Restrictions apply.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/MCE.2021.3061808, IEEE Consumer
participant’s living habits or even the associated cannot store the complete ledger data of blockchain
real-world identity will be inferred with the help as they do not have enough storage capacity.
of background knowledge. To achieve thin-client authentication under the
To mitigate these issues mentioned above, we blockchain networks, Feng et al. [12] proposed
propose BPAF, a blockchain-enabled reliable and PTAS, a blockchain-based authentication system
privacy-preserving authentication scheme for fog- that uses the private information retrieval (PIR)
based IoT devices. Security analysis and experi- technology to protect privacy. In the enhanced
mental evaluations show that the proposed BPAF PTAS scheme, if m − 1 full nodes collude, the
scheme achieves privacy protection and reliable user’s privacy can also be well protected. Different
authentication with high communication & compu- from PTAS, we introduce a revocation list to check
tation efficiency. whether the queried user has been revoked, where
To the best of our knowledge, this is the PTAS does not support it. Besides, we leverage
first blockchain-based authentication scheme that the LRU-based optimization mechanism to further
supports thin-client authentication with reliability, reduce the time costs during the authentication
privacy-protection, user revocation, and high effi- process.
ciency simultaneously. The proposed BPAF scheme
III. P ROBLEM F ORMALIZATION
can also be used in relevant consumer-level ap-
plications that needs lightweight and reliable au- In this section, we formalize the system model,
thentications, such as supply chains and healthcare threat model, and design goals of the proposed
scenario. BPAF scheme.
A. System Model
II. T ECHNICAL BACKGROUNDS
The whole system consists of four entities: TA,
In this section, we make a brief introduction of User, Full Node and Fog Node, as shown in Fig. 1.
related works about blockchain-based authentica- 1) TA: TA is considered as a trusted authority in
tion schemes. this system which is responsible for system initial-
Fromknecht et al. [6] proposed CertCoin which ization. All the users should register to TA with the
ensures identity retention with the help of cryp- corresponding public key before participating in the
tocurrencies such as Bitcoin and Namecoin. Ali et system. TA can also perform the revoke operation
al. [7] also presented Blockstack, a decentralized to revoke misbehaved users. After that, the TA will
PKI structure that enables large deployment with stay offline.
50 thousand users in a production PKI system. Mat- 2) User: When a user wants to perform an
sumoto et al. [8] proposed IKP, which aims to avoid authentication operation, he first sends an authen-
the misbehavior of CA, and provides incentive by tication request to the fog node nearby. If the
utilizing the smart contracts. Yao et al. [9] presented authentication is successful, he will be accepted as
BLA, a blockchain-based lightweight authentica- a legitimate user; otherwise, he will be rejected as
tion for distributed vehicular fog services, which an illegal user.
achieves anonymity and protects vehicle users’ pri- 3) Full Node: The blockchain network consists
vacy. Liu et al. [10] proposed a decentralized and of several full nodes that store the complete ledger
traceable collaborative authentication mechanism data and participate in the consensus process. In
with the help of blockchain, secret sharing, and our system, we choose BFT (Byzantine Fault Tol-
dynamic proxy technology. Xu et al. [11] leveraged erance) as the underlying consensus mechanism
the redactable blockchain revoke illegal users, and because it is widely used in the blockchain net-
the experiments confirm that the proposed scheme works. Moreover, each full node stores a public
greatly reduces both communication and revocation key list and a revocation list that includes all the
costs. registered users’ public key and revocation status,
All of the current solutions can not be directly respectively. During the authentication process, it
used in IoT-based environments because of the responds to the fog node’s query request and sends
resource-constrained property of IoT devices. They the queried results.
5. Result
Aggregation
2. Authentication 3. Privacy-Preserving
Request Public Key Query
Blockchain
6. Authentication Fog Node 4. Queried Network
User Result (Thin-Client) Result
1-2. Registration
Full Node Full Node
1-1. Initialization Public Key List Revocation List

TA
Fig. 1: System model.
4) Fog Node: The fog node is considered as Besides, external adversaries also try to attack
a thin-client in the blockchain network. When re- several full nodes to compromise the blockchain
ceiving the authentication request sent by the user, network and jeopardize the system availability and
it performs several privacy-preserving public key reliability.
queries from full nodes. After receiving the queried
results, it aggregates them to recover the user’s
public key and revocation status for authentication, C. Design Goals
and finally returns the authentication result for the
user. Now we introduce the design goals of the pro-
posed BPAF scheme.
1) Privacy Protection: The proposed scheme
B. Threat Model
should protect the authentication privacy of
In our threat model, we assume that TA is trust- participants (i.e., which participant is being
worthy, it uses the secure channel to communicate authenticated). Malicious adversaries cannot
with other entities and cannot be compromised. link the authentication behavior and the cor-
Most users are honest during the authentication responding identity of participants.
process, whereas there exist some malicious users 2) Authentication: Different from the exist-
who do not have the privilege or his privilege have ing blockchain-based authentication solu-
been revoked. These malicious users want to de- tions, the fog node (i.e., the thin-client) can
ceive the fog nodes into passing the authentication. successfully perform the authentication pro-
All the fog nodes are honest, which means it cess with the help of full nodes. Authorized
cannot modify the user’s request or authentication users can pass the authentication, whereas
result, or collude with malicious users and full external adversaries and revoked users cannot
nodes. pass the authentication.
The full nodes are assumed as honest-but- 3) Reliability: All the public keys and revocation
curious, which means they will honestly follow statuses cannot be modified or deleted. For
our protocols and algorithms. Nevertheless, they try fog nodes, they can successfully query the
to infer the associated user’s identity during the participant’s public key.
authentication process. In our security model, we 4) Efficiency: Due to limited computation, stor-
assume that there are most m−1 full nodes collude age, and bandwidth resources of the fog
with each other to violate the user’s authentication devices, the proposed authentication scheme
privacy, where m represents the number of full should achieve high computation and com-
nodes participating in one authentication process. munication efficiency.
IV. T HE P ROPOSED BPAF S CHEME sends an authentication request, the fog node cannot
In this section, we will make a detailed de- directly query the public key like what the full
scription of the proposed BPAF scheme, which node does. The fog node should generate several
includes a reliable and privacy-preserving public- fake queries to obfuscate the queries associated with
key query mechanism, and an optimization method the user’s pseudonym to protect the authentication
that further improves the query efficiency. privacy.
Assume the fog node randomly chooses m full
A. Initialization & Registration nodes participating in this authentication process,
where m is an odd integer. It then picks an odd
First TA initializes two lists that will be stored
integer m0 which represents the number of queried
on the blockchain: Public Key List that holds all
pseudonyms for each designated full node. Next,
the registered users’ public key, and Revocation List
the fog node randomly selects (m · m0 − 1)/2 fake
that keeps their revocation status.
queried user’s pseudonyms. It makes a query list
All the users need to register to the TA before
consists of these fake pseudonyms and the real
joining the system. For each user, he sends the real-
pseudonym associated with the participant. Note
world identity, the corresponding pseudonym, and
that in the query list, all the fake pseudonyms
the public key for authentication to TA through
should appear twice whereas the real pseudonym
secure channels. TA stores the relation between
only appears once. Then the fog node randomly
the user’s real-world identity and the pseudonym
partitions the list to m subsets, where each subset
locally, and adds the pseudonym and public key to
contains m0 different pseudonyms. Finally, the fog
the public key list. We assume that all the users’
node sends each subset to the corresponding full
public keys are l-bit length, which is reasonable in
node.
the real-world scenario.
Note that TA can deploy a smart contract to store For each full node, after receiving the partitioned
and update these two lists, we omit the detailed set, it queries all the public keys and the revoke
description due to the page limit. After the system statuses of the pseudonym in the set. Finally, it
is initialized and the users are registered, the TA uses the XOR operation to aggregate all the queried
will stay offline. public keys and revocation statuses and sends the
aggregated results to the fog node.
After receiving the aggregated public key and
B. Authentication
revocation statuses for all full nodes, the fog node
When a user wants to make an authentication, also uses the XOR operation to aggregate them.
he first sends a request which includes the current Then, the participant’s public key and revocation
timestamp and the credential (e.g., signature or status will be recovered. Next, the fog node checks
encrypted biometric information) generated by the whether the participant has been revoked. If he
corresponding private key. When receiving a re- has been revoked, the fog node rejects his au-
quest, the fog node first verifies whether the request thentication request. Otherwise, it uses the public
time is obsolete. If the time is valid, it then performs key to verify the credential. If the verification is
privacy-preserving public key queries to get the successful, the user will pass the authentication.
user’s public key stored on the blockchain. Oth-
Fig. 2 shows an example of a privacy-preserving
erwise, the authentication request will be rejected.
public-key query process, where ⊕ represents the
Next, we make a detailed description of the
XOR operations. First the fog node chooses m = 3,
querying mechanism, which forms one of the sig-
m0 = 3, and generates the query list that consists of
nificant contributions of the scheme BPAF.
(3·3−1)/2 = 4 fake pseudonyms (i.e., u1 −u4 ) and
one real queried pseudonym (i.e., ua ), and partitions
C. Privacy-Preserving Public Key Query the list to 4 sets. During the query process, each
The fog node plays the role of a thin-client in full node queries the public key and revocation
the blockchain network due to the limited storage status of each pseudonym stored on their ledger
& computation capacity. Hence, when the user locally to get the queried results and sends the
XOR-aggregated result to the fog node. Finally, the User1 User2 User3
User3
fog node aggregates the results to obtain the public User2 User2
key and the revocation status of the participant, and User1 User1 User1
performs the following authentication process. Round 1 Round 2 Round 3
User2 User4 User3

Queried pseudonym: u1, u3, ua User2 User4 User3
Participant ua
PK1=pk User3 User2 User4
1⊕pk3⊕pka
Pseudonym: ua R1=r1⊕r3⊕ra Node N1 User1 User3 User1
Public Key: ? Round 4 Round 5 Round 6
Revocation State: ?
PK1⊕PK2⊕PK3=pka Queried pseudonym: u1, u2, u4 Fig. 3: An LRU-based Optimization Example.

R1⊕R2⊕R3=ra
Fog Node PK2=pk 1⊕pk2⊕pk4 Node N2
R2=r1⊕r2⊕r4
Pseudonym: ua
while the green text represents the queried entry
Public Key: pka Queried pseudonym: u2, u3, u4 that will be removed on the next authentication
Revocation State: ra
PK3=pk2⊕pk3⊕pk4 Node N3 round.
R3=r2⊕r3⊕r4
During the first three authentication rounds
Fig. 2: A Privacy-Preserving Query Example. Round 1-3, the newly-queried results will be added
to the cache respectively. In the Round 4, User2
performs another authentication request. Because
the cache in the fog node stores the historical query
D. Optimization Mechanism
result of User2, which means the fog node does not
For each authentication process, the fog node need to perform the public-key query as mentioned
needs to query the user’s public key. Although the before. Besides, because User2’s entry is recently
fog node does not need to store the complete data used for authentication, it will be put on the top
stored on the blockchain, it brings out more com- of the cache. In the Round 5, User1’s entry is
munication costs. To further reduce the communi- removed from the cache due to the limited storage
cation costs, we present an optimization mechanism capacity, and the newly-queried entry of User4 is
that leverages the limited storage capacity on fog added on the top of the cache.
nodes.
As we know, the fog node cannot undertake large
E. Incentive Mechanism
data storage, but it can temporarily store limited
information. Therefore, all the fog nodes can keep Some incentive mechanisms can also be used
the public keys and revocation status of the users to encourage the honest full nodes which help the
who are recently authenticated. Assume a user’s fog node finish the authentication process. Besides,
public key and revocation status can be constructed malicious full nodes will be penalized with the help
as an entry, and each fog node can store ρ entries. of smart contracts. Furthermore, all the full nodes
In that case, the storage space of the fog node can should provide a blockchain account and deposit
be considered as a cache with the storage capacity several cryptocurrencies like BTC in Bitcoin and
of ρ. To make better use of the limited storage space ETH in Ethereum, which will be used to receive
of the fog node, we adopt the LRU (Least Recently rewards and pay penalties. We omit the detailed
Used) algorithm, which is usually used on the page descriptions due to the page limits.
replacement in operation systems [13].
Fig. 3 shows an LRU-based query optimization V. S ECURITY A NALYSIS AND E XPERIMENTAL
example that leverages the cache in the fog node, E VALUATION
where the fog node’s storage capacity is set to In this section, detailed security analysis and
be ρ = 3. The red text represents the newly- experimental evaluations show that the proposed
queried public keys and revocation statuses from BPAF scheme achieves privacy protection, authen-
full nodes, the blue text represents the historical tication, reliability with high computation & com-
queries stored in the cache and be recently used, munication efficiency.
A. Security Analysis B. Experimental Evaluation
1) Privacy Protection: In BPAF, privacy pro- We implement the proof-of-concept of BPAF in a

tection focuses on how to protect the authenti- simulated IoT authentication environment to evalu-
cation privacy of participants. If some malicious ate the computation & communication costs during
full nodes have linked the authentication behavior the initialization and authentication processes. We
to a user’s pseudonym (or public key), the user’s choose the public key length l = 256 and randomly
authentication behavior will be leaked, and the generate the corresponding key-pair for each user.
identity information will be inferred with the help Our proposed scheme mainly focuses on how to
of background knowledge. securely query the user’s public key instead of the
In BPAF, the fog node randomly chooses m authentication process. Hence we omit the evalua-
full nodes and sends m0 queries for each full tion of the authentication mechanism itself because
node, where at least m0 − 1 fake queries are it is beyond our research scope. All the programs
included. Different from the update operation on the are written in Go language and compiled in Go 1.13
blockchain, the query operation cannot be recorded x64 environment.
to the blockchain data. Hence, external adversaries We choose Hyperlegder Fabric as the underlying
cannot infer the querying information by making blockchain platform because it has more scalability
statistical analysis on the blockchain data. and higher efficiency compared with Bitcoin and
Ethereum. The proof-of-concept is deployed in the
For one malicious fog node, it cannot infer which
Fabric test network with 5 peer nodes (as full
user is participating in this round of authentication
nodes), each of them is running on a virtualized
process now. More specifically, the query list in-
server with Intel i7-8700K CPU and 4GB RAM
cludes at least m0 −1 fake queries, hence malicious
with a 64-bit Ubuntu 16.04 operating system. The
full nodes cannot distinguish which pseudonym
proof-of-concept is running on a virtualized fog
belongs to the participant. Note that BPAF can
node with Intel i5-4200H CPU and 2GB RAM with
also resist collusion attack under at most m − 1
a 64-bit Ubuntu 16.04 operating system.
malicious full nodes because they cannot recover
the participant’s pseudonym without knowing the Now we evaluate the system initialization pro-
queried pseudonyms of the honest full node. cess, where we set the number of users varies
from 100 to 1000, and fix m = 3, m0 = 3. The
Therefore, BPAF can protect the authentication
evaluation result is shown in Fig. 4(a), from which
privacy of authenticated users even if there exists
we can see that it follows the linear relationship
at most m − 1 malicious full nodes.
between the time cost and the number of users.
2) Authentication & Reliability: For honest Because for each user, the TA should upload the
users, they can successfully achieve reliable authen- corresponding public key to the blockchain, which
tication with the fog nodes because: brings out communication delays. Note that when
1) Blockchain achieves reliable storage which n = 1000, the execution time is about 32s, which
means that all the user’s public key cannot is acceptable because the initialization process only
be tampered with, and unauthorized users executes once.
cannot impersonate legitimate users without Next, we evaluate the time costs of the public
knowing their private key. query process: First, we fix the number of queried
2) With the help of full nodes, the fog node public keys per full node, and vary the number
can successfully query the participants’ pub- of full nodes. As is illustrated in Fig. 4(b), with
lic key and finish the authentication process, the number of full nodes increases, the execution
although it has limited resources. time also increases because the fog node needs to
3) We adopt a revocation list that represents the generate more fake queries and receive more full
revocation status. The revoked user cannot nodes’ response. Then, we fix the number of full
pass the authentication because the corre- nodes and vary the number of queried public keys
sponding revocation status is revoked, which per full node. As can be seen in Fig. 4(c), with
is also stored on the unmodifiable blockchain. the number of queried public keys per full node
6 0 0
3 5
5 5 0
3 0 5 0 0
4 5 0
A v e r a g e E x e c u t io n T im e ( m s )
A v e r a g e E x e c u t io n T im e ( s )
2 5 4 0 0
3 5 0
2 0
3 0 0
1 5 2 5 0
2 0 0
1 0 1 5 0
1 0 0
5
5 0
0 0
0 1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 8 0 0 9 0 0 1 0 0 0 1 3 5 7 9 1 1 1 3 1 5 1 7 1 9
N u m b e r o f U se rs N u m b e r o f F u ll N o d e s
(a) Initialization (b) Public Key Query (set m0 = 3)
6 0 0 N o O p t im iz a t io n
1 0 0 0
5 5 0 L R U ( ρ= 1 0 0 )
9 0 0 L R U ( ρ= 2 0 0 )
5 0 0
8 0 0 L R U ( ρ= 3 0 0 )
4 5 0
A v e r a g e E x e c u t io n T im e ( m s )
N u m b e r o f F u ll- N o d e Q u e r ie s
4 0 0 7 0 0
3 5 0 6 0 0
3 0 0 5 0 0
2 5 0
4 0 0
2 0 0
3 0 0
1 5 0
2 0 0
1 0 0
5 0 1 0 0
0 0
1 3 5 7 9 1 1 1 3 1 5 1 7 1 9 0 1 0 0 2 0 0 3 0 0 4 0 0 5 0 0 6 0 0 7 0 0 8 0 0 9 0 0 1 0 0 0
N u m b e r o f Q u e r ie d P u b lic K e y s N u m b e r o f A u t h e n t ic a t io n s
(c) Public Key Query (set m = 3) (d) LRU Optimization
Fig. 4: Computational Costs and Optimization of BPAF.
increases, the execution time also increases because vary the LRU cache capacity to 100, 200, and 300.
the full node needs to query more users’ public keys The result in Fig. 4(d) shows that the LRU-based
from the stored blockchain data. optimization mechanism can effectively reduce the
We can conclude that it needs less than 1s for the number of full-node queries. When ρ = 300, the
fog node to query the participant’s public key. Note optimization mechanism has reduced nearly 25%
that the time costs consist of the communication queries compared to the non-optimized scheme,
delay in our experimental environment, which can which means nearly 25% computation & commu-
be optimized by using more powerful network nication costs for both fog node and full nodes is
resources (e.g., 5G-Integrated Networks [14], [15]), reduced, which further improves the efficiency of
or our LRU-based optimization mechanism. the proposed BPAF scheme.
During the authentication process, each full node
will send the l-bit aggregated public key and 1-bit VI. C ONCLUSION AND F UTURE W ORK
revocation status to the fog node, and the fog node IoT-based authentication has been widely used in
will receive m full nodes’ query result. Hence it is real-world scenarios, whereas several issues jeopar-
straightforward to conclude that the communication dize security, privacy, and reliability. The introduc-
cost of the fog node and each full node is related tion of blockchain guarantees reliable authentica-
to ml and l, respectively. tion; unfortunately, most existing solutions cannot
In the evaluation of the optimization mechanism, support the scenario where resource-constrained
we randomly generate 100-1000 authentication and IoT devices are deployed. We propose BPAF,
a blockchain-enabled privacy-preserving and reli- [8] S. Matsumoto and R. M. Reischuk, “IKP: turning a PKI
able authentication scheme for fog-based IoT de- around with decentralized automated incentives,” in 2017
IEEE Symposium on Security and Privacy, SP 2017, San
vices. BPAF includes a privacy-preserving public- Jose, CA, USA, May 22-26, 2017. IEEE Computer
key query scheme that protects the authentication Society, 2017, pp. 410–426.
privacy of the participants, and an LRU-based op- [9] Y. Yao, X. Chang, J. V. Misic, V. B. Misic, and L. Li,
timization mechanism which further reduces the “BLA: blockchain-assisted lightweight anonymous au-
thentication for distributed vehicular fog services,” IEEE
computation & communication costs for both fog Internet Things J., vol. 6, no. 2, pp. 3775–3784, 2019.
node and full nodes. Security analysis and ex- [10] H. Liu, P. Zhang, G. Pu, T. Yang, S. Maharjan, and
perimental evaluations show that BPAF achieves Y. Zhang, “Blockchain empowered cooperative authen-
tication with data traceability in vehicular edge comput-
reliable and privacy-preserving authentication with
ing,” IEEE Trans. Veh. Technol., vol. 69, no. 4, pp. 4221–
high efficiency. For future works, we will consider 4232, 2020.
more complicated authentication operations (e.g., [11] J. Xu, K. Xue, H. Tian, J. Hong, D. S. L. Wei, and
revocation and fine-grained access control) in fog- P. Hong, “An identity management and authentication
scheme based on redactable blockchain for mobile net-
based consumer-level applications (e.g., blockchain works,” IEEE Trans. Veh. Technol., vol. 69, no. 6, pp.
& IoT-enabled supply chains and vehicular net- 6688–6698, 2020.
works), and design the corresponding privacy- [12] W. Jiang, H. Li, G. Xu, M. Wen, G. Dong, and
preserving authentication mechanisms based on the X. Lin, “PTAS: privacy-preserving thin-client authenti-
cation scheme in blockchain-based PKI,” Future Gener.
attribute or location to protect the privacy of users. Comput. Syst., vol. 96, pp. 185–195, 2019.
[13] R. E. Bryant and D. R. O’Hallaron, Computer Systems: A
ACKNOWLEDGMENTS Programmer’s Perspective, 3rd Edition. Pearson, 2016.
[14] K. Zhang, Y. Zhu, S. Maharjan, and Y. Zhang, “Edge
This work is supported by the National Nat- intelligence and blockchain empowered 5g beyond for
ural Science Foundation of China (Grant Nos. the industrial internet of things,” IEEE Netw., vol. 33,
no. 5, pp. 12–19, 2019.
61972037, 61402037, 61872041, U1836212).
[15] T. Hewa, A. Bracken, M. Ylianttila, and M. Liyanage,
“Blockchain-based automated certificate revocation for
R EFERENCES 5g iot,” in 2020 IEEE International Conference on Com-
munications, ICC 2020, Dublin, Ireland, June 7-11, 2020.
[1] T. Alladi, V. Chamola, B. Sikdar, and K. R. Choo, IEEE, 2020, pp. 1–7.
“Consumer iot: Security vulnerability case studies and
solutions,” IEEE Consumer Electron. Mag., vol. 9, no. 2,
pp. 17–25, 2020.
[2] C. Zhang, L. Zhu, C. Xu, C. Zhang, K. Sharif, H. Wu,
and H. Westermann, “BSFP: blockchain-enabled smart
parking with fairness, reliability and privacy protection,”
IEEE Trans. Veh. Technol., vol. 69, no. 6, pp. 6578–6591, Can Zhang received his B.E. (Bachelor of Engineering) degree
2020. in Computer Science & Technology from Beijing Institute
[3] C. Zhang, L. Zhu, and C. Xu, “PTBI: an efficient privacy- of Technology, Beijing, China, in 2017. He is currently a
preserving biometric identification based on perturbed Ph.D. student at the School of Computer Science & Tech-
term in the cloud,” Inf. Sci., vol. 409, pp. 56–67, 2017. nology, Beijing Institute of Technology. His current research
[4] S. Biswas, K. Sharif, F. Li, S. Maharjan, S. P. Mo- interests include security & privacy in VANET, cloud com-
hanty, and Y. Wang, “Pobt: A lightweight consensus puting security, and blockchain technology. Contact him at
algorithm for scalable iot business blockchain,” IEEE [email protected].
Internet Things J., vol. 7, no. 3, pp. 2343–2355, 2020.
[5] S. Biswas, K. Sharif, F. Li, B. Nour, and Y. Wang, “A
scalable blockchain framework for secure transactions in
iot,” IEEE Internet Things J., vol. 6, no. 3, pp. 4650–
4659, 2019.
[6] C. Fromknecht, D. Velicanu, and S. Yakoubov, “A decen-
tralized public key infrastructure with identity retention,” Liehuang Zhu received his Ph.D. degree in computer science
IACR Cryptol. ePrint Arch., vol. 2014, p. 803, 2014. from Beijing Institute of Technology, Beijing, China, in 2004.
[7] M. Ali, J. C. Nelson, R. Shea, and M. J. Freedman, He is currently a professor at the School of Cyberspace
“Blockstack: A global naming and storage system se- Science and Technology, Beijing Institute of Technology. His
cured by blockchains,” in 2016 USENIX Annual Techni- research interests include security protocol analysis and de-
cal Conference, USENIX ATC 2016, Denver, CO, USA, sign, group key exchange protocols, wireless sensor networks,
June 22-24, 2016, A. Gulati and H. Weatherspoon, Eds. cloud computing, and blockchain applications. Contact him at
USENIX Association, 2016, pp. 181–194. [email protected].
Chang Xu received her Ph.D. degree in computer science from

Beihang University, Beijing, China, in 2013. She is currently
an associate professor at the School of Cyberspace Science
and Technology, Beijing Institute of Technology. Her research
interests include security & privacy in VANET, and big data
security. Contact her at [email protected].

Paper 5

Uploaded by

Copyright:

Available Formats

Paper 5

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Paper 5

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in a future issue of this journal, but has not been

IEEE CONSUMER ELECTRONICS MAGAZINE 1

BPAF: Blockchain-Enabled Reliable and

W ITH the proliferation of consumer Internet

IEEE CONSUMER ELECTRONICS MAGAZINE 2

IEEE CONSUMER ELECTRONICS MAGAZINE 3

1-1. Initialization Public Key List Revocation List

Fig. 1: System model.

IEEE CONSUMER ELECTRONICS MAGAZINE 4

IEEE CONSUMER ELECTRONICS MAGAZINE 5

User2 User4 User3

PK1⊕PK2⊕PK3=pka Queried pseudonym: u1, u2, u4 Fig. 3: An LRU-based Optimization Example.

IEEE CONSUMER ELECTRONICS MAGAZINE 6

A. Security Analysis B. Experimental Evaluation

1) Privacy Protection: In BPAF, privacy pro- We implement the proof-of-concept of BPAF in a

IEEE CONSUMER ELECTRONICS MAGAZINE 7

Fig. 4: Computational Costs and Optimization of BPAF.

IEEE CONSUMER ELECTRONICS MAGAZINE 8

IEEE CONSUMER ELECTRONICS MAGAZINE 9

Chang Xu received her Ph.D. degree in computer science from

You might also like