Internet of things (IoT) is, simply speaking, a gigantic network of billions of devices across the world that are constantly collecting and sharing data, and are connected to each other via the internet. Anything that executes a function distantly without any human-to-human or device-to-device interaction comes under the ambit of IoT. As the name suggests, the term isn’t generally used for devices for whom internet connection would be but natural. For instance, smartphones and laptops are not as such considered IoTs. It is everyday objects or “things” for which an internet connection would’ve been somewhat “unnatural” a decade ago that are now called IoT devices. IoT devices are now found everywhere. They can be as basic as smart watches (we’re looking at you, Apple.inc), smart coffee makers that make coffee without external prompts every morning, or smart lights that dim or brighten at a click on our phone screens to large devices such as self-driving trucks and self-driving cars.
The idea of IoT was first introduced and discussed in the 1980s and 1990s. The only example available then was Internet-powered vending machines. The reason IoT was not immediately extended to more daily objects were a number of technological barriers. Programming chips were way bulkier and heavier, and IP addresses not so readily available. Chips made relatively smaller had a problem with connecting to other devices and receiving and sending signals. As the availability of broadband and cellular and wireless network increased with time and advancement of technology, though, prospects seemed brighter and finally, with the integration of RFID tags into the system, which are low-power chips that can communicate wirelessly, the bulky chips could be eliminated to a large extent. Further, the adoption of IPv6 transformed the game massively. Internet Protocol or IP provides identification and location systems to devices that use the internet and route internet traffic. IPv6 is the sixth version of IP and has the ability to give IP addresses to not just an n number of devices in the world but the whole galaxy if the need arose! It has an infinite capacity virtually and has made it possible for IoT to be brought to scale.
However, with greater accessibility also comes greater risk.
Since every one of these ‘things’ connected to the internet has an IP address and is functioning as a separate internet-powered device, hacking is also a reality. These devices have information of the user, and if this information is shared without discretion, it can lead to major security breaches. Another thing these breaches vastly impact is a cryptocurrency and virtual wallets. With the world getting large paced and capitalized, cryptocurrency or decentralized virtual currency on the internet is becoming more and more popular. But if IoT botnets gain control of points of sale, it can result in unholy fluctuations in these currencies.
An IoT botnet is a group of hacked computers, smart appliances, and internet-enabled devices that have been co-opted for illicit purposes. Since IoT has massively increased the number of devices that can obtain IP addresses and have independent chips, on hacking, it becomes very easy to create multiple wallets and do illegal mining of gigantic amounts of currency. The value of currency comes from the extent of its use, and by manipulating usage in such a way, that is, when a currency is mined to such an unnatural extent, its value rises quickly. It can also then plummet just as rapidly and cause major losses. Such fraud can create substantial instability in the otherwise stable cryptocurrency market.
Securing IoT is thus extremely important. However, it is easier said than done.
With the sheer number of devices growing exponentially and each of them of a different kind, different sizes, identifying these devices, and validating them is a herculean task.
If a central infrastructure is imagined, it will be difficult to scale for the reasons stated above. It will be difficult and expensive to scale and manage and maintain.
Also, with a centralized network, with data and control being on one system, manipulation is simpler, and points of sale might not remain constant. A DDoS attack is more likely. An advanced DLT was thus of crucial need.
Blockchain is currently the largest, most secure distributive ledger technology (DLT) available in the world of technology. A DLT can be looked at as a huge, computer-based record keeper/book which has its entire data copied over every single device in use. What this implies is that every bit of data stored on a blockchain is universally available to its users without discretion and is not centralized, a quality that increases transparency exponentially.
A very welcome feature blockchain brings with itself to DLT technology is unprecedented security. There are multiple reasons behind it. Scams are difficult on blockchain because a hash (or the public key) is derived by performing labyrinthine and irreversible mathematical operations on the private key. These operations are nearly impossible to decode. In addition to this, every block on the chain is unanimously approved, and for further security, rigorously time stamped, the details of which cannot be manipulated. Even if they were, it would be herculean to make the same changes on each system with blockchain installed. Also, the ‘chain’ means that manipulation of one time-stamped block needs to be followed by a manipulation of every previous block. Hence it is quite secure. How to use blockchain with IoT?
Blockchain and IoT
The proposed solution to this problem is installing traceable and blockchain compatible chips in these devices. These chips and very small in size and make it very easy to spread the ledger technology overall devices in use. This can lead to the quick tracing of these devices whilst maintaining a record of every transaction that happens. The threat of device spoofing and hacking can be reduced, and hence cyber threats can be avoided.
How it works is, every node is registered on the chain and has a unique ID that will be used in place of the URL. Every time an IoT device needs to make a transaction, a request will be sent to the local blockchain ID. The request will have to be digitally approved with a signature. Validation will occur using the public key of the sender. In this way, without a centralized authority, authentication can take place, and the multiplication of risk is also avoided. This can be applicable to a wide range of IoT technology. Some industries rely on IoT to a large extent. Smart grid, intelligent transportation systems, video surveillance, e-health, banking logistics, insurance, contractual law. There are a number of such industries that are crucial to society, and IoT is crucial to their survival. Hence blockchain integration can be revolutionary.
Once every ‘thing’ has a chip and has a traceable, maintainable, and unchangeable (immutable) identity, it leads to manifold accountability. The changes IoT will see with this will change the way we look at these devices.
- Device spoofing and botnet attacks will be difficult as devices would be tougher to hack.
- The devices connected to our internet and storing and sharing our data can be supervised by us. We can tell them what they need to do or oversee what they are doing.
- It is enabling these devices to share data with companies for services rendered or products sold. For example, your washing machine buying detergent automatically when it’s out of it. If this happens using native blockchain currency, the process will be much faster.
- Devices can be updated with greater security; every time control is relented, it can still be monitored.
- Data will be shared only with people we trust.
Challenges with Blockchain
Since blockchain works on a carefully devised system of adding blocks or bits of information with approval. This leads to a large latency. If raw data needs to be stored, the time lag is too large for blockchain to be a viable solution. On the other hand, if a third party broker is introduced, it hampers with the inherent decentralization and immutability of the blockchain, which is made to function without intermittent and centralized nodes.
Thus a tradeoff needs to be made between real-time efficiency and security, such that both happen together.
Another challenge is that the basic factor which makes blockchain so effective is the high level of encryption. That fact that a private key cannot be obtained from the public key depends on the fact that the mathematical operations are too complex and irreversible. However, with the development of quantum computers, this might be threatened. Quantum computers have infinite states between 1 and 0 compared to just the two states in regular computers. What this leads to is an unprecedented increase in the efficiency of these computers and their ability to perform operations. Right now, quantum computers and not very accessible, and there are scalability issues to take care of. But if this technology becomes more easily available, DLT technology will have to evolve to continue being safe and secure.