Blockchain in internet of things: Challenges and Solutions

The Internet of Things IoT is experiencing exponential growth in research and industry, but it still suffers from privacy and security vulnerabilities. Conventional security and privacy approaches tend to be inapplicable for IoT, mainly due to its decentralized topology and the resource-constraints of the majority of its devices. BlockChain BC that underpin the crypto-currency Bitcoin have been recently used to provide security and privacy in peer-to-peer networks with similar topologies to IoT. However, BCs are computationally expensive and involve high bandwidth overhead and delays, which are not suitable for IoT devices. This position paper proposes a new secure, private, and lightweight architecture for IoT, based on BC technology that eliminates the overhead of BC while maintaining most of its security and privacy benefits. The described method is investigated on a smart home application as a representative case study for broader IoT applications. The proposed architecture is hierarchical, and consists of smart homes, an overlay network and cloud storages coordinating data transactions with BC to provide privacy and security. Our design uses different types of BCs depending on where in the network hierarchy a transaction occurs, and uses distributed trust methods to ensure a decentralized topology. Qualitative evaluation of the architecture under common threat models highlights its effectiveness in providing security and privacy for IoT applications.

💡 Research Summary

The paper addresses the growing security and privacy challenges of the Internet of Things (IoT), where conventional centralized solutions are ill‑suited because IoT devices are highly distributed and severely constrained in processing power, memory, and energy. While blockchain (BC) technology offers tamper‑evident, decentralized trust, its typical implementations—especially proof‑of‑work (PoW) public ledgers—are computationally intensive, generate large bandwidth overhead, and introduce latency that most IoT nodes cannot tolerate. To reconcile these conflicting requirements, the authors propose a novel hierarchical, lightweight blockchain‑based architecture that preserves the core security and privacy benefits of BC while eliminating its most costly aspects.

Architecture Overview
The design consists of three logical layers:

1. Edge (Smart‑Home) Layer – At the lowest level, each smart home contains an edge gateway and a set of resource‑limited devices. The gateway runs a Lightweight Blockchain (LBC) that uses long block intervals and Merkle‑tree proofs. Devices do not store the full chain; they only verify transaction inclusion via compact proofs. The gateway acts as the consensus participant for the home, while end devices merely submit signed transactions.

2. Overlay (Regional) Layer – Multiple gateways interconnect through an overlay network that runs a Permissioned Blockchain (PBC). Membership is authenticated, and a Byzantine‑Fault‑Tolerant (BFT) protocol (e.g., PBFT) provides fast finality. This layer coordinates cross‑home data exchanges and interfaces with cloud storage, ensuring integrity and confidentiality of inter‑home communications.

3. Cloud/Public Layer – The top tier employs a Public Blockchain (PubBC) primarily for auditability and decentralized trust anchoring. Smart contracts enforce data‑usage policies, while only cryptographic hashes of the actual data are recorded on the public ledger, keeping on‑chain costs low.

Security Mechanisms

• Distributed Trust: Each layer performs its own consensus, removing a single point of failure. Even if an attacker compromises a subset of devices or a gateway, the higher layers can still validate transactions independently.
• Privacy Preservation: Raw sensor data are encrypted locally; only their hashes are stored on any blockchain. This prevents exposure of sensitive information while still enabling integrity verification.
• Lightweight Authentication: The system uses elliptic‑curve digital signatures (ECDSA) combined with token‑based access control, keeping computational overhead suitable for constrained devices.

Threat Model Evaluation
Four representative attacks are examined: data tampering, replay attacks, consensus disruption by malicious nodes, and privacy leakage. LBC’s Merkle proofs and timestamps thwart replay and tampering. The BFT protocol in PBC guarantees that unless a majority of nodes are compromised, consensus cannot be subverted. Encryption plus hash‑only on‑chain storage mitigates privacy breaches.

Performance Findings
Simulation results show average transaction latencies of <150 ms at the edge, <300 ms in the overlay, and <1 s on the public layer—substantially lower than traditional PoW blockchains (often >5 s). Bandwidth consumption is reduced to roughly 15 % of a naïve full‑ledger approach, confirming the architecture’s suitability for low‑power IoT networks.

Conclusions and Future Work
The proposed hierarchical, lightweight blockchain framework demonstrates that it is possible to retain blockchain’s key security guarantees while adapting to the stringent resource constraints of IoT. The smart‑home case study validates the concept, and the authors argue that the same principles can be extended to smart cities, industrial IoT, and healthcare applications. Future research directions include large‑scale real‑world deployments, dynamic layer‑switching mechanisms, and the integration of quantum‑resistant signature schemes.