A Decentralized Trust Establishment Protocol for Smart IoT Systems

The Internet of Things (IoT) is a widely deployed technology to provide innovative services in many several fields such as industry, logistics, healthcare, and energy management. The integration of artificial intelligence, machine learning, edge/cloud computing, 5G networks, big data analytics, and other emerging technologies in IoT systems is leading to the emergence of Smart Systems that support devices to make autonomous decisions in order to improve and facilitate people's lives. These smart IoT devices produce a huge amount of sensitive data. Thus, establishing Trust between these devices is vital to ensure the security of the sensed data and for the normal functionality of smart systems. To address these challenges, several Trust establishment protocols have been proposed, but they have some limitations such as centralization, the need for human intervention, and the lack of adaptability to smart devices with computation and storage constraints. In this paper, a decentralized trust establishment protocol is proposed for smart IoT devices and is applicable for different scenarios. The protocol provides decentralized identity management, mutual authentication, access control, and secure communication by combining Blockchain technology with PV-SAS-MCA message cross-authentication protocol based on Short Authenticated Strings (SAS). To the best of our knowledge, this research is the first to propose a new approach that uses Blockchain as an extra distributed and authenticated channel to exchange Short Authenticated Strings without physical interaction. This helps to allow entities in the Smart IoT environment not only to identify each other but also to exchange their public keys in a secure manner. Moreover, the proposed protocol uses Elliptic Curve Cryptography (ECC) to secure communications with significantly smaller key sizes and lower computation overhead. Experimental results reveal that the time required to complete the authentication process is less than 90 ms which is a superior performance when compared to state-of-the-art decentralized authentication mechanisms.