Recently, technologies such as artificial intelligence, big data, cloud computing, the Internet of Things (IoT), and network performance have improved with the advent of the hyper-connected era. Due to advances in these technologies, resources are increasingly virtualized for sharing. Networks are virtualized to share network resources or build a cloud environment. Although the number of applications using networks is increasing, network security remains inadequate. The IoT is a technology used to connect and control sensors through networks. This technology is used not only in industries but also in homes. When the IoT is used at home to connect and control home devices, such as consumer devices, security systems, and home appliances, it is known as a smart home system. However, individual devices connected to home systems can create security problems. The IoT is controlled through a network, and connected devices with weak security may suffer various types of damage by hackers. Vulnerabilities such as simple patterns of encryption, non-periodic password changes, old platforms, a lack of encryption algorithms, and a lack of security in network connections can be revealed. Using these vulnerabilities, personal information can be stolen to cause financial damage, and secondary damage such as the invasion of user privacy can also be caused through identifying life patterns. Today, the seriousness of the privacy invasion problem is increasing due to the increased number of single-person households. Furthermore, the vulnerability of the IoT is also steadily growing [1
]. To address this problem, symmetric key algorithms such as the Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), and Lightweight Encryption Algorithm (LEA) with a block encryption structure have been applied to increase security [3
]. However, these approaches make it easy to obtain cracked data [5
]. In addition, security should be enhanced due to problems such as new malicious codes and denial of service [6
]. Recently, the security of blockchains has been emphasized [7
]. Much research has been conducted to improve security, but most studies have focused on improving security suitable for one-to-one communication. Blockchains have the advantage of being capable of enhancing security through verification between nodes, which makes forgery difficult. Consequently, research using blockchain techniques to develop robust security algorithms is actively underway [9
In this study, the security of the IoT environment was improved using a blockchain-based algorithm. The algorithm was implemented by imitating the Directed Acyclic Graph (DAG) algorithm.
When a client connected to a particular sensor sends data, the encrypted data are randomly transmitted to other clients. The clients who receive the data decrypt and re-encrypt it before retransmitting the encrypted data to other clients and, finally, to the server. The server that receives the data decrypts and aggregates these data, and adopts the data that were verified the most. Encryption was performed using the AES algorithm, and the cipher key was set to be changed periodically. Consequently, using this method, problematic clients can be identified, and the inference of the cipher key is impossible, even when the data are exposed. The performances of the conventional AES-CBC algorithm and the proposed new AES-CBC algorithm were compared, and the overhead of the proposed algorithm was evaluated.
The remainder of this paper is organized as follows. In Section 2
, related works are discussed, and in Section 3
, the background technology of the DAG-based blockchain structure and AES-CBC algorithm is explained. In Section 4
, the proposed Simplified DAG-based Blockchain Structure is described, and in Section 5
, the proposed new AES-CBC encryption algorithm is described. In Section 6
, system configuration and hardware equipment are described, and in Section 7
, experiments of encryption and decryptions, verification of encryption, and analysis of the proposed AES-CBC algorithm are described. Section 8
compares the conventional AES-CBC encryption algorithm with the proposed new AES-CBC encryption algorithm, and Section 9
presents the conclusion of the paper.
2. Related Work
Various studies have been conducted to build a system suitable for the IoT. For the current work, related studies were reviewed to address technical issues, such as security, reliability, and scalability.
Biswas et al. proposed a PoBT algorithm that enables block security at the stage of transaction verification and block generation. PoBT is a lightweight consensus algorithm that integrates peers according to the number of nodes participating in the session. The computational time required for peers is reduced, and the IoT transaction speed is enhanced by limiting resources. In addition, the memory required for IoT nodes is reduced using a distributed peer system [16
Mohanty et al. developed an ELIB algorithm using a lightweight consensus algorithm, Certificateless (CC), and distributed throughput management (DTM), so that it can be applied to the IoT. To reduce the resources consumed, the number of blocks was limited, and the throughput of the consensus algorithm of the blockchain was also limited. As a result, the time and energy required to process the blocks were reduced [17
Huang et al. proposed a credit-based proof of work (PoW). Power was limited through PoW to fit IoT devices, and a blockchain infrastructure with a DAG structure was built. Functionally, the nodes were divided into two categories: light and full nodes. Light nodes are IoT devices that are connected to the full nodes to interact, and the collected sensor data are subject to data authority management with AES block encryption. The full nodes have two roles, as an administrator and a gateway, and a secure blockchain system was implemented using AES block ciphers [18