-
LNGate$^2$: Secure Bidirectional IoT Micro-payments using Bitcoin's Lightning Network and Threshold Cryptography
Authors:
Ahmet Kurt,
Kemal Akkaya,
Sabri Yilmaz,
Suat Mercan,
Omer Shlomovits,
Enes Erdin
Abstract:
Bitcoin has emerged as a revolutionary payment system with its decentralized ledger concept; however it has significant problems such as high transaction fees and low throughput. Lightning Network (LN), which was introduced much later, solves most of these problems with an innovative concept called off-chain payments. With this advancement, Bitcoin has become an attractive venue to perform micro-p…
▽ More
Bitcoin has emerged as a revolutionary payment system with its decentralized ledger concept; however it has significant problems such as high transaction fees and low throughput. Lightning Network (LN), which was introduced much later, solves most of these problems with an innovative concept called off-chain payments. With this advancement, Bitcoin has become an attractive venue to perform micro-payments which can also be adopted in many IoT applications (e.g., toll payments). Nevertheless, it is not feasible to host LN and Bitcoin on IoT devices due to the storage, memory, and processing restrictions. Therefore, in this paper, we propose a secure and efficient protocol that enables an IoT device to use LN's functions through an untrusted gateway node. Through this gateway which hosts the LN and Bitcoin nodes, the IoT device can open & close LN channels and send & receive LN payments. This delegation approach is powered by a threshold cryptography based scheme that requires the IoT device and the LN gateway to jointly perform all LN operations. Specifically, we propose thresholdizing LN's Bitcoin public and private keys as well as its public and private keys for the new channel states (i.e., commitment points). We prove with a game theoretical security analysis that the IoT device is secure against collusion attacks. We implemented the proposed protocol by changing LN's source code and thoroughly evaluated its performance using several Raspberry Pis. Our evaluation results show that the protocol; is fast, does not bring extra cost overhead, can be run on low data rate wireless networks, is scalable and has negligible energy consumption overhead. To the best of our knowledge, this is the first work that implemented threshold cryptography in LN.
△ Less
Submitted 19 July, 2023; v1 submitted 5 June, 2022;
originally announced June 2022.
-
3-of-3 Multisignature Approach for Enabling Lightning Network Micro-payments on IoT Devices
Authors:
Ahmet Kurt,
Suat Mercan,
Enes Erdin,
Kemal Akkaya
Abstract:
Bitcoin's success as a cryptocurrency enabled it to penetrate into many daily life transactions. Its problems regarding the transaction fees and long validation times are addressed through an innovative concept called the Lightning Network (LN) which works on top of Bitcoin by leveraging off-chain transactions. This made Bitcoin an attractive micro-payment solution that can also be used within cer…
▽ More
Bitcoin's success as a cryptocurrency enabled it to penetrate into many daily life transactions. Its problems regarding the transaction fees and long validation times are addressed through an innovative concept called the Lightning Network (LN) which works on top of Bitcoin by leveraging off-chain transactions. This made Bitcoin an attractive micro-payment solution that can also be used within certain IoT applications (e.g., toll payments) since it eliminates the need for traditional centralized payment systems. Nevertheless, it is not possible to run LN and Bitcoin on resource-constrained IoT devices due to their storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN's functions through a gateway LN node even if it is not trusted. The idea is to involve the IoT device only in signing operations, which is possible by replacing LN's original 2-of-2 multisignature channels with 3-of-3 multisignature channels. Once the gateway is delegated to open a channel for the IoT device in a secure manner, our protocol enforces the gateway to request the IoT device's cryptographic signature for all further operations on the channel such as sending payments or closing the channel. LN's Bitcoin transactions are revised to incorporate the 3-of-3 multisignature channels. In addition, we propose other changes to protect the IoT device's funds from getting stolen in possible revoked state broadcast attempts. We evaluated the proposed protocol using a Raspberry Pi considering a toll payment scenario. Our results show that timely payments can be sent and the computational and communication delays associated with the protocol are negligible.
△ Less
Submitted 21 September, 2021;
originally announced September 2021.
-
LNGate: Powering IoT with Next Generation Lightning Micro-payments using Threshold Cryptography
Authors:
Ahmet Kurt,
Suat Mercan,
Omer Shlomovits,
Enes Erdin,
Kemal Akkaya
Abstract:
Bitcoin has emerged as a revolutionary payment system with its decentralized ledger concept however it has significant problems such as high transaction fees and long confirmation times. Lightning Network (LN), which was introduced much later, solves most of these problems with an innovative concept called off-chain payments. With this advancement, Bitcoin has become an attractive venue to perform…
▽ More
Bitcoin has emerged as a revolutionary payment system with its decentralized ledger concept however it has significant problems such as high transaction fees and long confirmation times. Lightning Network (LN), which was introduced much later, solves most of these problems with an innovative concept called off-chain payments. With this advancement, Bitcoin has become an attractive venue to perform micro-payments which can also be adopted in many IoT applications (e.g. toll payments). Nevertheless, it is not feasible to host LN and Bitcoin on IoT devices due to the storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN through an untrusted gateway node. The gateway hosts LN and Bitcoin nodes and can open & close LN channels, send LN payments on behalf of the IoT device. This delegation approach is powered by a (2,2)-threshold scheme that requires the IoT device and the LN gateway to jointly perform all LN operations which in turn secures both parties' funds. Specifically, we propose to thresholdize LN's Bitcoin public and private keys as well as its commitment points. With these and several other protocol level changes, IoT device is protected against revoked state broadcast, collusion, and ransom attacks. We implemented the proposed protocol by changing LN's source code and thoroughly evaluated its performance using a Raspberry Pi. Our evaluation results show that computational and communication delays associated with the protocol are negligible. To the best of our knowledge, this is the first work that implemented threshold cryptography in LN.
△ Less
Submitted 27 May, 2021; v1 submitted 18 May, 2021;
originally announced May 2021.
-
An Evaluation of Cryptocurrency Payment Channel Networks and Their Privacy Implications
Authors:
Enes Erdin,
Suat Mercan,
Kemal Akkaya
Abstract:
Cryptocurrencies redefined how money can be stored and transferred among users. However, independent of the amount being sent, public blockchain-based cryptocurrencies suffer from high transaction waiting times and fees. These drawbacks hinder the wide use of cryptocurrencies by masses. To address these challenges, payment channel network concept is touted as the most viable solution to be used fo…
▽ More
Cryptocurrencies redefined how money can be stored and transferred among users. However, independent of the amount being sent, public blockchain-based cryptocurrencies suffer from high transaction waiting times and fees. These drawbacks hinder the wide use of cryptocurrencies by masses. To address these challenges, payment channel network concept is touted as the most viable solution to be used for micro-payments. The idea is exchanging the ownership of money by kee** the state of the accounts locally. The users inform the blockchain rarely, which decreases the load on the blockchain. Specifically, payment channel networks can provide transaction approvals in seconds by charging a nominal fee proportional to the payment amount. Such attraction on payment channel networks inspired many recent studies which focus on how to design them and allocate channels such that the transactions will be secure and efficient. However, as payment channel networks are emerging and reaching large number of users, privacy issues are becoming more relevant that raise concerns about exposing not only individual habits but also businesses' revenues. In this paper, we first propose a categorization of the existing payment networks formed on top of blockchain-backed cryptocurrencies. After discussing several emerging attacks on user/business privacy in these payment channel networks, we qualitatively evaluate them based on a number of privacy metrics that relate to our case. Based on the discussions on the strengths and weaknesses of the approaches, we offer possible directions for research for the future of privacy based payment channel networks.
△ Less
Submitted 4 February, 2021;
originally announced February 2021.
-
Cryptocurrency Solutions to Enable Micro-payments in Consumer IoT
Authors:
Suat Mercan,
Ahmet Kurt,
Enes Erdin,
Kemal Akkaya
Abstract:
The successful amalgamation of cryptocurrency and consumer Internet of Things (IoT) devices can pave the way for novel applications in machine-to-machine economy. However, the lack of scalability and heavy resource requirements of initial blockchain designs hinders the integration as they prioritized decentralization and security. Numerous solutions have been proposed since the emergence of Bitcoi…
▽ More
The successful amalgamation of cryptocurrency and consumer Internet of Things (IoT) devices can pave the way for novel applications in machine-to-machine economy. However, the lack of scalability and heavy resource requirements of initial blockchain designs hinders the integration as they prioritized decentralization and security. Numerous solutions have been proposed since the emergence of Bitcoin to achieve this goal. However, none of them seem to dominate and thus it is unclear how consumer devices will be adopting these approaches. Therefore, in this paper, we critically review the existing integration approaches and cryptocurrency designs that strive to enable micro-payments among consumer devices. We identify and discuss solutions under three main categories; direct integration, payment channel network and new cryptocurrency design. The first approach utilizes a full node to interact with the payment system. Offline channel payment is suggested as a second layer solution to solve the scalability issue and enable instant payment with low fee. New designs converge to semi-centralized scheme and focuson lightweight consensus protocol that does not require highcomputation power which might mean loosening the initial designchoices in favor of scalability. We evaluate the pros and cons ofeach of these approaches and then point out future researchchallenges. Our goal is to help researchers and practitioners tobetter focus their efforts to facilitate micro-payment adoptions.
△ Less
Submitted 4 February, 2021;
originally announced February 2021.
-
Enabling Micro-payments on IoT Devices using Bitcoin Lightning Network
Authors:
Ahmet Kurt,
Suat Mercan,
Enes Erdin,
Kemal Akkaya
Abstract:
Lightning Network (LN) addresses the scalability problem of Bitcoin by leveraging off-chain transactions. Nevertheless, it is not possible to run LN on resource-constrained IoT devices due to its storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN's functions through a gateway LN node. The idea is…
▽ More
Lightning Network (LN) addresses the scalability problem of Bitcoin by leveraging off-chain transactions. Nevertheless, it is not possible to run LN on resource-constrained IoT devices due to its storage, memory, and processing requirements. Therefore, in this paper, we propose an efficient and secure protocol that enables an IoT device to use LN's functions through a gateway LN node. The idea is to involve the IoT device in LN operations with its digital signature by replacing original 2-of-2 multisignature channels with 3-of-3 multisignature channels. Our protocol enforces the LN gateway to request the IoT device's cryptographic signature for all operations on the channel. We evaluated the proposed protocol by implementing it on a Raspberry Pi for a toll payment scenario and demonstrated its feasibility and security.
△ Less
Submitted 12 March, 2021; v1 submitted 18 December, 2020;
originally announced December 2020.
-
Security, Privacy and Ethical Concerns of IoT Implementations in Hospitality Domain
Authors:
Suat Mercan,
Kemal Akkaya,
Lisa Cain,
John Thomas
Abstract:
The Internet of Things (IoT) has been on the rise in the last decade as it finds applications in various domains. Hospitality is one of the pioneer sectors that has adopted this technology to create novel services such as smart hotel rooms, personalized services etc. Hotels, restaurants, theme parks, and cruise ships are some specific application areas to improve customer satisfaction by creating…
▽ More
The Internet of Things (IoT) has been on the rise in the last decade as it finds applications in various domains. Hospitality is one of the pioneer sectors that has adopted this technology to create novel services such as smart hotel rooms, personalized services etc. Hotels, restaurants, theme parks, and cruise ships are some specific application areas to improve customer satisfaction by creating an intense interactive environment and data collection with the use of appropriate sensors and actuators. However, applying IoT solutions in the hospitality environment has some unique challenges such as easy physical access to devices. In addition, due to the very nature of these domains, the customers are at the epicenter of these IoT technologies that result in a massive amount of data collection from them. Such data and its management along with business purposes also raises new concerns regarding privacy and ethical considerations. Therefore, this paper surveys and analyzes security, privacy and ethical issues regarding the utilization of IoT devices by focusing on the hospitality industry specifically. We explore some exemplary uses, cases, potential problems and solutions in order to contribute to better understanding and guiding the business operators in this sector.
△ Less
Submitted 21 September, 2020;
originally announced September 2020.
-
A Cost-efficient IoT Forensics Framework with Blockchain
Authors:
Suat Mercan,
Mumin Cebe,
Ege Tekiner,
Kemal Akkaya,
Melissa Chang,
Selcuk Uluagac
Abstract:
IoT devices have been adopted widely in the last decade which enabled collection of various data from different environments. The collected data is crucial in certain applications where IoT devices generate data for critical infrastructure or systems whose failure may result in catastrophic results. Specifically, for such critical applications, data storage poses challenges since the data may be c…
▽ More
IoT devices have been adopted widely in the last decade which enabled collection of various data from different environments. The collected data is crucial in certain applications where IoT devices generate data for critical infrastructure or systems whose failure may result in catastrophic results. Specifically, for such critical applications, data storage poses challenges since the data may be compromised during the storage and the integrity might be violated without being noticed. In such cases, integrity and data provenance are required in order to be able to detect the source of any incident and prove it in legal cases if there is a dispute with the involved parties. To address these issues, blockchain provides excellent opportunities since it can protect the integrity of the data thanks to its distributed structure. However, it comes with certain costs as storing huge amount of data in a public blockchain will come with significant transaction fees. In this paper, we propose a highly cost effective and reliable digital forensics framework by exploiting multiple inexpensive blockchain networks as a temporary storage before the data is committed to Ethereum. To reduce Ethereum costs,we utilize Merkle trees which hierarchically stores hashes of the collected event data from IoT devices. We evaluated the approach on popular blockchains such as EOS, Stellar, and Ethereum by presenting a cost and security analysis. The results indicate that we can achieve significant cost savings without compromising the integrity of the data.
△ Less
Submitted 30 April, 2020;
originally announced April 2020.
-
Improving Transaction Success Rate via Smart Gateway Selection in Cryptocurrency Payment Channel Networks
Authors:
Suat Mercan,
Enes Erdin,
Kemal Akkaya
Abstract:
The last decade has experienced a vast interest in Blockchain-based cryptocurrencies with a specific focus on the applications of this technology. However, slow confirmation times of transactions and unforeseeable high fees hamper their wide adoption for micro-payments. The idea of establishing payment channel networks is one of the many proposed solutions to address this scalability issue where n…
▽ More
The last decade has experienced a vast interest in Blockchain-based cryptocurrencies with a specific focus on the applications of this technology. However, slow confirmation times of transactions and unforeseeable high fees hamper their wide adoption for micro-payments. The idea of establishing payment channel networks is one of the many proposed solutions to address this scalability issue where nodes, by utilizing smart contracting, establish payment channels between each other and perform off-chain transactions. However, due to the way these channels are created, both sides have a certain one-way capacity for making transactions. Consequently, if one sides exceeds this one-way capacity, the channel becomes useless in that particular direction, which causes failures of payments and eventually creates an imbalance in the overall network. To keep the payment channel network sustainable, in this paper, we aim to increase the overall success rate of payments by effectively exploiting the fact that end-users are usually connected to the network at multiple points (i.e., gateways) any of which can be used to initiate the payment. We propose an efficient method for selection of the gateway for a user by considering the gateway's inbound and outbound payment traffic ratio. We then augment this proposed method with split payment capability to further increase success rate especially for large transactions. The evaluation of the proposed method shows that compared to greedy and maxflow-based approaches, we can achieve much higher success rates, which are further improved with split payments.
△ Less
Submitted 21 March, 2020;
originally announced March 2020.
-
Improving Sustainability of Cryptocurrency Payment Networks for IoT Applications
Authors:
Suat Mercan,
Enes Erdin,
Kemal Akkaya
Abstract:
Blockchain-based cryptocurrencies received a lot of attention recently for their applications in many domains. IoT domain is one of such applications, which can utilize cryptocur-rencies for micro payments without compromising their payment privacy. However, long confirmation times of transactions and relatively high fees hinder the adoption of cryptoccurency based micro-payments. The payment chan…
▽ More
Blockchain-based cryptocurrencies received a lot of attention recently for their applications in many domains. IoT domain is one of such applications, which can utilize cryptocur-rencies for micro payments without compromising their payment privacy. However, long confirmation times of transactions and relatively high fees hinder the adoption of cryptoccurency based micro-payments. The payment channel networks is one of the proposed solutions to address these issue where nodes establish payment channels among themselves without writing on blockchain. IoT devices can benefit from such payment networks as long as they are capable of sustaining their overhead. Payment channel networks pose unique characteristics as far as the routing problem is concerned. Specifically, they should stay balanced to have a sustainable network for maintaining payments for longer times, which is crucial for IoT devices once they are deployed.In this paper, we present a payment channel network design that aims to keep the channels balanced by using a common weight policy across the network. We additionally propose using multi-point connections to nodes for each IoT device for unbalanced payment scenarios. The experiment results show that we can keep the channels in the network more equally balanced compared to the minimal fee approach. In addition, multiple connections from IoT devices to nodes increase the success ratio significantly.
△ Less
Submitted 29 February, 2020;
originally announced March 2020.
-
Assuring the Integrity of Videos from Wireless-based IoT Devices using Blockchain
Authors:
Dominik Danko,
Suat Mercan,
Mumin Cebe Kemal Akkaya
Abstract:
Blockchain technology has drawn attention fromvarious communities. The underlying consensus mechanism inBlockchain enables a myriad of applications for the integrityassurance of stored data. In this paper, we utilize Blockchaintechnology to verify the authenticity of a video captured by astreaming IoT device for forensic investigation purposes. Theproposed approach computes the hash of video frame…
▽ More
Blockchain technology has drawn attention fromvarious communities. The underlying consensus mechanism inBlockchain enables a myriad of applications for the integrityassurance of stored data. In this paper, we utilize Blockchaintechnology to verify the authenticity of a video captured by astreaming IoT device for forensic investigation purposes. Theproposed approach computes the hash of video frames beforethey leave the IoT device and are transferred to a remote basestation. To guarantee the transmission, we ensure that this hashis sent through a TCP-based connection. The hash is then storedon multiple nodes on a permissioned blockchain platform. Incase the video is modified, the discrepancy will be detected byinvestigating the previously stored hash on the blockchain andcomparing it with the hash of the existing frame in question.In this work, we present the prototype as proof-of-concept withexperiment results. The system has been tested on a RaspberryPi with different quality of videos to evaluate performance. Theresults show that the concept can be implemented with moderatevideo resolutions.
△ Less
Submitted 28 February, 2020;
originally announced March 2020.