IDoT Tele Con 2015-02-20 "Blockchain special"
Kantara Initiative IDoT DG conference call 2015-02-20 16:00 CET
minute taker: Keith Uber (Thank you!!)
- Ingo Friese, Deutsche Telekom (Convenor)
- Matteo Signorini, Excalibur
- Lancen Lachance, GlobalSign
- Keith Uber, GlobalSign
- Ivan Klimek, Excalibur
- Scott Shorter, ElectroSoft
- Jeff Stollman
- Frank Mildner, Deutsche Telekom
- Sal D'Agostino - IDMachines
Blockchain special
Matteo: We prepared some slides - depends how deep you want to go
Ingo: Happy to have Matteo and Ivan on the line who have been investigating blockchains from the aspect of trust for IoT.
Brief introduction to the topic
The slides will review varying approaches.
The easiest way to see the blockchain technology is as a trusted history.
Each transaction is linked to another transaction with the peers. For each transaction you have input and output.
Each transaction is signed. Each will have a hash that can be used to link and follow the history.
This was the first design, now we have more advanced technology that we will look at in a few minutes.
Q; If we believe that blockchain is a trusted piece, how can we resolve issues about identifying the right “Thing”?
- A: We have the history and some transactions - not necessarily money.
- It could be for exam unloading and loading a truck.
- It would be possible to examine the history for a given truck and its unload and load history.
I can define and retrieve also from the blockchain what is the current state of the truck.
I can see that there is an empty truck,
The technology that was designed after the blockchain is named etherium.
Architecture, data model:
- an object
- the state of the object (loaded, unloaded)
- transaction (load, move, change owner)
We can see the material transactions as a meta coin, however, scalability is a challenge.
If there is one device in my room, i have to access the global blockchain.
A light bulb could not handle the entire blockchain
Hyper cubes, multi-layer graphs and distributed databases where all the peers nodes interact with the blockchain.
Even if we hade the distributed blockchain, everyone could see the transactions of other parties.
This is unsuitable for B2B operations. there must a way to use a blockchains in such a way that “adept” is an IBM project to handle this.
They define different blockchains
- a global network that cooperates with lower networks
Problems:
- Even though the solution is close to what we designed, we still have a strong cooperation - there is no privacy.
- IoT devices don’t use the blockchain for the data
- They use it to determine which peers can continue with which peers
Our solution can be used to identify the devices and examine their purposes also when we look for a device, we can’t say to look for a device, but we could look for a device and examine which features the device has.
eg. if i need to load something, i need to be able to search for a certain type of truck. one that can solve the problem. the blockchain can be used to discover and verify the device and also establish communication.
***********************
Hashing is used to keep a history, but this presents a challenge because it is possible to encrypt what data is contained in the transaction.
Each transaction is signed to keep track of the owner.
All of the transactions are connected in a block. The block is hashed as well.
The hash makes it possible to go through the history.
The miner and the fee issues is something that is related only to BitCoin, because it is related to a group of work. To make it impossible to create a fake blockchain and create the same coin twice. It requires computation to prevent this possibility.
For IoT issues, we can design rules based on what we want to achieve.
Q: The issue of working may be relevant for IoT, if there are persons who try to counterfeit the service, impersonate a device.
- A: It depends on the technology that is used.
IBM uses the history after an initial registration (physical registration for example). This prevents unauthorized use.
The blockchain gives you trusted history and information about how valid the transaction may be. Relies on the ephemeral storage system
Concrete Example:
A sensor is transmitting a temperature value from time to time.
Q: Do we hash it or encrypt it? How do we check it is the real device and the value is genuine?
- A: IBM defined 2 types
- low power computing device: lightweight peer and
- high power: powerful peer
- A: Lightweight peer can offload work to a trusted high power peer to do the work, for example after a pairing operation.
if you want to encrypt data, if you don’t want to expose the transactions to the outside
- a) encrypt the content, and the message but use the other peers in other networks to work on the transactions
- b) limit the way in which the blockchain is reached. For bitcoin you must connect to an IP that is already connected and download the blockchain and being work.
You can protect blockchains by protecting access to the network.
Attributes in Blockchains:
The next quality was that you can put attributes in these blockchains.
This is taking something that is already done and it is complicated. the technology to have whatever metadata you want is here today.
IBM is using this in their ADEPT approach.
You can design peers that keep track of transactions but also have power to do work on this data.
Q. can you name a simple example?
- A: It’s like bitcoin, but you could have a state within the message
- Y ou have input which has state, the output has a state and the message contains the operations that were performed.
- You could see you had transactions with a given device before and build trust based on history.
- You could design a blockchain that has to record each assembly instruction. For each step you would
Trust model:
What IBM designed was that the trust was formed at the beginning at making of the devices
We propose that you could analyze.
- Bootstrap - a pin or password
- Pair two devices or nodes
These two devices can keep in touch over time and keep their trust
if you loose the connection, you could define that it needs to be re-paired
Q: Is that based on the complexity or size of the blockchain? What’s driving the requirement that the trust needs to be re-paired?
- A: If you can’t handle a private key, you need another way
- If a device wants to authenticate itself and connect another device.
- This can be done by performing a hash on some history to prove that you can see the same data that the other device can.
- Based on that, both devices that “proof of storage”.
Q: Can blockchain be used to drive transactions?
- A: You could define a protocol based on transactions, so that a device listens to signed requests before initiating their own transaction
Q: How do you protect the connections to the blockchain?
- You could have a special peer that controls access to the peer
- This is just an option, there could also be other crypto schemes for this
We are looking at having multi-layer blockchain,so to gain access to a lower level chain, you would need the parent signed.
Q: Are there any examples of this for IOT in practice?
- A: In the etherium example,
Q: How do you treat hierarchy in the chain? What is a node and what is a gateway?
- A: It is something that you design.
- I can design a main blockchain that is run by the main part of the company, and a separate blockchain for each department.
- You can maintain a hierarchy by design
Q: How do you differentiate between a device which may be autonomous, or a device which has an owner?
- A: The device has an owner of the device.
- When a mobile phone is sold at retail, it could be notified to a blockchain to inform that the owner has chained.
- There could a different blockchain for ownership.
Q: Do you have a paper about this?
- A: Yes, we are working on a paper.
Q: Sal: this is distinct from the zero knowledge proof work in the past?
- A: Matteo: This is not connected to this work at this stage.
- We may look at it. Zero knowledge proof and blockchain has been looked at by IBM.
- Ingo: Looking forward to whitepaper with specific examples
Q: Sal: do you see the scale of the IoT to be a challenge? Big chains might be a challenge.
- A: Matteo: sure it is, that’s why we propose a distribute approach, to set limits on the size of the blockchain, for example 100 devices.
- E.g. if you have a big company with small devices that can’t handle large blockchains, you could establish mutual.
The protocol is irrelevant. You could rely on other nodes. It depends on the storage capabilities of a device. Is there enough memory to store? There is no standardization for the protocol level. The most productional example is bitcoin example.
References:
- https://forum.ethereum.org/discussion/1634/tutorial-1-your-first-contract
- http://public.dhe.ibm.com/common/ssi/ecm/gb/en/gbe03620usen/GBE03620USEN.PDF