IoTPatchPool: Incentivized delivery network of IoT software updates based on proofs-of-distribution

Oded Leiba, Ron Bitton, Yechiav Yitzchak, Asaf Nadler, Davidoz Kashi, Asaf Shabtai

Research output: Contribution to journalArticlepeer-review

12 Scopus citations

Abstract

In this paper we introduce IoTPatchPool — a novel scheme that enables an incentivized distributed delivery network of IoT software updates. We use a decentralized storage network for reducing the load on the vendor when distributing patches toward IoT devices, and eliminating central points of failure. Unlike existing peer-to-peer file sharing networks which have a fundamental availability problem for unpopular files, our protocol utilizes blockchain-based smart contracts to incentivize independent peers, termed distributors, by means of cryptocurrency payments. A vendor of IoT devices deploys a smart contract with a deposit, which acts as a publicly verifiable binding bid for delivery of patches to a specific set of IoT endpoints. Distributors will compete for delivering the updates to the desired IoT devices and present proofs-of-distribution in exchange for cryptocurrency payments. We address the fair exchange problem between distributors and the consuming IoT devices by utilizing a variation of the Zero-Knowledge Contingent Payments (ZKCP) protocol, ensuring that the process is trustless. This can encourage the participation of a large number of distributors, and thus facilitate a rapid scale-out of the system. Finally, we present and evaluate a prototype implementation combining the BitTorrent network with the cryptocurrency Ethereum.

Original languageEnglish
Article number101019
JournalPervasive and Mobile Computing
Volume58
DOIs
StatePublished - 1 Aug 2019

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'IoTPatchPool: Incentivized delivery network of IoT software updates based on proofs-of-distribution'. Together they form a unique fingerprint.

Cite this