TY - JOUR
T1 - IoTPatchPool
T2 - Incentivized delivery network of IoT software updates based on proofs-of-distribution
AU - Leiba, Oded
AU - Bitton, Ron
AU - Yitzchak, Yechiav
AU - Nadler, Asaf
AU - Kashi, Davidoz
AU - Shabtai, Asaf
N1 - Publisher Copyright:
© 2019 Elsevier B.V.
PY - 2019/8/1
Y1 - 2019/8/1
N2 - In this paper we introduce IoTPatchPool — a novel scheme that enables an incentivized distributed delivery network of IoT software updates. We use a decentralized storage network for reducing the load on the vendor when distributing patches toward IoT devices, and eliminating central points of failure. Unlike existing peer-to-peer file sharing networks which have a fundamental availability problem for unpopular files, our protocol utilizes blockchain-based smart contracts to incentivize independent peers, termed distributors, by means of cryptocurrency payments. A vendor of IoT devices deploys a smart contract with a deposit, which acts as a publicly verifiable binding bid for delivery of patches to a specific set of IoT endpoints. Distributors will compete for delivering the updates to the desired IoT devices and present proofs-of-distribution in exchange for cryptocurrency payments. We address the fair exchange problem between distributors and the consuming IoT devices by utilizing a variation of the Zero-Knowledge Contingent Payments (ZKCP) protocol, ensuring that the process is trustless. This can encourage the participation of a large number of distributors, and thus facilitate a rapid scale-out of the system. Finally, we present and evaluate a prototype implementation combining the BitTorrent network with the cryptocurrency Ethereum.
AB - In this paper we introduce IoTPatchPool — a novel scheme that enables an incentivized distributed delivery network of IoT software updates. We use a decentralized storage network for reducing the load on the vendor when distributing patches toward IoT devices, and eliminating central points of failure. Unlike existing peer-to-peer file sharing networks which have a fundamental availability problem for unpopular files, our protocol utilizes blockchain-based smart contracts to incentivize independent peers, termed distributors, by means of cryptocurrency payments. A vendor of IoT devices deploys a smart contract with a deposit, which acts as a publicly verifiable binding bid for delivery of patches to a specific set of IoT endpoints. Distributors will compete for delivering the updates to the desired IoT devices and present proofs-of-distribution in exchange for cryptocurrency payments. We address the fair exchange problem between distributors and the consuming IoT devices by utilizing a variation of the Zero-Knowledge Contingent Payments (ZKCP) protocol, ensuring that the process is trustless. This can encourage the participation of a large number of distributors, and thus facilitate a rapid scale-out of the system. Finally, we present and evaluate a prototype implementation combining the BitTorrent network with the cryptocurrency Ethereum.
UR - http://www.scopus.com/inward/record.url?scp=85066926531&partnerID=8YFLogxK
U2 - 10.1016/j.pmcj.2019.04.010
DO - 10.1016/j.pmcj.2019.04.010
M3 - Article
AN - SCOPUS:85066926531
SN - 1574-1192
VL - 58
JO - Pervasive and Mobile Computing
JF - Pervasive and Mobile Computing
M1 - 101019
ER -