1

Blockchain Technologies for the Internet of Things:

Research Issues and Challenges
Mohamed Amine Ferrag, Makhlouf Derdour, Mithun Mukherjee, Member, IEEE, Abdelouahid Derhab,
Leandros Maglaras, Senior Member, IEEE, Helge Janicke

Abstract—This paper presents a comprehensive survey of

Block 65 Block 64 Block 63
the existing blockchain protocols for the Internet of Things
(IoT) networks. We start by describing the blockchains and
arXiv:1806.09099v1 [cs.CR] 24 Jun 2018

Proof of Work (65) Proof of Work (64) Proof of Work (63)

summarizing the existing surveys that deal with blockchain
technologies. Then, we provide an overview of the application
domains of blockchain technologies in IoT, e.g, Internet of Hash Previous (65) Hash Previous (64) Hash Previous (63)
Vehicles, Internet of Energy, Internet of Cloud, Fog computing,
etc. Moreover, we provide a classification of threat models, which Transaction Transaction Transaction
are considered by blockchain protocols in IoT networks, into five
main categories, namely, identity-based attacks, manipulation- Transaction Transaction Transaction

based attacks, cryptanalytic attacks, reputation-based attacks, Transaction Transaction

Transaction
and service-based attacks. In addition, we provide a taxonomy
and a side-by-side comparison of the state-of-the-art methods
towards secure and privacy-preserving blockchain technologies Hash Previous (64) = Proof of Work (63)
with respect to the blockchain model, specific security goals, Hash Previous (65) = Proof of Work (64)
....
performance, limitations, computation complexity, and commu-
nication overhead. Based on the current survey, we highlight
open research challenges and discuss possible future research Fig. 1. Blockchain structure.
directions in the blockchain technologies for IoT.
Index Terms—Blockchain, Consensus, Security, Threats, IoT recently, the blockchain [4], [5], [6], [7], a paradigm shift, is
transforming all the major application areas of IoT by enabling
I. I NTRODUCTION a decentralized environment with anonymous and trustful
transactions. Combined with the blockchain technology, IoT
In the last few years, we have witnessed the potential of
systems benefit from the lower operational cost, decentralized
Internet of Things to deliver exciting services across several
resource management, robustness against threats and attacks,
sectors, from social media, business, intelligent transportation
and so on. Therefore, the convergence of IoT and blockchain
and smart cities to the industries [1], [2], [3]. IoT seamlessly
technology aims to overcome the significant challenges of
interconnects heterogeneous devices with diverse functional-
realizing the IoT platform in the near future.
ities in the human-centric and machine-centric networks to
Blockchain, a distributed append-only public ledger tech-
meet the evolving requirements of the earlier mentioned sec-
nology, was initially intended for the cryptocurrencies, e.g.,
tors. Nevertheless, the significant number of connected devices
Bitcoin1 . In 2008, Satoshi Nakamato [8] introduced the con-
and massive data traffic become the bottleneck in meeting
cept of blockchain that has attracted much attention over the
the required Quality-of-Services (QoS) due to the computa-
past years as an emerging peer-to-peer (P2P) technology for
tional, storage, and bandwidth-constrained IoT devices. Most
distributed computing and decentralized data sharing. Due
(Corresponding author: Mohamed Amine Ferrag) to the adoption of cryptography technology and without a
M. A. Ferrag is with Department of Computer Science, Guelma Uni- centralized control actor or a centralized data storage, the
versity, 24000, Algeria, and also with Networks and Systems Laboratory
(LRS), Badji Mokhtar-Annaba University, 23000 Annaba, Algeria e-mail:
blockchain can avoid the attacks that want to take control
[email protected], [email protected], over the system. Later, in 2013, Ethereum, a transaction-based
phone: +213661-873-051 state-machine, was presented to program the blockchain tech-
M. Derdour is with Department of Mathematics and Computer Sci-
ence, University of Larbi Tebessi, Tebessa 12002, Algeria e-mail:
nologies. Interestingly, due to its unique and attractive features
[email protected] such as: transactional privacy, security, the immutability of
M. Mukherjee is with the Guangdong Provincial Key Laboratory of Petro- data, auditability, integrity, authorization, system transparency,
chemical Equipment Fault Diagnosis, Guangdong University of Petrochemical
Technology, Maoming 525000, China e-mail: [email protected]
and fault tolerance, blockchain is being applied in several
A. Derhab is with Center of Excellence in Information Assurance (CoEIA), sectors beyond the cryptocurrencies. Some of the areas are
King Saud University, Saudi Arabia, e-mail: [email protected] identity management [9], intelligent transportation [10], [11],
L. Maglaras is with School of Computer Science and Informatics, De
Montfort University, Leicester, UK, , and also with General Secretariat of
[12], [13], [14], [15], supply-chain management, mobile-crowd
Digital Policy, Athens, Greece, e-mail: [email protected] sensing [16], agriculture [17], Industry 4.0 [18], [19], Internet
H. Janicke is with School of Computer Science and Informatics, De
Montfort University, Leicester, UK, e-mail: [email protected] 1 Apart from Bitcoin, there are several cryptocurrencies such as Litecoin,
Manuscript received 2018. Peercoin, Swiftcoin, Peercoin, and Ripple.
 2

Based on the data management and the type of applications,

blockchain can classified either as private (permission) or pub-
lic (permissionless). Both classes are decentralized and provide
Private key Public key Encrypted a certain level of immunity against faulty or malicious users
transaction
for the ledger. The main differences between private and public
A user signs a
blockchains lie in the execution of the consensus protocol, the
transaction by maintenance of the ledger, and the authorization to join to the
its private key and
broadcasts to its
P2P network. Detailed examples of these classes are illustrated
peers. in [24]. In the context of IoT, blockchains can be classified
based on authorization and authentication. As shown in Fig. 3,
in a private blockchain, the centralized trusted authority that
manages the authentication and authorization process selects
A miner packs valid transactions into a the miners. On the other hand, in a public blockchain (in
block and broadcasts back to the network. general, permissionless), there is no intervention of any third-
Miner # Hash party for the miner selection and joining for a new user to the
Time stamp blockchain network.
Description
Recently, there is a huge amount of investment from the
Block industries [25], [26] as well as a significant interest from
academia to solve major research challenges in blockchain
technologies. For example, the consensus protocols are the
major building blocks of the blockchain technologies, thus, the
threats targeting the consensus protocols become a significant
research issue in the blockchain. Furthermore, blockchain
Block appended
forks bring threats to the blockchain consensus protocols.
A block is appended only if Moreover, it is observed that the vulnerability is about 51%
a) the block is validated after
distributed strict cryptographic rules
for a new blockchain [27]. At the same time, maintenance
Blockchain of several blockchains requires a significant amount of power
b) hash matching with previous
block. consumption [28].

A. Related Surveys and Our Contributions

Fig. 2. An illustration of blockchain working methodology.
There are related survey papers [7], [29], [30], [31], [24],
[32] that covered different aspects of the blockchain tech-
nology. For example, a brief overview of blockchain for
of energy [20], [21], [18], [22], and security in mission critical bitcoin was discussed in [29], [30]. However, these surveys
systems [23]. are very limited regarding detailed discussion on research
As shown in Fig. 1, the blockchain structure is composed of challenges in blockchain. Moreover, Sankar et al. [29] briefly
a sequence of blocks, which are linked together by their hash presented the feasibility of various consensus protocols in the
values. In the blockchain network, a public ledger maintains blockchain. The detailed insights of bitcon were presented
the digitally signed transactions of the users in a P2P network. in [7]. Recently, the surveys [24] presented the overview
In general, a user has two keys: a public key for other users of Blockchain-based IoT (BIoT) applications. The security
for the encryption and a private key to read an encrypted and privacy aspects are presented in [32], [31] for bitcoin,
message, as shown in Fig. 2. From the blockchain perspective, one of the blockchain applications. Table I summarizes the
the private key is used for signing the blockchain transaction main focuses and major contributions of the previous com-
and the public key represents the unique address. Asymmetric prehensive surveys on blockchain technologies. Although the
cryptography is used to decrypt the message encrypted by the above mentioned surveys [7], [31], [24], [32] have laid a solid
corresponding public key. At the initial stage, a user signs foundation for blockchain technologies, our survey differs in
a transaction using its private key and broadcasts it to its several aspects. The main contributions of this paper are:
peers. Once the peers receive the signed transaction, they • We provide overviews of the different application do-
validate the transaction and disseminate it over the network. mains of blockchain technologies in IoT, e.g, Internet
All the parties who are involved in the transactions mutually of Vehicles, Internet of Energy, Internet of Cloud, Fog
validate the transaction to meet a consensus agreement. Once computing, etc.
a distributed consensus is reached, the special node, called • We classify the threat models, which are considered by
as miners, includes the valid transaction into a timestamped the blockchain protocols in IoT networks, into five main
block. The block, which is included by the miner, is broadcast categories, namely, identity-based attacks, manipulation-
back into the network. After validating the broadcast block, based attacks, cryptanalytic attacks, reputation-based at-
which contains the transaction, as well as hash-matching it tacks, and service-based attacks.
with the previous block in the blockchain, the broadcast block • We review existing research on anonymity and privacy in
is appended to the blockchain. Bitcoin systems.
 3

TABLE I
R ELATED S URVEYS ON B LOCKCHAIN T ECHNOLOGIES
Year Author Main focus/contributions

Fundamental structures and insights of

Tschorsch and
2016 the core of the Bitcoin protocol and its
Scheuermann [7]
applications
Feasibility and efficiency of consensus
2017 Sankar et al. [29]
protocols in blockchain.
Kaushik et
2017 A brief survey on bitcoin.
al. [30]
An overview and detailed investigation
Khalilov and
2018 of anonymity and privacy in
Levi [31]
Bitcoin-like digital cash systems. (a)
Fernández- A review on developing
2018 Caramés and Blockchain-based IoT (BIoT)
Fraga-Lamas [24] applications.
A systematic survey that covers the
2018 Conti et al. [32] security and the privacy aspects of
Bitcoin. Trusted Authority

• We provide a taxonomy and a side-by-side comparison,

in a tabular form, of the state-of-the-art on the re-
cent advancements towards secure and privacy-preserving
blockchain technologies with respect to blockchain
model, specific security goals, performance and limita-
tions, computation complexity and communication over-
head.
• We highlight the open research challenges and discuss
(b)
the possible future research directions in the field of
blockchain technologies for IoT. Fig. 3. (a) Public blockchain system; (b) Private blockchain system.
The remainder of this paper is organized as follows. Section
II presents the application domains of blockchain technolo-
gies in IoT. In Section III, we present the classification of immutability of EHRs, Guo et al. [34] introduced an attribute-
threat models that are considered by the blockchain protocols based signature scheme, named MA-ABS, which uses multiple
in IoT networks. In Section IV, we present a side-by-side authorities. The MA-ABS scheme uses the blockchain tech-
comparison, in a tabular form, of the state-of-the-art on the nology and can resist to N-1 corrupted authorities collusion
recent advancements towards secure and privacy-preserving attacks. In addition, the MA-ABS is unforgeable in suffering
blockchain technologies. Then, we discuss open issues and a selective predicate attack. Therefore, Liang et al. [35] used
recommendations for further research in Section V. Finally, the blockchain network in mobile healthcare applications for
we draw our conclusions in Section VI. integrity protection, further auditing or investigation.

II. B LOCKCHAIN APPLICATIONS FOR THE I OT B. Internet of things in the 5G era

As presented in Fig. 4, the blockchain technology can be In the IoT era, 5G will enable a fully mobile and connected
effectively applied in almost all domains of IoT. society for billions of connected objects [44]. To solve the
privacy issues in the 5G heterogeneous communication envi-
ronment, Fan et al. [45] proposed a blockchain-based privacy
A. Internet of healthcare things
preserving and data sharing scheme. Based on the idea of
The usage of IoT in healthcare has allowed to feed the adding blocks to the blockchain, each new block is connected
ehealthcare systems with clinical data related to the patients, to the blockchain by its hash value. Note that the previous
their family, their friends, as well as the healthcare providers. hash value can be known from the block header.
The data, called electronic medical records (EMRs), is stored
by the responsible healthcare provider. To facilitate patient
data portability, there are the electronic health records (EHRs), C. Internet of vehicles
which have a richer data structure than EMRs. Based on The Internet of Vehicles (IoV) is an emerging concept,
the idea of distributed online database, Esposito et al. [33] which allows the integration of vehicles into the new era of
proposed the design of a blockchain-based scheme for the IoT the IoT in order to establish the smart communication be-
in healthcare. In a model of consortium blockchain, a new tween vehicles and heterogeneous networks such as vehicle-to-
block is instantiated and distributed when new healthcare data vehicle, vehicle-to-road, vehicle-to-human, vehicle-to-sensor,
is created. To preserve the privacy of patients and maintain the and vehicle-to-everything. However, some recent works try
 4

Fig. 4. Blockchain applications for the IoT.

to apply the blockchain technology to IoV. Based on the P2P electricity trading. Using consortium blockchain method,
decentralized security model, Huang et al. [10] proposed the PETCON system can publicly audit and share transaction
a blockchain ecosystem model, named LNSC, for electric records without relying on a trusted third party. To solve
vehicle and charging pile management. The LNSC model uses the issues of forwarding reliable announcements without re-
elliptic curve cryptography (ECC) to calculate hash functions vealing users’ identities, Li et al. [14] proposed a privacy-
electric vehicles and charging piles. To avoid the location preserving scheme, named CreditCoin, for sending announce-
tracking in the IoV, Dorri et al. [11] proposed a decentralized ments anonymously in the IoV. The CreditCoin scheme uses
privacy-preserving architecture, where overlay nodes manage the blockchain via an anonymous vehicular announcement
the blockchain. In addition, the hash of the backup storage is aggregation protocol to build trust in the IoV communications.
stored in the blockchain. For data credibility assessment in the IoV, Yang et al. [15]
Without the administration from the central manager, Lei proposed a blockchain-based reputation system, which can
et al. [12] proposed a blockchain-based dynamic key man- judge the received messages as either true or false based on
agement for vehicular communication systems. Based on a the senders’ reputation values.
decentralized blockchain structure, the third-party authorities
are removed and the key transfer processes are verified and D. Internet of Energy
authenticated by the security manager network. Moreover, The Internet of energy (IoE) provides an innovative concept
Kang et al. [13] introduced a P2P electricity trading system, to increase the visibility of energy consumption in the Smart
named PETCON, to illustrate detailed operations of localized Grid. Based on the sovereign blockchain technology, Gao
 5

TABLE II
M AJOR ATTACKS ON B LOCKCHAIN
Threat model Countermeasures Resistant protocols

Key attack - Elliptic curve encryption is used to calculate the hash functions LNSC protocol [10]
- Distributed SDN architecture DistBlockNet protocol [36]
- Decentralized mixing service CoinParty protocol [37]
DDoS/DoS attack
- Ring signature using ECDSA Liu et al.’s protocol [38]
-Block size limitation, attribute-based signatures, and multi-receivers encryption BSeIn protocol [39]
- Elliptic curve encryption is used to calculate the hash functions LNSC protocol [10]
Replay attack
- The freshness of public/private key pairs BSeIn protocol [39]
Hiding Blocks - An immutable chain of temporally ordered interactions is created for each agent TrustChain protocol [40]
False data injection attack - Blockchain consensus mechanisms Liang et al.’s protocol [21]
Tampering attack - Public-key cryptosystem Wang et al.’s protocol [41]
- Elliptic curve encryption is used to calculate the hash functions LNSC protocol [10]
Impersonation attack - Distributed incentive mechanism based blockchain and the node cooperation Wang et al.’s protocol [16]
based privacy protection mechanism
- Attribute-based signatures BSeIn protocol [39]
Refusal to Sign - Not interacting with the malicious agent, or splitting the transactions in smaller TrustChain protocol [40]
amounts
Overlay attack - Every transaction is embedded with a Time-Stamp to mark the uniqueness Wang et al.’s protocol [41]
- Multi signatures and anonymous encrypted message propagation streams Aitzhan and Svetinovic’s protocol [22]
Double-spending attack
- Time-Stamp and the Proof-of-Work mechanism Wang et al.’s protocol [41]
- Elliptic curve encryption is used to calculate the hash functions LNSC protocol [10]
Modification attack
- The attribute signature and the MAC BSeIn protocol [39]
Collusion attack - Blockchain-based incentive mechanism He et al.’s protocol [42]
Whitewashing attack - Lower priorities are given to the agents of new identities TrustChain protocol [40]
Quantum attack - Lattice-based signature scheme Yin et al.’s protocol [43]
- Elliptic curve encryption is used to calculate the hash functions LNSC protocol [10]
Man-in-the-middle attack
- Secure mutual authentication BSeIn protocol [39]
Sybil attack - An immutable chain of temporally ordered interactions is created for each agent TrustChain protocol [40]

et al. [20] introduced a monitoring system on Smart Grid, malware, especially on the open source Android platform.
named GridMonitoring, for ensuring transparency, provenance, By utilizing statistical analysis method, Gu et al. [46] intro-
and immutability. The GridMonitoring system is based on duced a malware detection system based on the consortium
four layers, namely, 1) Registration and authentication layer, Blockchain, named CB-MDEE, which is composed of de-
2) Smart meter, 3) Processing and consensus nodes, and tecting consortium chain by test members and public chain
4) Data processing on the smart grid network. In modern by users. The CB-MDEE system adopts a fuzzy comparison
power systems, Liang et al. [21] proposed a data protection method and multiple marking functions In order to reduce
framework based on distributed blockchain, which can resist the false-positive rate and improve the detection ability of
against data manipulation that are launched by cyber attackers malware variants. To protect the embedded devices in the
(e.g., false data injection attacks). To guarantee data accuracy, IoT, Lee et al. [47] a firmware update scheme based on the
Liang’s framework uses the consensus mechanism, which is blockchain technology, which the embedded devices have the
automatically implemented by every node and has the rep- two different operation cases, namely, 1) response from a
resentative characteristics, namely, 1) Setting of public/private verification node to a request node, and 2) response from a
key update frequency, 2) Block generation, 3) Miner selection, response node to a request node.
and 4) Release of meter’s memory periodically. For secure
energy trading in Industrial Internet of Things (IIoT), Li et al.
F. Access Management in IoT
[18] introduced the energy blockchain, which is based on the
consortium blockchain technology and the Stackelberg game. For managing IoT devices, Novo [48] proposed a distributed
Aitzhan and Svetinovic [22] implemented a token-based pri- access control system using the blockchain technology. The
vate decentralized energy trading system for in decentralized architecture of this system is composed of six components,
smart grid energy, which can be applied to the IoE. namely, 1) Wireless sensor networks, 2) Managers, 3) Agent
node, 4) Smart contract, 5) Blockchain network, and 6)
Management hubs. This system brings some advantages for
E. Internet of Things devices the access control in IoT, such as: 1) mobility, which can be
In the Internet of Things devices, attackers seek to exfiltrate used in isolated administrative systems; 2) accessibility, which
the data of IoT devices by using the malicious codes in ensures that the access control rules are available at any time;
 6

3) concurrency, which allows that the access control policies extensive data sharing among entities and trust computation.
can be modified simultaneously; 4) lightweight, which means In order to deal with the privacy concerns that are raised by the
that the IoT devices do not need any modification to adopt data exchange and to suppress insider attacks, the blockchain
this system; 5) scalability, as the IoT devices can be connected technology is applied. In this way, the use of trusted third
through different constrained networks; 6) transparency, where party, which is also a single point of failure, that is needed in
the system can preserve the location privacy. traditional collaborative IDSs can be avoided.

G. Collaborative video delivery J. Software-defined networking

The diffusion of high-quality content in the IoT nowadays To increase IoT’s bandwidth, researchers have been propos-
challenges for the internet service providers. However, Herbaut ing the Software Defined Networking (SDN) technology,
and Negru [49] proposed a decentralized brokering mechanism which provides intelligent routing and simplifies decision-
for collaborative blockchain-based video delivery, which is making processes by the SDN controller [56]. Recently,
relying on advanced network services chains. Specifically, this Sharma et al. [36] proposed a distributed IoT network archi-
management mechanism is composed of three blockchains, tecture, named DistBlockNet. Based on the blockchain tech-
namely, 1) the content brokering blockchain, 2) the delivery nology, DistBlockNet architecture can provide scalability and
monitoring blockchain, and 3) the provisioning blockchain. In flexibility, without the need for a central controller. The dis-
addition, this management mechanism is deployed with the tributed blockchain network uses two type of nodes, namely, 1)
open source project Hyperledger-Fabric 2 where the results the controller/verification node, which maintains the updated
show that the number of nodes slightly increases the conver- flow rules table information and 2) the request/response node,
gence time . which updates its flow rules table in a blockchain network.

H. Internet of Cloud K. Fog computing

In the Internet of Cloud (IoC), billions of IoT devices Fog computing, also called edge computing, is a highly
upload their data to the cloud through the internet connection virtualized platform that enables computing and storage be-
utilizing virtualization technology. Xu et al. [50] introduced an tween end-users and the data Center of the traditional cloud
intelligent resource management for cloud datacenters based computing [5]. Without the third parties, Fog devices can com-
on the blockchain technology, in order to save and reduce the municate with each other. However, the blockchain technique
total cost of energy consumption. Specifically, the users use can be used to facilitate communications between fog nodes
their individual private keys to sign a transaction, while the and IoT devices. Huang et al. [57] proposed a fair payment
neighboring users verify the broadcast transaction. The block scheme for outsourcing computations of Fog devices. Based
is discarded when it does not pass verification. Therefore, on the bitcoin, this scheme considers the following security
Sharma et al. [51] proposed a distributed cloud architec- properties, namely, completeness, fairness, and accountability.
ture that uses three emerging technologies, namely, software-
defined networking (SDN), fog computing, and a blockchain L. Distributed P2P Applications
technique. The SDN controllers of the fog node are used to
provide programming interfaces to network management op- In distributed peer-to-peer (P2P) applications for the IoT,
erators. The blockchain technique is used to provide scalable, the IoT devices self-organize and cooperate for a new breed
reliable, and high-availability services. In addition, Xia et al. of applications such as collaborative movies, forwarding files,
[52] proposed a blockchain-based data sharing system, named delivering messages, electronic commerce, and uploading data
MeDShare, for cloud service providers. This system uses four using sensor networks. To incentivize users for cooperation,
layers namely, 1) User layer, 2) Data query layer, 3) Data He et al. [42] proposed a truthful incentive mechanism based
structuring and provenance layer, and 4) Existing database on the blockchain technique for dynamic and distributed P2P
infrastructure layer. environments. To prevent selfish users and defend against the
collusion attacks, this scheme proposed a pricing strategy,
which allows intermediate nodes to obtain rewards from
I. Intrusion Detection blockchain transactions due to their contribution to a success-
Many techniques for implementing intrusion detection sys- ful delivery.
tems (IDSs) in the IoT environment have been proposed, which
are based in machine learning. To improve the collaborative M. Crowdsensing Applications
intrusion detection systems (CIDSs), Alexopoulos et al. [53]
introduced the idea of utilizing blockchain technology in The emerging mobile crowdsensing paradigm is a novel
order to secure the exchange of alerts between the collab- class of mobile IoT applications (e.g., geographical sensing
orating nodes. Meng et al. [54] discussed the applicability applications). Wang et al. [16] is an interesting incentive mech-
of blockchain technology in a intrusion detection systems. anism for privacy-preserving in crowdsensing applications
Modern intrusion detection systems must be based on collabo- based on the blockchain cryptocurrencies. Specifically, this
rative communication among distributed IDSs [55], demanding mechanism can eliminate the security and privacy issues using
the miners’ verifiable data quality evaluation to deal with the
2 www.hyperledger.org/projects/fabric impersonation attacks in the open and transparent blockchain.
 7

In addition, to achieve k-anonymity privacy protection, the of ringer, which can be used for generic computations in the
mechanism uses a node cooperation method for participating outsourcing computing.
users.
III. T HREAT MODELS FOR B LOCKCHAIN
N. Data storage In this section, we present and describe the threat models
The data storage can deal with heterogeneous data resources that are considered by the blockchain protocols in IoT net-
for IoT-based data storage systems. How to share and protect works. A summary of 16 attacks are given in Table II, and
these sensitive data are the main challenges in IoT data are classified into the following five main categories: identity-
storage. Based on the blockchain technology, Jiang et al. [58] based attacks, manipulation-based attacks, cryptanalytic at-
proposed a private keyword search, named Searchain, for tacks, reputation-based attacks, and service-based attacks, as
decentralized storage. The Searchain architecture includes two presented in Figure 5.
component, namely, 1) transaction nodes in a peer-to-peer
structure and 2) a blockchain of all the ordered blocks. In A. Identity-based attacks
addition, the Searchain architecture can provide user privacy, The attacks under this category forge identities to masquer-
indistinguishability, and accountability. ade as authorized users, in order to get access to the system and
manipulate it. We classify four attacks, namely: Key attack,
O. Bitcoin Replay attack, Impersonation attack, and Sybil attack.
Launched in 2009, Bitcoin is the peer-to-peer (P2P) pay- • Key attack: This attack is defined in the context of a
ment network that does not need any central authorities. Based system combining electric vehicles and charging piles,
on the core technique of blockchain, Bitcoin users do not use as follows: "If the private key of an electric vehicle
real names; instead, pseudonyms are used. Therefore, Bitcoin that has been used for longtime leaks, the attacker can
is based on three main technical components: transactions, impersonate this electric vehicle to deceive others" [10].
consensus Protocol, and communication network. To deal with this attack, LNSC protocol [10] provides
The existing research on anonymity and privacy for Bitcoin a mutual authentication mechanism between the electric
system are presented in Tab. III. Khalilov and Levi [72] vehicles and charging piles. To this end, it employs the
have published an interesting investigation on anonymity and elliptic curve encryption to calculate the hash functions,
privacy in Bitcoin-like digital cash systems. Specifically, the and hence it ensures resiliency against the key leakage
study classified the methods of analyzing anonymity and attack.
privacy in Bitcoin into four categories, namely, 1) Transacting, • Replay attack: The aim of this attack is to spoof the
2) Utilizing off-network information, 3) Utilizing network, and identities of two parties, intercept their data packets,
4) Analyzing blockchain data. and relay them to their destinations without modifica-
As discussed by Wang et al. [71], Bitcoin works in practice, tion. To resist against this attack, LNSC [10] uses the
but not in theory,and the main issue is how to protect the idea of elliptic curve encryption to calculate the hash
potential buyers’ privacy in Bitcoin using the public key infras- functions. On the other hand, BSein [39] uses a fresh
tructure. Wang et al. [71] studied the designated-verifier proof one-time public/private key pair, which is generated for
of assets for bitcoin exchange using elliptic curve cryptogra- each request, to encrypt the message and compute the
phy. Specifically, the authors proposed a privacy-preserving Message Authentication Code (MAC). In this way, the
scheme, named DV-PoA, which can satisfy unforgeability. replay attack can be detected.
Note that the DV-PoA scheme uses elliptic curve discrete log- • Impersonation attack: An adversary tries to masquerade
arithm problem, elliptic curve computational Diffie-Hellman as a legitimate user to perform unauthorized operations.
problem, and collision-resistance of cryptographic hash func- As presented in Table II, there are three methods that
tion. In addition, to protect the privacy of simplified payment are proposed to protect against this attack. The idea of
verification (SPV) clients, Kanemura et al. [70] proposed a elliptic curve encryption to calculate the hash functions,
privacy-preserving Bloom filter design for an SPV client based is proposed by LNSC protocol [10]. Wang et al. [16]
on γ−Deniability. propose a distributed incentive-based cooperation mech-
By removing the trusted third party, Qin et al. [73] proposed anism, which protects the user’s privacy as well as a
a distributively blockchain-based PKI for Bitcoin system, transaction verification method of the node cooperation.
named Cecoin. To ensure the consistency, Cecoin uses an The mechanism hides the user’s privacy information
incentive mechanism and a distributed consensus protocol. within a group, and ensures their protection from the
To provide multi-certificate services and identity assignment, impersonation attack. BSeIn [39], on the other hand,
Cecoin converts a triple (address, domain, cert) to a tuple uses the idea of attribute-based signatures, i.e., only
(key, address, cert), and key represents path of cert in the tree. legitimate terminals can generate a valid signature, and
Therefore, to protect the transaction privacy in Bitcoin, Wang hence any impersonation attempt will be detected when
et al. [41] proposed a framework by adding the homomorphic its corresponding authentication operation fails.
Paillier encryption system to cover the plaintext amounts in • Sybil attack: Under this attack, an adversary creates many
transactions. To solve the trust problem in Bitcoin, Huang et al. fake identities. By performing many interactions in the
[57] proposed a commitment-based sampling scheme instead network, the adversary can gain a large influence within
 8

TABLE III
E XISTING R ESEARCH ON A NONYMITY AND P RIVACY FOR B ITCOIN S YSTEMS
Year Protocol Countermeasures Security models

2013 CoinSwap [59] - The protocol requires four published transactions - Anonymity
2013 CoinJoin [60] - Each user check the mixing transaction before signing on it - Anonymity
2013 ZeroCoin [61] - Decentralized e-cash scheme with a tuple of randomized algorithms (Setup, - Anonymity
Mint, Spend, Verify)
- RSA accumulators and non-interactive zero-knowledge signatures of
knowledge
2014 Mixcoin [62] - Cryptographic accountability - Anonymity
- Randomized mixing fees
2014 Xim [63] - Anonymous decentralized pairing - Anonymity
2014 CoinShuffle [64] - Requires only standard cryptographic primitives - Anonymity
2014 Zerocash [65] - Publicly-verifiable preprocessing zero-knowledge - Privacy-preserving
2015 Blindcoin [66] - Blind signature scheme - Anonymity
2015 CoinParty [67] - Combination of decryption mixnets with threshold signatures - Anonymity
2016 Blindly Signed Contract [68] - Blind signature scheme - Anonymity
2017 TumbleBit [69] - Replaces on-blockchain payments with off-blockchain puzzle solving - Anonymity
2017 Kanemura et al. [70] - The privacy metric "Deniability" - Privacy-preserving
2017 Wang et al. [71] - Elliptic curve cryptography - Privacy-preserving
2017 Wang et al. [41] - Homomorphic paillier encryption system - Privacy-preserving
2018 Liu et al. [38] - Ring signature - Privacy-preserving
- Elliptic curve digital signature algorithm - Anonymity
2018 Huang et al. [57] - Commitment-based sampling scheme - Security requirement of completeness
- Security requirement of fairness
- Security requirement of accountability

Threat models

Identity- Manipulation- Cryptanalytic Reputation- Service-

based attacks based attacks attacks based attacks based attacks

Key attack [10] False data injec- Quantum at- Hiding Blocks DDoS/DoS
tion attack [21] tack [43] attack [40] attack [36], [37],
Replay at- [38], [39]
tack [39], [10] Tampering Whitewashing [40]
attack [41] Refusal to Sign
Impersonation attack [40]
attack [13], [39], Overlay at-
[10] tack [41] Double-spending
attack [41], [22]
Sybil attack [40] Modification
attack [39], [10] Collusion
attack [42]
Man-in-the-middle
attack [39], [10]

Fig. 5. Classification of threat models for Blockchain.

the community, i.e, increasing/decreasing the reputation B. Manipulation-based attacks

of some agents. TrustChain [40] addresses this issue by They involve an unauthorized access and tamper of data.
creating an immutable chain of temporally ordered inter- In this category, four attacks are classified, namely: False
actions for each agent. It computes the trustworthiness of data injection attack, Tampering attack, Overlay attack, and
agents in an online community with Sybil-resistance by Modification attack
using prior transactions as input. It ensures that agents
• False data injection attack: The aim of this attack is to
who use resources from the community also contribute
compromise the data integrity of the control system to
back.
make it take wrong control decisions. Liang et al. [21]
considers the meter node as a private blockchain network.
 9

In addition, the interactions among the nodes are based number, any agent in the network can request specific
on a consensus mechanism, which consists in executing records of others. The requested agents cannot refuse to
a distributed voting algorithm. Each node can verify the provide their records. Otherwise, other agents will stop
integrity of the received data. The latter is considered interacting with them.
correct when a positive agreement is reached. • Whitewashing: When an agent has negative reputation, it
• Tampering attack: The adversary may tamper the bitcoin can get rid of its identity and make a new one. There is no
transactions of the bitcoin addresses, amounts and other way to prevent this behavior. However, it is suggested in
information after signing. To prevent this attack, Wang et [40] to give lower priorities to the agents of new identities
al. [41] use a public-key cryptosystem that is compatible when applying the allocation policy.
with the existing Bitcoin system. They propose adding
the homomorphic Paillier encryption system to cover E. Service-based attacks
the plaintext amounts in transactions, and the encrypted
amounts will be checked by the Commitment Proof. They aim either to make the service unavailable or make it
• Overlay attack: It means that the attacker adds a forgery behave differently from its specifications. Under this category,
encrypted amount to the original encrypted amount under we can find the following attacks:
the receiver’s public key. In [41], this attack is detected as • DDoS/DoS attack: It involves sending a large amount of
every transaction is embedded with an timestamp to mark requests to cause the failure of the blockchain system.
its uniqueness. Different inputs under the same trader can As shown in Table II, there are four methods that are
be distinguished and linked to the different transactions, proposed to deal with this attack. The idea of distributed
and hence resistance against the overlay attack is ensured. SDN architecture is proposed by DistBlockNet protocol
• Modification attack: It consists in modifying the broadcast in [36]. CoinParty [37] proposes the idea of decentralized
transaction or the response message. To deal with this at- mixing service. Liu et al. [38] employ a ring-based
tack, LNSC [10] uses the idea of elliptic curve encryption signature with Elliptic Curve Digital Signature Algorithm
to calculate the hash functions. BSeIN [39], on the other (ECDSA). The resilience against DOS in BSeIn [39] is
hand, employs the attribute signature and the MAC. achieved by limiting the block size, checking the maxi-
• Man-in-the-middle attack: An attacker by spoofing the mum number of attribute signatures for the transaction
identities of two parties can secretly relay and even input, and using multi-receivers encryption to provide
modify the communication between these parties, which confidentiality for authorized participants.
believe they are communicating directly, but in fact the • Refusal to Sign attack: A malicious agent can decide
whole conversation is under the control of the attacker. to not sign a transaction that is not in his favor. Al-
To resist against this attack, BSeIn [39] provides secure though preventing this attack is not possible, punishment
mutual authentication. In [10], LNSC provides mutual au- measures can be taken against the refusal agents. It is
thentication by using elliptic curve encryption to calculate proposed in [40] to not interact with the malicious agent,
the hash functions. or split the transactions in smaller amounts. If an agent
refuses to sign a transaction, the interaction is aborted.
• Double-spending attack: It means that the attackers spend
C. Cryptanalytic attacks
the same bitcoin twice to acquire extra amounts. In [41],
They aim to break the cryptographic algorithm and ex- the Time-Stamp and the Proof-of-Work mechanism is
pose its keys. In [43] the quantum attack is investigated used. In [22], a multi-signature transaction is employed,
in blockchain. This attack is designed to solve the elliptic where a minimum number of keys must sign a transaction
curve digital logarithm, i.e., derive the private key from the before spending tokens.
elliptic curve public key. In this way, an adversary can sign • Collusion Attack: Nodes can collude with each other and
unauthorized transactions and forge the valid signature of behave selfishly to maximize their profit. In [42], an
users. To deal with this issue, Yin et al. [43] uses the idea of incentive mechanism and pricing strategy is proposed to
lattice-based signature scheme., which allows deriving many thwart the selfish behaviors.
sub-private keys from the seed in the deterministic wallet of
blockchain.
IV. E XISTING RESEARCH ON SECURITY AND PRIVACY IN
BLOCKCHAIN - BASED I OT
D. Reputation-based attacks
Table IV summarizes research for blockchain-based IoT
An agent manipulates his reputation by changing it to a
security and privacy.
positive one. In this category, we can find the following
attacks, namely: Hiding Blocks attack, and Whitewashing
attack. A. Authentication
• Hiding Blocks attack: Under this attack, an agent only In [78], Lin et al. proposed a novel transitively closed
exposes transactions that have a positive impact on his undirected graph authentication scheme that can support
reputation and hides the ones with negative reputation. In blockchain-based identity management systems. In compar-
[40], an immutable chain of temporally ordered interac- ison to other competing authentication schemes, their pro-
tions for each agent. Since each record has a sequence posal provides an additional capability of dynamically adding
 10

TABLE IV
E XISTING RESEARCH FOR BLOCKCHAIN - BASED I OT SECURITY AND PRIVACY
Year Scheme Blockchain model Security model Goal Performance (+) and limitation (-) Comp. complexity

2016 Aitzhan - Blockchain technology - Privacy preserving - Enables peers to anony- + Combat double-spending attacks Medium
and with multi signatures and mously negotiate energy prices - A formal proof is not provided on the Sybil-
Svetinovic anonymous encrypted and securely perform trading resistance
[22] message propagation transactions
streams
2017 Otte et al. - Every participant grows - Distributed trust - Providing strict bounds on + A formal proof is provided on the Sybil- Up to 2n + 1 max-
[40] and maintains their own the profitability of a Sybil at- resistance flow computations
chain of transactions tack - Authentication is not considered
2017 Kanemura - Blockchain technology - Privacy preserving - Improving the privacy level + True positive Bitcoin addresses are hidden by the Medium
el al. [70] with Deniability of a simplified payment verifi- false positives in a Bloom filter
cation client - Authentication is not considered
2017 Wang et - Blockchain technology - Preserving transac- - Achieving delicate + Robust transaction Td e c = 2Tm +
al. [41] with the Paillier cryp- tion privacy anonymity and prevents + Prevent the following attacks: Tampering attack, 2iTE
tosystem for encryption active and passive attacks Overlay attack, Double-spending attack
and decryption - Sybil-resistance
2018 Yin et al. - Quantum attack in the - Transaction authenti- - Resisting quantum attack, + Strongly unforgeable under chosen message at- The length of signa-
[43] blockchain cation while maintaining the wallet tack ture is O(1)
lightweight - The Sybil-resistance is not considered
2018 Jong- - Consortium Blockchain - Identity and authenti- - Creating a new ID as a Ser- + It can be implemented as a cloud platform Medium
Hyouk cation management vice - The threat model is not defined
Lee [74]
2018 Fan et al. - The blockchain is a - Privacy preserving - Achieve the goal of every + Backward security M + Tm
[45] public, tamper-resistant - Access control data owner’s complete control + Forward security
ledger - The Sybil-resistance is not considered
2018 Wang et - Blockchain based in- - Privacy preserving - Achieve k-anonymity privacy + Resist the impersonation attacks in the open and Medium
al. [16] centive mechanism protection transparent blockchain
- The collusion attacks is not analysed
2018 Lin et al. - ID-based linearly ho- - Authentication - Avoiding the shortcomings of + Secure against existential forgery on adaptively High
[75] momorphic signature the use of public key certifi- chosen message and ID attack in the random oracle
cates model
- Adaptation with the Blockchain is not analyzed
2018 Li et al. - Blockchain based in- - Privacy preserving - Achieving privacy- + Maintains the reliability of announcements Medium
[14] centive mechanism - Authentication preserving in forwarding + Achieve Sybil-resistance
announcements - Location privacy is not considered
2018 Ziegeldorf - Blockchain technology - Anonymity - Achieving correctness, + Resilience against DoS attacks from malicious Medium
et al. [37] with Deniability - Deniability anonymity, and deniability attackers
+ Compatible with other crypto-currencies which
use the same ECDSA primitive, e.g., Litecoin and
Mastercoin
- Double-spending attacks is not considered
2018 Yang et - The blocks maintain the - Accountable trace- - Achieving public verification + Achieve public verification The data owner con-
al. [76] proofs produced by the ability without any trusted third party + Efficient in communication as well as in compu- ducts (2 + log2 m)
cloud server tation hash computations
- Tampering attack is not considered
2018 Hu et al. - The Ethereum - Distributed trust - Saving on the overall deploy- + Low-cost, accessible, reliable and secure pay- Low bandwidth
[77] blockchain ment and operational costs ment scheme
- Accountable traceability is not considered
2018 Liu et al. - The blockchain based - Preserving transac- - Help Bitcoin users protect + Resistant to DoS attacks High
[38] on the ring signature tion privacy their account and transaction + Prevent the mixing server from mapping input
with elliptic curve dig- information transactions
ital signature algorithm + Anonymity and scalability
(ECDSA) - Double-spending attacks is not considered
2018 Lin et al. - The structure of blocks - Authentication - Enforce fine-grained access + Resilience to hijacking attacks, user imperson- Medium
[39] is similar to that in Bit- - Access control control polices ation attacks, DDoS attacks, modification attacks,
coin replay attacks, and man-in-the-middle attacks
+ Mutual authentication
+ Session key agreement
+ Perfect forward secrecy
- The Sybil-resistance is not considered
2018 Lin et al. - The Ethereum - Authentication - Solving the existing in- + Update the certificates without the need to re- Signature size: 2
[78] blockchain tractability issue in transitive sign the nodes points in Z∗q
signature + Provide a proof when the edge between two
vertices does not exist
- Access control is not considered compared to the
scheme in [39]

Notations :
M : The time for one exponentiation;
Tm : The size of the ciphertext;
Td e c : The time for decryption;
Tm : The unit of modular multiplication time;
TE : The unit of modular exponentiation time
 11

or deleting nodes and edges. Moreover, this novel scheme parties from passive eavesdropping by hiding non-content data.
that was built on Ethereum solves the authentication prob- For enhancing the transaction privacy in Bitcoin, Wang et al.
lem of non-existent edges, which is a known challenge in [41] achieve transaction by using cryptographic methods, i.e.,
transitive signature schemes. Lin et al.in [39] proposed a employs the public-key system. Through the standard ring
novel blockchain-based framework that can ensure a secure signature and ECDSA unforgeability, Liu et al. [38] proposed
remote user authentication. The proposed framework combines an idea that can achieve the anonymity.
attribute-based signatures, multi-receivers encryption and Mes- One other aspect of privacy in blockchain systems is about
sage Authentication Code. In [14], Li et al. proposed a novel anonymity. Although it is possible to design an almost im-
privacy-preserving Blockchain-based announcement network mutable, tamper-resistant transaction, this transaction can be
for Vanets that is based on a threshold authentication protocol seen throughout all of the nodes on the blockchain network.
called Echo-Announcement. One promising research on supporting private transactions
Authors in [75] proposed an ID-based linearly homo- inside a blockchain is zk-STARKs, which combines zCash
morphic signature schemes that can be used for realizing and Ethereum. The combination of both technologies makes it
authentication in blockchains. The system allows a signer possible to keep anonymity when conducting payments, blind
to produce linearly homomorphic signatures, and hence it auctions, and even voting [73].
avoids the shortcomings of public-key certificates. In addition,
it is shown to be robust against several attacks. In [74] C. Trust
authors introduced the concept of blockchain as a service. A blockchain-based payment scheme that is stet up in a
Their proposed blockchain based-ID as a Service (BIDaaS) remote region setting was introduced in [77]. The proposed
mechanism, is a new type of IDaaS that can be used for scheme is assumed to have an intermittent connectivity to a
identity and authentication management. Authentication can bank’s central system. Distributed trust is accomplished with
be achieved without the use of any preregistered information the use of a two-layer architecture, where the bank authorizes
of the user. Finally in [43] authors cope with the problem of a set of selected villagers to act as miners who on their
keeping the wallet in a relatively small size while ensuring turn authorize transactions among villagers with tokens and
the robustness of transaction authentication by introducing a the bank. In [40] authors present a mechanism where every
novel anti-quantum transaction authentication scheme. participant grows and maintains his own chain of transactions.
The proposed approach provides distributed trust, without the
need of any gatekeeper, while being robust against Sybil
B. Privacy-preserving
attacks.
In the core of blockchain philosophy lies the private key
that can unlock the cryptographic protection of the digital V. O PEN QUESTIONS AND RESEARCH CHALLENGES
assets. The private key becomes the highest vulnerability of To complete our overview, we outline both open questions
a blockchain system whether it is stored on a piece of paper, and research challenges that could improve the capabilities
screen, disk, in local memory or in the cloud. Users tend to and effectiveness of blockchain for the IoT, summarized in
use digital wallets that can be either software or hardware, e.g. the following recommendations:
Trezor or Keepkey, which are vulnerable to various attacks like
fault injections [79]. A. Resiliency against Combined Attacks
Another solution that is gaining ground nowadays is the As presented in this survey, many security solutions for
use of hardware security modules (HSMs), a crypto-processor bloackchain-based IoT have been proposed in the literature,
that securely generates, protects and stores keys. The entire each of which is designed to tackle different security issues
cryptographic key lifecycle happens inside the HSM. An HSM and threat models. The main question that might arise is how
can be a standalone device that operates offline or can be to design a security solution that can be resilient against com-
embedded in a server, can be hardened against tampering or bined attacks while taking into account the implementation
damage, and is usually located in a physically secure area to feasibility of the solution, especially in case of low resource-
prevent unauthorized access. Finally a new generation of ultra- constrained IoT devices.
secure PCs that have embedded an HSM and requires two-
factor authentication is recently introduced. This PC can be B. Dynamic and Adaptable Security Framework
protected against physical attacks with a tamper-proof casing Heterogeneous devices are deployed in the IoT network,
and mechanisms like automatic erasion of the private key in ranging from low-power devices to high-end servers. Hence,
case of any breach of the embedded physical or logical security a single security solution cannot be deployed for all the
controls [80]. Using trusted computers both as secure digital blockchain-based IoT architectures due to the different amount
wallets and blockchain nodes. Security assurance of users and of resources that are provided. Therefore, the security solution
organizations need in order to trust this new technology can should initially adapt itself to the existing resources, and
be provided in the near future. decide which security services to offer, so as to meet the
To achieve k-anonymity privacy protection, Wang et al. [16] minimum security requirements of the end-users. Thus, one
use a node cooperation verification approach, in which each of the challenges that should receive more attention in the
group contains K nodes to meet the objective of K-anonymity future is how to design such a dynamic and adaptable security
protection. Aitzhan et al. [22] proposed an idea that protects framework for blockchain-based IoT architectures.
 12

C. Compliance with GDPR G. Vehicular Cloud Advertisement Dissemination

The new regulation that took effect from the 25th of May As presented in this survey, based on a decentralized
of 2018 grants end-users new powers over personal data, blockchain structure, various anonymity schemes are proposed
and places new obligations upon data controllers. In a purely to hide the real identities in IoV. Therefore, since the ve-
decentralized blockchain system there are not any accountable hicle’s real identity, vehicle’s real location, and transaction
data processors making the implementation of GDPR difficult. could possibly be disclosed in vehicular cloud advertisement
Also on the other hand, the right to be forgotten that is one of dissemination [90], critical security issues arise as follows:
the main guidelines of GDPR is contradictory to the core idea
• How to design a single-attribute access control protocol
behind blockchain technology. On public blockchains, all data
based on blockchain technology for preserving transac-
is replicated and shared across all machines in the network
tion privacy in vehicular cloud advertisement dissemina-
and only the combination with trusted hardware solutions can
tion?
solve this issue. Some initial attempts are already undertaken
• How to devise a privacy-preserving secret sharing scheme
[81], [82] but this is a promising area of research for the near
based on blockchain technology to acknowledge partici-
future.
pation of selected vehicles in transactions? e.g., by using
the homomorphic Paillier encryption system.
D. Energy-efficient Mining • How to design a low complexity-based authentication
Mining includes the execution of the blockchain con- using the blockchain technology between RSUs and par-
sensus algorithms such as Proof-of-Work (PoW). Besides, ticipating vehicles during the advertisement dissemination
the blockchain grows as the users store their transactions. process?
Therefore, more powerful miners are required to handle
the consensus protocols in the blockchain. Several energy
efficient consensus algorithms such as Proof-of-Space [83], H. Skyline Query Processing
Deligated Proof-of-Space [84] and Proof-of-Stake [85] and Skyline query has become an important issue in database
mini-blockchain [86], [87] to store only recent blockchain research, e.g., centralized database, distributed database, and
transactions are suggested. However, resource- and power- similarity search. The surveyed schemes have not yet studied
constrained IoT devices are not always capable of meeting the the possibility of using the skyline query with blockchain.
substantial computational and power consumption in the pro- Recently, Hua et al. [91] proposed a privacy-preserving on-
cessing of blockchain consensus and storing of blockchains. line medical primary diagnosis framework, named CINEMA,
Therefore, the design of energy-efficient consensus protocols which uses the skyline query. Specifically, CINEMA frame-
is one of the significant research challenges in the blockchain work can protect users’ medical data privacy and ensure the
technologies for IoT. confidentiality of diagnosis model based on a skyline diagnosis
model. Therefore, how to handle the security and privacy
E. Social Networks and Trust Management issues when a skyline diagnosis model is constructed by a lot
of blockchains? Hence, the privacy-preserving schemes based
When we talk about security we have to take in mind that on the blockchain with skyline query are major challenges and
fake news can be a part of a cyber attack. Large-scale rumor should be investigated in the future.
spreading could pose severe social and economic damages
to an organization or a nation [88] especially with the use
of online social networks. Blockchains could be a means VI. C ONCLUSION
for limiting rumor spreading as presented in [89] where a
blockchain-enabled social network is presented. In this paper, we surveyed the state-of-the-art of existing
blockchain protocols designed for Internet of Things (IoT)
networks. We provided an overview of the application domains
F. Blockchain-specific Infrastructure of blockchain technologies in IoT, e.g., Internet of Vehicles,
The storage-limited IoT devices might not be able to store Internet of Energy, Internet of Cloud, and Fog computing.
the large-size blockchain that grows as the blocks are appended Through extensive research and analysis that was conducted,
in the blockchain. Moreover, it is commonly seen that the we were able to classify the threat models that are considered
IoT devices store the blockchain’s data that are not even use- by the blockchain protocols in IoT networks, into five main
ful for their own transactions. Therefore, blockchain-specific categories, namely, identity-based attacks, manipulation-based
equipment that supports the decentralized storage of large- attacks, cryptanalytic attacks, reputation-based attacks, and
size blockchain become a challenging issue. Moreover, the service-based attacks. There still exist several challenging
address management and underlying communication protocols research areas, such as resiliency against combined attacks,
play significant roles in blockchain infrastructure. Besides, dynamic and adaptable security framework, compliance with
trustworthiness among the computational resource-enriched GDPR, energy-efficient mining, social networks and trust man-
devices has to be established in the blockchain infrastructure. agement, blockchain-specific infrastructure, vehicular cloud
Besides, the Application Programming Interface (APIs) should advertisement dissemination, and Skyline query processing,
be user-friendly as much as possible. which should be further investigated in the near future.
 13

R EFERENCES [25] “Crypto-currency market capitalizations,” accessed on 15 June, 2018.

[Online]. Available: https://coinmarketcap.comhttps://coinmarketcap.
[1] “IDC, Worldwide Internet of Things Forecast, 2015–2020,” IDC com
#256397. [26] “Blockchain technology report to the US federal advisory
committee on insurance,” accessed on 15 June, 2018.
[2] “IDC, Worldwide Internet of Things Forecast Update 2015–2019,” Feb.
[Online]. Available: https://www.treasury.gov/initiatives/fio/Documents/
2016, Doc #US40983216.
McKinsey_FACI_Blockchain_in_Insurance.pdf
[3] D. Miorandi, S. Sicari, F. De Pellegrini, and I. Chlamtac, “Internet of
[27] L. Bahack, “Theoretical Bitcoin attacks with less than half of
things: Vision, applications and research challenges,” Ad Hoc Netw.,
the computational power,” Dec. 2013, arXiv:1312.7013v1. [Online].
vol. 10, no. 7, pp. 1497–1516, Sept. 2012.
Available: https://arxiv.org/pdf/1312.7013.pdf
[4] D. Puthal, N. Malik, S. P. Mohanty, E. Kougianos, and G. Das, [28] M. Ali, J. Nelson, R. Shea, and M. J. Freedman, “Blockstack: A global
“Everything you wanted to know about the blockchain: Its promise, naming and storage system secured by blockchains,” in Proc. Annual
components, processes, and problems,” IEEE Consumer Electronics Technical Conference (USENIX ATC), June 2016, pp. 181–194.
Mag., vol. 7, no. 4, pp. 6–14, July 2018. [29] L. S. Sankar, M. Sindhu, and M. Sethumadhavan, “Survey of consensus
[5] M. Mukherjee, R. Matam, L. Shu, L. Maglaras, M. A. Ferrag, N. Choud- protocols on blockchain applications,” in Proc. IEEE 4th Int. Conf. on
hury, and V. Kumar, “Security and privacy in fog computing: Chal- Advanced Comput. and Commun. Syst. (ICACCS), Jan. 2017.
lenges,” IEEE Access, vol. 5, pp. 19 293–19 304, 2017. [30] A. Kaushik, A. Choudhary, C. Ektare, D. Thomas, and S. Akram,
[6] M. Swan, Blockchain: blueprint for a new economy, 1st ed. ÓReilly “Blockchain-literature survey,” in Proc. IEEE 2nd Int. Conf. Recent
Media, Jan. 2015. Trends in Electronics, Information & Communication Technology (RTE-
[7] F. Tschorsch and B. Scheuermann, “Bitcoin and beyond: A technical ICT), May 2017.
survey on decentralized digital currencies,” IEEE Commun. Surveys & [31] M. C. K. Khalilov and A. Levi, “A survey on anonymity and privacy in
Tut., vol. 18, no. 3, pp. 2084–2123, Mar. 2016. Bitcoin-like digital cash systems,” IEEE Commun. Surveys & Tut., pp.
[8] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008. 1–1, Mar. 2018.
[9] D. Wilson and G. Ateniese, “From pretty good to great: Enhancing [32] M. Conti, S. K. E, C. Lal, and S. Ruj, “A survey on security and privacy
PGP using bitcoin and the blockchain,” in Network and System Security. issues of Bitcoin,” IEEE Commun. Surveys & Tut., pp. 1–39, May 2018.
Springer International Publishing, 2015, pp. 368–375. [33] C. Esposito, A. De Santis, G. Tortora, H. Chang, and K.-K. R. Choo,
[10] X. Huang, C. Xu, P. Wang, and H. Liu, “LNSC: A security model “Blockchain: A Panacea for Healthcare Cloud-Based Data Security and
for electric vehicle and charging pile management based on blockchain Privacy?” IEEE Cloud Comput., vol. 5, no. 1, pp. 31–37, Jan. 2018.
ecosystem,” IEEE Access, vol. 6, pp. 13 565–13 574, 2018. [34] R. Guo, H. Shi, Q. Zhao, and D. Zheng, “Secure Attribute-Based Sig-
[11] A. Dorri, M. Steger, S. S. Kanhere, and R. Jurdak, “BlockChain: nature Scheme With Multiple Authorities for Blockchain in Electronic
A Distributed Solution to Automotive Security and Privacy,” IEEE Health Records Systems,” IEEE Access, vol. 6, pp. 11 676–11 686, 2018.
Commun. Mag., vol. 55, no. 12, pp. 119–125, dec 2017. [35] X. Liang, J. Zhao, S. Shetty, J. Liu, and D. Li, “Integrating blockchain
[12] A. Lei, H. Cruickshank, Y. Cao, P. Asuquo, C. P. A. Ogah, and Z. Sun, for data sharing and collaboration in mobile healthcare applications,” in
“Blockchain-Based Dynamic Key Management for Heterogeneous Intel- 2017 IEEE 28th Annu. Int. Symp. Pers. Indoor, Mob. Radio Commun.
ligent Transportation Systems,” IEEE Internet Things J., vol. 4, no. 6, IEEE, oct 2017, pp. 1–5.
pp. 1832–1843, dec 2017. [36] P. K. Sharma, S. Singh, Y.-S. Jeong, and J. H. Park, “DistBlockNet:
[13] J. Kang, R. Yu, X. Huang, S. Maharjan, Y. Zhang, and E. Hossain, A Distributed Blockchains-Based Secure SDN Architecture for IoT
“Enabling Localized Peer-to-Peer Electricity Trading Among Plug-in Networks,” IEEE Commun. Mag., vol. 55, no. 9, pp. 78–85, 2017.
Hybrid Electric Vehicles Using Consortium Blockchains,” IEEE Trans. [37] J. H. Ziegeldorf, R. Matzutt, M. Henze, F. Grossmann, and K. Wehrle,
Ind. Informatics, vol. 13, no. 6, pp. 3154–3164, dec 2017. “Secure and anonymous decentralized Bitcoin mixing,” Futur. Gener.
[14] L. Li, J. Liu, L. Cheng, S. Qiu, W. Wang, X. Zhang, and Z. Zhang, Comput. Syst., vol. 80, pp. 448–466, mar 2018.
“CreditCoin: A Privacy-Preserving Blockchain-Based Incentive An- [38] Y. Liu, X. Liu, C. Tang, J. Wang, and L. Zhang, “Unlinkable Coin
nouncement Network for Communications of Smart Vehicles,” IEEE Mixing Scheme for Transaction Privacy Enhancement of Bitcoin,” IEEE
Trans. Intell. Transp. Syst., pp. 1–17, 2018. Access, vol. 6, pp. 23 261–23 270, 2018.
[15] Z. Yang, K. Zheng, K. Yang, and V. C. M. Leung, “A blockchain-based [39] C. Lin, D. He, X. Huang, K.-K. R. Choo, and A. V. Vasilakos, “Bsein: A
reputation system for data credibility assessment in vehicular networks,” blockchain-based secure mutual authentication with fine-grained access
in 2017 IEEE 28th Annu. Int. Symp. Pers. Indoor, Mob. Radio Commun. control system for industry 4.0,” J. Netw. Comput. Appl., vol. 116, pp.
IEEE, oct 2017, pp. 1–5. 42–52, 2018.
[16] J. Wang, M. Li, Y. He, H. Li, K. Xiao, and C. Wang, “A Blockchain [40] P. Otte, M. de Vos, and J. Pouwelse, “TrustChain: A Sybil-resistant
Based Privacy-Preserving Incentive Mechanism in Crowdsensing Appli- scalable blockchain,” Futur. Gener. Comput. Syst., sep 2017.
cations,” IEEE Access, vol. 6, pp. 17 545–17 556, 2018. [41] Q. Wang, B. Qin, J. Hu, and F. Xiao, “Preserving transaction privacy in
bitcoin,” Futur. Gener. Comput. Syst., sep 2017.
[17] F. Tian, “An agri-food supply chain traceability system for China based
[42] Y. He, H. Li, X. Cheng, Y. Liu, C. Yang, and L. Sun, “A Blockchain
on RFID & blockchain technology,” in Proc. IEEE 13th Int. Conf. on
based Truthful Incentive Mechanism for Distributed P2P Applications,”
Service Systems and Service Management (ICSSSM), June 2016.
IEEE Access, pp. 1–1, 2018.
[18] Z. Li, J. Kang, R. Yu, D. Ye, Q. Deng, and Y. Zhang, “Consortium [43] W. Yin, Q. Wen, W. Li, H. Zhang, and Z. Jin, “An Anti-Quantum
Blockchain for Secure Energy Trading in Industrial Internet of Things,” Transaction Authentication Approach in Blockchain,” IEEE Access,
IEEE Trans. Ind. Informatics, pp. 1–1, 2017. vol. 6, pp. 5393–5401, 2018.
[19] T. Ahram, A. Sargolzaei, S. Sargolzaei, J. Daniels, and B. Amaba, [44] M. A. Ferrag, L. Maglaras, A. Argyriou, D. Kosmanos, and H. Janicke,
“Blockchain technology innovations,” in Proc. IEEE Technology & “Security for 4G and 5G cellular networks: A survey of existing
Engineering Management Conference (TEMSCON), June 2017. authentication and privacy-preserving schemes,” J. Netw. Comput. Appl.,
[20] J. Gao, K. O. Asamoah, E. B. Sifah, A. Smahi, Q. Xia, H. Xia, X. Zhang, vol. 101, pp. 55–82, jan 2018.
and G. Dong, “GridMonitoring: Secured sovereign blockchain based [45] K. Fan, Y. Ren, Y. Wang, H. Li, and Y. Yang, “Blockchain-based efficient
monitoring on smart grid,” IEEE Access, vol. 6, pp. 9917–9925, 2018. privacy preserving and data sharing scheme of content-centric network
[21] G. Liang, S. R. Weller, F. Luo, J. Zhao, and Z. Y. Dong, “Distributed in 5G,” IET Commun., vol. 12, no. 5, pp. 527–532, Mar. 2018.
Blockchain-Based Data Protection Framework for Modern Power Sys- [46] J. Gu, B. Sun, X. Du, J. Wang, Y. Zhuang, and Z. Wang, “Consortium
tems against Cyber Attacks,” IEEE Trans. Smart Grid, pp. 1–1, 2018. Blockchain-Based Malware Detection in Mobile Devices,” IEEE Access,
[22] N. Zhumabekuly Aitzhan and D. Svetinovic, “Security and Privacy vol. 6, pp. 12 118–12 128, 2018.
in Decentralized Energy Trading through Multi-signatures, Blockchain [47] B. Lee and J.-H. Lee, “Blockchain-based secure firmware update for em-
and Anonymous Messaging Streams,” IEEE Trans. Dependable Secur. bedded devices in an Internet of Things environment,” J. Supercomput.,
Comput., pp. 1–1, 2016. vol. 73, no. 3, pp. 1152–1167, mar 2017.
[23] N. Kshetri, “Blockchain’s roles in strengthening cybersecurity and [48] O. Novo, “Blockchain Meets IoT: An Architecture for Scalable Access
protecting privacy,” Telecommunications Policy, vol. 41, no. 10, pp. Management in IoT,” IEEE Internet Things J., vol. 5, no. 2, pp. 1184–
1027–1038, Nov. 2017. 1195, Apr. 2018.
[24] T. M. Fernández-Caramés and P. Fraga-Lamas, “A review on the use [49] N. Herbaut and N. Negru, “A Model for Collaborative Blockchain-Based
of blockchain for the internet of things,” IEEE Access, pp. 1–23, May Video Delivery Relying on Advanced Network Services Chains,” IEEE
2018. Commun. Mag., vol. 55, no. 9, pp. 70–76, 2017.
 14

[50] C. Xu, K. Wang, and M. Guo, “Intelligent Resource Management in [73] B. Qin, J. Huang, Q. Wang, X. Luo, B. Liang, and W. Shi, “Cecoin:
Blockchain-Based Cloud Datacenters,” IEEE Cloud Comput., vol. 4, A decentralized PKI mitigating MitM attacks,” Futur. Gener. Comput.
no. 6, pp. 50–59, nov 2017. Syst., oct 2017.
[51] P. K. Sharma, M.-Y. Chen, and J. H. Park, “A Software Defined Fog [74] J.-H. Lee, “BIDaaS: Blockchain Based ID As a Service,” IEEE Access,
Node Based Distributed Blockchain Cloud Architecture for IoT,” IEEE vol. 6, pp. 2274–2278, 2018.
Access, vol. 6, pp. 115–124, 2018. [75] Q. Lin, H. Yan, Z. Huang, W. Chen, J. Shen, and Y. Tang, “An ID-
[52] Q. Xia, E. B. Sifah, K. O. Asamoah, J. Gao, X. Du, and M. Guizani, based linearly homomorphic signature scheme and its application in
“MeDShare: Trust-Less Medical Data Sharing Among Cloud Service blockchain,” IEEE Access, pp. 1–1, 2018.
Providers via Blockchain,” IEEE Access, vol. 5, pp. 14 757–14 767, [76] C. Yang, X. Chen, and Y. Xiang, “Blockchain-based publicly verifiable
2017. data deletion scheme for cloud storage,” J. Netw. Comput. Appl., vol.
[53] N. Alexopoulos, E. Vasilomanolakis, N. R. Ivanko, and M. Muhlhauser, 103, pp. 185–193, feb 2018.
“Towards blockchain-based collaborative intrusion detection systems,” [77] Y. Hu, A. Manzoor, P. Ekparinya, M. Liyanage, K. Thilakarathna,
in Proc. Int. Conf. Critical Inf. Infrastruct. Secur, 2017, pp. 1–12. G. Jourjon, A. Seneviratne, and M. E. Ylianttila, “A Delay-Tolerant
[54] W. Meng, E. W. Tischhauser, Q. Wang, Y. Wang, and J. Han, “When Payment Scheme Based on the Ethereum Blockchain,” jan 2018.
Intrusion Detection Meets Blockchain Technology: A Review,” IEEE [Online]. Available: http://arxiv.org/abs/1801.10295
Access, vol. 6, pp. 10 179–10 188, 2018. [78] C. Lin, D. He, X. Huang, M. K. Khan, and K.-K. R. Choo, “A
New Transitively Closed Undirected Graph Authentication Scheme for
[55] T. Cruz, L. Rosa, J. Proença, L. Maglaras, M. Aubigny, L. Lev, J. Jiang,
Blockchain-based Identity Management Systems,” IEEE Access, pp. 1–
and P. Simões, “A cybersecurity detection framework for supervisory
1, 2018.
control and data acquisition systems,” IEEE Transactions on Industrial
[79] O. Boireau, “Securing the blockchain against hackers,” Network Secu-
Informatics, vol. 12, no. 6, pp. 2236–2246, 2016.
rity, vol. 2018, no. 1, pp. 8–11, 2018.
[56] K. Kalkan and S. Zeadally, “Securing internet of things (iot) with
[80] “This ultra-secure pc self destructs if someone messes with
software defined networking (sdn),” IEEE Commun. Mag., 2017.
it,” https://www.wired.com/2017/06/orwl-secure-desktop-computer/, ac-
[57] H. Huang, X. Chen, Q. Wu, X. Huang, and J. Shen, “Bitcoin-based fair cessed: 2018-06-01.
payments for outsourcing computations of fog devices,” Futur. Gener. [81] J. Lind, I. Eyal, F. Kelbert, O. Naor, P. Pietzuch, and E. G. Sirer,
Comput. Syst., vol. 78, pp. 850–858, jan 2018. “Teechain: Scalable blockchain payments using trusted execution en-
[58] P. Jiang, F. Guo, K. Liang, J. Lai, and Q. Wen, “Searchain: Blockchain- vironments,” arXiv preprint arXiv:1707.05454, 2017.
based private keyword search in decentralized storage,” Futur. Gener. [82] I. Bentov, Y. Ji, F. Zhang, Y. Li, X. Zhao, L. Breidenbach, P. Daian, and
Comput. Syst., sep 2017. A. Juels, “Tesseract: Real-time cryptocurrency exchange using trusted
[59] G. Maxwll, “Coinswap,” 2013. [Online]. Available: https://bitcointalk. hardware,” 2017.
org/index.php?topic=321228 [83] S. Dziembowski, S. Faust, V. Kolmogorov, and K. Pietrzak, “Proofs of
[60] G. Maxwell, “Coinjoin: Bitcoin privacy for the real world,” in Post on space,” in Proc. 35th Annual Cryptology Conference on Advances in
Bitcoin forum, 2013. Cryptology, Aug. 2015, pp. 585–605.
[61] I. Miers, C. Garman, M. Green, and A. D. Rubin, “Zerocoin: Anonymous [84] “DPOS description on bitshares,” accessed on 15 June, 2018. [Online].
Distributed E-Cash from Bitcoin,” in 2013 IEEE Symp. Secur. Priv. Available: http://docs.bitshares.org/bitshares/dpos.html
IEEE, may 2013, pp. 397–411. [85] “Telehash,” accessed on 15 June, 2018. [Online]. Available: http:
[62] J. Bonneau, A. Narayanan, A. Miller, J. Clark, J. A. Kroll, and E. W. //telehash.org
Felten, “Mixcoin: Anonymity for Bitcoin with Accountable Mixes,” in [86] B. F. França, “Homomorphic mini-blockchain scheme,” pp. 1–
Int. Conf. Financ. Cryptogr. Data Secur. Springer Berlin Heidelberg, 17, Apr. 2015, accessed on 15 June, 2018. [Online]. Available:
2014, pp. 486–504. http://cryptonite.info/files/HMBC.pdf
[63] G. Bissias, A. P. Ozisik, B. N. Levine, and M. Liberatore, “Sybil- [87] J. D. Bruce, “The mini-blockchain scheme,” 2014, accessed on
Resistant Mixing for Bitcoin,” in Proc. 13th Work. Priv. Electron. Soc. 15 June, 2018. [Online]. Available: http://www.cryptonite.info/files/
- WPES ’14. New York, New York, USA: ACM Press, 2014, pp. mbc-scheme-rev2.pdf
149–158. [88] N. Ayres and L. A. Maglaras, “Cyberterrorism targeting the general
[64] T. Ruffing, P. Moreno-Sanchez, and A. Kate, “CoinShuffle: Practical public through social media,” Security and Communication Networks,
Decentralized Coin Mixing for Bitcoin,” in Eur. Symp. Res. Comput. vol. 9, no. 15, pp. 2864–2875, 2016.
Secur. Springer, 2014, pp. 345–364. [89] Y. Chen, Q. Li, and H. Wang, “Towards trusted social networks with
[65] E. B. Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer, blockchain technology,” arXiv preprint arXiv:1801.02796, 2018.
and M. Virza, “Zerocash: Decentralized Anonymous Payments from [90] Q. Kong, R. Lu, H. Zhu, and M. Ma, “Achieving secure and privacy-
Bitcoin,” in 2014 IEEE Symp. Secur. Priv. IEEE, may 2014, pp. 459– preserving incentive in vehicular cloud advertisement dissemination,”
474. IEEE Access, vol. 6, pp. 25 040–25 050, 2018.
[91] J. Hua, H. Zhu, F. Wang, X. Liu, R. Lu, H. Li, and Y. Zhang, “Cinema:
[66] L. Valenta and B. Rowan, “Blindcoin: Blinded, Accountable Mixes for
Efficient and privacy-preserving online medical primary diagnosis with
Bitcoin,” in Int. Conf. Financ. Cryptogr. Data Secur. Springer Berlin
skyline query,” IEEE Internet of Things Journal, pp. 1–1, 2018.
Heidelberg, 2015, pp. 112–126.
[67] J. H. Ziegeldorf, F. Grossmann, M. Henze, N. Inden, and K. Wehrle,
“Coinparty: Secure multi-party mixing of bitcoins,” in Proc. 5th ACM
Conf. Data Appl. Secur. Priv. - CODASPY ’15. New York, New York,
USA: ACM Press, 2015, pp. 75–86.
[68] E. Heilman, F. Baldimtsi, and S. Goldberg, “Blindly Signed Contracts:
Anonymous On-Blockchain and Off-Blockchain Bitcoin Transactions,”
in Int. Conf. Financ. Cryptogr. Data Secur. Springer Berlin Heidelberg,
2016, pp. 43–60.
[69] E. Heilman, L. AlShenibr, F. Baldimtsi, A. Scafuro, and S. Goldberg,
“TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment
Hub,” in Proc. 2017 Netw. Distrib. Syst. Secur. Symp. Reston, VA:
Internet Society, 2017.
[70] K. Kanemura, K. Toyoda, and T. Ohtsuki, “Design of privacy-preserving
mobile Bitcoin client based on γ-deniability enabled bloom filter,” in
2017 IEEE 28th Annu. Int. Symp. Pers. Indoor, Mob. Radio Commun.
IEEE, oct 2017, pp. 1–6.
[71] H. Wang, D. He, and Y. Ji, “Designated-verifier proof of assets for bit-
coin exchange using elliptic curve cryptography,” Futur. Gener. Comput.
Syst., jul 2017.
[72] M. C. K. Khalilov and A. Levi, “A Survey on Anonymity and Privacy
in Bitcoin-like Digital Cash Systems,” IEEE Commun. Surv. Tutorials,
pp. 1–1, 2018.