Abstract—Network is composed of logical nodes and edges for communications. Atomistic component of things connected to the network is a memory chip. Accordingly, the unique linkage of a memory chip and a logical node can be a promising to resolve the root-of-trust problem on the Internet-of-Things. For this aim, we propose a protocol of challenge-response using a memory chip. For the central management, a central node controls the entry of electronic appliances with a memory chip into the network, and excludes a fake node (e.g., the spoofing entity) from the network that the central node manages. For the decentralized communications, Merkle’s tree turns out being composed of memory chips to which the logical nodes are uniquely linked, respectively. The root of Merkle turns out being the memory chip that stores the latest record of data transaction. We can register this memory chip as a new block by satisfying the requirement of the proof-of-consensus. After blocks are chained, it gets harder for even the central node to manipulate transaction record among memory chips. By this way, the decentralized system (e.g., blockchain) and the central management can coexist. A new idea of security state is also discussed briefly. Index Terms—Blockchain, Merkle’s tree, central management, decentralized system, memory chip, IC chip. I. INTRODUCTION Decentralized systems (e.g., blockchain) can maximize the value of the network applications. By uploading hardware to the network, the Internet-of-Things (IoT) can heighten the value of the network applications. However, the entry of hardware to the network should be under the central management for the authentication reason. The decentralized system and the central management should therefore coexist in the IoT network, though it has not been discussed enough. What is the upload of hardware to the network? --- The network comprises logical nodes and communication edges (lines) connecting logical nodes. In general terms, the upload of hardware to the network is to uniquely link a physical entity to a logical node. The uploaded physical entity is a physical node. It is an electronic appliance whose atomistic component is an integrated circuit (IC) chip, in particular, a memory chip in the Neumann-type computers. The falsification of the linkage of a physical node and a logical node is the spoofing. The proof of no spoofing is the root-of-trust. The upload of hardware (i.e., the linkage of a physical node and a logical node) without the root-of-trust causes a kind of oracle problem. Because one may be forced to trust it with no proof and any existing Blockchain cannot resolve it. A practical reinforcement of Blockchain is therefore necessary to use Blockchain on the IoT network. A logical node is allocated with an address on the network. This address is public on the network, such that an arbitral entry in the network can know it to reach the logical node. Following the concept of Diffie-Hellman [1], we can think that a public key can play a role of (public) address on the network. Allice has distributed her public key on the network. Anyone who entries to the network can receive her public key. Both Bob and Mike can encrypt their messages by using Allice’s public key. They can distribute (or expose) their messages to her on the network. Any entry can receive those messages but only Allice can read the messages by decrypting them using her secret key that is not distributed on the network. While only Allice can read the messages, her public key can play a role of Allice’s address on the network, which is public on the network. Like this, the atomistic component of a physical node linked to a logical address is a memory chip and a public key can play a role of address of the logical node (named, logical address). The root-of-trust is therefore the proof of the unique linkage of a memory chip and a public key. Data can be transferred from a logical node to another, which data transfer can be denoted by an arrow. Suppose that a logical node can receive data transferred from plural logical nodes. Plural data transfers result in a tree diagram, whose root is the destination having all transfer records as well as the latest one. This is called Merkle’s tree and its root is called the root of Merkle [2]. If we can prove the unique linkage of a memory chip and a logical node (represented by its public key) in some way, then it turns out being Merkle’s tree of memory chips. The Merkle root is thus a memory chip which stores the latest transaction record of data transfer. In the network, miners look for a root of Merkle (represented by its public key) and then register it as a new block by satisfying the requirement for the proof-of-consensus. Accordingly, the registered new block is a memory chip having the latest transaction record and uniquely linked to the public key of the registered root of Merkle. By repeating this procedure, plural blocks are serially registered to construct the blockchain of memory chips with the root-of-trust (i.e., the unique linkage of memory chips and public keys). A central node can control the upload of an electronic appliance (hardware) with a memory chip to the network. A logical node uniquely linked to this memory chip is under the central management by the central node. If the central node permits the upload of this electronic appliance, then the logical node uniquely linked to the memory chip mounted in this electronic appliance is permitted to entry to the network. If the central node denies the upload of this electronic appliance, then the logical node uniquely linked to the memory chip mounted in this electronic appliance is denied to entry to the network. But, after the blocks of memory chips are chained, the central node can hardly manipulate transaction record in the blockchain of memory chips that the central node has permitted to entry. Because it must be necessary to redo the proof-of-consensus for the chained blocks [3]. As the blockchain length increases, it On coexistence of decentralized system (blockchain) and central management in Internet-of-Things Hiroshi Watanabe, National Yang Ming Chiao Tung University,
[email protected] becomes harder. That is, the central node can control the entry of an electronic appliance (represented by its memory chip) to the network but can hardly manipulate the transaction record among memory chips that the central node has permitted to entry. By this way, the decentralized system and the central management can coexist with the root-of-trust (i.e., the unique linkage of memory chips and public keys). In this work, we illustrate a conceptual solution for this in as a clear manner as possible. In II, we describe the method to realize the unique linkage of memory chips and public keys. In III, we illustrate the blockchain of memory chips. IV and V are devoted to discussion and summary, respectively. II. UNIQUE LINKAGE OF MEMORY CHIPS AND PUBLIC KEYS This can be realized by the challenge-response protocol (CRP) using a memory chip and a physical random number (PRN) which is specific to the memory chip [4]. Fig. 1 illustrates the challenge-response (a) without and (b) with the spoofing. The connected device A inspects the connected device B by asking “Hey B, who are you?" (Challenge C). In (a), without the spoofing, the connected device B replies to the connected device A, “I am logical address B” (Response R). However, without the root-of-trust, we are unsure if the connected device B and the logical address B are really linked. In (b), a hacker spoofs the logical address B, to "Hey B, who are you?” (Challenge C), the response is “I am logical address B” (Response R). That is, the CRP without the root-of-trust makes nonsense in the IoT network. A. Root-of-Trust using a memory chip First, suppose that a public key can play a role of a logical address B. Next, suppose that a secret key is irreversibly generated from a code specific to a memory chip which is an atomistic component of a physical node (e.g., connected device B). Using some algorithm for the public key infrastructure (PKI), we can uniquely link the secret and public keys. Using this specific code and the PKI, we can uniquely link the memory chip and the logical address B. In general, we can obtain the response ( ) from the physical random number of chip ( ), , and the challenge (C) using a function, , as follows. = , (1) In Fig. 2, the connected device A sends the challenge (C) “Hey B, who are you?” to the memory chip () having of the connected device B. The response (R) generated using (1) is “I am chip B.” If the connected device B was spoofed by hacker’s laptop, the response would be “I am a chip in hacker’s laptop”. The CRP using a memory chip makes sense for the cyber-attacks. Because no cyber-attack can tear off memory chip from the motherboard of the connected device B. B. PRN and PKI We can generate one or two prime number(s) from this in some way. Thus, we can generate a “uniquely linked” pair of secret and public keys using an algorithm of PKI --- RSA [5], ElGamal [6], etc. Therefore, the secret key (SK) and public key (PK) of chip () are respectively written as follows. = (2) = ̅ (3) The , ̅ are the key generation functions. It is preferable that prime numbers are great enough. The (3) connects chip () and public key through (1). Below we evaluate randomness to validate if is specific to chip () in practice. C. A concrete example of retrieving PRN from memory chips Fig. 3 illustrates the redundancy mechanism of a memory chip [7]. There are several blocks on chip. Each block is composed of many integrated memory cells (corresponding to bits), which are arrayed in the X (Row)-Y (Column) plane. It is further divided into two cell arrays (redundancy and regular arrays). The Y-decoders A and B control the row access in the redundancy and regular arrays, respectively. An access code is input to a peripheral circuit to choose either Y-decoder A or B or both. Since memory chip is a mass-product, it is impossible Fig. 2. CRP with physical randomness specific to a memory chip. Logical address B Logical address A Logical address C Connected device B Connected Connected device C device A Hey, B Who are you? Secret Key 1-to-1 Public Key Memory Chip PRN (n) Challenge (C) I am Chip B. (a) (b) Fig. 1. Challenge-Response Protocol. (a) without spoofing. (b) with spoofing. Logical address B Logical address A Logical address C Cybernetwork (logical address to logical address) Connected device B Connected Connected device C device A IoT network (device to device) Hey B, Who are you? I am logical address B. Logical address B Logical address A Logical address C Cybernetwork (logical address to logical address) Connected device B Connected Connected device C device A IoT network (device to device) Hey B, Who are you? spoofing Laptop I am logical address B.
English