See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/309835552

Blockchain for the Internet of Things: a Systematic Literature Review

Conference Paper · November 2016

DOI: 10.1109/AICCSA.2016.7945805

CITATIONS READS
831 6,779

3 authors:

Marco Conoscenti Antonio Vetro'

Politecnico di Torino Politecnico di Torino
9 PUBLICATIONS 1,060 CITATIONS 84 PUBLICATIONS 2,962 CITATIONS

SEE PROFILE SEE PROFILE

Juan Carlos De Martin

Politecnico di Torino
155 PUBLICATIONS 2,510 CITATIONS

SEE PROFILE

All content following this page was uploaded by Antonio Vetro' on 17 January 2020.

The user has requested enhancement of the downloaded file.

Blockchain for the Internet of Things: a Systematic
Literature Review
Marco Conoscenti Antonio Vetrò Juan Carlos De Martin
Nexa Center for Internet & Society Nexa Center for Internet & Society Nexa Center for Internet & Society
DAUIN-Politecnico di Torino DAUIN-Politecnico di Torino DAUIN-Politecnico di Torino
ITALY ITALY ITALY
Email: marco.conoscenti@polito.it Email: antonio.vetro@polito.it Email: demartin@polito.it

Abstract—In the Internet of Things (IoT) scenario, the block- design of the systems. We believe that this can be achieved
chain and, in general, Peer-to-Peer approaches could play an by adopting Peer-to-Peer (P2P) systems. In particular, the
important role in the development of decentralized and data- blockchain could be very helpful in building such privacy-
intensive applications running on billion of devices, preserving the
privacy of the users. Our research goal is to understand whether preserving IoT. The blockchain is a P2P ledger, firstly used
the blockchain and Peer-to-Peer approaches can be employed to in the Bitcoin cryptocurrency [4] for economic transactions.
foster a decentralized and private-by-design IoT. As a first step It is tamper-proof and contains only authentic information; in
in our research process, we conducted a Systematic Literature addition, since it is P2P, it is not controlled by any single
Review on the blockchain to gather knowledge on the current centralized entity. For these reasons, cryptocurrencies are just
uses of this technology and to document its current degree of
integrity, anonymity and adaptability. We found 18 use cases of one of the possible applications of this technology.
blockchain in the literature. Four of these use cases are explicitly A private-by-design IoT could be fostered by the combina-
designed for IoT. We also found some use cases that are designed tion of the blockchain and a P2P storage system. Sensitive data
for a private-by-design data management. We also found several produced and exchanged among IoT devices are stored in such
issues in the integrity, anonymity and adaptability. Regarding storage system, whose P2P nature could ensure privacy, robust-
anonymity, we found that in the blockchain only pseudonymity is
guaranteed. Regarding adaptability and integrity, we discovered ness and absence of single points of failure. Combined with
that the integrity of the blockchain largely depends on the high this storage system, the blockchain has the fundamental role
difficulty of the Proof-of-Work and on the large number of honest to register and authenticate all operations performed on IoT
miners, but at the same time a difficult Proof-of-Work limits the devices data. Each operation on data (creation, modification,
adaptability. We documented and categorized the current uses of deletion) is registered in the blockchain: this could ensure that
the blockchain, and provided a few recommendations for future
work to address the above-mentioned issues. any abuse on data can be detected. Moreover, access policies
can be specified and enforced by the blockchain, preventing
I. I NTRODUCTION unauthorized operations on data. In this framework, people are
As defined by ITU [1], the Internet of Things (IoT) refers not required to entrust IoT data produced by their devices to
to the network of numerous physical objects (20 billion by centralized companies: data could be safely stored in different
2020, according to Gartner [2]) which are provided with peers, and the blockchain could guarantee their authenticity
Internet connection. Such devices acquire information about and prevent unauthorized access.
the surrounding environment, and they communicate with each In the paper we performed a Systematic Literature Review
other and with software systems through the Internet. As a (SLR) to verify whether documented use cases in the state
consequence of such rich interaction, they also produce a large of the art confirm this possibility, and, on the other side, to
amount of data, in turn usable to enable dependent services. investigate which are the main factors that affect the levels of
Despite the benefits provided by these services, critical integrity, anonymity and adaptability of the blockchain.
privacy issues may arise. That is because the connected The remainder of the paper is structured as follows. In
devices (the things) spread sensitive personal data and reveal Section II first we briefly delineate the main features of the
behaviors and preferences of their owners. People’s privacy blockchain, and then we describe goal and research questions
is particularly at risk when such sensitive data are managed of the SLR and the research process. In Section III we
by centralized companies, which can make an illegitimate use report the results obtained from the literature survey and in
of them: as a matter of fact, Edward Snowden’s revelations Section IV we discuss them. Finally, in Section V we provide
showed that people’s data stored by Internet and telecom- conclusions and future work.
munication companies have been exploited within a mass
II. S TUDY DESIGN
surveillance program, i.e, the PRISM program [3].
With the purpose of preventing this situation, the goal A. Context
of our research is to encourage a decentralized and private- The blockchain is a P2P ledger for transactions. To issue
by-design IoT, where privacy is guaranteed by the technical transactions, public key cryptography is employed. A user is
 TABLE I: Use Cases of the Blockchain beyond Cryptocurrencies (RQ1 and RQ2)
Category Paper Usage of the blockchain IoT

[5] Management of access policies and references to users’ data

[6] Management of data storage contracts
[7] Management of document storage contracts
Data storage management [8] Tamper-proof log of events and management of access control to data X
[9] Management of metadata of data kept in a storage system
[10] Automatic compensation of clients of a storage server in case stored data are lost
[11] Immutable log where storing metadata of messages of decentralized applications
[12] Purchase by devices or human beings of assets such as sensors data or goods X
Trade of goods and data
[13] Purchase of sensors data in IoT X
[14] Management of identity verification and certificate revocation of PGP certificates
Identity management
[15], [16] Public Key Infrastructure (PKI). Management of update, registration and revocation of keys X
[17] Tracking of users and contents points in a social voting system
Rating system
[18] Rating system where customers can give feedbacks about a purchase
[19] Management of software license validation
[20] Timestamping service, in order to prove a content has been produced before a specific date
Other [21] Implementation of a lottery
[22] Banking applications such as automated and distributed bank ledgers
[23] Implementation of a social cryptocurrency, to quantify social influence

provided with a public and a secret key: the secret key is private-by-design IoT, where IoT devices data are not entrusted
used for signing transactions, while the public one is used as to centralized companies, instead are property of the devices
address in the system. So, no real-world identity is needed for owner, who can decide which data share and with whom. As
transactions: this is a form of pseudonymity. A transaction can a first step of this research, we conducted a SLR to collect
have multiple inputs and outputs. For instance, in economic use cases of the blockchain and to collect evidence from
transactions - i.e. transactions representing transfers of coins the literature about the level of adaptability, integrity and
- the inputs are the addresses where coins come from and the anonymity of the blockchain.
outputs are the addresses of the recipients of the coins. Each To achieve the goal of our SLR, we formulated the following
input must be signed with the secret key corresponding to the research questions (RQ):
address it represents. RQ1) What are the use cases of the blockchain beyond
Transactions are relayed in the P2P network and some peers, cryptocurrencies?
called miners, collect them together into a data structure, called RQ2) Are there any use cases applicable to the IoT?
block. Once a new block is assembled, it is relayed in the P2P RQ3) What are the implementation differences with
network and, if valid, is chained to the current last block of respect to the Bitcoin blockchain?
the blockchain. Each block contains a reference to the previous RQ3.1) Which data are stored in the blockchain?
block (that’s why it is called blockchain). After some time a RQ3.2) Which mining techniques are used?
block is stored the blockchain, the transactions of the block
What is the degree of integrity (RQ4), anonymity (RQ5)
are considered confirmed.
and adaptability (RQ6) of the blockchain?
A block is valid if it contains valid transactions and if miners
have performed a computationally-hard puzzle, which consists RQ1 and RQ2 aim at discovering in the literature the uses of
in finding an hash of the block lower than a predefined target. the blockchain beyond Bitcoin and cryptocurrencies and which
The miner which adds the next block to the blockchain is the of them are applicable to the IoT (according to the authors of
first which has assembled a valid block and has found a valid the papers).
solution to the puzzle. This specific mining technique is called By means of RQ3 we want to know the implementation
Proof-of-Work (PoW). The PoW allows to achieve distributed choices described in found papers which differs from the ones
consensus, which means that all nodes agree on the same of the Bitcoin blockchain: in fact, some of them could prove
version of the blockchain and this blockchain contains valid to be useful when applying the blockchain in the IoT.
transactions. Forks could happen in this chain of blocks, that is, Regarding RQ4, we take as reference the definition of in-
there could be two contrasting branches of the chain. However, tegrity from the ISO 25010 [24], and we intend to characterize
thanks to PoW, eventually one of the branches should be the attacks to which the blockchain is vulnerable and which
discarded and all nodes should agree on the same blockchain. could mine its integrity.
In case of forks, the rule is that miners extend the longest RQ5 concerns the need to further protect users’ privacy,
branch or the one that has the most difficult PoW. Moreover, by avoiding that IoT devices can be linked to their owner.
thanks to PoW, the blockchain is hard to be tampered. Anonymity in blockchain systems is intended as pseudonymity
plus unlinkability, where the latter is the impossibility to link
B. Goal and Research Questions an address of the blockchain system with a real identity or
The goal of our research is to understand whether the an IP address, and also the impossibility to understand that
blockchain and, in general, P2P approaches can foster a different addresses of the system belong to the same user. We
answer to this question by describing the techniques found in TABLE II: Data Inserted into the Blockchain (RQ3.1)
the literature which undermines anonymity. Paper Data in the blockchain
Finally, RQ6 aims at verifying whether the blockchain is [5] Access policy and reference to data
adaptable to the number of transactions. This is fundamental [12] Key to access sensors data and multisigned transactions to exchange
if we want to employ the blockchain in the IoT, where the bitcoins with commodities
number of transactions produced by IoT devices could be very [14] Revocation or verification address of PGP certificates
large. Also for this question we employ the generic definition [15] Triples (ID, PK, action), where action refers to registration, update or
verification of the public key PK
of adaptability from [24], and we narrow it by intending the
[11] Messages metadata of the decentralized application
adaptability of the blockchain as its ability to scale with the
[19] Specifications useful for license validation
number of transactions.
[13] Data purchased from sensors
C. Search process [17] Reference to published content
[18] Rating information
To conduct the study, we followed the guidelines on SLR
[20] Hash of contents to be timestamped
provided by Kitchenham [25]. We used the string blockchain
[6] Spend conditions, file contract, storage proofs and arbitrary data
to search in the following digital libraries: IEEE Xplore; ACM
[7] Payment contracts
Digital Library; SpringerLink; ScienceDirect; Google Scholar.
[21] A lottery contract
We gathered 1511 papers. In order to decide which of them
[16] Information for registration, revocation and update of public keys
deeply analyze, we performed two exclusion stages - one based
[8] Access policy, reference to data and other information to recover data
on titles and the other on abstracts - and we excluded papers
[9] Reference to data and other metadata
regarding non-engineering aspects (e.g., papers addressing
[10] Transactions to safely deposit bitcoins
ethical issues of the blockchain or purely economic aspects of
cryptocurrencies). Finally, we left 35 papers, from which we
extracted the information necessary to answer our questions. TABLE III: Mining Techniques (RQ3.2)
Paper Mining technique
III. R ESULTS
[5] New measure of trust to give more weight to trusted nodes in mining
In this section we report the results extracted from the [26] The miner producing the minimum block hash is selected for mining
analyzed papers, organized by research question. Discussion [23] Proof of Stake Velocity
on the results will follow in Section IV. [27] Proof of Space
RQ1 and RQ2: Use cases and IoT. The results answering
RQ1 and RQ2 are shown in Table I. Specifically, for each
paper we report: the category1 in which we classified the paper, there are the public branch of the honest miners and the private
the reference to the paper in the bibliography, the usage of the branch of the malicious pool. It keeps mining on its private
blockchain, and whether the authors of that paper believe that branch until the public one approaches the private one in
it can be applied in the IoT. length. At this point, it publishes its own private branch, which
RQ3: Implementation differences with Bitcoin. We report could become the longest one and could be accepted also by
the answer to RQ3 in two tables: Table II refers to RQ3.1, honest miners. So, after some time, the public branch and
while Table III to RQ3.2. the data contained in it would be discarded. Denoting with γ
RQ4: Integrity. We report the attacks found in the papers the ratio of honest miners which mine on the malicious pool
analyzed to which the blockchain is vulnerable. branch when made public, the authors show that according to
In [28], it is shown that most of the peers known by a peer the values of γ the malicious pool could get more advantages
of the Bitcoin network reside in its same autonomous system. with the selfish mining strategy than with honest mining.
This means that the P2P network is not well connected and Another attack, called history-revision attack, is pointed out
there could be difficulties in the relay of new blocks added in [31]. The authors state that, in the case an attacker owns a
to the blockchain. This makes the achievement of distributed computational power multiple of the computational power of
consensus hard. honest nodes (e.g., two times higher), it is able to produce a
The authors of [29] shows that an attacker which controls branch of the blockchain which could overtake the current one
a large number of nodes, even if with not high computational in terms of difficulty of the PoW, and so could be accepted
capabilities, could achieve an high fraction of the total com- by other miners, thus changing the history of the blockchain.
putational power in small blockchain systems where there are In [32], the authors show that an attacker could delay
few miners. This could threaten the integrity of the system, delivery of blocks or transactions to other nodes in the Bitcoin
because the attacker would be able to cause intentional forks. P2P network. This could bring to: more advantages in selfish
In [30], it is introduced the selfish mining attack. In this mining, if the attacker is able to avoid delivering of blocks
attack, a malicious mining pool decides not to publish the from honest miners to a portion of the network; denial of
blocks it finds, thus creating a fork in the blockchain, where service, because, if the attacker controls several nodes, it can
1 The following categories have been defined: data storage management, prevent dissemination of information.
trades of goods and data, identity management, rating system, other In [33], an expansion of selfish mining called stubborn
mining is described. Results show that in some situations it interact with other devices through the blockchain. Finally,
could be more advantageous than selfish mining. the mechanism described in the fourth [8] can be employed
to store and manage data collected by IoT devices, in a
TABLE IV: De-Anonymization Techniques (RQ5) decentralized and private-by-design fashion. This last use case
De-anonymization technique Papers and all the others classified as “Data storage management”
Multiple inputs [34], [35], [36] (even if not explicitly thought for the IoT) are in line with
Change address [34], [35], [36] the goal of our research: encouraging a private-by-design IoT
Associations with IP [28], [37]
Usage of centralized services [36], [38] where devices data are not entrusted to centralized companies.
Just to mention some use cases of this category, [9] and [6] are
RQ5: Anonymity. In Table IV we classified the papers both decentralized storage platforms, where the blockchain is
according to the de-anonymization techniques they mention. employed for implementing storage audits, useful for detecting
We identified four categories of de-anonymization techniques: any non-authorized deletion or modification of data. These
multiple inputs, change address, associations with IP and usage audits are performed by storing the hash of the data in the
of centralized services. blockchain. Then the data owner periodically sends a challenge
When an user issues a transaction with multiple addresses to the host of the data and checks the correctness of the
as inputs, she reveals to own all those addresses. For this response using the hash in the blockchain. Any non-authorized
reason, in [34]–[36] the authors can safely state that all the deletion or modification of the data entails a wrong response,
input addresses of the same transaction belong to the user that so any abuse can be detected. In [5] the blockchain enforces
issued that multiple-inputs transaction. access policies that define which data of a user share and with
In systems like Bitcoin, in some transactions users send whom. It leverages public key cryptography: each entity is
coins to a particular address that belongs to themselves, called represented by a public key and the policy specifies restricted
change address. In [34]–[36], the authors are able to link this accesses for the public keys of the interested entities. Only the
change address to other addresses of the same user. data owner has full access to her data. Policies are stored in
In [28] and [37], starting from some hypotheses and analyz- the blockchain and the nodes of the blockchain verify whether
ing network traffic, the authors are able to associate Bitcoin they are respected. From observing such applications of the
addresses with IP addresses. blockchain in the literature, we can conclude that:
In [36] [38], usage of centralized services that keep track It has been documented that the blockchain can be used for
of associations between more addresses of the same user or detecting abuses on data and defining access policies, without
real identity of the user and her address is considered a risk the need of entrusting people’s data to centralized companies.
for the anonymity of the user. Implementation differences. Regarding RQ3.1, we ob-
RQ6: Adaptability. We found only three papers reporting served that in some papers data are inserted in the Bitcoin
information on adaptability, with a coarse detail level. In [13], blockchain, employing the 80 bytes of Bitcoin transactions
where the blockchain is used to purchase sensors data via reserved for arbitrary data; in other papers, a customized
bitcoins, the authors state there are scalability issues due blockchain is used to store the data. Regarding RQ3.2, the min-
to the exploding number of transactions and sensors data ing techniques reported are all less computationally-expensive
permanently stored on every Bitcoin node. In [8], according alternatives to PoW: in [5] the PoW is facilitated to trusted
to the authors the blockchain cannot scale to deal with many nodes; in [26] the selection of the miner which adds the
complex transactions. For this reason, they propose that com- new block depends on luck and not on the computations
putations and data storage should not be done by each node performed by the miner; in [23] no computations are required,
of the network, instead by a small subset of them working the miner is chosen according to the age of coin she owns;
on different parts of data. The authors of [31] point out that in [27] the miner is chosen according to her amount of space,
scalability is a problem because every node of the blockchain and not her computational capabilities. In the IoT scenario,
should verify each block and transaction issued. it could be useful to take into consideration one of the
less computationally-expensive alternatives to PoW showed
IV. D ISCUSSION in Table III. In fact, PoW requires very high computational
Use cases and IoT. As one may notice in Table I, cryp- power, and so IoT devices with limited capabilities would
tocurrencies like Bitcoin are just one of the possible use cases not be able to add blocks in the blockchain. However, before
of the blockchain. In some cases, the blockchain is employed designing a blockchain with an alternative mining technique
for decentralizing services that so far have been provided which allows all IoT devices to fairly participate in the system,
by centralized trusted entities (e.g., PKI or timestamping). we should further analyze what are the security properties
Moreover, we observed that only 4 of the 18 found use provided by the PoW, which up to now is one of the key factors
cases are considered applicable to the context of the Internet allowing to achieve distributed consensus. We refer to the
of Things. Two of them, [12], [13], use the blockchain for following discussion on integrity for more on that. Therefore,
trading data collected by sensors of IoT devices and other from our analysis we conclude that:
goods. In the third [15] the IoT is mentioned as a possible Arbitrary data can be inserted in the blockchain, so in
field in which each device is identified by a public key to theory any applications (not only cryptocurrencies) can be
developed on top of it. Some less expensive alternatives to Solutions that reduce the possibility of linking IoT devices to
PoW are documented in the literature. their owner should still be analyzed in future work.
Integrity. Several countermeasures have been proposed for Adaptability. As documented in Section III, the scalability
some of the attacks described in Section III. For example, for issue of the blockchain is reported in three papers. Actually,
selfish mining attacks, [30] and [39] propose modifications there are two main scalability issues. The first is that, when
in the way miners decide which block to extend, in order to the number of transactions grows, the blockchain increases in
decrease γ, i.e. the portion of honest miners which extend the size, and it becomes expensive to store it, especially for IoT
blockchain proposed by selfish miners. devices with limited resources. This issue can be addressed
However, what we evince from the results is that the greatest by the layered architecture described also for the integrity.
risk for the blockchain integrity is represented by the presence In this architecture, where the blockchain is separated from
of misbehaving miners which own an high proportion of the the application layer, IoT devices with limited resources store
computational power of the system. They could cause forks only the portion of the blockchain they need for their own
to the blockchain, bringing to a situation where distributed transactions (the so-called thin clients, already present also in
consensus is difficult to achieve and some past data could be Bitcoin).
lost. In addition, they could pollute the blockchain with invalid The second issue is the low throughput of transactions -
data or transactions. Such risk is avoided in already large and a typical issue of the Bitcoin blockchain, which we did not
stable blockchains like the Bitcoin one, because obtaining an find in the papers but is largely discussed within the Bitcoin
high proportion of the computational power is hard thanks to community. The low throughput is due to the difficulty of
the difficulty of the PoW and to the great number of miners, the PoW and to the maximum size of a block, which is set
which in addition are incentivized to act honestly. For this to 1 MB. This issue represents a tradeoff between scalability
reason, starting a completely new blockchain, which does not and security. In fact, regarding the PoW, if its difficulty is
have a critical mass in the initial phase, is risky. Even if reduced, the throughput will be higher, but at the same time it
understanding in depth the security of the Bitcoin blockchain will be easier for an attacker to cause forks in the blockchain.
is not trivial, because it depends also on socioeconomics factor, Regarding the block size, if its maximum is increased, the
in this moment Bitcoin is the most stable and secure block- throughput will increase too, but it will be more difficult to
chain system. So, instead of designing a new blockchain from validate transactions: this implies that only few nodes will be
scratch, our suggestion is to develop distributed applications able to do it, and so the power of Bitcoin will be concentrated
for the IoT on top of the Bitcoin or another secure and in few hands. Again, a solution could be a layered architecture,
stable blockchain. This can be done by leveraging a layered where not all operations performed at the application layer
architecture, like the one proposed in Blockstack [40]. In this require a transaction in the underlying blockchain. However,
solution, the additional functionalities of the application are this may not be enough for the IoT, where the blockchain
defined in another layer on top of the blockchain. Moreover, should support billion of devices. For this reason, we retain
the blockchain is hidden at the application level, so low- that, even if in this moment the Bitcoin blockchain is the most
performance IoT devices are not required to compute the PoW. secure, it could be prohibitive to leverage it in the IoT because
To conclude: of its scalability issues. Instead, it could be more convenient to
We believe that the most secure approach is to develop IoT employ another stable and secure blockchain which provides
applications on top of an already existing stable blockchain, higher level of scalability with respect to Bitcoin. To conclude:
where PoW and the great number of honest miners ensure The scalability issues of the Bitcoin blockchain make it
integrity, and avoid that misbehaving miners can obtain a poorly suitable for the IoT, so we suggest to develop IoT
large portion of computational power. applications on top of another secure but scalable blockchain.
Anonymity. From the results documented in papers of In future work, we will test different blockchains to find a
Table IV, it is possible to de-anonymize a user by analyzing suitable one, in which the trade-off between scalability and
network traffic or the blockchain itself, since it is public. So, security is acceptable. Moreover, we suggest to adopt a layered
pseudonymity is not enough to guarantee total anonymity. architecture which supports thin clients to allow IoT devices
Countermeasures are proposed in [15], [31], [38], [41], [42]. In with limited resources to store only a portion of the blockchain.
[38], [41], [42], mixing protocols are analyzed. The main idea
behind mixing protocols is that a user sends some coins from V. C ONCLUSIONS AND F UTURE W ORK
an address and receives them back to another address in a way We conducted a Systematic Literature Review to investigate
that it is difficult to discover the correspondence between input which are the uses cases of the blockchain in the literature
and output addresses of the same user. Also the fair exchange and which factors affect integrity, anonymity and adaptability
protocol described in [31] is based on the same principle of of this technology. The ultimate goal of our research is to
mixing protocols and allows two parties to securely exchange leverage the blockchain and P2P approaches for a private-by-
money. In the work regarding the blockchain used as PKI [15], design IoT where data produced by devices are not entrusted
the authors describe a method for the user to update her public to centralized companies.
key without linking it to her ID in the system. To conclude: We reported several uses of the blockchain. Even if few
Pseudonimity is not enough to achieve total anonymity. of them are explicitly thought for the IoT, we found several
use cases for a private and decentralized data management, [19] J. Herbert and A. Litchfield, “A Novel Method for Decentralised Peer-
which are in line with the goal of our research. Regarding the to-Peer Software License Validation Using Cryptocurrency Blockchain
Technology,” in ACSC, ser. CRPIT, vol. 159. Australian Computer
integrity and the adaptability, we found that large blockchain Society, 2015, pp. 27–35.
systems like Bitcoin are the most secure, but at the same time [20] B. Gipp, N. Meuschke, and A. Gernandt, “Decentralized Trusted
Bitcoin scalability issues make it little suitable for the IoT. Timestamping using the Crypto Currency Bitcoin,” CoRR, vol.
abs/1502.04015, 2015.
Regarding the anonymity, we found that in the blockchain [21] P. Bylica, L. Glen, P. Janiuk, A. Skrzypcaz, and A. Zawlocki,
only pseudonymity is guaranteed. “A Probabilistic Nanopayment Scheme for Golem,” 2015. [Online].
To address the integrity and the adaptability issues, our Available: http://golemproject.net/doc/GolemNanopayments.pdf
[22] G. W. Peters and E. Panayi, “Understanding Modern Banking Ledgers
future work will consist in testing existing secure and scalable through Blockchain Technologies: Future of Transaction Processing and
blockchains and in designing a layered architecture for IoT Smart Contracts on the Internet of Money,” CoRR, vol. abs/1511.05740,
applications on top of the most suitable of them. Moreover, 2015.
[23] L. Ren, “Proof of Stake Velocity: Building the Social Currency of
we will investigate mixing protocols and other solutions to the Digital Age,” 2014. [Online]. Available: https://www.reddcoin.com/
achieve anonymity and further protect people’s privacy. papers/PoSV.pdf
[24] ISO/IEC, “ISO/IEC 25010 System and software quality models,” Tech.
ACKNOWLEDGMENT Rep., 2010.
[25] B. Kitchenham and S. Charters, “Guidelines for performing Systematic
This work has been done with the Joint Open Lab SWARM Literature Reviews in Software Engineering,” 2007.
and it is supported by a fellowship from TIM. We also thank [26] G. Paul, P. Sarkar, and S. Mukherjee, “Towards a More Democratic
Mining in Bitcoins,” in ICISS, ser. Lecture Notes in Computer Science,
Dr. Simone Basso for his valuable feedback. vol. 8880. Springer, 2014, pp. 185–203.
[27] S. Park, K. Pietrzak, A. Kwon, J. Alwen, G. Fuchsbauer, and P. Gazi,
R EFERENCES “Spacemint: A Cryptocurrency Based on Proofs of Space,” IACR Cryp-
[1] International Telecommunication Union, “Measuring the Information tology ePrint Archive, vol. 2015, p. 528, 2015.
Society Report,” International Telecommunication Union (ITU), Report, [28] S. Feld, M. Schönfeld, and M. Werner, “Analyzing the Deployment of
2015. Bitcoin’s P2P Network under an AS-level Perspective,” in ANT/SEIT,
[2] “Gartner Says 6.4 Billion Connected ”Things” Will ser. Procedia Computer Science, vol. 32. Elsevier, 2014, pp. 1121–
Be in Use in 2016, Up 30 Percent From 2015,” 1126.
http://www.gartner.com/newsroom/id/3165317. [29] J. A. Dev, “Bitcoin mining acceleration and performance quantification,”
[3] “NSA Prism program taps in to user data of Apple, Google and others,” in CCECE. IEEE, 2014, pp. 1–6.
http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data. [30] I. Eyal and E. G. Sirer, “Majority is not Enough: Bitcoin Mining is
[4] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2009. Vulnerable,” CoRR, vol. abs/1311.0243, 2013.
[Online]. Available: https://bitcoin.org/bitcoin.pdf [31] S. Barber, X. Boyen, E. Shi, and E. Uzun, “Bitter to Better - How
[5] G. Zyskind, O. Nathan, and A. Pentland, “Decentralizing Privacy: Using to Make Bitcoin a Better Currency,” in Financial Cryptography, ser.
Blockchain to Protect Personal Data,” in IEEE Symposium on Security Lecture Notes in Computer Science, vol. 7397. Springer, 2012, pp.
and Privacy Workshops. IEEE Computer Society, 2015, pp. 180–184. 399–414.
[6] D. Vorick and L. Champine, “Sia: Simple Decentralized Storage,” [32] A. Gervais, H. Ritzdorf, G. O. Karame, and S. Capkun, “Tampering with
2014. [Online]. Available: https://sia.tech/assets/globals/sia.pdf the Delivery of Blocks and Transactions in Bitcoin,” in ACM Conference
[7] C. Bocovich, J. A. Doucette, and I. Goldberg, “Lavinia: An audit- on Computer and Communications Security. ACM, 2015, pp. 692–705.
payment protocol for censorship-resistant storage.” [Online]. Available: [33] K. Nayak, S. Kumar, A. Miller, and E. Shi, “Stubborn Mining: Gener-
http://cacr.uwaterloo.ca/techreports/2015/cacr2015-06.pdf alizing Selfish Mining and Combining with an Eclipse Attack,” IACR
[8] G. Zyskind, O. Nathan, and A. Pentland, “Enigma: Decentralized Cryptology ePrint Archive, vol. 2015, p. 796, 2015.
Computation Platform with Guaranteed Privacy,” Jun. 2015. [Online]. [34] M. Spagnuolo, F. Maggi, and S. Zanero, “BitIodine: Extracting Intel-
Available: http://enigma.media.mit.edu/enigma full.pdf ligence from the Bitcoin Network,” in Financial Cryptography, ser.
[9] S. Wilkinson, “Storj A Peer-to-Peer Cloud Storage Network.” [Online]. Lecture Notes in Computer Science, vol. 8437. Springer, 2014, pp.
Available: https://storj.io/storj.pdf 457–468.
[10] G. Ateniese, M. T. Goodrich, V. Lekakis, C. Papamanthou, [35] J. Herrera-Joancomartı́, “Research and Challenges on Bitcoin Anony-
E. Paraskevas, and R. Tamassia, “Accountable Storage,” IACR Cryp- mity,” in DPM/SETOP/QASA, ser. Lecture Notes in Computer Science,
tology ePrint Archive, vol. 2014, p. 886, 2014. vol. 8872. Springer, 2014, pp. 3–16.
[11] M. Bartoletti, D. Gessa, and A. S. Podda, “Idea: a general framework [36] M. Moser, R. Bohme, and D. Breuker, “An Inquiry into Money
for decentralized applications based on the Bitcoin blockchain.” Laundering Tools in the Bitcoin Ecosystem.” [Online]. Available:
[12] Y. Zhang and J. Wen, “An IoT electric business model based on the https://maltemoeser.de/paper/money-laundering.pdf
protocol of bitcoin,” in ICIN. IEEE, 2015, pp. 184–191. [37] P. Koshy, D. Koshy, and P. McDaniel, “An Analysis of Anonymity in
[13] D. Wörner and T. von Bomhard, “When your sensor earns money: Bitcoin Using P2P Network Traffic,” in Financial Cryptography, ser.
exchanging data for cash with Bitcoin,” in UbiComp Adjunct. ACM, Lecture Notes in Computer Science, vol. 8437. Springer, 2014, pp.
2014, pp. 295–298. 469–485.
[14] D. Wilson and G. Ateniese, “From Pretty Good To Great: Enhancing [38] L. Valenta and B. Rowan, “Blindcoin: Blinded, Accountable Mixes for
PGP using Bitcoin and the Blockchain,” CoRR, vol. abs/1508.04868, Bitcoin,” in Financial Cryptography Workshops, ser. Lecture Notes in
2015. Computer Science, vol. 8976. Springer, 2015, pp. 112–126.
[15] L. Axon, “Privacy-awareness in Blockchain-based PKI,” 2015. [Online]. [39] E. Heilman, “One Weird Trick to Stop Selfish Miners: Fresh Bitcoins,
Available: http://goo.gl/3Nv2oK A Solution for the Honest Miner,” IACR Cryptology ePrint Archive, vol.
[16] C. Fromknecth, D. Velicanu, and S. Yakoubov, “CertCoin: 2014, p. 7, 2014.
A NameCoin Based Decentralized Authentication System,” [40] M. Ali, J. Nelson, R. Shea, and M. J. Freedman, “Blockstack: Design
2014. [Online]. Available: https://courses.csail.mit.edu/6.857/2014/files/ and Implementation of a Global Naming System with Blockchains,”
19-fromknecht-velicann-yakoubov-certcoin.pdf 2016. [Online]. Available: https://www.cs.princeton.edu/∼mfreed/docs/
[17] L. Matteis, “Kudos: A Peer-to-Peer Discussion System Based on Social blockstack-atc16.pdf
Voting.” [Online]. Available: http://lucaa.org/docs/kudos.pdf [41] G. D. Bissias, A. P. Ozisik, B. N. Levine, and M. Liberatore, “Sybil-
[18] D. Vandervort, “Challenges and Opportunities Associated with a Bitcoin- Resistant Mixing for Bitcoin,” in WPES. ACM, 2014, pp. 149–158.
Based Transaction Rating System,” in Financial Cryptography Work- [42] S. Meiklejohn and C. Orlandi, “Privacy-Enhancing Overlays in Bitcoin,”
shops, ser. Lecture Notes in Computer Science, vol. 8438. Springer, in Financial Cryptography Workshops, ser. Lecture Notes in Computer
2014, pp. 33–42. Science, vol. 8976. Springer, 2015, pp. 127–141.

View publication stats