IoT device security through NFTs
Non-fungible tokens (NFTs) have been widely used lately for digital art representation. However, the use of NFTs to represent an IoT device is also being studied. There are several solutions for the implementation of this technology in the IoT sector, but in this article you will see the use of PUFs together with NFT's.
Non Token Fungible and VCs
A non fungible token (NFT) is basically a digital asset or unit of value that is mapped to a physical or real-world asset and is certified thanks to Blockchain technology. NFTs live on the Blockchain as a piece of data with different attributes, where some are modifiable and some are unique. The main modifiable attribute is 'Owner' which corresponds to the address or user that corresponds to that unique piece. Something to keep in mind is that many of the NFT's are currently made under code in Solidity and therefore comply with Ethereum's ERC721 standard for creating NFT's, but not necessarily NFT's have to be made only in the Ethereum network.
The use of non-fungible tokens is often used synonymously with verifiable credentials (VCs) because both uniquely manage the identification of entities in the digital world. However, they are not the same. Verifiable credentials are tamper-proof credentials that are cryptographically verified to prove an entity's identity. A VC makes use of public keys, digital signatures and involves 3 entities. Issuer (who issues the credential), holder (entity that owns the credential) and verifier (entity that verifies the credential).
The future of NFT will involve using facts about the real world to mint digital assets" - Raullen Chain, CEO of IoTeX
Physically Unclonable Functions or VC ́s + DID
A physically unclonable function (PUF), or P-OWF (Physical One-Way Function), is a hardware security technique that uses inherent device variations to produce a unique and unclonable device response based on a given input. PUFS can be seen as the intrinsic electronic fingerprint on an integrated circuit and is based on different phenomena, such as wiring delays, logic gates, etc.... In other words, it is a "hardware-DNA". In some scenarios such as the IIoT (Industrial Internet of Things), hardware security techniques have already been carried out using PUFs. That is why it could be a good solution the combination of PUFs with NFTs and blockchain, where to reconstruct the private key from which the blockchain account address is derived is necessary to use the PUF in the hardware of the IoT device.
However, there may be other ways to verify IoT devices and that is through the use of VCs (Verifiable Credentials) and DIDs (Decentralized Identifiers). DIDs are a type of identifier that allows to have verifiable and decentralized digital identities. So each device could have its DID and then verifiable credentials would be associated to make them tamper-proof.
Digital transformation, the rise of Industry 4.0 and emerging technologies are increasingly calling for a Smart Industry, but connected. In addition to having a more connected industry, the internet of things has been looking to achieve minimal or zero latency, since it was born, this is known as real- time or time-sensitive networking (TSN). However, then there is the other part: the security and encryption of all our fast, connected data. As we have already discussed in several articles Blockchain technology will help with this, apart from the combination of more technologies.
In this article we focus specifically on the use of NFT's and their feasibility to apply them to the IoT sector. Non-fungible tokens are used to represent assets by means of unique identifiers and unique owners, so why not use them for the security of IoT devices, which are physical smart assets? NFT's as we have already mentioned are nothing more than Smart Contracts, which have the ability to connect with oracles that provide them with valid information from the external world in order to execute certain functionalities based on their input parameters.
However, tokenizing each device is not enough. You must have public and private keys and secure the device hardware itself, which is why solutions are being considered in the market such as an NFT being physically linked to its IoT device thanks to the use of PUFs, thus allowing to retrieve a private key and an address from a blockchain account.
An IoT device acting as a provider could represent by means of NFT's the resources or services provided, so that, if it granted one of these NFT's to an IoT device that is a client, that device would be authorized to access the resource or service. A problem when interfacing NFT - IoT Machine is that the smart contracts (ERC-721 - NFT) contain the owner and an identifier associated with the logical attributes of the product, but not the literal product. That is, they are not 100% true identifiers of the product and that is why a possible solution has been thought of in which PUFs are used to link the digital and physical domain. In this way, the address is associated with the IoT device by generating a private key from the PUF.
Is it just a fad or the future?
The use cases of NFT's are infinite and free of imagination, as well as the use cases of Blockchain and Smart Contracts. However, it is true that lately there is a lot of 'Hype' with the world of NFT's, with millionaire purchases being made for 'monkey drawings' that may or may not be valid, depending on the personal criteria of each one. However, NFT's are not only there, NFT's can be used for many more aspects than most people can imagine. The industrial revolution is growing by leaps and bounds and technology is advancing very fast, in a few years we will see the real and practical use cases of all the disruptive technologies that are being born today.