On-Chain IoT Data Modification in Blockchains

TL;DR

This paper proposes a cryptographic on-chain data modification method for blockchain-based IoT systems, enabling GDPR compliance by allowing data updates and erasures without compromising traceability or chain integrity.

Contribution

It introduces a novel on-chain data modification approach using Chameleon Hashing, maintaining blockchain traceability and compatibility with data aggregation mechanisms.

Findings

Enables GDPR-compliant data modification on blockchains.

Preserves traceability and verifiability after updates.

Maintains compatibility with transaction aggregation.

Abstract

In recent years, the interest growth in the Blockchains (BC) and Internet-of-Things (IoT) integration -- termed as BIoT -- for more trust via decentralization has led to great potentials in various use cases such as health care, supply chain tracking, and smart cities. A key element of BIoT ecosystems is the data transactions (TX) that include the data collected by IoT devices. BIoT applications face many challenges to comply with the European General Data Protection Regulation (GDPR) i.e., enabling users to hold on to their rights for deleting or modifying their data stored on publicly accessible and immutable BCs. In this regard, this paper identifies the requirements of BCs for being GDPR compliant in BIoT use cases. Accordingly, an on-chain solution is proposed that allows fine-grained modification (update and erasure) operations on TXs' data fields within a BC. The proposed solution is based on a cryptographic primitive called Chameleon Hashing. The novelty of this approach is manifold. BC users have the authority to update their data, which are addressed at the TX level with no side-effects on the block or chain. By performing and storing the data updates, all on-chain, traceability and verifiability of the BC are preserved. Moreover, the compatibility with TX aggregation mechanisms that allow the compression of the BC size is maintained.