A Hypergraph-Based Blockchain Model and Application in Internet of Things-Enabled Smart Homes

sensors

Article A Hypergraph-Based Blockchain Model and Application in Internet of Things-Enabled Smart Homes

Chao Qu ID , Ming Tao * ID and Ruifen Yuan ID

School of Computer Science and Network Security, Dongguan University of Technology, Dongguan 523808, China; [email protected] (C.Q.); [email protected] (R.Y.) * Correspondence: [email protected]; Tel.: +86-769-22861220

Received: 11 July 2018; Accepted: 21 August 2018; Published: 24 August 2018

Abstract: With the fast development and expansion of the Internet of Things (IoT), billions of smart devices are being continuously connected, and smart homes, as a typical IoT application, are providing people with various convenient applications, but face security and privacy issues. The idea of Blockchain (BC) theory has brought about a potential solution to the IoT security problem. The emergence of blockchain technology has brought about a change of decentralized management, providing an effective solution for the protection of network security and privacy. On the other hand, the smart devices in IoT are always lightweight and have less energy and memory. This makes the application of blockchain difﬁcult. Against this background, this paper proposes a blockchain model based on hypergraphs. The aims of this model are to reduce the storage consumption and to solve the additional security issues. In the model, we use the hyperedge as the organization of storage nodes and convert the entire networked data storage into part network storage. We discuss the design of the model and security strategy in detail, introducing some use cases in a smart home network and evaluating the storage performance of the model through simulation experiments and an evaluation of the network.

Keywords: hypergraph; blockchain; IoT; smart home

1. Introduction The Internet of things (IoT) is a worldwide network of interconnected objects and humans, which through unique address schemes are able to interact with each other and cooperate with their neighbours to reach common goals. The primary purpose of the IoT is to share information acquired by objects, which reﬂects the manufacture, transportation, consumption and other details of people’s lives [1,2]. Therefore, most of these new networkable devices are designed to be lightweight and have less memory [3]. Due to the low-cost price of processors and wireless cards, almost anything can be part of the IoT, from wearable devices [4] (such as smart wrist straps and smart watches) to a giant transportation vehicle (such as a train or airplane) [5]. A Gartner analysis reported that 8.4 billion connected IoT units were used worldwide in 2017, up 31% from 2016, and this number is expected to expand to 20.4 billion by 2020. Total spending on endpoints and services reached almost 2 trillion dollars in 2017 with two-thirds of those devices found in China, North America and Western Europe. The development of the IoT has created a large number of devices, such as sensors, interconnected and interoperable devices for data collection and exchange. The data obtained from the IoT can make our life more convenient and comfortable through many applications. The most popular application for IoT is the smart home, which offers a better quality of life by introducing automated appliance control and assistive services. IoT devices work collaboratively and

Sensors 2018, 18, 2784; doi:10.3390/s18092784 www.mdpi.com/journal/sensors Sensors 2018, 18, 2784 2 of 18 optimize user comfort by using context awareness and predefined constraints based on the conditions of the home environment. Smart homes provide comfort and security services to their inhabitants [6]. Of these, the most important is security, which not only provides authentication services to the user but also restricts unauthorized access to the household’s devices [7]. As more and more personal information is collected and communicated in the smart home network (and possibly with other wired and wireless networks), security and privacy issues have become more pronounced and must be seriously taken into account in order to exploit the full benefits of smart home environments. Today, smart home security is an important area of research, with many theories and methodologies being proposed [8–10]. Dorri et al. [11] proposed that each smart home is equipped with an always online, high resource “miner” that is responsible for handling all communication within and external to the home. Bertino [12] outlined key challenges in data security and privacy and summarize research directions for securing IoT data. Shafagh et al. [13] enabled a secure and persistent data management, by utilizing the blockchain as an auditable access control layer to a decentralized storage layer. In this paper we focus on the reduction of storage capacity for IoT devices and the security and privacy protection of data streams in smart home systems. Cyber-security in a smart home requires the protection of the IoT data flow from malicious activity, which can require a costly budget and a long process. Blockchain technology offers one way to enhance smart home security by using the ledger of data transmitted from one home to another home and prevent the abnormal communications. Blockchain is a decentralized network which enables all parties to make transactions in a trustless network. The blockchain approach has been widely applied to many fields such as finance [14], insurance [15], manufacturing [16], and healthcare [17]. The blockchain has a distributed ledger that contains connected blocks of transactions for all the members in a network. The security and privacy issues of smart homes may be solvable with blockchain technology. Kshetri [18], demonstrated that blockchain-based identity and access management systems have the ability to significantly strengthen IoT security. Dorri [19], proposed a hierarchical architecture that uses a centralized private immutable ledger at the local IoT network level in a single smart home to decrease overhead and a decentralized public blockchain at higher-end devices for stronger trust. Blockchain-based security and privacy protection can solve problems brought about by centralized management and provide better solutions. However, even so, the combination of blockchain and smart homes still has many problems. The issues and contributions of this paper are as follows:

1. We propose a hypergraph-based blockchain model. The implementation of blockchain technology requires that all nodes in the network maintain synchronized data records, which will undoubtedly put a lot of pressure on data storage. Therefore, to a certain extent, reducing the number of nodes that synchronize data in the network can also guarantee the normal operation of the blockchain. We use hypergraph theory to partition the entire network into many hyperedges, and each hyperedge stores a part of transaction data to reduce the storage pressure. 2. We discuss the additional security risks of the proposed model and put forward response strategies. The original blockchain technology is robust to single-point attacks. If a node is forged, the whole hash values in its blocks will be different from the others and it will be dropped from the network. If more than 51% of the nodes are forged, the false data alarm will take effect, but that is very difﬁcult to implement in a network-scale environment [20]. In our model, the constraints are weakened, but we can reduce the risk to an acceptable level through the setting of network parameters, especially for IoT environments where security requirements are not very high. 3. We propose a dynamic network evolution algorithm. Considering the rapid expansion of IoT devices, IoT and smart home networks are growing at a geometric progression. When using hypergraph theory to partition blockchain networks, the algorithm takes the dynamic characteristics of the network into account, and due to the low power consumption and low processing capacity of IoT devices, the algorithm also needs to be designed relatively simply. Sensors 2018, 18, 2784 3 of 18

An integer linear independence matrix is added to each node and each vector in the matrix map to a hyperedge. When the number of nodes increases or decreases, hyperedges can be easily split or aggregated according to the algorithm in order to guarantee the minimum cardinality of the graph.

The rest of the paper is organized as follow: Section2 presents the related works. The hypergraph-based blockchain model is discussed in depth in Section3. The use cases of smart homes are presented in Section4. Section5 analyses the experiments, and Section6 concludes the paper.

2. Related Works

2.1. IoT and Smart Home As an emerging application ﬁeld that combines multiple technologies, IoT and smart homes combine to realize the intelligent management of the modern home environment by embedding various smart chips into home equipment. A smart home system is a typical ubiquitous computing environment, but there are a lot of problems that need to be solved. Ali [21], detected the security threats by posing several scenarios and evaluating the impact of these threats on a smart home environment. Chifor et al. [22] proposed a lightweight authorization stack for smart home IoT applications and the architecture is user-device centric. Khan [23] categorized popular security issues with regard to the IoT layered architecture, in addition to protocols used for networking, communication, and management. They point out that blockchain, which is the underlying technology for bitcoin, can be a key enabler to solve many IoT security problems. The recent research by Dorri [11,19] studied IoT and smart homes based on blockchain and presented a lightweight implementation of a BC particularly geared for use in IoT. In our previous work [24], a new blockchain architecture for smart homes was proposed and we explained the credibility veriﬁcation method under the architecture.

2.2. Blockchain Blockchain technology first came to prominence in early 2009 through the crypto-currency bitcoin (BTC). Bitcoin users use a variable public key (PK) to generate transaction information and broadcast it to the network for the transfer of funds. The transaction information is stored by all users in its own block. Once the block is full, a network mining process is performed; the block’s hash value is calculated, and the encrypted information and blocks are appended to the block chain. In order to mine the cryptographic hash value of a block, certain nodes in the network, known as miners, compete to solve a resource consumption cryptographic puzzle called proof of work (POW) [25]. The node that first solves the puzzle and gets everyone’s approval is considered to have tapped the block. BTC has flourished, and blockchain could, according to Swan [26], have far-ranging consequences for all aspects of modern society. This is because blockchain technology keeps all transaction data accounts through all members, and all members update the accounts simultaneously to maintain completeness when new transactions occur. Internet and encryption technologies are the underlying technologies that enable all members to verify the reliability of each transaction so that a single point of failure caused by a traditional third-party-authorized transaction is resolved. The blockchain has the characteristic of being broker-free (P2P-based), so the transaction eliminates unauthorized costs by the third party. Since everyone keeps the transaction information in sync, the modify records hacking effect of the single-point mode becomes very limited and often does not work. In addition, users of a blockchain system can openly access transaction records and reduce transaction supervision costs. Since the hash value stored in each peer in the block is affected by the value of the previous block, forging and changing data requires modification of the entire chain, and the amount of single-point calculation is far behind the calculation of the entire network. As a result, counterfeiting is almost impossible. Although data changes are possible if 51% of the calculations are involved in forgery, the record modify is very difficult to implement in a network-scale environment [20]. The blockchain network is constructed of many smart devices, and each device is considered to be a node. The blockchain node Sensors 2018, 18, 2784 4 of 18 contains a data link as shown in Figure1. Each data link includes many data blocks which contain the previousSensors 2018 block, 18, x FOR hash PEER and REVIEW some transaction information as block data. 4 of 18

Figure 1. Blockchain.

Based on the characteristics of blockchain, many researchers have examined its application in the IoT environment.environment. Ouaddah et et al. [25] [25] proposed a framework for access control in IoT basedbased onon blockchain technologytechnology and and provided provided a reference a reference model model for a proposedfor a proposed framework framework within the within objectives, the models,objectives, architecture models, andarchitecture mechanism and specification mechanism in IoT.specification Shen et al. in [27 IoT.] applied Shen blockchain et al. [27] to applied a smart homeblockchain system to a to smart ensure home the system security to andensure privacy the security of information. and privacy Christidis of information. et al. [28 Christidis] applied et a al. smart [28] contractapplied a to smart the IoT, contract facilitating to the theIoT, sharing facilitating of services the sharing and resources of services and and allowing resources automation and allowing in a cryptographicallyautomation in a cryptographically verifiable manner verifiable several existing manner time-consuming several existing workflows. time-consuming Huh et al.workflows. [29] used theHuh blockchain et al. [29] platformused the toblockchain build an IoTplatform system, to tobuild manage an IoT IoT system, devices to and manage to control IoT devices and configure and to IoTcontrol devices. and Dorriconfigure et al. [19IoT] proposed devices. aDorri lightweight et al. blockchain-based[19] proposed a architecture lightweight for blockchain-based IoT that virtually eliminatesarchitecture the for overheads IoT that virtuall of classicy eliminates blockchain, the whileoverheads maintaining of classic most blockchain, of its security while andmaintaining privacy benefits.most of its Ouaddan security etand al. [privacy30] implemented benefits. Ouaddan blockchain et toal. smart [30] implemented device access blockchain and proposed to smart “FairAccess” device asaccess a new and decentralized proposed “FairAccess” pseudonymous as anda new privacy decentralized preserving pseudonymous authorization managementand privacy framework.preserving Samaniegoauthorization and management Deters [31] presented framework. the ideaSamaniego of using and blockchain Deters [31] as a servicepresented for IoTthe andidea evaluated of using theblockchain performance as a service of a cloud for IoT and and edge evaluated hosted blockchain the performance implementation. of a cloud Inand [32 edge], Raman hosted and blockchain Varshney studiedimplementation. dynamic distributedIn [32], Raman storage and for Varshney scaling blockchains studied dynamic in an IoT environment.distributed storage The reason for forscaling this explosionblockchains of in interest an IoT is environment. that with blockchain The reason technology for this explosion in place, applications of interest is that that previously with blockchain could onlytechnology be run in through place, aapplications trusted intermediary that previously can now could run only in a decentralizedbe run through manner. a trusted intermediary can now run in a decentralized manner. 2.3. Hypergraph 2.3. Hypergraph A hypergraph may be the most general concept in discrete mathematics, a system of finite sets and forms.A hypergraph Over the may past be fewthe most decades, gene hypergraphral concept in theory discrete has mathematics, been shown a to system helpful of infinite solving sets real-worldand forms. problems.Over the past As a few mathematical decades, hypergraph tool, hypergraphs theory can has be been used shown to simulate to helpful computer in solving networks, real- biologicalworld problems. networks, As a data mathematical structures, tool, process hypergraph scheduling,s can andbe used various to simulate other systems. computer The networks, objects inbiological the system networks, and the data complex structures, relationships process sche betweenduling, them and can various often other be mapped systems. by The hypergraphs, objects in sothe as system to seek and an the effective complex solution relationships for various between complex them problemscan often be [33 mapped]. For applications by hypergraphs, in the so IoT, as Jungto seek et an al. effective proposed solution a hypergraph-based for various complex multidimensional problems [33]. structure For applications to model the in IoTthe IoT, for efficient Jung et managemental. proposed anda hypergraph-based discovery of IoT objects multidimensional [34]. Yao et al. [35structure] developed to amodel hypergraph the IoT to modelfor efficient objects’ spatiotemporalmanagement and correlations. discovery of IoT objects [34]. Yao et al. [35] developed a hypergraph to model objects’A hypergraph spatiotemporalH denoted correlations. by H = (V; E) on a finite set V. E = (ei)i∈I, where I is a finite set of indexes, is a subsetA hypergraph of V called H denoted a hyperedge. by H = Commonly, (V; E) on a finiteV is a set set V. of E vertexes = (ei)i∈I, where and denoted I is a finite by V set(H of) and indexes,E by Eis( Ha ).subset If two of vertexes V called are a hyperedge. in one hyperedge, Commonly, they V are is calleda set of adjacent. vertexes Theand cardinalitydenoted by of V( aH hyperedge) and E by denotedE(H). If two by | vertexesei| is the are count in one of vertexes hyperedge, in the they hyperedge. are called The adjacent. rank of HThedenoted cardinality by r( Hof) a = hyperedgemaxi∈I|ei| isdenoted the maximum by |ei| is cardinality the count ofof hyperedges vertexes in inthe the hyperedge. hypergraph; The the rank minimum of H denoted cardinality by r(H of) hyperedges= maxi∈I|ei| calledis the themaximum co-rank ofcardinalityH is denoted of byhyperedgescr(H) = min iin∈I| ethei|. Twohypergraph; hyperedges the in minimum a hypergraph cardinality are adjacent of hyperedges called the co-rank of H is denoted by cr(H) = mini∈I|ei|. Two hyperedges in a hypergraph are adjacent if their intersection is not empty. The degree of a vertex is the count of hyperedges which include it. And the max degree is defined as the graph’s degree. An example of a hypergraph is shown in Figure 2.

Sensors 2018, 18, 2784 5 of 18

ifSensors their 2018 intersection, 18, x FOR PEER is not REVIEW empty. The degree of a vertex is the count of hyperedges which include5 of 18 it. And the max degree is deﬁned as the graph’s degree. An example of a hypergraph is shown in Figure2.

Figure 2. Example of a hypergraph.

H e e V V e Hypergraph H inin FigureFigure2 2 has has five five hyperedges hyperedges ( (e11 toto e55)) andand 1111 verticesvertices( (V11 toto V1111).). e55 isis a a loop. loop. V V TheThe hypergraph contains contains two two isolated isolated vertices: vertices: V9, V119., The11 .cardinalities The cardinalities of each ofhyperedge each hyperedge are c(e1) = are 4, c e c e c e c e c e r H e e c((e12) = 4, 4, c(e23)) = 2, 4, c(e43)) = = 3 2, and( 4 )c( =e5 3) and= 1. The( 5) rank = 1. Ther(H) rank = 4 (contributed( ) = 4 (contributed by e1 and by e2),1 andand the2), andco-rank the cr H e V e e co-rankcr(H) = 1 (contributed( ) = 1 (contributed by e5). The by degree5). The of degree V1 is 2of (because1 is 2 (becauseit is included it is includedby e1 and by e4). 1 and 4). 3. Hypergraph Based Blockchain Model 3. Hypergraph Based Blockchain Model 3.1. Problem Statement 3.1. Problem Statement In our opinion, the distributed ledger of the blockchain requires an all-network accounting In our opinion, the distributed ledger of the blockchain requires an all-network accounting mode mode in which all members keep a ledger containing all transaction data and update their ledgers in which all members keep a ledger containing all transaction data and update their ledgers to to maintain integrity when there is a new transaction. Just as in a market, when a transaction occurs, maintain integrity when there is a new transaction. Just as in a market, when a transaction occurs, the the transaction party issues a statement, and then all the people check the correctness of the transaction transaction party issues a statement, and then all the people check the correctness of the transaction and create a record. During the entire process, the information is transparent and uniform, and the and create a record. During the entire process, the information is transparent and uniform, and the participants’ qualifications and permissions are completely equal. The result confirmed by most people participants’ qualifications and permissions are completely equal. The result confirmed by most is the final conclusion, and the system will automatically correct the data for everyone’s approved people is the final conclusion, and the system will automatically correct the data for everyone’s results. Someone cannot cheat or insist on different views unless more than 51% of the people agree. approved results. Someone cannot cheat or insist on different views unless more than 51% of the When a great number of people involved to a certain extent, this is virtually impossible. However, people agree. When a great number of people involved to a certain extent, this is virtually impossible. the untrustworthiness of the transaction does not need 51% of the people in the market believe the However, the untrustworthiness of the transaction does not need 51% of the people in the market transaction is illegal. The untrustworthiness threshold is often much lower. For example, if 10% of believe the transaction is illegal. The untrustworthiness threshold is often much lower. For example, people think that the transaction is illegal, the transaction can be considered invalid. if 10% of people think that the transaction is illegal, the transaction can be considered invalid. Based on such a premise, for the transaction records in the entire blockchain network, it is not Based on such a premise, for the transaction records in the entire blockchain network, it is not always necessary for all nodes to record them. For one transaction record, it is enough to make sure always necessary for all nodes to record them. For one transaction record, it is enough to make sure that a sufficient number of nodes record it. When another transaction occurs, the nodes that recorded that a sufficient number of nodes record it. When another transaction occurs, the nodes that recorded the information related to it verify it. If the transaction is not legal, these nodes will send a signal that the information related to it verify it. If the transaction is not legal, these nodes will send a signal that “the transaction is illegal”. When these signals reach a certain amount, the transaction is considered “the transaction is illegal”. When these signals reach a certain amount, the transaction is considered illegal; otherwise the transaction can be accepted. In such a mode of operation, the following issues illegal; otherwise the transaction can be accepted. In such a mode of operation, the following issues must be addressed: must be addressed: 1. The architecture of the model. In order to implement the proposed scheme, a structure is needed to 1. The architecture of the model. In order to implement the proposed scheme, a structure is needed to support the blockchain networks, and only certain nodes are used to store a transaction record support the blockchain networks, and only certain nodes are used to store a transaction record without affecting security and privacy or reducing security risks to acceptable conditions. without affecting security and privacy or reducing security risks to acceptable conditions. 2. How the scheme scheme works .. Under Under the the designed designed structure, structure, some some mechanisms or algorithms are needed toto support support the the structure structure to solve the prob problemslems caused by structural changes.changes. 3. The parameters set. In the support structure and the algorithm designed for this, a series of parameters needs to be adjusted so that they can achieve the desired purpose in an optimal way. The setting of these parameters needs to be adjusted through experiments and evaluations.

Sensors 2018, 18, 2784 6 of 18

3. The parameters set. In the support structure and the algorithm designed for this, a series of parameters needs to be adjusted so that they can achieve the desired purpose in an optimal way. SensorsThe 2018 setting, 18, x FOR of PEER these REVIEW parameters needs to be adjusted through experiments and evaluations.6 of 18

3.2. Architecture Overview In order toto achieveachieve thethe foregoingforegoing solution,solution, wewe designdesign anan improvedimproved blockchainblockchain model.model. In the model, the nodes in the blockchain network are divided into several clusters, each with the same transaction record chain. At At the the same same time, time, due due to to the the dynamic nature nature of of the blockchain network, such as in the IoT environment, it is not possible to formulate in a static manner which node clusters record which transaction records. For security and privacy considerations, the nodes that record the transactions appear in the blockchain network as anonymously as possible. The hypergraph theory provides us with aa mathematicalmathematical modelmodel ofof thethe structuralstructural design.design. According to the organizational structure of the hypergraph, thethe blockchainblockchain modelmodel wewe designeddesigned isis shownshown inin FigureFigure3 3..

Figure 3. Hypergraph based Blockchain architecture.

In Figure3 3,, devicesdevices areare randomlyrandomly containedcontained inin ﬁvefive hyperedges,hyperedges, whetherwhether theythey areare connectedconnected inin the network or not. As shown in Figure 33,, thisthis simplesimple blockchainblockchain networknetwork containscontains 1010 nodesnodes (named(named Node1 to Node10) and two miners (named Miner1 and Miner2). We We take the nodes and miners as vertexes set VV.. There There are are five ﬁve hyperedges hyperedges in in the the network, network, E1E1 to toE5E5. As. Ascan can be seen be seen from from Figure Figure 3, the3, theblockchain blockchain network network is mapped is mapped to toa hypergraph, a hypergraph, wh whereere the the devices devices are are nodes nodes in in the the graph, graph, and and each hyperedge correspondscorresponds toto aa setset of of devices. devices. There There are are associated associated nodes nodes between between the the hyperedges, hyperedges, that that is, ais, device a device belongs belongs to two to two or more or more hyperedges hyperedges at the at same the time.same Fortime. example, For example,Node6 in Node6 Figure in3 Figurebelongs 3 tobelongs hyperedge to hyperedgeE2 and also E2 belongs and also to hyperedge belongs toE5 .hyperedge Devices that E5 belong. Devices to the that same belong hyperedge to the may same or mayhyperedge not be may in the or same may localnot be network, in the same either local as nodes network, or as either miners. as nodes The objects or as miners. in the architecture The objects are in explainedthe architecture as follows: are explained as follows: • Nodes: A node is a device with storage ability in a blockchain network. The route is reachable in the networknetwork andand normalnormal communicationcommunication can can be be performed. performed. Each Each node node in in the the network network belongs belongs to atto leastat least one one hyperedge hyperedge and and can can belong belong to multipleto multiple hyperedges hyperedges at theat the same same time. time. • Miners: Miners Miners are are devices for for calculating encryption encryption block block hash hash keys keys in in blockchain network, network, which is notnot muchmuch differentdifferent fromfrom ordinaryordinary miners.miners. However, However, in in the designed architecture, miners also undertake the task of calculating the linear independence matrix (explained in Section 3.3.23.3.2)) inin thethe network, network, which which is is mainly mainly used used for for the the control control of transactionof transaction data data storage storage and networkand network evolution. evolution.  Hyperedge: A hyperedge is a set of nodes. All nodes on the same hyperedge have the same vector encoding that is independent of other hyperedges, and they have synchrony when storing transaction data.

Sensors 2018, 18, 2784 7 of 18

• Hyperedge: A hyperedge is a set of nodes. All nodes on the same hyperedge have the same vector encoding that is independent of other hyperedges, and they have synchrony when storing transaction data.

3.3. Architecture Principal

3.3.1. Network Parameters In the designed architecture, nodes can belong to multiple hyperedges at the same time, and the nodes in the same hyperedge are synchronized in the transaction record storage process, which will lead to the simultaneous storage of nodes in multiple hyperedges. In order to make the storage distribution of transaction records more balanced and avoid the Matthew effect (i.e., some nodes in most hyperedges store large amounts of data, but others are just the opposite), the degree of each node in the speciﬁed network must be N, which can be regarded as a network parameter. According to this idea, a transaction record is recorded by some nodes in the blockchain network. Therefore, in the designed architecture, a transaction record is recorded by nodes in a hyperedge. Considering that the number of nodes in the hyperedge may be unbalanced, the lower and upper limits of the node number denoted by co-rank and rank must be speciﬁed. Usually, a parameter C is set as the rank, and C/2 is the co-rank. Similarly, C can also be regarded as a network parameter. Nodes newly added to the network should be added to N hyperedges at the same time. If the number of nodes on a hyperedge has reaches the upper limit, the hyperedge needs to split into two hyperedges with the number of nodes being C/2 and C/2+1.

3.3.2. Node Blockchain Based on the proposed architecture, the whole working mechanism of the blockchain network is different from the original. Thus, the data structure of the node in the hypergraph and the storage function must be redesigned. Because a node will belong to multiple hyperedges at the same time, and the nodes in each hyperedge require storage synchronization, the nodes must also store transaction information synchronized in different hyperedges. In this case, if the original blockchain structure is adopted, the data blocks in the nodes will no longer be the same. When the current block is full and must be encrypted, the hash values calculated by each node are always different. This leads to the failure of the entire network. In order to counter this problem, we designed the data structure in each node as shown in Figure4. The structure of storage in each node is designed with two parts: the blockchain head and SubBlockchains. The blockchain head is constructed by a linear independence matrix, a vector and a Blockchain-list. The linear independence matrix is an N-order integer matrix consisting of N linearly independent vectors, each of which map to a hyperedge as its feature. N represents the number of hyperedges in the network. That means for each hyperedge in the blockchain network, there is an N-dimensional vector associated with it. The vector can be regarded as the ID of the hyperedge. The reason why we use a linear independence matrix is that when the network evolves, it is difﬁcult to generate a new ID for a new hyperedge synchronously, but it is easy to generate a linear independence vector from a linear independence matrix. The blockchain-list contains several indexes of blockchains. Each index points to a subblockchain. The count of subblockchains is the same as the degree of the node. A subblockchain is a kind of blockchain with a head, in which there is an N-dimensional vector as a hyperedge feature. Each of the sbublockchain stores synchronous transaction records separately in the hyperedge, whose feature vector is the same as the vector in the subblockchain head. Therefore, the nodes in the same hyperedge must have a same subblockchain. The data model of Figure3 is explained in Figure5. From Figure5, it can be seen that Node1 is only included in E1; therefore, it only contains one subblockchain. Node6 has two subblockchains because it is included in two hyperedges. Commonly, miners do not store data so they do not appear in Figure5. Sensors 2018, 18, x FOR PEER REVIEW 7 of 18

3.3. Architecture Principal

3.3.1. Network Parameters In the designed architecture, nodes can belong to multiple hyperedges at the same time, and the nodes in the same hyperedge are synchronized in the transaction record storage process, which will lead to the simultaneous storage of nodes in multiple hyperedges. In order to make the storage distribution of transaction records more balanced and avoid the Matthew effect (i.e., some nodes in most hyperedges store large amounts of data, but others are just the opposite), the degree of each node in the specified network must be N, which can be regarded as a network parameter. According to this idea, a transaction record is recorded by some nodes in the blockchain network. Therefore, in the designed architecture, a transaction record is recorded by nodes in a hyperedge. Considering that the number of nodes in the hyperedge may be unbalanced, the lower and upper limits of the node number denoted by co-rank and rank must be specified. Usually, a parameter C is set as the rank, and C/2 is the co-rank. Similarly, C can also be regarded as a network parameter. Nodes newly added to the network should be added to N hyperedges at the same time. If the number of nodes on a hyperedge has reaches the upper limit, the hyperedge needs to split into two hyperedges with the number of nodes being C/2 and C/2+1.

Sensors 2018, 18, x FOR PEER REVIEW 8 of 18

The structure of storage in each node is designed with two parts: the blockchain head and SubBlockchains. The blockchain head is constructed by a linear independence matrix, a vector and a Blockchain-list. The linear independence matrix is an N-order integer matrix consisting of N linearly independent vectors, each of which map to a hyperedge as its feature. N represents the number of hyperedges in the network. That means for each hyperedge in the blockchain network, there is an N-dimensional vector associated with it. The vector can be regarded as the ID of the hyperedge. The reason why we use a linear independence matrix is that when the network evolves, it is difficult to generate a new ID for a new hyperedge synchronously, but it is easy to generate a linear independence vector from a linear independence matrix. The blockchain-list contains several indexes of blockchains. Each index points to a subblockchain. The count of subblockchains is the same as the degree of the node. A subblockchain is a kind of blockchain with a head, in which there is an N-dimensional vector as a hyperedge feature. Each of the sbublockchain stores synchronous transaction records separately in the hyperedge, whose feature vector is the same as the vector in the subblockchain head. Therefore, the nodes in the same hyperedge must have a same subblockchain.Figure 4. The data The structure data model of node of Figure blocks. 3 is explained in Figure 5.

Figure 5. The data model of a hypergraph-basedhypergraph-based blockchainblockchain network.network.

From Figure 5, it can be seen that Node1 is only included in E1; therefore, it only contains one 3.4. Working Mechanism subblockchain. Node6 has two subblockchains because it is included in two hyperedges. Commonly, (A)miners Transaction do not store publication data so they do not appear in Figure 5. When a transaction occurs, the source node constructs a record that includes the following 3.4. Working Mechanism information: timestamp, the selected linearly independent vector (an integer N-dimensional vector) and(A) theTransaction common publication information, such as the parties to the transaction, transaction content, needed in blockchain technology. What needs special attention is that the source node randomly ﬁnds a When a transaction occurs, the source node constructs a record that includes the following vector different from the linear independence vector in its own subblockchain head from the linear information: timestamp, the selected linearly independent vector (an integer N-dimensional vector) independence matrix. And add this vector to the record as the record feature. and the common information, such as the parties to the transaction, transaction content, needed in blockchain technology. What needs special attention is that the source node randomly finds a vector different from the linear independence vector in its own subblockchain head from the linear independence matrix. And add this vector to the record as the record feature. (B) Transaction verification First, when a transaction occurs, all nodes in the network receive the declaration and search for related records in their subblockchains. The nodes which stored the latest transaction information of the source node obtain the arbitration right. The arbitration nodes verify the declaration. If it is legal, then the arbitration nodes send a message that the transaction is legal to the network; otherwise, a message will be sent that the transaction is illegal. It is different from the original blockchain

Sensors 2018, 18, 2784 9 of 18

(B) Transaction verification First, when a transaction occurs, all nodes in the network receive the declaration and search for related records in their subblockchains. The nodes which stored the latest transaction information of the source node obtain the arbitration right. The arbitration nodes verify the declaration. If it is legal, then the arbitration nodes send a message that the transaction is legal to the network; otherwise, a message will be sent that the transaction is illegal. It is different from the original blockchain mechanism in which every node has the whole record and can verify the declaration by itself. In our model, the verification is done by some of the nodes, which send the result to others. After getting the verification messages, the nodes in the network can judge the legitimacy of transactions based on the relationship of the average cardinality and the number of messages received, as well as the ratio between the legal certificate and the number of illegal certifications. Simply, for a given threshold, if the legal message count exceeds the threshold, the transaction is considered legal. The security of messages is guaranteed by a secret key system. For example, if a node gets 10 illegal messages and 90 legal messages and the threshold is 95% then the transaction will be considered illegal and will not be recorded. The security risks are discussed in Section 3.5. (C) Record storage When a transaction occurs, Nodes in the blockchain network compare the recorded feature vector with the vectors in its own subblockchain head. If matched and the transaction is verified to be legal, the record is added to the current block of corresponding subblockchain. (D) Block encryption When the current block in a certain subblockchain of a certain node is full (of course, the current block of the subblockchain corresponding to other nodes in the same hyperedge characterized by the vector in the subblockchain head is also full), according to blockchain working principle, the data of the current full block, previous block hash value and other information will be published to the network. All miners will receive these data and calculate an encryption hash value competitively. When a miner solves the puzzle, it will publish it to the network and the nodes which acquire this POW will verify the result easily. If the result is acceptable, the block will be encrypted and stored, otherwise the result will be dropped and the calculation continues. Comparing with the original blockchain model, the differences are shown in Table1.

Table 1. Comparison of blockchain models.

Blockchain Model Storage Veriﬁcation Miners’ Function Structure Original One node One chain By node itself POW blockchain one copy Hypergraph-based Part nodes have POW and linear Several subchains By other nodes blockchain a copy independence matrix

3.5. Security Discussion and Response Strategy As mentioned in our model, records are stored separately, and almost no one has the copy of the whole recodes, that is different with distributed storage like [32] which uses a coding scheme to reduce storage capacity and ensure the whole record’s integrity in each node. This leads to the following additional security risks:

• Attacks on the storage nodes can be easier than in the original blockchain network; • A veriﬁcation attack will try to forge the legal message and increase the legal ratio; • Attacks can occur from forging a new hyperedge and modifying the records only recorded by it. Sensors 2018, 18, 2784 10 of 18

Here we are not discussing the strategies of responding to the security problems of the original blockchain, such as the 51% calculation attack [20], DDoS attack [36] and mining attack [37]. The additional security risks are what must be faced and must be responded to. For the first security risk, we stored records separately, and one record is not stored in all nodes but only in the nodes of one hyperedge. The attack in original blockchain must cover 51% nodes. But in our model, in order to make the attack take effect, the attacker only need cover 51% or more nodes in a hyperedge, the scope of the attack is greatly reduced. Based on the working mechanism, the success rate of this kind of attack depends on two factors: the co-rank (C/2) and the verification threshold. The co-rank determines at least how many nodes are in a hyperedge and the verification threshold determines how many of them are forged if the attack wants to be trusted. Therefore a higher co-rank and a higher verification threshold are recommended to protect against this security risk. Especially, if the co-rank equals N, which is the count of the nodes, this model evolves into the original blockchain. For the second security risk, the secret key system provides the basis for protection against it. The arbitration message must be sent after encryption with a private key and the receiver uses the public key to decrypt the message. If an attacker wants to forge enough messages, he must control enough nodes in the blockchain network. The problem is also due to the co-rank and the verification threshold. For example, given co-rank = c and the threshold = t (t ∈ [0, 1]), when a forged transaction happens, at least c nodes think it is illegal. If the attacker wants the transaction to be trusted, he must control at least c/(1 − t) nodes. The higher c and t, the more nodes needed. High co-rank and verification threshold are recommended, also. But on the opposite side, if the threshold is too high, a denial of illegal attack will happen. The main idea of dealing with the last security risk is to not let the forged nodes aggregate in one hyperedge. Instead, the newly added nodes are spread out as much as possible into the existing hyperedges. The cost of creating a forged hyperedge should be no easier than forging a record in the blockchain network. A solution algorithm is presented in Section 3.6 which is related to the graph’s co-rank.

3.6. Hyperedge Splitting and Aggregation As we discussed, the number of nodes in each hyperedge must be guaranteed to be “enough” to meet the security requirements. In order to avoid the construction of a hyperedge with only a few nodes or a hyperedge only contains a few nodes when some nodes deleted from the network or prevent a forged hyperedge to be generated easier, we design an algorithm to manage the joining and deletion of nodes. The main idea is that when a new node joins the network, it is added to several hyperedges randomly, and if a hyperedge’s cardinality is over the rank of the graph, the hyperedge is separated into two, one with cardinality of cr and one with cr+1. For a given rank r(H) the co-rank cr(H) is denoted as r(H)/2 and the Algorithm 1 for adding the node works as follows:

Algorithm 1

Select a hyperedge ei randomly if |ei| < r insert the node n else split the r/2 of the nodes in ei to a new hyperedge ei” insert the node n to ei” and copy the synchronous SubBlockchain generate a new linear independence vector V’ for ei” for each node ni in the network add V’ to the linear independence matrix Sensors 2018, 18, 2784 11 of 18

When a node is deleted from a network, it may cause a hyperedge’s cardinality to be less than cr, so the algorithm will work as follows: The cardinality of the hyperedge, denoted as ei, must be cr−1, and if there is a hyperedge ej with cardinality more than cr and not adjacent to ei then |ej|−cr(H) nodes are moved from ej to ei. If unfortunately, there is no such ej then a hyperedge (of course its cardinality is cr) is randomly selected and combined with ei. The deletion Algorithm 2 works as follows: Sensors 2018, 18, x FOR PEER REVIEW 11 of 18

Algorithm 2 Algorithm 2 forfor each each hyperedge hyperedgeei that ei contains that contains the deleted the deleted node n node n if |e | < cr ifi |ei| < cr if exist a hyperedge ej and|ej| > cr and ei∩ej = Φ if exist a hyperedge ej and|ej| > cr and ei∩ej = Φ for each nk (k∈[cr, |ej|]) in ej for each nk (k∈[cr, |ej|]) in ej move nk to ei and copy the SubBlockchain of ei move nk to ei and copy the SubBlockchain of ei else randomly select a hyperedge ek and combine it with ei else randomly select a hyperedge ek and combine it with ei

TheThe algorithm algorithm guarantees guarantees that that each each transaction transaction record record is recordedis recorded by atby least at leastr/2 nodes. r/2 nodes. When When the hyperedgethe hyperedge is split, is split, it is equivalentit is equivalent to adding to adding an extra an extra hyperedge. hyperedge. When When the hyperedges the hyperedges converge, converge, it is equivalentit is equivalent to connecting to connecting two hyperedges. two hyperedges. A schematic A schematic diagram diagram of splitting of splitting and aggregation and aggregation is shown is inshown Figure in6 Figurewhere 6r where= 4. In r order = 4. In to order keep to the keep connection the connection of hyperedges, of hyperedges, when a when node a is node added is toadded the network,to the network, it is commonly it is commonly added toadded several to several hyperedges hyperedg simultaneously.es simultaneously.

FigureFigure 6. 6.Adding Adding aa nodenode andand deletingdeleting aa nodenode fromfroma a network, network, (a(a)) before before Node Node E E is is added, added, ( b(b)) after after NodeNode E E is is added, added, ( c()c) after after Node Node B B is is deleted. deleted.

4.4. UseUse CaseCase inin aa SmartSmart Home Home InIn this this section, section, we we apply apply the proposedthe proposed hypergraph-based hypergraph-based blockchain blockchain model model to smart to home smart system home andsystem discuss and the discuss model. the The model. research The ofresearch smart homeof smart systems home is systems mainly dividedis mainly into divided two categories: into two thecategories: interactions the betweeninteractions devices between within devices the home within and the the home interactions and the among interactions homes among as independent homes as nodes.independent Under nodes. the smart Under home the environment, smart home theenvironment, in-house devices the in-house number devices is usually number maintained is usually at amaintained lower order at of a lower magnitude, order andof magnitude, the blockchain and the system blockchain cannot system be fully cannot utilized. be fully Home-based utilized. Home- smart homebased networks smart home often covernetworks more often nodes, cover providing more a suitablenodes, environmentproviding a forsuitable blockchain environment applications. for Therefore,blockchain the applications. model proposed Therefore, in this the paper model is proposed mainly applied in this paper to smart is mainly home networksapplied to with smart homes home asnetworks independent with homes nodes as (the independent gateway of nodes the home (the gate canway be considered of the home as can a connect be considered access). as In a theconnect use caseaccess). study, In eachthe use home case is study, considered each home as a node, is cons communicationsidered as a node, and communications remote access between and remote each access other arebetween mapped each as other transactions. are mapped In a smart as transactions. home system In a the smart smart home home system managers the smart can be home considered managers as gatewayscan be considered and managers as gateways of homes. an Similarly,d managers they of arehomes. treated Similarly, as nodes they in the are home-based treated as nodes blockchain in the network.home-based These blockchain nodes not network. only store These data butnodes also not can only be miners. store data The followingbut also arecan thebe caseminers. studies The forfollowing discussing are thethe advantagescase studies of for the discussing model: the advantages of the model: SmartSmart Home Home communication communication: Consider: Consider device device installation installation as as a transaction.a transaction. When When a homea home installed installed a smarta smart device, device, the informationthe information of “This of “This home home installed installed this kind this of kind device of and device has theand driver has the software” driver issoftware” recorded. is If recorded. another smartIf another home smart wants home to deploy wants theto deploy same kind the same of device, kind theof device, first home the first manager home manager declares that “I have the driver and a communication can be constructed to transfer it.” But before doing transmission, the second home manager must check whether the first smart home has the software through the blockchain. After the transmission, the information of “The first home transferred the device driver to the second home” will be recorded. Different from the original blockchain working mechanism, in this model, only some of the home managers need to participate in the verification and storage process. This working mechanism reduces the storage capacity of the entire network. Sensors 2018, 18, 2784 12 of 18 declares that “I have the driver and a communication can be constructed to transfer it.” But before doing transmission, the second home manager must check whether the first smart home has the software through the blockchain. After the transmission, the information of “The first home transferred the device driver to the second home” will be recorded. Different from the original blockchain working mechanism, in this model, only some of the home managers need to participate in the verification and storage process. This working mechanism reduces the storage capacity of the entire network. Smart Home access: Take a device request as a transaction and consider the situation in which Alice invites Bob to her home for a party. When Bob arrives at Alice’s home, the smart access control in Alice’s home gets the entry request and sends the information “Bob is in Alice’s home” to the blockchain. After that Bob wants to check the situation of his own home through Alice home’ network using his cell phone. The access from Alice’s home to Bob’s home must be constructed. But before doing this, Bob’s home manager must check whether it is true that Bob has requested access from Alice’s home. The credibility of Bob’s cell phone will be verified by some of the other smart homes which have recorded the information. After Bob’s smart home manager verified Bob’s cell phone, it will permit access and the new information “Bob has accessed his home from Alice’s home using his cell phone” will be sent to the blockchain network.

5. Experiments and Evolution

5.1. Storage Efficiency Analysis In this section we discuss the parameters of the hypergraph-based blockchain network. We study the effect of network parameters on storage efficiency. As discussed in Section 3.3.1, the main parameters are the graph’s degree N and the count of the upper limit of nodes in hyperedge C. These parameters affect the average storage in each node (SEN), or the used memory in each node. The methodology of the designed experiments is that: For a given value of C and a number of total nodes in the network we calculate the average storage capacity of nodes and draw the figures. In the following experiments, we assume that the number of transactions in the network is 104. The results are shown in Figure7. From Figure7, we can see that with a given N, if the value of C increases, the average record storage capacity of each node continuously increases. The reason is that with the increase of C, the number of nodes in each hyperedge increases, while the number of hyperedges decreases. Each transaction record is stored by more nodes, so that the average storage in each node increases. On the other hand, it also can be seen that the smaller the number of nodes in the graph, the greater the storage capacity of each node. With the same number of transaction records and C values, the smaller the number of nodes, the smaller the corresponding number of hyperedges. Under the premise that the distribution of nodes in each hyperedge is the same, there are more transaction data records in each hyperedge in a graph with fewer hyperedges, resulting in a larger average storage capacity for each node. In particular, when C is equal to the number of nodes in the hypergraph, the proposed model will degenerate into the original blockchain model. Furthermore, we found that for different N, the curves in the images are very similar. Therefore, we superimposed different curves of N from 1 to 10, and the results are shown in Figure8. It can be seen from Figure8 that the graph’s degree N of the hypergraph has almost no effect on the average storage of each node. That means the storage of each node is only related to the number of transactions and C. In order to prove the advantage of the hypergraph-based blockchain model, we compared the total used memory capacity in the model with the original blockchain model. The results are shown in Figure9. The original blockchain stores all records in all nodes, so the used memory capacity for the whole network is in proportion to the number of transactions. It can be clearly seen from Figure9 that the model proposed in this paper is much smaller than the original blockchain model in terms of overall network storage consumption, and it also shows that the total storage quantity is basically independent with the graph’s degree N. Sensors 2018, 18, x FOR PEER REVIEW 12 of 18

Smart Home access: Take a device request as a transaction and consider the situation in which Alice invites Bob to her home for a party. When Bob arrives at Alice’s home, the smart access control in Alice’s home gets the entry request and sends the information “Bob is in Alice’s home” to the blockchain. After that Bob wants to check the situation of his own home through Alice home’ network using his cell phone. The access from Alice’s home to Bob’s home must be constructed. But before doing this, Bob’s home manager must check whether it is true that Bob has requested access from Alice’s home. The credibility of Bob’s cell phone will be verified by some of the other smart homes which have recorded the information. After Bob’s smart home manager verified Bob’s cell phone, it will permit access and the new information “Bob has accessed his home from Alice’s home using his cell phone” will be sent to the blockchain network.

5. Experiments and Evolution

5.1. Storage Efficiency Analysis In this section we discuss the parameters of the hypergraph-based blockchain network. We study the effect of network parameters on storage efficiency. As discussed in Section 3.3.1, the main parameters are the graph’s degree N and the count of the upper limit of nodes in hyperedge C. These parameters affect the average storage in each node (SEN), or the used memory in each node. The methodology of the designed experiments is that: For a given value of C and a number of total nodes in the network we calculate the average storage capacity of nodes and draw the figures. In the following experiments, we assume that the number of transactions in the network is 104.The results are shown in Figure 7. From Figure 7, we can see that with a given N, if the value of C increases, the average record storage capacity of each node continuously increases. The reason is that with the increase of C, the number of nodes in each hyperedge increases, while the number of hyperedges decreases. Each transaction record is stored by more nodes, so that the average storage in each node increases. On the other hand, it also can be seen that the smaller the number of nodes in the graph, the greater the storage capacity of each node. With the same number of transaction records and C values, the smaller the number of nodes, the smaller the corresponding number of hyperedges. Under the premise that the distribution of nodes in each hyperedge is the same, there are more transaction data records in each hyperedge in a graph with fewer hyperedges, resulting in a larger average storage capacity for each node. In particular, when C is equal to the number of nodes in the SensorsSensors 2018 2018, 18, 18, x, FORx FOR PEER PEER REVIEW REVIEW 1313 of of 18 18 Sensorshypergraph,2018, 18, 2784 the proposed model will degenerate into the original blockchain model. 13 of 18

6,000 6,000 6,000 Nodes=1,000 6,000 Nodes=1,000 Nodes=1,000 Nodes=1,000 6,000 Nodes=2,000 6,000 Nodes=2,000 Nodes=2,000Nodes=1,000 Nodes=2,000Nodes=1,000 5,000 Nodes=4,000 5,000 Nodes=4,000 5,000 Nodes=4,000Nodes=2,000 5,000 Nodes=4,000Nodes=2,000 Nodes=8,000 Nodes=8,000 5,000 Nodes=8,000Nodes=4,000 5,000 Nodes=8,000Nodes=4,000 4,000 Nodes=8,000 4,000 Nodes=8,000 4,000 4,000 4,000 4,000 3,000 3,000

3,000SEN 3,000SEN SEN 3,000 SEN 3,000 SEN SEN 2,000 2,000 2,000 2,000 2,000 2,000 1,000 1,000 1,000 1,000 1,000 1,000 0 0 0 100 200 300 400 500 600 700 800 900 0 100 200 300 400 500 600 700 800 900 100 200 300 400 500 600 700 800 900 100 200 300 400 500 600 700 800 900 0 C 0 C 100 200 300 400 C500 600 700 800 900 100 200 300 400 C500 600 700 800 900 Sensors 2018, 18, x FOR PEER REVIEWC C 13 of 18 (c()c ) (d()d ) (a) (b) 6,000 FigureFigure 7. 7.The The average average storage storage in in each each node, node, (a ()a N) N 6,000= 1,= 1,(b ()b N) N = 2,= 2,(c ()c N) N = 3,= 3,and and (d ()d N) N = 4.= 4. Nodes=1,000 Nodes=1,000 Nodes=2,000 Nodes=2,000 5,000 Nodes=4,000 5,000 Nodes=4,000 Furthermore,Furthermore,Nodes=8,000 we we found found that that for for different different N, N, the the cu curvesrves in in theNodes=8,000 the images images are are very very similar. similar. Therefore, Therefore, wewe superimposed superimposed4,000 different different curves curves of of N N from from 1 1to to 10 10, and, and4,000 the the results results are are shown shown in in Figure Figure 8. 8. It Itcan can be be seen from Figure 8 that the graph’s degree N of the hypergraph has almost no effect on the average seen from3,000 Figure 8 that the graph’s degree N of the hypergraph3,000 has almost no effect on the average storagestorageSEN of of each each node. node. That That means means the the storage storage of of each eachSEN node node is is only only related related to to the the number number of of transactionstransactions2,000 and and C. C. In In order order to to prove prove the the advantag advantage eof of the2,000 the hypergraph-based hypergraph-based blockchain blockchain model, model, we we compared the total used memory capacity in the model with the original blockchain model. The compared1,000 the total used memory capacity in the model1,000 with the original blockchain model. The resultsresults are are shown shown in in Figure Figure 9. 9. The The original original blockcha blockchainin stores stores all all records records in in all all nodes, nodes, so so the the used used 0 0 memorymemory100 capacity capacity200 300 for for 400the the whole500 whole600 network network700 800 is is in900 in proportion proportion100 to to the200 the number 300number400 of of500 transactions. transactions.600 700 800 It Itcan 900can be be clearly seen from Figure 9C that the model proposed in this paper is much smallerC than the original clearly seen from Figure 9(c )that the model proposed in this paper is much smaller(d) than the original blockchainblockchain model model in in terms terms of of overall overall network network storag storage econsumption, consumption, and and it italso also shows shows that that the the total total storage quantityFigure is 7. basically The average indepe storagendent in each with node, the graph’s(a) N = 1, degree (b) N = N.2, ( c) N = 3, and (d) N = 4. storage quantityFigure is 7. basicallyThe average indepe storagendent in each with node, the graph’s (a) N = 1, degree (b) N = N. 2, (c) N = 3, and (d) N = 4.

Furthermore, we found that6,000 for different N, the curves in the images are very similar. Therefore, 6,000 Nodes=1,000,N∈[1,10] Nodes=1,000,N∈[1,10] we superimposed different curves ofNodes=2,000,N N from ∈1[1,10] to 10, and the results are shown in Figure 8. It can be Nodes=2,000,N∈[1,10] 5,000 Nodes=4,000,N∈[1,10] 5,000 Nodes=4,000,N∈[1,10] seen from Figure 8 that the graph’s Nodes=8,000,Ndegree N∈ of[1,10] the hypergraph has almost no effect on the average Nodes=8,000,N∈[1,10] 4,000 storage of each node. That4,000 means the storage of each node is only related to the number of transactions and C. In order to prove the advantage of the hypergraph-based blockchain model, we 3,000

3,000SEN compared the total used memorySEN capacity in the model with the original blockchain model. The 2,000 results are shown in Figure2,000 9. The original blockchain stores all records in all nodes, so the used

memory capacity for the whole1,000 network is in proportion to the number of transactions. It can be 1,000 clearly seen from Figure 9 that the model proposed in this paper is much smaller than the original 0 0 100 200 300 400 500 600 700 800 900 blockchain model in terms of 100overall200 network300 400 storag500 600e consumption,700 800 900 and it also shows that the total C storage quantity is basically independent with theC graph’s degree N. FigureFigureFigure 8. 8. 8.TheThe The average average average storage storage storage in in in each each each node. node. node.

6,000 7 ∈ x 710 Nodes=1,000,N [1,10] x9 10 Nodes=2,000,N∈[1,10] 9 hypergraph N=1 5,000 hypergraphNodes=4,000,N N=1 ∈[1,10] 8 hypergraph N=2 8 hypergraphNodes=8,000,N N=2 ∈[1,10] hypergraph N=4 hypergraph N=4 4,0007 hypergraph N=8 7 hypergraph N=8 original BC 6 original BC 6 3,000 SEN 5 5 4 2,0004 Storage count Storage

Storage count Storage 3 3 1,000 2 2

10 1 100 200 300 400 500 600 700 800 900 0 C 0 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 9,000 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 9,000 Nodes count Figure 8. The averageNodes count storage in each node. FigureFigure 9. 9.Memory Memory comparison comparison of of proposed proposed mode model withl with original original blockchain blockchain model. model. Figure 9. Memory comparison7 of proposed model with original blockchain model. x 10 9 hypergraph N=1 8 hypergraph N=2 hypergraph N=4 7 hypergraph N=8 original BC 6

Storage count Storage 3

0 1,000 2,000 3,000 4,000 5,000 6,000 7,000 8,000 9,000 Nodes count Figure 9. Memory comparison of proposed model with original blockchain model.

Sensors 2018, 18, 2784 14 of 18

Sensors 2018, 18, x FOR PEER REVIEW 14 of 18 In the original blockchain model, if 51% of nodes are hacked at the same time, the deception can be established.In the original However, blockchain the risk model, is reduced if 51% in of the nodes proposed are hacked model. at Therefore,the same time, a bigger the Cdeception must be can set andbe established. the arbitration However, threshold the should risk is bereduced set lower. in the proposed model. Therefore, a bigger C must be set and the arbitration threshold should be set lower. 5.2. Network Evolution 5.2. NetworkThe security Evolution analysis in Section 3.5 illustrates the importance of the co-rank, which is denoted by C/2 inThe Section security 3.3.1 analysis, and the in experiments Section 3.5 illustrates in Section the5.1 showimportance that not of onlythe co-rank, the storage which efﬁciency is denoted but alsoby C/2 security in Section factors 3.3.1, rely onand the the network experiments parameter in Section C. In this5.1 section,show that we not discuss only the the network storage evolutionefficiency withbut also C. security factors rely on the network parameter C. In this section, we discuss the network evolutionIn Section with 3.6 C., we designed a hyperedge splitting algorithm for the evolution of network structure, whichIn affects Section the 3.6, average we designed cardinality a ofhyperedge the graph. splitting The algorithm algorithm guarantees for the theevolution cardinality of network of each hyperedgestructure, which between affects co-rank(C/2) the average and cardinality rank(C). Therefore,of the graph. as The the numberalgorithm of guarantees network nodes the cardinality increases, theof each number hyperedge of network between hyperedges co-rank(C/2) will change,and rank(C but). a Therefore, lower bound as the and number an upper of network bound will nodes be guaranteed.increases, the Let numberhmin(n) ofdenote networ thek minhyperedges count of hyperedgeswill change, in but a n avertexes lower bound hypergraph and an and upperhmax bound(n) to the max. Depending on the algorithm, we get the following formulas: will be guaranteed. Let hmin(n) denote the min count of hyperedges in a n vertexes hypergraph and hmax(n) to the max. Depending on the algorithm, we get the following formulas: hmin (n) = n/C + 1. (1) ℎ() =⁄ +1. (1) C h (n) = n/ + 1. (2) max 2 ℎ() = +1. (2) Equation (1) means that all vertexes always insert2 into one hyperedge and split the hyperedge. ThenEquation for all hyperedges (1) means inthat the all graph, vertexes there always are onlyinsert C/2 into vertexes one hyperedge in each and edge. split For the the hyperedge. Formula (2),Then vertexes for all arehyperedges inserted intoin the the graph, edge there with theare fewestonly C/2 number vertexes of vertexesin each edge. each For time, the only Formula when (2), all hyperedgesvertexes are have inserted C nodes into does the theedge splitting with the happen. fewest Asnumber a general of vertexes situation, each a new time, vertex only is when inserted all intohyperedges a hyperedge have randomly. C nodes does Then the the splitting nodes are happen. uniformly As a distributed, general situ meaningation, a new that vertex when thereis inserted are k hyperedgesinto a hyperedge in the randomly. graph, after Then inserting the nodesk*C/2 are nodes, uniformly the k nodes distributed, inserted meaning next will that cause when the therek edges are tok hyperedges split. Thus, in if wethe letgraph,h(n) denoteafter inserting the count k*C/2 of hyperedges,nodes, the k itnodes should inse meetrted thenext following will cause formula: the k edges to split. Thus, if we let h(n) denote( the count of hyperedges, it should meet the following formula: h(n), n + 1 < h(n) × C h(n + 1 ) = ℎ(),+1<ℎ() × (3) ℎ(+1) =h(n) + 1, h(n) × C < n + 1 < (h(n) + 1) × C . (3) ℎ() +1,ℎ() ×<+1<(ℎ() +1) ×. WeWe designed designed experiments experiments toto verifyverify thisthis characteristiccharacteristic ofof thethe network,network, andand thethe resultsresults areare shownshown inin FigureFigure 10 10.. FigureFigure 1010 showsshows thatthat withwith thethe increaseincrease ofof C,C, thethe capacitycapacity ofof eacheach hyperedgehyperedge increases,increases, andand thethe changechange ofof hyperedgehyperedge numbernumber is is moremore and and moremore stepwise,stepwise, which which is is inin lineline withwith thethe descriptiondescription ofof EquationEquation (3). (3). Particularly, Particularly, in in Figure Figure 10 10f,f, the the height height and and length length of eachof each step step is almost is almost twice twice that that of the of previousthe previous level, level, which which is consistent is consistent with with the analysis the analysis results. results.

4 x 10 2 4,000 h(n) h(n) hmin(n) 3,500 hmin(n) hmax(n) hmax(n) 1.5 3,000

2,500

1 2,000

1,500

Numberhyperedges of 0.5 Numberhyperedges of 1,000

500

0 0 0 2 4 6 8 10 0 2 4 6 8 10 5 5 Number of nodes x 10 Number of nodes x 10 (a) (b)

Figure 10. Cont.

SensorsSensors2018 2018, 18, 18, 2784, x FOR PEER REVIEW 1515 of of 18 18

2,000 1,000 h(n) h(n) hmin(n) hmin(n) hmax(n) hmax(n) 800 1,500

600 1,000 400

Number of hyperedges 500 Number of hyperedges 200

0 0 0 2 4 6 8 10 0 2 4 6 8 10 5 5 Number of nodes x 10 Number of nodes x 10 (c) (d)

500 250 h(n) h(n) hmin(n) hmin() hmax(n) hmax() 400 200

300 150 X: 5.6×10^5 X: 9.6×10^5 Y: 1 28 Y: 128

200 100 X: 2.8×10^5 Y: 64 Number of hyperedges Number of hyperedges 100 50X: 1.4×10^5 X: 4.8×10^5 Y: 32 Y: 64

X: 2.4×10^5 Y: 3 2 0 0 0 2 4 6 8 10 0 2 4 6 8 10 5 5 Number of nodes x 10 Number of nodes x 10 (e) (f)

FigureFigure 10. 10.The The network network evolution evolution with with different different C, C, (a ()a C) C = = 100, 100, (b ()b C) C = = 500, 500, (c ()c C) C = = 1,000, 1,000, ( d(d)) C C = = 2000, 2000, (e()e C) C = = 4000, 4000, ( f()f) C C = = 8000. 8000.

The experiments in Section 5.1 show that for minimizing the entire network storage capacity, we The experiments in Section 5.1 show that for minimizing the entire network storage capacity, need a small C, but as discussed in Section 3.5, for security, we need a big C; this is a contradiction. we need a small C, but as discussed in Section 3.5, for security, we need a big C; this is a contradiction. Therefore, we need to find the minimum value of C to maintain security. The problem is that for a Therefore, we need to ﬁnd the minimum value of C to maintain security. The problem is that for a given given verification threshold t, how many forged nodes must be joined in order to construct a veriﬁcation threshold t, how many forged nodes must be joined in order to construct a hyperedge with hyperedge with a forged node ratio exceeding t. Let n(i) denote the nodes counted in a hypergraph a forged node ratio exceeding t. Let n(i) denote the nodes counted in a hypergraph with i hyperedges. with i hyperedges. Based on experiments in Section 5.2, we can approximately consider that: Based on experiments in Section 5.2, we can approximately consider that: (+1) =() +() × . (4) C2 n(i + 1 ) = n(i) + n(i) × . (4) Obviously, n(1) ∈ [1, C/2], and C is much bigger than 1. Ther2 efore, from iteration Formula (4) we get Obviously,the generaln term(1) ∈ of[1, n(iC/2],): and C is much bigger than 1. Therefore, from iteration Formula (4) we get the general term of n(i): () =(1) ×1+ ≈1+ ≈ . (5) 2 2 2 C i−1 C i−1 C i−1 n(i) = n(1) × 1 + ≈ 1 + ≈ . (5) From n(i) to n(i + 1) the new node ratio2 goes to 50% for2 each hyperedge,2 and the count of nodes we added is calculated in Equation (6): From n(i) to n(i + 1) the new node ratio goes to 50% for each hyperedge, and the count of nodes we added is calculated in Equation(+1) − (6):() = − = −1× . (6) 2 2 2 2 Under equal probability conditions, C if iwe wantC ia− 1hyperedge C with a Cforgedi−1 node ratio exceeding n(i + 1 ) − n(i) = − = − 1 × . (6) t, we at least add log edges. The total2 nodes 2added, T(n)2, is calculated2 in Equation (7): Under equal probability conditions, if we want a hyperedge with a forged node ratio exceeding t, 1 we at least add log 1(edges.) =+ The total nodes− added,() =T(n), is calculated× in Equation−1. (7): (7) 2 1−t 1− 2 2

Sensors 2018, 18, 2784 16 of 18

i−1 log 1 ! 1 C C 2 1−t T(n) = n i + log − n(i) = × − 1 . (7) 2 1 − t 2 2

The edge count i is related with the node count in the network in Equation (3) and can be approximately considered to be i = log2(N + 1) (approximate calculation according to Figure 10f) where N denotes the count of nodes in the network. Equation (7) becomes to Equation (8):

log N+1 log 1 ! C 2 2 C 2 1−t T(n) = × − 1 . (8) 2 2

In Equation (8), T(n) denotes how difﬁcult it is to forge a hyperedge. It is related with the rank C, network scale N, and the given veriﬁcation threshold t. For the given parameters of T(n),N and t, we get the smallest C by solving Equation (8).

6. Conclusions With the fast development of mobile internet, IoT applications, represented by smart homes, have been applied in many areas. However, IoT applications still face many security and privacy challenges. Blockchain technology, which underpins the crypto-currency bitcoin, has played an important role in the development of decentralized and data intensive applications running on millions of devices. Due to the less energy and memory of most IoT devices, we propose a hypergraph-based blockchain model. By abstracting the blockchain network in a hypergraph, we considered each home as a node in the graph and used hypergraph theory to discount the network’s storage for records. The working mechanism, security risks and response strategy were discussed. The hypergraph based blockchain model proposed in this paper can be applied to smart homes and can facilitate maintaining security and privacy protection requirements. The experiments showed that the storage capacity is better than the original blockchain. The results also show that the average storage in each node increases with its rank in the hyperedge and is independent from the degree of the graph. We studied the network evolution using the proposed algorithm of splitting and aggregation hyperedges. A formula about the security relation to the graph rank and veriﬁcation threshold was given. Although the model can improve the storage capacity of blockchain, there are still some issues that need to be further studied. First, the construction of the linearly independency matrix needs an effective algorithm to support it, and if the order is allowed to be changed, the communication protocol must be designed. Second, the accuracy of attack detection needs to be studied. More experiments must be done to adjust network parameters and improve them.

Author Contributions: C.Q. and M.T. conceived and designed the study. C.Q. designed the experiments and wrote the paper. M.T. reviewed and edited the manuscript. R.Y. implemented the experiments and analyzed the data. All authors read and approved the manuscript. Funding: This work was supported in part by Natural Science Foundation of Guangdong Province (Grant No. 2018A030313014), Guangdong University Scientific Innovation Project (Grant No. 2017KTSCX178); the outstanding young teacher training program of the Education Department of Guangdong Province (Grant No. YQ2015158); Guangdong Provincial Science and Technology Plan Projects (Grant No. 2016A010101035); the National Natural Science Fund, China (Grant No. 61300198). Conflicts of Interest: The authors declare no conflicts of interest.

References

1. Tao, M.; Zuo, J.; Liu, Z.; Castiglione, A.; Palmieri, F. Multi-layer cloud architectural model and ontology-based security service framework for IoT-based smart homes. Future Gener. Comput. Syst. 2018, 78, 1040–1051. [CrossRef] Sensors 2018, 18, 2784 17 of 18

2. Li, H.; Tian, Y.; Liu, Y.; Li, T. UAI-IOT framework: A method of uniform interfaces to acquire information from heterogeneous enterprise information systems. In Proceedings of the IEEE International Conference on Green Computing and Communications and IEEE Internet of Things and IEEE Cyber, Physical and Social Computing, Beijing, China, 20–23 August 2013; pp. 724–730. 3. Xie, R.; He, C.L.; Xie, D.Q.; Gao, C.Z.; Zhang, X.J. A secure ciphertext retrieval scheme against insider kgas for mobile devices in cloud storage. Secur. Commun. Netw. 2018, 2018, 7254305. [CrossRef] 4. Yang, H.; Yu, J.; Zo, H.; Choi, M. User acceptance of wearable devices: An extended perspective of perceived value. Telemat. Inform. 2016, 33, 256–269. [CrossRef] 5. Sutar, S.H.; Koul, R.; Suryavanshi, R. Integration of smart phone and IOT for development of smart public transportation system. In Proceedings of the International Conference on Internet of Things and Applications, Pune, India, 22–24 June 2016; pp. 73–78. 6. Tao, M.; Ota, K.; Dong, M. Ontology-based data semantic management and application in IoT- and cloud-enabled smart homes. Future Gener. Comput. Syst. 2017, 76, 528–539. [CrossRef] 7. Chen, Z.H.; Zhang, F.G.; Zhang, P.; Liu, J.K.; Huang, J.W.; Zhao, H.B.; Shen, J. Verifiable keyword search for secure big data-based mobile healthcare networks with fine-grained authorization control. Future Gener. Comput. Syst. 2018, 87, 712–724. [CrossRef] 8. Fernandes, E.; Jung, J.; Prakash, A. Security analysis of emerging smart home applications. In Proceedings of the IEEE Symposium on Security and Privacy, San Jose, CA, USA, 22–26 May 2016; pp. 636–654. 9. Kalofonos, D.N.; Shakhshir, S. Intuisec: A Framework for Intuitive User Interaction with Smart Home Security using Mobile Devices. In Proceedings of the 18th IEEE International Symposium on Personal, Indoor and Mobile Radio Communication, Athens, Greece, 3–7 September 2007; pp. 1–5. 10. Komninos, N.; Philippou, E.; Pitsillides, A. Survey in smart grid and smart home security: Issues, challenges and countermeasures. IEEE Commun. Surv. Tutor. 2014, 16, 1933–1954. [CrossRef] 11. Dorri, A.; Kanhere, S.S.; Jurdak, R.; Gauravaram, P. Blockchain for IoT security and privacy: The case study of a smart home. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops, Kona, HI, USA, 13–17 March 2017; pp. 618–623. 12. Bertino, E. Data security and privacy in the IoT. In Proceedings of the 19th International Conference on Extending Database Technology, Bordeaux, France, 15–18 March 2016; pp. 1–3. 13. Shafagh, H.; Burkhalter, L.; Hithnawi, A.; Duquennoy, S. Towards blockchain-based auditable storage and sharing of iot data. In Proceedings of the 2017 Cloud Computing Security Workshop, co-located with CCS 2017, Dallas, TX, USA, 3 November 2017; pp. 45–50. 14. Treleaven, P.; Brown, R.G.; Yang, D. Blockchain technology in finance. Computer 2017, 50, 14–17. [CrossRef] 15. Gatteschi, V.; Lamberti, F.; Demartini, C.; Pranteda, C.; Santamaría, V. To blockchain or not to blockchain: That is the question. IT Prof. 2018, 20, 62–74. [CrossRef] 16. Laplante, P.A.; Amaba, B. Blockchain and the internet of things in the industrial sector. IT Prof. 2018, 20, 15–18. [CrossRef] 17. Esposito, C.; Santis, A.D.; Tortora, G.; Chang, H.; Choo, K.K.R. Blockchain: A panacea for healthcare cloud-based data security and privacy? IEEE Cloud Comput. 2018, 5, 31–37. [CrossRef] 18. Kshetri, N. Can blockchain strengthen the internet of things? IT Prof. 2017, 19, 68–72. [CrossRef] 19. Dorri, A.; Kanhere, S.S.; Jurdak, R. Towards an optimized blockchain for IoT. In Proceedings of the International Conference on Internet-Of-Things Design and Implementation, Pittsburgh, PA, USA, 18–20 April 2017; pp. 173–178. 20. Jin, P.; Park, J. Blockchain security in cloud computing: Use cases, challenges, and solutions. Symmetry 2017, 9, 164. 21. Ali, W.; Dustgeer, G.; Awais, M.; Shah, M.A. IoT based smart home: Security challenges, security requirements and solutions. In Proceedings of the International Conference on Automation and Computing, Huddersfield, UK, 7–8 September 2017; pp. 1–6. 22. Chifor, B.C.; Bica, I.; Patriciu, V.V.; Pop, F. A security authorization scheme for smart home internet of things devices. Future Gener. Comput. Syst. 2018, 86, 740–749. [CrossRef] 23. Khan, M.A.; Salah, K. IoT security: Review, blockchain solutions, and open challenges. Future Gener. Comput. Syst. 2018, 82, 395–411. [CrossRef] 24. Qu, C.; Tao, M.; Zhang, J.; Hong, X.Y.; Yuan, R.F. Blockchain based credibility verification method for IoT entities. Secur. Commun. Netw. 2018, 2018, 7817614. [CrossRef] Sensors 2018, 18, 2784 18 of 18

25. Gervais, A.; Karame, G.O.; Glykantzis, V.; Ritzdorf, H.; Capkun, S. On the security and performance of proof of work blockchains. In Proceedings of the ACM Sigsac Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 3–16. 26. Swan, M. Blockchain: Blueprint for a New Economy, 1st ed.; O’Reilly: Sebastopol, CA, USA, 2015. 27. Shen, J.; Wang, C.; Li, T.; Chen, X.F.; Huang, X.Y.; Zhan, Z.H. Secure data uploading scheme for a smart home system. Inf. Sci. 2018, 453, 186–197. [CrossRef] 28. Christidis, K.; Devetsikiotis, M. Blockchains and smart contracts for the internet of things. IEEE Access 2016, 4, 2292–2303. [CrossRef] 29. Huh, S.; Cho, S.; Kim, S. Managing IoT devices using blockchain platform. In Proceedings of the International Conference on Advanced Communication Technology, Bongpyeong, Korea, 19–22 February 2017; pp. 464–467. 30. Ouaddah, A.; Elkalam, A.A.; Ouahman, A.A. Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In Europe and MENA Cooperation Advances in Information and Communication Technologies; Springer: Berlin, Germany, 2017. 31. Samaniego, M.; Deters, R. Blockchain as a service for IOT. In Proceedings of the IEEE International Conference on Internet of Things, Chengdu, China, 16–19 December 2017; pp. 433–436. 32. Raman, R.K.; Varshney, L.R. Dynamic distributed storage for scaling blockchains. arXiv 2017, arXiv:1711.07617. 33. Bretto, A. Hypergraph Theory; Springer: Cham, Switzerlands, 2013. 34. Jung, J.; Chun, S.; Lee, K.H. Hypergraph-based overlay network model for the internet of things. In Proceedings of the IEEE World Forum on Internet of Things, Milan, Italy, 14–16 December 2015; pp. 104–109. 35. Yao, L.; Sheng, Q.Z.; Ngu, A.H.H.; Li, X. Things of interest recommendation by leveraging heterogeneous relations in the internet of things. ACM Trans. Internet Technol. 2016, 16, 1–25. [CrossRef] 36. Rodrigues, B.; Bocek, T.; Stiller, B. Multi-domain ddos mitigation based on blockchains. In Proceedings of the 11th IFIP WG 6.6 International Conference on Autonomous Infrastructure, Management, and Security, AIMS, Zurich, Switzerland, 10–13 July 2017; pp. 185–190. 37. Tosh, D.K.; Shetty, S.; Liang, X.; Kamhoua, C.A.; Kwiat, K.A.; Njilla, L.; IEEE. Security implications of blockchain cloud with analysis of block withholding attack. In Proceedings of the 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Madrid, Spain, 14–17 May 2017; pp. 458–467.

© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).