Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain
The slides I used at my paper presentation on September 30, 2025, at IEEE Region 10 Humanitarian Technology Conference (HTC) 2025, held at Chiba University of Commerce, Japan.
IoT Information with Tamper-Evident Sensors and Blockchain Kenji Saito Graduate School of Business and Finance, Waseda University Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.1/17
may be lost Humanitarian context: disasters, unstable networks, life-critical decisions Goal: Verify content, origin, time, and location of sensor/actuator data even under data loss and untrusted intermediaries Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.2/17
censored by anyone The requirement can be broken down into the following four properties: 1) Self-sovereignty — Users can participate in the system only at their own will without requiring permissions from others 2) Censorship resistance in the narrow sense — Recordings directed by the user cannot be stopped by the will of anyone else 3) Fault Tolerance — Recordings directed by the user will not be stopped by a system breakdown or failure. 4) Tamper-resistance — Records cannot be deleted or changed later, and records that were not there in the past cannot be falsified Henceforth we will assume that blockchains to be used in our proposal satisfy these properties (because existing blockchain systems have problems) Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.3/17
cannot protect past data (public key revoked) Timestamped evidence is required Evidence linked via redundant hash chains (a-past linkage) Cost-efficient anchoring: aggregate digests into Merkle trees; commit only the root to an evidence service Separation of roles: service vs. independent “blockchain” evidence service Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.4/17
root on-chain Verifier reproduces the root from a leaf using provided siblings On-chain contract stores the root and block number Gas fee is minimized Actual time is estimated from the block # evidence 1 digest digest digest digest digest digest digest duplicate in case of odd number record can retrieve information Colored items are information disclosed to parties requiring certification Merkle root Merkle tree digest digest digest digest digest digest (Ethereum) blockchain … evidence 2 evidence 3 evidence 4 evidence n public information private information Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.5/17
block number for each digest (proof-of-existence) contract BBcAnchor { mapping ( uint256 => u i n t ) public _digests ; constructor ( ) public { } function getStored ( uint256 digest ) public view returns ( u i n t block_no ) { return ( _digests [ digest ] ) ; } function isStored ( uint256 digest ) public view returns ( bool isStored ) { return ( _digests [ digest ] > 0 ) ; } function store ( uint256 digest ) public returns ( bool isAlreadyStored ) { bool isRes = _digests [ digest ] > 0; i f ( ! isRes ) { _digests [ digest ] = block . number ; } return ( isRes ) ; } } Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.6/17
to service and commits evidence to blockchain evidence service atomically If the action fails, absence is observable; otherwise evidence matches readouts (failure of the atomic action can be recovered through this proposal) Service User Sensor/Actuator Blockchain Service Environment threat : loss of integrity (false information may be reported to users) (including other services) records are not controlled by the services or blockchain itself atomic action allows verification of authenticity (tamper-evident) Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.7/17
witness w/ <random, search-key> Witness section: public key and signature For stream data, periodically placed Public key identifies device selective disclosure is possible digital signature digital signature digest evidence digest digest public key algorithm public key algorithm search key readout sporadic data example final digest of readout stream data example sensor data data body a-past digest previous digest location sensor data time random number witness section Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.8/17
a-past readout ⇒ sparse DAG Tolerates up to a − 1 consecutive losses; verify via nearest reachable checkpoint witness checkpoint readout general readout evidence blockchain service witness * To verify authenticity of a readout in a stream: 1) Find the nearest checkpoint that reaches the readout in question in the directed acyclic graph. 2) Verify the evidence of the checkpoint. data data data data data digests Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.9/17
Checkpoint every s readouts; links to prev and a-past Verifiable if reachable from a checkpoint through available digest chain Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.10/17
Tamper-evident devices alone cannot protect past data (public key revoked) Cost-efficient blockchain anchoring via Merkle aggregation Although this is a well-known practice a-past redundant chaining robust to bursty losses; checkpoints for streaming Applicable to humanitarian deployments (disaster response, low-infra regions) Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.14/17
frequency vs. gas-fee trade-offs; batching policy matters Adaptive a and s can react to changing loss profiles a and s need not to be constant Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.15/17
missing events) Blockchain-based mobile IoT logging (reliable if uninterrupted) PUF-enabled continuous auth (assumes stable comms) Ours: explicitly handles unintentional data loss with sparse DAG links Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.16/17
redundancy (a = 3 ∼ 10) + reasonable s works well Next: adaptive policies; field trials in humanitarian scenarios Code/Example: https://github.com/beyond-blockchain/bbc2-examples/tree/develop/file-recorder This demonstrates how we can provide proof of authenticity of general files with fault-tolerant backchaining Dropping a file into the designated directory automatically generates its proof of existence (requires BBc-2) Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain — IEEE R10 HTC 2025 – p.17/17