© 2020 IEEE. Personal use of this material is permitted.

Permission from IEEE must be obtained for all other uses, in any current or future media, including
reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or1lists, or reuse
of any copyrighted component of this work in other works.

Blockchain at the Edge: Performance of

Resource-Constrained IoT Networks
Sudip Misra, Senior Member, IEEE, Anandarup Mukherjee, Student Member, IEEE, Arijit
Roy, Student Member, IEEE, Nishant Saurabh, Yogachandran Rahulamathavan, and
Muttukrishnan Rajarajan, Senior Member, IEEE

y
nl
Abstract—The proliferation of IoT in various technological challenges of connectivity, address reuse, energy

O
realms has resulted in the massive spurt of unsecured data. The efficiency, and mobility. Typically, due to the chal-
use of complex security mechanisms for securing these data is lenging issues of massive deployments, the pres-
highly restricted owing to the low-power and low-resource nature ence of constrained networks, and often charac-

se
of most of the IoT devices, especially at the Edge. In this work, teristically constrained nature, IoT devices them-
we propose to use blockchains for extending security to such
selves, the ensuing IoT ecosystem has inherent
IoT implementations. We deploy a private Ethereum blockchain
consisting of both regular and constrained devices connecting
vulnerabilities. A majority of the present-day IoT
lU solutions are plagued by vulnerabilities, which are
to the blockchain through wired and wireless heterogeneous
networks. We additionally implement a secure and encrypted challenging and which make them prone to easy
networked clock mechanism to synchronize the non-real-time manipulation and disruption. Some of the common
vulnerabilities are weak or hardcoded passwords,
na

IoT Edge nodes within the blockchain. Further, we experimen-

tally study the feasibility of such a deployment and the bottle- insecure network segments, poorly protected inter-
necks associated with it. We study the effects of network latency, faces and data access mechanisms, insecure data
increase in constrained blockchain nodes, data size, Ether, and transfer mechanisms, and others. Furthermore, the
so

blockchain node mobility during transaction and mining of data massive deployments of IoT devices often make it
within our deployed blockchain. This study serves as a guideline
impossible for a network administrator to track-
for designing secured solutions for IoT implementations under
down malicious or compromised devices amongst
er

various operating conditions such as those encountered for

static IoT nodes and mobile IoT devices.
the deployed devices.
The issue of designing practical solutions for
rP

Index Terms—Internet of Things, blockchain, Edge nodes, securing IoT data, especially in terms of speed-
Ethereum, Constrained-networks

1 I NTRODUCTION
Fo

The major challenge associated with IoT-based sys-

tems is the issue of ensuring the security of data
being handled by such systems, besides the regular
S. Misra and A. Mukherjee are with the Department of Computer
Science and Engineering at Indian Institute of Technology Kharagpur,
India
A. Roy is with the Advanced technology Development Center at
Indian Institute of Technology Kharagpur, India
N. Saurabh is with the Department of Electronics and Communica-
tion Engineering at National Institute of Technology Patna, India
Y. Rahulamathavan is with the Institute for Digital Technologies,
Loughborough University London, UK
M. Rajarajan is with the Information Security Group, School of Fig. 1: An outline of a typical IoT-based Industrial
Engineering and Mathematical Sciences, City University London,
London, UK ecosystem.

ily ensuring trust, integrity, and non-repudiation,
hinges on the nature of the devices, its energy
efficiency, and mobility associated with it. The na-
ture of the devices in IoT, especially at the Edge
is vastly heterogeneous. As the Edge IoT devices
mainly focus on ensuring low-power connectivity
and basic computation, a significant chunk of these
Edge devices making up this paradigm does not
possess sufficient processing power or resources
to host conventional network security mechanisms.
Typically, IoT Gateways are popularly associated
with providing security to the IoT devices/nodes
under its operational purview. The current state-
of-the-art IoT infrastructure relies on a centralized
Gateway to process and aggregate data from IoT
devices [1]. The centralized Gateway plays a vital
role in ensuring the security of the sensed data.
However, the next generation of mobile com-
munication technology is enabling device-to-device
communication where billions of IoT devices are
expected to exchange sensed data with each other
in cities, industries, homes, and other ecosystems.
These devices not only sense and transmit data but
also perform actuation based on the data received
lU
from other IoT devices. This trend clearly shows
that the existing centralized approach cannot be
scalable and will soon become a bottleneck. There-
na
fore it is inevitable to use distributed technologies
to replace the role of the Gateway as this approach
often leaves the IoT nodes under the domain of
so
a Gateway, quite open to security breaches such
as unauthorized access to data directly from the
Edge devices. Additionally, the dilution of hard
er
requirements for devices to be static or mobile in
an IoT ecosystem, further complicates issues as
rP
customized solutions for one cannot be used for the
other. Rather than focusing on traditional security
solutions, which rely majorly on remotely hosted
security mechanisms such as at Cloud or cen-
Fo
tralized Gateways, the requirements of IoT-based
systems necessitate distributed solutions [2]. These
distributed solutions primarily focus on the IoT
devices at the Edge [3] or even utilize hardware-
based security [4].
Towards this objective, we analyze the perfor-
mance and feasibility of using blockchains – a
promising distributed security paradigm for en-
suring data security for IoT-based systems [5]. To
secure the data generated and exchanged between
IoT devices in a distributed manner, we propose the
use of low-power IoT Edge nodes as the blockchain
nodes. These nodes are not only capable of contin-
uing their regular sensing and actuation tasks, but
2
also perform necessary blockchain functions such as
verification, mining, and transactions. In this work,
we deploy a private Ethereum blockchain consisting
of IoT Edge devices as its nodes and experimentally
verify the performance of this approach to usher-
in a low-power and mobile blockchain-based IoT
ecosystem. Architecting a blockchain-based solu-
tion for IoT systems at the Edge requires addressing
the following challenges:
• More the number of Edge devices in the
IoT ecosystem that is part of the blockchain,
more is the work-load of each of these
blockchain nodes. The generally constrained
y
nature of the network associated with the IoT
systems/devices further makes it challeng-
nl
ing for the devices to partake in network-
based blockchain operations reliably.
O
• Blockchains require real-time synchroniza-
tion between its nodes. Most of the con-
strained IoT Edge devices do not have an
se
internal clock for time synchronization, mak-
ing it necessary to come up with solutions to
address this lacuna.
• The resource-constrained nature of most of
the Edge IoT devices require mechanisms to
handle processing-heavy blockchain-based
operations.
1.1 An IoT-based Industrial Ecosystem Applica-
tion Scenario
We envision a real-life use case of an IoT-based in-
dustrial ecosystem for motivating the applicability
of this work. Fig. 1 shows the significant physi-
cal and infrastructural components of an industrial
complex. We choose an industrial complex primar-
ily because of the massive density of deployed Edge
devices, and the constrained nature of the network
arising due to the high density of these devices
and challenging areas of implementation – prone
to interference and noise from the environment.
Furthermore, industrial complexes are an excellent
example of the use of heterogeneous networks,
which take care of functions starting from process
monitoring, security, tracking, logistics, to even reg-
ular communication with the outside world.
The networks on the factory floors are typi-
cally wired and resource-constrained. Constraints
to network and device capabilities are automatically
induced in such ecosystems due to the presence of
dedicated automation and control systems working
with new as well as legacy infrastructures. It is
common to see both wireless and many variants
 3

of wired connections for communication in indus-
trial ecosystems. In continuation, the heterogeneity
in devices in terms of their mobility, processing
abilities, and energy consumption also makes it a
challenging environment for implementing secure
IoT systems.
The amounts of data generated and flowing
through the network in an IoT-enabled industrial
ecosystem are quite massive. However, most of the
data and systems – typically Edge devices – are
insecure and open to unauthorized access and ma-
nipulation. Here, we envision the use of blockchain
to provide a layer of security to the connection and
communication between all the devices within an
incorporate network heterogeneity in our imple-
mentation by making use of both fixed Ethernet-
based network connections as well as including
WiFi-based connections. The inclusion of network
heterogeneity allows us to include the feature of
mobility in some of the IoT Edge nodes, while the
rest of the nodes in the blockchain remain static.
The static nodes are connected to an Ethernet-based
network, whereas the mobile nodes connect to the
blockchain through WiFi, as outlined in Fig. 2. We
undertook this work to fill in this gap by evaluating
the various interactions of constrained IoT devices
with blockchain networks, even when they have
heterogeneity in their connection and/or are mo-

y
industrial setting. The use of blockchain introduces bile. Besides, typical device and blockchain perfor-

nl
the features of transparency and traceability to the mance measures, we also evaluate the performance
IoT data generated within the industrial ecosystem. of various encryption algorithms such as the RSA
Additionally, the distributed nature of Blockchains

O
and 256-bit AES along with the blockchain to secure
prevents single-point-of-failures for the whole net- our implemented IoT network further.
work under severe working conditions, typically

se
associated with industries. Both constrained IoT 1.3 Related Work
Edge nodes, as well as regular computing stations,
There have been several efforts in the past to use
can be incorporated within this setting. In our ex-
blockchain with IoT devices. Wu et al. demon-
perimental evaluation, we fashion the blockchain
lU
strate a system comprising of private and public
nodes as such that they consist of both regular com-
blockchain for secure and efficient storage of data
puting platforms such as PCs as well as constrained
[6]. The private blockchain ensures the accuracy of a
IoT Edge nodes consisting of Raspberry Pi boards
na

transaction, whereas the public blockchain ensures

(refer to Table 1). In such scenarios, our proposed
its data integrity. Similarly, Wu et al. propose the
evaluation provides critical insights into the chal-
inclusion of an additional device to check for certain
lenges and limitations of deploying a decentralized
so

characteristic features in the received messages [7].

blockchain-based provision of security for the IoT-
The results of the verification are saved on the
based systems and devices.
blockchain, which ensures that even in the case of
loss of key to unscrupulous entities, the unautho-
er

1.2 Contributions rized hijacking of IoT devices is prevented.

The constrained nature of the devices at the Edge
rP

is the main reason for the lack of decisive security TABLE 1: blockchain node specifications for our
schemes and measures for protecting communica- implementation
tion integrity at the Edge or within the operational
Features Node-1 Node-2 Node-3 Node-4
range of IoT gateways. The nature of the data plays
Fo

Device Raspberry Raspberry Dell Raspberry

a decisive role in evaluating the requirements of se- Pi3-B+ Pi3-B+ Power Pi3-B+
curity and privacy to be used at the IoT devices. For Edge
example, the requirements of security and privacy T410
server
are very high for healthcare IoT data. In contrast, the
Processor Quad Quad 16x4 Quad
requirements are moderate to low for data originat- Core 64 Core 64 Core 64 Core 64
ing from general sources, say, agriculture or traffic. bit ARM bit ARM bit at bit ARM
However, the integrity of data is an irrefutable need cortex at cortex at 2.67 GHz cortex at
1.2 GHz 1.2 GHz 1.2 GHz
for all IoT data types and needs, which is ensured
RAM 1 GB 1 GB 32 GB 1 GB
by the private blockchain. Network Ethernet Ethernet Ethernet WiFi
In this work, we incorporate the heterogene- connection
ity of IoT devices by including both small nodes
– constrained, with fewer resources and process- Dorri et al. demonstrate the efficient use of
ing power – and large nodes – nodes with abun- Blockchains in IoT systems by replacing the proof-
dant resources and processing power. Further, we of-work (POW) by a distributed trust algorithm
 4

[8]. This effort has resulted in substantial energy

savings during the process of mining within the
blockchain. Another work, by Fan et al. proposes
the use of a delegated proof-of-stake (DPOS) instead
of POW to ensure adequate provision of privacy
in Blockchains [9]. Other approaches use proof-of-
authority (POA) such as the one demonstrated by
Angelis et al. [10]. Similarly, the extra use of smart
contracts in large IoT Blockchains requiring time
synchronization has been proposed by Huh et al.
[11], whereas Cha et al. demonstrate the use of smart
contracts with blockchain hosted in an IoT Gateway
for enabling IoT Blockchains [12]. Rahulamathavan Fig. 2: The representative network architecture of
et al. proposed an advanced encryption technique

y
our implemented IoT blockchain.
for IoT networks to enable fine-grained access and

nl
verification necessary for ensuring privacy in the
blockchain [13]. 2.1 Incorporating blockchain for IoT

Blockchains have found beneficial use in sev-
eral application areas such as smart cities [14],
healthcare [15], crowd-sourcing [16], and others.
O
Fig. 2 outlines the representative network architec-
ture of our implemented IoT blockchain. The net-
work can be considered to consist of heterogeneous

Blockchain-based solutions to extremely critical
domains such as healthcare are making use of
Blockchains to store patient’s data securely and pri-
vately [17], and through smart contracts, the need
lU
for seeing the data is also done away with [15].
na
se
nodes (N1-N4). These nodes may consist of large
static devices such as servers and PCs, or they
may be small and portable consisting of Raspberry
Pi boards. All these devices act as nodes in the
blockchain. A switch connects an external backbone
network to the internally formed network. The net-

work connections from the switch may be either

2 S YSTEM M ODEL used for connecting physically to the IoT nodes
In this work, we implement an Ethereum-based through Ethernet or wirelessly through a wireless
so

blockchain on heterogeneous IoT nodes, some of access point. An external encrypted time server is
which connect to the blockchain over an Ethernet- also used to provide network time synchronization
based connection, whereas the others connect to the IoT devices, which are mostly non-real-time.
er

through a WiFi-based connection, forming a hybrid

TABLE 2: Specifications of our private blockchain
network connection as shown in Fig. 2. Further,
rP

adding to the device heterogeneity, the devices blockchain specifications Values

themselves have different specifications and pro- Gas limit (in Hexadecimal) 0x47b760
cessing capabilities, as outlined in Table 1. Gas limit (in Decimal) 0x4700000
Difficulty 0x1
IoT nodes have unique “ENODE” values and
Fo

Consensus Engine used Clique - proof of authority

connect using these values. The “ENODE” value Time (in sec) each block takes 5 seconds
consists of a public key, an IPv4 address, and a Number of accounts on each 1
port number. Simulating a real-life IoT implemen- node
Accounts which are allowed Accounts of all the nodes
tation, we have incorporated heterogeneous IoT to seal
nodes, some with low processing power and re- HomesteadBlock 1
duced energy requirements (i.e., Raspberry Pi) and EIP150 Block 2
some with high processing power and more sig- EIP155 Block 3
EIP158 Block 3
nificant energy requirements (i.e., server, PC). The Gasprice for node 1 3 × 1055 wei
Raspberry Pi-based nodes connecting over WiFi are Gasprice for nodes 2, 3, 4 3 × 1028 wei
considered as mobile and treated as such during Syncmode full
the performance evaluation of our setup. However,
these IoT nodes in our blockchain are capable of We implement a private blockchain to account
independently handling their transactions as well for the low-processing capabilities of the imple-
as mining. mented IoT nodes, as well as keeping the data and

transactions localized within an application area.
Each of these nodes runs an Ethereum framework,
the specifications of which are outlined in Table
2. Each of these nodes has an account associated
with it over the Ethereum framework and uses a
“CLIQUE- Proof of Authority (PoA)”, instead of
regular “ETHASH- Proof of Work (PoW)” to re-
duce mining times and reduce the average energy
consumed by the nodes. The transaction of Ethers
and data are performed based on the “ENODE”
values of each node, which are subsequently mined
by intended nodes. Post successful completion of
a transaction, Ether balance is updated to a receiver
node’s account by the same amount it gets deducted
from the sender’s account. The Ether balance with
the sender node was initially logged at 7.519 wei,
the whole of which gets transferred to the receiver
upon completion of a transaction. Unlike public
blockchains, which deal with unknown and trust-
less systems, the private blockchains do not need
an incentive-based mechanism to work.
We automate the process of an IoT node joining
the blockchain, generating data, and performing
transaction and mining operations. Algorithm 1
lU free membership of the IoT nodes to the blockchain.
highlights this automation process. On power-up,
each IoT node boots into a startup file containing
the multi-threaded instructions and commands for
na
time synchronization using the encrypted network-
broadcasted time string and initialization of the
node’s Genesis file. Subsequently, each of the ac-
so
tivated nodes checks for transaction data (to send
or receive), which is then mined and submitted
accordingly. Blockchain contracts can also be de-
er
ployed similarly. Irrespective of a node’s processing
capabilities, the nodes are self-sufficient to carry
out mining operations on their own. It is prudent
rP
to mention that in the absence of proper time
synchronization, the connection between nodes is
interrupted, resulting in association and disassoci-
Fo
ation with the blockchain. This drop in connection
results in a significant increase in mining times at
the affected nodes.
Algorithm 1 Node automation
while DEVICE POWER ON do
Locate node blockchain automation file
Initialize Genesis file
Start mining
if (Transaction Data == TRUE) then
Submit the transaction and generate receipt
end if
end while
5
2.2 Encrypted Time Synchronization
A significant part of our private blockchain con-
sists of non-real-time systems such as Raspberry
Pi, which necessitates the need for a centralized
time synchronization mechanism. Operations such
as mining rely heavily on the synchronization of
time and its maintenance between the nodes of
the blockchain. Our implementation requires the
communication of an encrypted time string to a
node joining the blockchain for the first time or
every time it is powered on. This provision has
been kept mainly because of the absence of Real-
Time Clocks (RTC) in the resource-constrained IoT
y
devices. Every time these devices power-up, the
internal clock resets to the default value, which is
nl
unlike personal computers or machines with RTCs.
Further, unless the sender and receiver nodes have a
O
common system time, network security provisions
prevent them from communicating reliably, espe-
cially for blockchains.
se
Additionally, any external efforts to include a
network-based time synchronization should be se-
cure enough to ensure long-lasting and interference-
In case the time server or any message generated
from it is compromised or altered, the IoT nodes
forming the blockchain will get dissociated, result-
ing in the breakdown of the blockchain. To avoid
any such eventuality, we additionally implement
the use of an encrypted time string from a cen-
tralized time server (refer Fig. 2), which can be
read only by the member nodes of the implemented
blockchain as outlined in Algorithm 2. The time
server has a record of all the member nodes of
the blockchain along with their “ENODE” values.
The IP of each node corresponding to its “ENODE”
value gets periodically updated at this time server.
For our encryption, we adopt a different node –
different encryption policy [13], which adds an ad-
ditional level of security to our IoT blockchain. The
synchronizing encrypted time string is customized
according to each of the registered member nodes,
which can only be decrypted by the target IoT node
using its “ENODE” value as the private key. Any
attempts to falsify or manipulate the IP address of
the node or the ENODE address will result in a clash
in the records at the server, alerting the network ad-
ministrator of this attempt. As the server broadcasts
the time strings over the blockchain network, all
the nodes can see the encrypted message, but only
the designated node with the proper “ENODE”
value can decrypt it. The mapping of IP addresses
and ENODE values also prevents the duplication of

ENODE values by malicious nodes. Further, the en-
crypted time string meant for a node will be relayed
multiple times, similar to a typical networking sce-
nario, if the time server is not directly connected to
the target node.
Algorithm 2 Time Synchronization
SERVER
n ← number of nodes
message ← time string
Replicate EN ODE and IP of all the nodes in the
time server
for i = 1 to n do
IP [i] ← IP of ith node
end for
for i = 1 to n do
key[i] ← EN ODE
Encrypt time string using EN ODE →
EN ODE(message)[i]
for all i do
send IP [i] ← EN ODE(message)[i]
end for
end for
lU IP addresses and ENODE values also prevents the
RECEIVER (intended node)
T IM E ← original time of the node
During node startup DO
na
Copy EN ODE → file.txt
Receive encrypted time Tep
Auto decrypt using EN ODE of the node Tdp
so
Set T IM E = Tdp
This mechanism additionally implies that the
er
nodes in the blockchain do not need to depend
on each other for maintaining trust, which is quite
rP
useful as the nodes (IoT nodes) are typically low-
resource ones and are susceptible to hijacking or
alterations. In the event one of the nodes in our
blockchain is somehow compromised, its effect
Fo
would not flow over to the other nodes of the
blockchain. Elaborating this scenario, consider all
IoT nodes in the blockchain network receive a com-
mon encrypted/open time synchronization signal.
If the synchronization signal is open, it is effortless
to modify it and take down the blockchain, poten-
tially resulting in severe economic and operational
losses. Similarly, if the same encrypted time signal
is used for all the nodes in the blockchain, and in
the event that one of the nodes is compromised,
the infected node might be used to forward wrong
time signals to the nodes in the blockchain, again
interrupting its operation. Therefore, our approach
of using a node-specific encryption key for sending
6
time synchronizing signals avoids both of the above
scenarios.
Further, now, if someone outside our blockchain
tries to receive the encrypted string and try to
extract the information out of the encrypted string,
our algorithm has ensured that even if they receive
the encrypted string by forcefully setting their IP
same as that of the IP of the true node of our
blockchain, it can receive the encrypted string but
not been able to decrypt it.
Concerning a Man-in-the-Middle Attack for
modifying the time, the encrypted time server (refer
Fig. 2) is tasked with periodically updating the map-
ping of ENODE and IP addresses of the participants
y
in the private blockchain. As the ENODE values
nl
are unique to each blockchain node, these ENODE
values can be uniquely mapped to the nodes’ IP
addresses. Even if there is a change in the node’s
O
IP address, the periodic check by the time server
ensures its update in the mapping repository. Once
se
a node with the proper IP address receives the en-
crypted time string meant for it, only it can decode
it using its unique ENODE value. The mapping of
duplication of ENODE values by malicious nodes.
In the event of a faulty time server sending
different timestamps to different nodes, there can
be two cases – 1) all nodes will receive different
timestamps, 2) some targeted nodes will keep on
receiving faulty time stamps. In the first case, if all
the nodes in the blockchain receive different times-
tamps, which are not similar to each other, the nodes
will not be able to join the blockchain. This will be
easily flagged as an error to the network administra-
tor. Further, in the second case, if some of the nodes
are sent different times in the blockchain, they will
not be able to take part in the blockchain, which
will again be flagged as an error to the network
administrator. Although, our implementation of the
time server may seem like a good candidate for
the Byzantine failure, but the problem mentioned
above (if occurring) can be easily localized during
the initial phase itself.
3 P ERFORMANCE E VALUATION
In this work, we establish a private Ethereum
blockchain with four nodes, following the archi-
tecture outlined in Fig. 2, the exact specifications
of which are briefly outlined in Table 1. Two of
these nodes (nodes 1 and 2 in Table 1) are non-
real time, static systems with constrained processing
power and energy, and which join the blockchain
network through the Ethernet. The third node (node

(a) Average network latencies (b) Average CPU usage vs. num- (c) CPU usage before mining (d) CPU usage during min-
across nodes ber of connecting nodes
Fig. 3: Network and node performance characteristics for our implemented IoT blockchain.
3) has significant processing resources and does
not have any energy constraints as it draws power
directly from the grid. This node also takes part in
the blockchain through a dedicated Ethernet-based
connection and is deemed a static node. Finally,
the last node is yet another non-real-time, resource,
and energy-constrained node similar to nodes 1
and 2, but takes part in the blockchain through a
wireless connection (WiFi) as it is mainly mobile.
It is to be noted that both the Ethernet and WiFi-
based networks are not established dedicatedly for
lU These latencies are crucial in estimating the perfor-
this evaluation, but are part of a single institutional
network over which a significant number of users
na
communicate simultaneously at any time of the day.
To establish the quality of the network, we es-
timate the latencies encountered by each of these
different nodes connecting to the network through
so
heterogeneous means. We observe an average la-
tency of 0.4 ms to 0.7 ms on each of the nodes 1,
2, and 4 while they receive information/ connec-
er
tion requests from other nodes. However, node 3
connecting to the network through a WiFi-based
rP
connection encountered average latencies of around
13 ms to 50 ms when receiving messages from the
other nodes. Similarly, nodes 1, 2, and 4 observe
average network latencies of up to 24ms to 33ms,
Fo
when receiving messages from node 3.
3.1 Effect of Network Latency
Considering the network architecture discussed
previously, Fig. 3(a) shows the comparison between
network latencies while sending ping packets from
each node to every other node (designated as Tar-
gets 1 -3) in the network. We observe that for ping
queries over the Ethernet-connected nodes, the re-
sponse time is significantly lower than that of the
one connected over WiFi. Additionally, we observe
that the response time for ping from Node-3 (server)
is relatively lower than the responses from the
7
ing
y
resource-constrained nodes (Nodes- 1 and 2), even
when connected over the same Ethernet-based con-
nl
nection. These relatively higher latencies incurred
due to the resource-constrained nodes (Nodes-1 and
O
2) is attributed to the time taken by them to process
the packets. In continuation, the significantly higher
latencies at Node-4 can be attributed both to its
se
resource-constrained nature, requiring more time to
process the packets, as well as its mobility, which
causes it to have unstable network characteristics.
mance of our implemented IoT blockchain and act
as the network performance baseline.
3.2 Effect of Increase of Node on CPU Usage
Fig. 3(b) shows the average CPU usage (denoted in
%) for a randomly selected constrained node in our
blockchain network. We observe that as the number
of network connections to that node increases, the
nodes’ average CPU usage goes up to maintain the
connections to and from it. An important takeaway
from this observation is that resource-constrained
nodes support only a limited number of simulta-
neous network connections, which necessitates the
use of distributed security solutions for reliable use
of such nodes.
Further, Fig. 3(c) represents the CPU usage at
each of the four implemented nodes before joining
the blockchain, whereas Fig. 3(d) represents the
CPU usage in the same nodes during mining in
the blockchain. From Figs. 3(c) and 3(d), we observe
that the three constrained nodes (Raspberry Pi) in-
cur almost 5-8 times the CPU usage as compared to
the regular node (server). Additionally, the mobile
constrained node (connected to the WiFi), incurs
further resource usage (CPU usage) as compared to
the constrained nodes connected to the Ethernet.
We further observe that being part of the
blockchain and performing its operations induces
a massive increase in CPU usage of the devices by

(a) Average mining time (b) Average transaction time
Fig. 4: Variation in blockchain performance with the
variation in data size.
almost 10 times as compared to when the devices
are operating on their own (refer Figs. 3(c) and
3(d)). For resource-constrained nodes, the percent-
age CPU usage is about 5 to 7 times more as
compared to that for the node with ample stor-
age and high processing power. As in our imple-
mented blockchain, nodes 1, 2 and 4 are resource-
constrained, we observe their average CPU usage to
be around 31.686%, 35.323%, 43.704% respectively,
while node 3 which is a server accounts for about
6.536% of CPU usage during blockchain mining
operations.
3.3 Effect of Data Size
na
Fig. 4 shows the effect of data size on the IoT
blockchain operations of our implemented system
from the perspective of the static nodes. Fig.4(a)
so
shows the variation in mining time when the size of
the data used for transacting over the blockchain is
varied while the amount of Ethers transacted is kept
er
fixed at 750 wei. The sender and receivers involved
in the transaction are also kept fixed. We evaluate
rP
the performance of mining in our implemented IoT
blockchain by using transaction data packets of size
10 bytes, 50 bytes, and 100 bytes. We observe the
same variation in mining time for different data
Fo
sizes over 30 repetitions of this exercise for each
data size. Except for some random cases where
mining time may show an increased deviation from
the norm (as can be seen for the 50 byte data packet
in Fig. 4(a)), the mining time for all these data sizes
remains reasonably consistent. We attribute these
random unexpected values to unstable and con-
gested network behavior and the induced latency
thereof.
Similarly, Fig. 4(b) shows the variation in trans-
action time for the same repeat of the exercise
outlined above. Similar to the observed behavior in
mining time, the transaction operation also reports
some unaccounted-for surge in transaction time,
8
(a) Average mining time (b) Average transaction time
Fig. 5: Variation in blockchain performance with the
amount of Ethers transferred.
which we again attribute to fluctuating network
y
conditions. As the plot in Fig. 4(b) shows the aver-
age behavior, considerable fluctuations in network
nl
conditions tend to disturb the norm, which for most
of the cases, is reasonably consistent.
O
3.4 Effect of Ether
Fig. 5 shows the effect of Ethers on the IoT
se
blockchain operations of our implemented system
from the perspective of the static nodes transacting
a data of 100 bytes over the blockchain. Fig. 5(a)
lU
shows the variation in mining time on varying
the number of Ethers transacted while keeping the
data size fixed to 10 bytes, between pre-determined
senders and receivers. We transact 1 wei, 105 wei,
and 1010 wei in our blockchain for over 30 times in
each case. We observe that the variations in mining
time remain almost the same for all cases except
for some unexpected random fluctuations because
of varying network conditions, which is evidenced
from the apparently high error bar in the plots.
(a) Average mining time (b) Average transaction time
Fig. 6: Variation in blockchain operation times with
respct to various nodes
Similarly, Fig. 5(b) shows the variation in trans-
action time for the same exercise as described above.
For each of the three cases, i.e., for 1 wei, 105 wei,
and 1010 wei, we observe almost the same type
of variations as reported previously. We attribute
this randomness in behavior to unstable network
conditions. The randomness distorts the norm of

the readings for all three cases, as is evident from
the significantly larger error bar in the plots.
3.5 Effect of Node Characteristics
Fig. 6(a) shows the variation in mining time at node-
1 with the change of receiver nodes while keeping
the data size fixed at 100 bytes and the number
of Ethers at 750 wei. The make of the nodes is
described in Table 1. We observe that there is almost
no difference in mining time when nodes 2 and 3 –
connected to the blockchain over an Ethernet-based
connection – act as receivers of the data. However,
there is a significant rise in mining time when node-
4, which connects to the blockchain over WiFi, is
made the receiver of data from node-1. The error
bar for the plot of mining time at node-4 indicates
a massive fluctuation of values, indicating unstable
network connection.
Similarly, Fig. 6(b) shows the variation in trans-
action time for transactions between node-1 and the
other three nodes under the same operating condi-
tions, as mentioned earlier. Here we observe that
there is an increase in the average transaction times
at node-1 when the transactions are performed be-
tween it and nodes 2-4. The increase in transaction
time at nodes 3 and 4 are caused due to random
na
variations in network latencies due to intermittent
network connections, as evidenced by the relatively
higher error bars in the plots for these two nodes.
so
er
rP
(a) Mobile node to a static (b) Static node to a mobile
node node
Fo
Fig. 7: Network latency encountered during ping
operation.
3.6 Effect of Node Mobility
In contrast to the static node analysis until Section
3.5, in this section, we evaluate the performance of
the network as well as the implemented blockchain
from the perspective of a mobile node. The mobile
node under consideration is node-4, which connects
to the blockchain through a WiFi-based connection,
which gives it the ability to relocate without chang-
ing any physical configurations quickly. To estimate
9
the network quality available to this node when
it is mobile, we perform two network-based tests
– 1) check the network response time when the
mobile node queries an address over the network
during mining operation, and 2) check the network
response time when a static node queries the mobile
node’s address during mining operation.
Fig. 7(a) shows the network latencies witnessed
by node-4 during the first test. Whereas, Fig. 7(b)
shows the network latencies witnessed by a static
node during the second test. It is to be noted that
the static node connects to the network through a
fixed Ethernet-based connection. We observe that
there is a considerable variation in the recorded
y
network latencies as node-4 moves through regions
nl
of weak and strong WiFi signal strengths. This
mobility and fluctuations in signal strength further
O
give rise to intermittent connectivity issues such as
the unavailability of the network (as seen in Fig.
7(a) between instances from 33 to 46). The network
se
stays unreachable until the mobile node enters into
a zone of good signal strength. As a result of this
behavior, there is an induced lag in mining times
lU
whenever mobile nodes connect to the blockchain
over constrained networks.
Fig. 8(a) shows the variation in mining time for
two different data sizes, i.e., 10 bytes and 100 bytes
while transacting between a static and a mobile
node in our implemented blockchain. The consider-
able variations in mining times, as evidenced by the
error bars, are a result of unstable network connec-
tions when the mobile node traverses through zones
of good and bad signal strengths. Considering equal
network variations during the transference of the
two data blocks, we observe that the norm for
100 bytes is higher than that for 10 bytes of data,
indicating higher mining time incurred for more
significant data sizes.
Similarly, Fig. 8(b) shows the variation in trans-
action time for the two selected data sizes, i.e., 10
bytes and 100 bytes while transacting between a
static and a mobile node in the network. We again
observe the average transaction time of 100 bytes
data packet to be slightly higher than that for 10
bytes data packets, which is due to the increase in
time required to transmit and process the data. The
variations and increased values of the error bars
signify intermittent network connectivity, resulting
in higher transaction times for the mobile node.
Further, Fig. 8(c) shows the variation in mining
time for three different amounts of transacted Ether,
viz. 1 wei, 105 wei, and 1010 wei while transacting
from the static node to the mobile node in the

(a) Average mining time vs (b) Average transaction time vs (c) Average mining time vs (d) Average transaction time vs
data size data size
Fig. 8: Evaluation of parameters during transmission of data from static to mobile IoT nodes.
blockchain. Here, we consider the bar for 105 wei
to be the standard baseline as its error bars are rel-
atively much lesser than that of the other two bars.
The increased error bars for 1 and 1010 wei indicate
an increase in network-based disturbance, which
affects the mining operation, even for increased Gas
prices.
Similarly, Fig. 8(d) shows the variation in trans-
action time for the three different amounts of trans-
acted Ether, viz. 1 wei, 105 wei and 1010 wei, when
they transfer from a static node to a mobile node
of our blockchain. As compared to the mining time,
lU
the transaction time experiment witnesses relatively
lesser network disturbances, as evidenced by the
smaller error bars for 1 wei and 105 wei.
na
3.7 Effect of Encryption Algorithms
so
We evaluate the effect of additional security and
privacy measures, which are integrated on the
same constrained IoT nodes, which are part of the
er
blockchain operations. The data being forwarded
on the blockchain is encrypted using two algo-
rP
rithms – RSA and the 256-bit AES. We analyze the
standalone effect of these algorithms on the CPU
usage and energy consumption of the resource-
constrained devices, as shown in Fig. 9. We have
Fo
first used AES and RSA in a standalone mode to
encrypt data on the IoT node. Thereafter, both of
these encryption algorithms are used to encrypt
data before it is put to the blockchain – the IoT
node simultaneously runs one of these algorithms
along with blockchain operations, which are de-
noted as AES256(BC) and RSA(BC) in Fig. 9(a).
From the same figure, we observe that for vary-
ing data sizes, the four algorithms have compara-
ble CPU usage (neglecting the intermittent outlier
behavior observed in some of the readings). We
calculate the processing energy required for these
security measures from the CPU utilization of each
type of IoT device [18]. From Fig. 9(b), we observe
10
Ethers used Ethers used
that although the energy consumed for executing
y
each of the four algorithms (AES, RSA, AES256(BC),
and RSA(BC)) is significantly small, the RSA and
nl
AES256(BC) have a high variance for data sizes
ranging from 10B to 1000B .
O
se
(a) Percentage of CPU usage (b) Energy consumed (in nJ)
Fig. 9: Performance of various security measures on
a resource-constrained IoT node.
3.8 Discussion
In our evaluation, we observe that the blockchain
performance is significantly dependent on the net-
work quality – more unstable the network more is
the time taken for mining and transaction opera-
tions over it. This effect becomes more pronounced
when the blockchain nodes are both constrained as
well as mobile. The mining and transaction times
are relatively consistent for data sizes up to 100
bytes for both static and mobile nodes. We observe
a similar trend for the effect of Ethers, for the
fixed number of nodes in our evaluation. The Ether
balance with the sender node was initially logged at
7.519 wei, the whole of which gets transferred to the
receiver upon completion of a transaction. Unlike
public blockchains, which deal with unknown and
trustless systems, the private blockchains do not
need an incentive-based mechanism to work. We
also note that the blockchain operations cause the
constrained Edge nodes to incur additional pro-
cessing overheads due to the blockchain operations,

which restricts the applicability of the Edge nodes
to regular sensing and actuation operations.
Applications incurring heavy processing, such
as computer vision and processing-intensive
learning-based tasks, might induce significant over-
heads if used at the Edge blockchain nodes. Sim-
ilarly, tasks generating voluminous data such as
those associated with multimedia data are also
detrimental to our present implementation’s perfor-
mance.
4 C ONCLUSION
As a significant majority of IoT Edge devices and
IoT networks are resource-constrained, the provi-
sion for incorporating reliable security measures
is often not available for these devices. These re-
strictions have resulted in an abundant presence
of unsecured data propagating through IoT net-
works and make the Edge devices susceptible to
unauthorized access and tampering. In this work,
we have proposed and analyzed the feasibility of
incorporating heterogeneous IoT Edge devices as
lU
functional blockchain nodes to extend the feature
of decentralized security to resource-constrained
IoT deployments. We also implement an encrypted
na
network-based time-synchronization mechanism to
enable the non-real-time IoT Edge nodes to co-exist
in the blockchain.
so
We conclude that the feasibility of utilizing a
blockchain-based decentralized security cover at the
IoT Edge devices itself is significantly high in terms
er
of restricting data repudiation and enforcing trust in
the constrained deployment, which were previously
rP
susceptible to manipulation. However, the underly-
ing connectivity of the network and the minimum
processing capabilities of the blockchain nodes con-
trol the blockchain performance, which further re-
Fo
stricts the nature of the sensing and actuation tasks
that the Edge node can accommodate. In the future,
we plan to design and develop methodologies to
incorporate processing-intensive tasks such as com-
puter vision with our implemented blockchain at
the Edge.
ACKNOWLEDGEMENT
This work is sponsored by the University Grants
Commission (UGC)-UK India Education Research
Initiative (UKIERI) Joint Research Programme
(UKIERI-III) under project file No. 184-17/2017(IC).
11
R EFERENCES
[1] V. Thangavelu, D. M. Divakaran, R. Sairam, S. S. Bhunia,
and M. Gurusamy, “DEFT: A Distributed IoT Fingerprint-
ing Technique,” IEEE Internet of Things Journal, vol. 6, no. 1,
pp. 940–952, 2019.
[2] O. Novo, “Scalable Access Management in IoT using
Blockchain: a Performance Evaluation,” IEEE Internet of
Things Journal, 2018.
[3] C. Xu, K. Wang, P. Li, S. Guo, J. Luo, B. Ye, and M. Guo,
“Making big data open in edges: A resource-efficient
blockchain-based approach,” IEEE Transactions on Parallel
and Distributed Systems, vol. 30, no. 4, pp. 870–882, 2019.
[4] R. T. Tiburski, C. R. Moratelli, S. F. Johann, M. V. Neves,
E. de Matos, L. A. Amaral, and F. Hessel, “Lightweight
Security Architecture Based on Embedded Virtualization
and Trust Mechanisms for IoT Edge Devices,” IEEE Com-
y
munications Magazine, vol. 57, no. 2, pp. 67–73, 2019.
[5] O. Novo, “Blockchain meets IoT: An architecture for scal-
nl
able access management in IoT,” IEEE Internet of Things
Journal, vol. 5, no. 2, pp. 1184–1195, 2018.
[6] L. Wu, K. Meng, S. Xu, S. Li, M. Ding, and Y. Suo, “Demo-
O
cratic centralism: A hybrid blockchain architecture and
its applications in energy Internet,” in IEEE International
Conference on Energy Internet (ICEI). IEEE, 2017, pp. 176–
se
181.
[7] L. Wu, X. Du, W. Wang, and B. Lin, “An out-of-band au-
thentication scheme for internet of things using blockchain
technology,” in 2018 International Conference on Computing,
Networking and Communications (ICNC). IEEE, 2018, pp.
769–773.
[8] A. Dorri, S. S. Kanhere, and R. Jurdak, “Towards an
optimized blockchain for IoT,” in Proceedings of the Sec-
ond International Conference on Internet-of-Things Design and
Implementation. ACM, 2017, pp. 173–178.
[9] K. Fan, Y. Ren, Y. Wang, H. Li, and Y. Yang, “Blockchain-
based efficient privacy preserving and data sharing
scheme of content-centric network in 5G,” IET Communi-
cations, vol. 12, no. 5, pp. 527–532, 2017.
[10] S. D. Angelis, L. Aniello, R. Baldoni, F. Lombardi,
A. Margheri, and V. Sassone, “PBFT vs proof-of-authority:
applying the CAP theorem to permissioned blockchain,”
in Italian Conference on Cyber Security, January 2018.
[11] S. Huh, S. Cho, and S. Kim, “Managing IoT devices using
blockchain platform,” in 19th International Conference on
Advanced Communication Technology (ICACT). IEEE, 2017,
pp. 464–467.
[12] S.-C. Cha, J.-F. Chen, C. Su, and K.-H. Yeh, “A Blockchain
Connected Gateway for BLE-Based Devices in the Internet
of Things,” IEEE Access, vol. 6, pp. 24 639–24 649, 2018.
[13] Y. Rahulamathavan, R. C. . Phan, M. Rajarajan, S. Misra,
and A. Kondoz, “Privacy-preserving blockchain based IoT
ecosystem using attribute-based encryption,” in 2017 IEEE
International Conference on Advanced Networks and Telecom-
munications Systems (ANTS), Dec 2017, pp. 1–6.
[14] J. Sun, J. Yan, and K. Z. Zhang, “Blockchain-based sharing
services: What blockchain technology can contribute to
smart cities,” Financial Innovation, vol. 2, no. 1, p. 26, 2016.
[15] X. Yue, H. Wang, D. Jin, M. Li, and W. Jiang, “Health-
care data gateways: found healthcare intelligence on
blockchain with novel privacy risk control,” Journal of
medical systems, vol. 40, no. 10, p. 218, 2016.
[16] M. Li, J. Weng, A. Yang, W. Lu, Y. Zhang, L. Hou, J.-N.
Liu, Y. Xiang, and R. Deng, “CrowdBC: A blockchain-
based decentralized framework for crowdsourcing,” IEEE
Transactions on Parallel and Distributed Systems, 2018.

[17] Q. Xia, E. B. Sifah, K. O. Asamoah, J. Gao, X. Du, and
M. Guizani, “MeDShare: Trust-less medical data sharing
among cloud service providers via blockchain,” IEEE Ac-
cess, vol. 5, pp. 14 757–14 767, 2017.
[18] T. X. Tran and D. Pompili, “Joint task offloading and
resource allocation for multi-server mobile-edge comput-
ing networks,” IEEE Transactions on Vehicular Technology,
vol. 68, no. 1, pp. 856–868, 2018.
Sudip Misra (M’09–SM’11) He received
the Ph.D. degree in computer science from
Carleton University, Ottawa, ON, Canada.
He is a Professor with the Department
of Computer Science and Engineering, In-
dian Institute of Technology Kharagpur, In-
dia. Prior to this, he was associated with
Cornell University (USA), Yale University
(USA), Nortel Networks (Canada), and the
Government of Ontario (Canada). He possesses several years
of experience working in academia, government, and private
sectors in research, teaching, consulting, project management,
architecture, software design, and product engineering roles.
His current research interests include wireless ad hoc and
sensor networks, Internet of Things (IoT), computer networks,
learning systems, and algorithm design for emerging communi-
lU in cloud, etc. He received his Ph.D. degree in Signal and In-
cation networks.
na
Anandarup Mukherjee He is currently a
so
Senior Research Fellow and Ph.D. Scholar
in Engineering at the Department of Com-
puter Science and Engineering at the In-
dian Institute of Technology, Kharagpur.
er
He finished his M.Tech and B.Tech from
West Bengal University of Technology in
the years 2012 and 2010, respectively. His
rP
research interests include, but are not lim-
ited to IoT, networked robots, unmanned aerial vehicle swarms,
and enabling deep learning for these platforms for controls and
communications.
Fo
Arijit Roy He is a Ph.D. scholar at the
Indian Institute of Technology, Kharagpur,
India. Prior to that, he received an MS (by
research) degree and B.Tech degree in In-
formation Technology from the Indian Insti-
tute of Technology Kharagpur in 2015 and
the West Bengal University of Technology
in 2010, respectively. His research works
are published in different reputed SCI jour-
nals (including IEEE/ACM Transactions) and in many reputed
conferences.
12
Nishant Saurabh He has completed his
B.Tech degree in Electronics and Com-
munication Engineering from National In-
stitute of Technology, Patna, Bihar, India
in June 2019. His research interest in-
cludes a broad range of areas such as In-
ternet of Things, Microprocessors and Mi-
crocontrollers, blockchain, VLSI, and oth-
ers, with the main focus on integrating the
blockchain with other technologies and creating a decentralized
and secure platform in other domains.
y
nl
Yogachandran Rahulamathavan He is a
lecturer and a program director for MSc
Cyber Security and Big Data program at
O
Loughborough University’s London Cam-
pus in the UK. His research interest is
on developing novel security protocols to
advance machine learning techniques to
se
solve complex privacy issues in emerging
applications e.g., patient’s healthcare data
sharing, biometric authentication systems, identity management
formation Processing from Loughborough University in 2011
and then worked as an information security researcher at City,
University of London between 2011 and 2016. Currently, he is
coordinating UK-India project (worth of £200k) between Lough-
borough University London, IIT Kharagpur and City, University
of London.
Muttukrishnan Rajarajan He received his
BEng and PhD degrees from City Univer-
sity London in 1994 and 1999 respectively.
From 1999 he worked at City University
London as a Research Fellow. In August
2000 he moved to Logica as a Telecommu-
nication Consultant. After a few years in the
industry Raj is now a Professor of Security
Engineering. He is also the Programme Di-
rector for the Engineering with Management and Entrepreneur-
ship programme. He is a senior member of IEEE, a member
of IET and an associate member of the institute of information
security professionals (IISP) and a member of Technical Pro-
gramme Committees for PIERS 2010, eHealth 2010, SECURE-
COM2011, TrustBus 2011, Digital Economy 2012, IFIPTM 2012
and IFIP SEC 2012. He was also the General Chair of SE-
CURECOMM 2011 in London. He also sits on the Editorial
boards of Springer/ACM Journal on Wireless Networks, Elsevier
Journal of Health Policy and Technology and Emerald Journal of
Information Management and Computer Security.