Skip to main content

A secure blockchain-based group key agreement protocol for IoT


Since most Internet of things (IoT) devices are energy-limited, increasingly more manufacturers have chosen to develop IoT applications based on group communication. For these applications, a secure and effective authenticated group secret key is fundamental to whole group communication. A large number of related protocols have been proposed to address this security problem. However, most of them have a centralized architecture, which is vulnerable to a single point of failure. Blockchain technology has the potential to address the challenges mentioned above because of its distributed, secure, and private property. Thus, this paper proposes a blockchain-based authenticated group key agreement protocol for IoT. The proposed protocol introduces a new entity called the device manager, who acts as an intermediary to connect IoT devices with blockchain networks. Security analysis demonstrates the robustness of the proposed protocol to various kinds of attacks. Besides, the simulation results further show that the time costs of protocol operations are reasonable and suitable for IoT environments.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4


  1. 1.

    To prevent malicious users from sending a large number of meaningless transactions in the blockchain network, resulting in the waste of computing resources, most of the existing blockchain platforms adopt the transaction charging strategy. For example, each transaction on Ethereum requires a fee, and gas is the basic unit used for measuring the computing resources consumed by a transaction. Generally, the more computational steps a transaction takes, the more gas it consumes.

  2. 2.

    Txpool is a buffer for a large number of transactions. As long as there are new transactions, no matter they are created by this node or broadcast by other peer nodes, they will be first added to txpool. When the blocks are packed, transaction will be extracted from this pool.


  1. 1.

    Wang EK, Wang F, Kumari S, Yeh JH, Chen CM (2020) Intelligent monitor for typhoon in IoT system of smart city. J Supercomput, pp 1–20

  2. 2.

    Wang KH, Chen CM, Fang W, Wu TY (2018) On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J Supercomput 74(1):65–70

    Article  Google Scholar 

  3. 3.

    Xiong H, Wu Y, Jin C, Kumari S (2020) Efficient and privacy-preserving authentication protocol for heterogeneous systems in IIoT. IEEE Internet Things J 7(12):11713–11724.

    Article  Google Scholar 

  4. 4.

    Ghani A, Mansoor K, Mehmood S, Chaudhry SA, Rahman AU, Najmus Saqib M (2019) Security and key management in iot-based wireless sensor networks: an authentication protocol using symmetric key. Int J Commun Syst 32(16):e4139

    Article  Google Scholar 

  5. 5.

    Wang EK, Chen CM, Hassan MM, Almogren A (2020) A deep learning based medical image segmentation technique in internet-of-medical-things domain. Future Gener Comput Syst 108:135–144

    Article  Google Scholar 

  6. 6.

    Mahmood K, Arshad J, Chaudhry SA, Kumari S (2019) An enhanced anonymous identity-based key agreement protocol for smart grid advanced metering infrastructure. Int J Commun Syst 32(16):e4137

    Article  Google Scholar 

  7. 7.

    Wang P, Chen CM, Kumari S, Shojafar M, Tafazolli R, Liu YN (2020) HDMA: Hybrid D2D message authentication scheme for 5g-enabled vanets. IEEE Trans Intell Transp Syst 1–10.

  8. 8.

    Li CT, Wu TY, Chen CM (2018) A provably secure group key agreement scheme with privacy preservation for online social networks using extended chaotic maps. IEEE Access 6:66742–66753

    Article  Google Scholar 

  9. 9.

    Sun HM, He BZ, Chen CM, Wu TY, Lin CH, Wang H (2015) A provable authenticated group key agreement protocol for mobile environment. Inform Sci 321:224–237

    MathSciNet  Article  Google Scholar 

  10. 10.

    Xiong H, Zhao Y, Hou Y, Huang X, Jin C, Wang L, Kumari S (2020) Heterogeneous signcryption with equality test for IIoT environment. IEEE Internet Things J 1–11.

  11. 11.

    Chien HY (2018) Group-oriented range-bound key agreement for internet-of-things scenarios. IEEE Internet Things J 5(3):1890–1903

    Article  Google Scholar 

  12. 12.

    Mao Q, Hu F, Qi J (2017) Dynamic centered group key management for unmanned aerial vehicle networks with multibeam concurrent transmissions. In: IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications. IEEE, pp 1–6

  13. 13.

    Qikun Z, Yong G, Quanxin Z, Rifang W, Yu-An T (2018) A dynamic and cross-domain authentication asymmetric group key agreement in telemedicine application. IEEE Access 6:24064–24074

    Article  Google Scholar 

  14. 14.

    Mahmood Z, Ullah A, Ning H (2018) Distributed multi-party key management for efficient authentication in the internet of things. IEEE Access 6:29460–29473

    Article  Google Scholar 

  15. 15.

    Dong P, Wang W, Shi X, Qin T (2017) Lightweight key management for group communication in body area networks through physical unclonable functions. In: The Second IEEE/ACM International Conference on Connected Health: Applications, Systems and Engineering Technologies. IEEE Press, pp 102–107

  16. 16.

    Hsiao JH, Tso R, Chen CM, Wu ME (2017) Decentralized e-voting systems based on the blockchain technology. In: Advances in Computer Science and Ubiquitous Computing. Springer, pp 305–309

  17. 17.

    Yavari M, Safkhani M, Kumari S, Kumar S, Chen CM (2020) An improved blockchain-based authentication protocol for IoT network management. Secur Commun Netw 2020:1–16.

    Article  Google Scholar 

  18. 18.

    Yeh KH, Su C, Hou JL, Chiu W, Chen CM (2018) A robust mobile payment scheme with smart contract-based transaction repository. IEEE Access 6:59394–59404

    Article  Google Scholar 

  19. 19.

    Shamshad S, Mahmood K, Kumari S, Chen CM et al (2020) A secure blockchain-based e-health records storage and sharing scheme. J Inform Secur Appl 55:102590

    Google Scholar 

  20. 20.

    Zhang A, Lin X (2018) Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. Jo Med Syst 42(8):140

    Article  Google Scholar 

  21. 21.

    Zhu H, Wang X, Chen CM, Kumari S (2020) Two novel semi-quantum-reflection protocols applied in connected vehicle systems with blockchain. Comput Electr Eng 86:106714

    Article  Google Scholar 

  22. 22.

    Lin C, He D, Huang X, Choo KKR, Vasilakos AV (2018) BSeIn: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. J Netw Comput Applic 116:42–52

    Article  Google Scholar 

  23. 23.

    Cha SC, Chen JF, Su C, Yeh KH (2018) A blockchain connected gateway for BLE-based devices in the internet of things. IEEE Access 6:24639–24649

    Article  Google Scholar 

  24. 24.

    Samaniego M, Deters R (2016) Blockchain as a service for IoT. In: IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). IEEE, pp 433–436

  25. 25.

    Dorri A, Kanhere SS, Jurdak R (2016) Blockchain in internet of things: challenges and solutions. arXiv preprint. arXiv:1608.05187

  26. 26.

    Dorri A, Kanhere SS, Jurdak R, Gauravaram P (2017) Blockchain for IoT security and privacy: the case study of a smart home. In: IEEE International Conference on Pervasive Computing and Communications Workshops. IEEE, pp 618–623

  27. 27.

    Kshetri N (2017) Can blockchain strengthen the internet of things? IT Profess 19(4):68–72

    Article  Google Scholar 

  28. 28.

    Wang EK, Sun R, Chen CM, Liang Z, Kumari S, Khan MK (2020) Proof of x-repute blockchain consensus protocol for IoT systems. Comput Secur, p 101871

  29. 29.

    Bhushan B, Sahoo C, Sinha P, Khamparia A (2021) Unification of blockchain and internet of things (BIoT): requirements, working model, challenges and future directions. Wirel Netw 27:55–90.

    Article  Google Scholar 

  30. 30.

    Huang H, Chen X, Wu Q, Huang X, Shen J (2018) Bitcoin-based fair payments for outsourcing computations of fog devices. Future Gener Comput Syst 78:850–858

    Article  Google Scholar 

  31. 31.

    Shafagh H, Burkhalter L, Hithnawi A, Duquennoy S (2017) Towards blockchain-based auditable storage and sharing of IoT data. In: Proceedings of the Cloud Computing Security Workshop. ACM, pp 45–50

  32. 32.

    Lei A, Cruickshank H, Cao Y, Asuquo P, Ogah CPA, Sun Z (2017) Blockchain-based dynamic key management for heterogeneous intelligent transportation systems. IEEE Internet Things J 4(6):1832–1843

    Article  Google Scholar 

  33. 33.

    Zhao H, Bai P, Peng Y, Xu R (2018) Efficient key management scheme for health blockchain. CAAI Trans Intell Technol 3(2):114–118

    Article  Google Scholar 

  34. 34.

    Merkle RC (1980) Protocols for public key cryptosystems. In: IEEE Symposium on Security and Privacy. IEEE, pp 122–122

  35. 35.

    Baliga A (2017) Understanding blockchain consensus models. Persistent

  36. 36.

    Nguyen CT, Hoang DT, Nguyen DN, Niyato D, Nguyen HT, Dutkiewicz E (2019) Proof-of-stake consensus mechanisms for future blockchain networks: fundamentals, applications and opportunities. IEEE Access 7:85727–85745

    Article  Google Scholar 

  37. 37.

    Bentov I, Lee C, Mizrahi A, Rosenfeld M (2014) Proof of activity: extending bitcoin’s proof of work via proof of stake [extended abstract]. ACM SIGMETRICS Perform Evaluat Revx 42(3):34–37

    Article  Google Scholar 

  38. 38.

    Chen L, Xu L, Shah N, Gao Z, Lu Y, Shi W (2017) On security analysis of proof-of-elapsed-time (poet). In: International Symposium on Stabilization, Safety, and Security of Distributed Systems. Springer, Berlin, pp 282–297

  39. 39.

    Wang EK, Liang Z, Chen CM, Kumari S, Khan MK (2020) Porx: A reputation incentive scheme for blockchain consensus of IIoT. Future Gener Comput Syst 102:140–151

    Article  Google Scholar 

  40. 40.

    Stanciu A (2017) Blockchain based distributed control system for edge computing. In: 21st International Conference on Control Systems and Computer Science. IEEE, pp 667–671

  41. 41.

    Hunkeler U, Truong HL, Stanford-Clark A (2008) MQTT-S: A publish/subscribe protocol for wireless sensor networks. In: The 3rd International Conference on Communication Systems Software and Middleware and Workshops. IEEE, pp 791–798

  42. 42.

    Nastic S, Sehic S, Le DH, Truong HL, Dustdar S (2014) Provisioning software-defined IoT cloud systems. In: International Conference on Future Internet of Things and Cloud. IEEE, pp 288–295

  43. 43.

    Gupta B (2015) Discovering cloud-based services for IoT devices in an IoT network associated with a user. US Patent App. 14/550,595

  44. 44.

    Kawabe Y, Ito N (2016) On backward-style verification for timed anonymity of security protocols. In: IEEE 5th Global Conference on Consumer Electronics. IEEE, pp 1–5

  45. 45.

    Pour AN, Kumekawa K, Kato T, Itoh S (2007) A hierarchical group key management scheme for secure multicast increasing efficiency of key distribution in leave operation. Comput Netw 51(17):4727–4743

    Article  Google Scholar 

  46. 46.

    Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond A Math Phys Sci 426(1871):233–271

  47. 47.

    Wu TY, Lee Z, Obaidat MS, Kumari S, Kumar S, Chen CM (2020) An authenticated key exchange protocol for multi-server architecture in 5g networks. IEEE Access 8:28096–28108

    Article  Google Scholar 

  48. 48.

    Wong CK, Gouda M, Lam SS (2000) Secure group communications using key graphs. IEEE/ACM Trans Netw 8(1):16–30

    Article  Google Scholar 

  49. 49.

    Abdmeziem MR, Tandjaoui D, Romdhani I (2015) A decentralized batch-based group key management protocol for mobile internet of things (DBGK). In: IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing. IEEE, pp 1109–1117

Download references

Author information



Corresponding author

Correspondence to Wensheng Gan.

Ethics declarations

Conflicts of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Chen, CM., Deng, X., Gan, W. et al. A secure blockchain-based group key agreement protocol for IoT. J Supercomput 77, 9046–9068 (2021).

Download citation


  • Internet of things
  • Blockchain
  • Group communication
  • Security
  • Private key