kumoh national institute of technology
Networked Systems Lab.

Kevin Putra Dirgantoro, Jae-Min Lee, and Dong-Seong Kim "Encrypted Data-based AES-GCM with Zero Difficulty Algorithm for Blockchain Industrial IoT", ETFA 2019.
By : Kevin
Date : 2019-07-02
Views : 289

Reviewer 1
C. Clarity of presentation:
English grammar and spelling are proper ------------------------------------------ [1 - I disagree]
Mathematical symbols and equations are easy to understand ------------------------ [3 - I agree]
Figures and tables are well constructed and informative -------------------------- [1 - I disagree]
The paper is well organized ------------------------------------------------------ [3 - I agree]
Considering the issues above, the paper is readable ------------------------------ [1 - I disagree]

T. Technical innovation and relevance
The authors cite other relevant publications ------------------------------------- [3 - I agree]
Authors describe relevance of work to the research field ------------------------- [3 - I agree]
The authors apply sound technical approaches ------------------------------------- [3 - I agree]
New ideas are convincingly and logically described ------------------------------- [3 - I agree]
Results are convincing ----------------------------------------------------------- [3 - I agree]
Considering the issues above, this work should be presented --------------------- [3 - I agree]

Comments:
In this manuscript, the authors propose an encrypted stored data in the blockchain
network by using zero difficulty algorithm for blockchain industrial internet of
things (IIoT).

The manuscript includes lots of grammar errors/mistakes and typos. Therefore, a
careful proofread is required before publication.

I suggest avoiding abbreviations in the title. This will decrease the visibility of the
manuscript if published.

"It thus makes it" It is not clear which it refers to which terms.

requires real-time Real time something like operation, processing,

In practical->in practice

first paragraph: Blockchain why capital?

If the colors mean different things in figure 1, please include them in the figure as a
legend or in the caption.

The simulation of the blockchain is using-> is done by using

IIoT seems like a buzz-word for this manuscript. The authors needs to elaborate in
why the proposed algorithm is better for IIoT. Can the proposed algorithm support
applications in IIoT domain in terms of amount of information that will be coming
from the sensors?

Reviewer 2
C. Clarity of presentation:
English grammar and spelling are proper ------------------------------------------ [0 - I strongly disagree]
Mathematical symbols and equations are easy to understand ------------------------ [2 - I am neutral]
Figures and tables are well constructed and informative -------------------------- [2 - I am neutral]
The paper is well organized ------------------------------------------------------ [0 - I strongly disagree]
Considering the issues above, the paper is readable ------------------------------ [1 - I disagree]

T. Technical innovation and relevance
The authors cite other relevant publications ------------------------------------- [2 - I am neutral]
Authors describe relevance of work to the research field ------------------------- [1 - I disagree]
The authors apply sound technical approaches ------------------------------------- [1 - I disagree]
New ideas are convincingly and logically described ------------------------------- [1 - I disagree]
Results are convincing ----------------------------------------------------------- [1 - I disagree]
Considering the issues above, this work should be presented --------------------- [1 - I disagree]

Comments:
The paper proposes a simple method to get rid of the
expensive Proof-of-Work employed in permissionless
blockchains like Bitcoin. The problem is that the is too
simple and raises a lot of security issues.
First of all, the authors use simple symmetric-key to hide
and authenticate data on the blockchain, so that only who
knows the symmetric key can read and produce transactions.
However, how can you be sure that who knows the symmetric
key is trusted? The philosophy of the blockchain data
structure is not to trust anyone, not even the members of
the consortium in the case of permissioned blockchains. This
is the reason why they employ expensive proof-of-work
algorithm or practical Byzantine fault tolerance protocols.
Without these protections, a malicious participant can
easily disrupt the blockchain by injecting double spendings
or other incoherent transactions, or even entire alternative
blockchain branches.
Even if ALL the participants are honest, a single symmetric
key constitutes too-trivial protection. Indeed, what happens
if a participant accidentally leaks the key? The entire
blockchain gets compromised.
Moreover, what's the need of using a blockchain? You keep
data private (by encrypting it) and you do not use any
consensus algorithm (because the "difficulty is zero"). So
why do you need a blockchain at all? Can't you use a
plain-old private database, which is even more performant
and secure?
Finally, the paper is hard to follow also for the bad
structure and the bad English. Section II.B contains useless
details on AES-GCM that can be removed.

Minor issues and typos:
- the data which chained in the network -> the data which IS
chained in the network
- The participant miners in the network, gather up ... ->
please do not put commas between subject and verb
- Then concatenates it with IV, -> This sentence seems to
miss the subject

Reviewer 3
C. Clarity of presentation:
English grammar and spelling are proper ------------------------------------------ [1 - I disagree]
Mathematical symbols and equations are easy to understand ------------------------ [2 - I am neutral]
Figures and tables are well constructed and informative -------------------------- [2 - I am neutral]
The paper is well organized ------------------------------------------------------ [2 - I am neutral]
Considering the issues above, the paper is readable ------------------------------ [1 - I disagree]

T. Technical innovation and relevance
The authors cite other relevant publications ------------------------------------- [1 - I disagree]
Authors describe relevance of work to the research field ------------------------- [3 - I agree]
The authors apply sound technical approaches ------------------------------------- [2 - I am neutral]
New ideas are convincingly and logically described ------------------------------- [1 - I disagree]
Results are convincing ----------------------------------------------------------- [2 - I am neutral]
Considering the issues above, this work should be presented --------------------- [1 - I disagree]

Comments:
The authors should make an effort and improve the English
language usage. There are several grammar problems that make
the paper at times very hard to read and understand.

I can't quite understand the proposed approach. Because PoW
involves too much computational power, the authors propose a
zero difficulty algorithm. Could you give an example? As far
as I understand, this means that the hash does not need to
have any leading 0. Is that right? In that case, wouldn't it
be relatively simple for an attacker to replace some data
and recompute the chain? To offset this problem, the idea
seems to be to encrypt the data. Is this the actual paper
contribution? Use a zero difficulty problem, but encrypt the
data?

The authors mention lightchain [6], but do not discuss it.
How does that work compare to what is proposed here? What
are the differences?

The authors should spend more time presenting their
approach, instead of discussing in detail how PoW works, or
how AES works. A short description of these existing
technologies, and a reference would be sufficient.

I don't understand what is shown in Figure 5. Is this the
time required to add one block to the chain? Or the time
required to add all blocks to the chain? In the first case
(add one block to the chain), I don't see why the time
should increase with the length of the chain. In the second
case (add all blocks), I don't see why the increase for the
blue line should not be linear with the number of blocks. As
far as I understand the difficulty is not incremented as the
length of the chain increases. And if it is linear, then it
would be sufficient to show how long it takes to compute one
block. Does the time also include communication with the
ledger infrastructure?

The literature on blockchain for IoT is actually rather
vast, the authors should consider more approaches and
clearly position their work with respect to them.


Accepted or Rejected?
The manuscript is marked as REJECTED.
The manuscript is not on the list of registered manuscripts.