Key Update and Device Location of Internet of Things Based on Smart Contract

In order to reduce the key update time delay of the Internet of*ings and reduce the device location error rate and location time, a new key update and device location of Internet of *ings based on smart contract was designed. Adopt improved MVIF security mechanism of both parties to build smart contract security mechanism, and the key update of the Internet of *ings is realized through key predistribution, user registration and login, and key update. On this basis, multidimensional scaling technology is used to abstract Internet of *ings devices into relative coordinates in multidimensional space, and the absolute coordinates are obtained by eliminating the distance estimation error to achieve Internet of *ings device positioning. Experimental results show that the proposed method has a lower key update time delay, a lower amount of data used in the key update process, a lower positioning error rate of Internet of *ings devices, and a shorter positioning time, which fully verifies the effectiveness of the proposed method.


Introduction
With the development and popularity of the Internet of ings technology, intelligent devices of the Internet of ings have gradually penetrated into all aspects of people's lives. From the development trend of intelligent devices of the Internet of ings in recent years, the number of intelligent mobile devices represented by smart phones has been in a state of rapid growth [1]. Ensuring the security and credibility of information is an important prerequisite to ensure good user experience. In order to ensure secure communication between intelligent devices, a variety of security algorithms have been proposed [2], and locationbased services have also been widely used. In order to achieve secure communication of intelligent devices, efficient secure channels are usually established between devices through symmetric encryption algorithm, and key negotiation and message verification are realized through public key encryption and public key signature algorithm [3,4].
In order to facilitate users to obtain public key information during the encryption or signature verification process, a new identity-based encryption algorithm is designed. e algorithm uses the user's identity as the public key, and the private key generation center provides the user with the private key. is encryption algorithm makes it unnecessary for the user to apply for a digital certificate, thus avoiding the tedious work of certificate issuance, revocation, verification, and storage [5]. At the same time, identity as a public key greatly improves the efficiency and credibility of public key query. However, in order to prevent attackers from forging or replaying by brute force cracking the key, users often need to update the key, which puts a high demand on the private key generation center, which needs to calculate the latest key for each user and establish a channel with each user for key distribution. Similarly, BeiDou Navigation Satellite System and GLOBAL Positioning System require each user to receive stable positioning signals from satellites when positioning smart devices [6]. However, due to the complexity and uncertainty of the environment, for example, in urban indoor or outdoor, communication signals and positioning signals between smart devices and public infrastructure (private key generation center, positioning satellite, etc.) may be in a weak signal or no signal state, resulting in very difficult key update and device positioning [7]. Many self-organizing public key protocol management systems have been proposed so far, and devices can distribute and revoke their public keys without the help of any fixed server. However, these systems require that devices be always online when other devices publish their session keys or update their public keys [8]. In addition, during multihop communication, there is no trusted third party that can monitor the behavior of all devices and arbitrate disputes in the presence of malicious devices. In addition, if users need to obtain location information of other smart devices, it is difficult to verify the accuracy of the location information published by existing technologies. erefore, the problems of self-organizing key update and trusted location for intelligent devices in complex environment have not been solved yet.
To solve the key update problem, reference [9] proposed a security authentication and key update method for multipoint cooperative joint transmission of Internet of vehicles. In this method, the vehicle generates the base station switching request and uses random number, shared key, and target base station public key to encrypt and broadcast the switching request. Based on the characteristics of cryptography, the target base station can not only calculate the shared key from the ciphertext request based on the private key, but also calculate the subsequent session key. e vehicle can calculate the session key based on the location information of the target base station and the random number generated when the request is generated, so as to realize the key sharing and key updating between the vehicle and the base station under the premise of only one key transmission. e key generation and update algorithm is verified and analyzed from the perspective of cryptography. Reference [10] proposed a decentralized identity authentication and key update method based on block chain. e user only needs to generate the identity identifier and key for the first time by IGC (Identity Generator Center), and then the user can automatically update the key. During this process, the identity identifier remains unchanged as the public key. Update only the private key and parameters to facilitate authentication. is paper redefines the data structure of transactions, and the update process is recorded in the blockchain in the form of transactions, which ensures its authenticity and credibility. Since the blockchain data cannot be tampered with, the blockchain data is authentic. Reference [11] proposed a global positioning method for high-value medical devices based on Internet of ings smart tag. Combine new Internet of ings technology with RFID identification, identify equipment tags and extract feature codes of tag positioning data, perform hybrid networking control combined with parameter feature codes, build Internet of ings node deployment models, and use this model to cluster equipment operating data and fusion processing to obtain the device positioning result. Reference [12] proposed a secure positioning method for Internet of ings devices based on blockchain technology, using blockchain distributed ledgers to share between Internet of ings devices. After Internet of ings devices are located, a list of new locations and adjacent nodes is added to the blockchain, and the shared location data is used by other devices to locate them.
In order to reduce the key update time delay of the Internet of ings and reduce the device location error rate and location time, a new key update and device location of Internet of ings based on smart contract was designed. e method realizes key update of the Internet of ings with the support of smart contract security mechanism. Multidimensional scaling technology is used to abstract IoT devices into relative coordinates in multidimensional space, and the absolute coordinates are obtained by eliminating the distance estimation error to achieve IoT device positioning. As the key update and device positioning methods of the Internet of ings are designed separately in this paper, the key update time delay, the amount of data used in the key update process, and the positioning error rate and positioning time of the Internet of ings devices are lower in this paper.

Internet of Things Key Update Based on Smart Contract
So far, the development of blockchain technology has gone through three development stages: technology origin, blockchain 1.0, and blockchain 2.0. Among them, the technological origin of blockchain includes asymmetric encryption technology, distributed database technology, point-to-point network technology, and digital currency [13]. In 2009, the digital currency Bitcoin network was officially put into operation. As the underlying technology supporting its operation, it evolved to blockchain 1.0 technology, realizing the combination of technologies such as chain data structure with block as unit, whole-network shared ledger, asymmetric encryption algorithm, and source code and open source [14,15]. In 2014, blockchain technology began to be applied in other areas than digital currency, such as distributed identity authentication, distributed domain name system, distributed self-organization, and other distributed applications. Blockchain technology evolves to blockchain 2.0, with smart contracts, distributed applications, virtual machines, and other technologies as typical features [16]. Smart contract is a code deployed in a distributed ledger that can realize various business logic functions and is a computer program that can automatically execute the terms of the contract [17][18][19]. Smart contracts are self-consistent, self-contained, and distributed, defined by code and executed independently. Formalization of the content of the contract is realized by digitally encoding the content of the contract and writing it into the blockchain [20]. In order to meet the security and privacy protection of smart contracts, virtual iterative function (VIF) was used to encrypt the receipts generated by smart contracts in previous studies [21]. Because it adapts to the current contract environment, there are not only bilateral contracts, but also many multiparty contracts. erefore, this paper takes multidimensional virtual permutation function (MVTF) theory as the research basis, constructs and improves bilateral MVIF security mechanism, and takes it as the smart contract security mechanism, so as to improve the security of smart contracts. e smart contract construction mechanism is shown in Figure 1. e smart contract construction mechanism is described as follows: (1) Multiparty contract users exchange key array mapping security subsystem through token ring to form MVIF space. Token ring can ensure that multiparty users form multidimensional virtual permutation functions in a certain order without omission or repetition. Finally, each user has the same joint keycontrolled array, and the security subsystem mapping n * n also has the same MVIF [22,23]. (2) Multiple users use their respective keys to replace multiple security subsystems in the existing MVIF. e key of each user represents multiple coordinates of one dimension in the MVIF, and the same unique and sequential multiple security subsystems are displaced in MVTF through key exchange [24][25][26].
(3) e user iterates the security subsystems selected in the previous step in sequence through the compiler to construct the VIF, and the encryption contract obtains the corresponding receipt for saving, which is used for the authentication of the security call and execution of the future contract. (4) When multiple users contract again, they only need to repeat the above steps to quickly replace a large number of secure encryption methods and apply them to subsequent smart contract authentication receipts [27].
e key update process of Internet of ings based on smart contract is as follows: (1) Key predistribution ere are roughly two types of devices in the Internet of ings. e first is low-energy device L, which has a large number and a weak storage space for energy and computing power [28]. e second is high-energy equipment, which has great storage space, super computing power and sufficient energy. Since the Internet of ings is focused on a wide range of uses, predeployment is required. e predeployment phase is the startup phase. e system is started by the network administrator and runs offline. In the predeployment phase, each fixed communication device S j |1 ≤ j ≤ m is preassigned its identity information SID j and key X GWN−S j , which are allocated by the gateway device (GWN device) and saved by the device itself, where m represents the number of predeployed devices in the Internet of ings [29]. Due to the weak storage computing capacity of general low-energy devices, the small storage space of devices was taken into account at the beginning of the formulation of the scheme [30]. erefore, in the scheme, the key preservation and predistribution requirements are that the storage space is sufficient. In addition, GWN is pregenerated high security key X GWN , with only the gateway device GWN stored and the gateway device also stores X GWN−S j of S j |1 ≤ j ≤ m for each device. In a network-wide preconfigured device key approach, any hazardous device can compromise the security of the entire network fully. In explicit device preconfiguration, although a few dangerous devices are connected to each other, the entire network is not affected. Preconfigured device security methods provide group device protection against threats from other hazardous devices deployed on the same device [31,32].
(2) User registration and login e user registration process is as follows: Step 1: Users carry their own identity information ID i and password PW i and select random r i to carry out password encryption and identity information encryption calculation [33]. e results are as follows: (1) Step 2: e user sends MP i and MI i to the gateway GWN through a private channel. After receiving MP i and MI i , GWN encrypts them according to the security key known only to itself and carries out encryption calculation [34]: X GWN−U i is the random selection of a security key, f i is the result of encrypting the mask of user identity information, x i is the result of encrypting the password of U i , and then XOR operation [35] e i � f i ⊕x i .
en the network joint GWN stores user MP i 's identity information mask and security key X GWN−U i .
Step 3: e gateway device takes MI i , e i , f i , X GWN−U i as SC, the user's identity information card in the Internet of ings, and sends it to the user through the private network. After receiving the packet, the user adds the selected random number r i to the packet. After the registration phase, user U i initiates authentication to connect to any destination device in the Internet of ings. In order to implement user authentication, user login must be implemented first. Based on the above description, smart contract is applied in this paper to realize user registration and authentication, and any other security system for data protection can be replaced by it [36].
Step 1: User U i enters password WP * i according to the smart contract. e smart label is calculated by WP * i and the smart label is saved by user r i .
Wireless Communications and Mobile Computing 3 MP i is the calculated user mask, and x * i is the password result after encryption.
Step 2: Check whether x i is equal to x * i . If the value is different, the user does not enter a correct password during the login. If so, the smart contract performs the following calculations: Step 3: Select a random number K i , calculate Z i � K i ⊕f i according to the smart contract, and send MI i , e i , Z i , N i , T 1 to destination device S j over the public channel. e random number K i is used to construct the shared key for communication with the destination device, and the random number Z i is used to encrypt the return key.

(3) Key update
For key change stage, the user can freely choose whether or not to change the session key, in the design of the scheme, using the intelligent contract, users must be logged in into the key of change, only after intelligent contract after modifying some parameters, through certification, with equipment and GWN can change in the key be achieve, so at this stage, it does not need to interact with the device or GWN, and this phase is offline.
Step 1: Access the smart terminal, view the smart contract, enter the password PW OLD i , and calculate MP * i based on the smart contract and the saved password r i .
In this case, the encryption password is Original password: Step 2: Check whether x i equals x * i . If the value is different, the user does not enter a correct password during the login. If so, the smart contract performs the following calculations: e new password is Step 3: Replace e i in the original smart contract with

Locating Internet of Things Devices
Multidimensional scaling (MDS), as a data analysis method, was originally applied in the field of psychometry to achieve data statistics and analysis in psychological aspects. Multidimensional scaling technology abstracts devices from reality into relative coordinates in multidimensional space. e degree of similarity between devices is related to the degree of Euclidean distance of relative coordinates in multidimensional space.
It is assumed that the dissimilarity of any two Internet of ings devices i and j can be represented by p ij , so the dissimilarity of pairs of devices between the n devices can be represented by a matrix of [p ij ]. e relative coordinate of each device in the multidimensional space is expressed as matrix X n×ω , where n is the number of devices and ω is the dimension of the relative coordinate of each device. e distance between the relative coordinates of each device is expressed by d ij (X). MDS takes advantage of device dissimilarity and iterates to make p ij and d ij (X) as consistent as possible. e proximity between p ij and d ij (X) is measured by the STRESS coefficient, and the specific calculation formula is shown as follows: Because there is no precise distance between devices in nonmetric multidimensional scales, the expression of nonmetric multidimensional scale is STRESS 1 , replacing the dissimilarity p ij in formula (11) with the value d ij between devices, as shown in the following formula: In both cases, nodes A and D cannot communicate directly due to the distance beyond their respective communication range. However, B and C are neighbors of A and D, and B and C can communicate directly. e Euclidean distance L AC � b, L C D � d, L AB � a, L B D � c, and L BC � p between each neighbor node can be obtained by TDOA ranging method. e required distance is the value q of L A D . Let the angle between AB and BC be θ 1 , and the angle between BC and BD be θ 2 . According to the knowledge of plane trigonometry, according to the above two cases, equations as shown in formulas (13) and (14) can be obtained.
ere are two sets of solutions that satisfy the equations, and the angle values of θ 1 , θ 2 , and q are also obtained. e position of D in the two sets of solutions is symmetric with respect to BC, that is, D and D′. However, there is only one actual position of D, so we need to use other external conditions to get the real position of D and then get the real Euclidean distance of AD.
In the above ideal case, the accurate distance between AD can be calculated with the presence of auxiliary equipment. However, due to the existence of hardware level and interference factors, the distance measurement between neighbor nodes will produce errors in the specific application. It is difficult for the quadrilateral composed of auxiliary equipment to get completely equal solutions due to the existence of distance measurement errors, so error correction of the above method is needed. e specific correction method is as follows: Firstly, the interference solution is eliminated by using the defined error function, and then the estimated AD distance is obtained by weighting multiple distance values with errors according to the node density and other factors.
Suppose there are several neighbor device pairs between nodes A and D that can form A quadrilateral with nodes A and D, and these qualified node pairs can form m quadrilateral that meets the above conditions. In this way, 2m distance solutions between nodes A and D are obtained according to the above method, including m estimated values with errors and m interference solutions. In order to eliminate the interference solution, the error function is defined as shown in the following formula: According to the geometrical relation of m quadrilateral, the value range of q is between (min(q 1 , . . . , q m , q 1 ′ , . . . , q m ′ ), max(q 1 , . . . , q m , q 1 ′ , . . . , q m ′ )). When the number of nodes in the cluster is not large, the fixed step method is adopted to reduce the amount of calculation and substitute into the above formula for search. e optimal value of q is q best , which makes e q ≤ e(u). en, the m solutions closest to q best are obtained from the m pairs of solutions, thus eliminating the m interference solutions. e next step is to get an estimate of q by weighting. In general, the higher the node density is, the greater the accuracy of positioning is. erefore, the solution with the higher node density is set with a higher weight. e node density can be expressed by the device connection degree C.
e calculation formula for distance between devices after eliminating errors is as follows: In the above formula, u(u) represents the initial calculation result of distance. e positioning method of Internet of ings devices proposed in this paper includes network initialization, relative coordinate system establishment within cluster, and absolute coordinate transformation. e specific steps are as follows: (1) e network starts to initialize. First, each device broadcasts data packets to detect the remaining energy information of its neighboring devices, taking into account the energy consumption of the RF amplifier circuit, the distance between devices, and the number of bits of data sent and received by devices. At the same time, the distance measurement of the neighbor device is calculated by TDOA method, and the distance measurement result is saved in the neighbor table. node. e node with the largest remaining energy is declared as the cluster head, while the other nodes with smaller remaining energy are divided into multiple clusters. e network initialization is completed.
(3) At the beginning of positioning, the distance between multihop nodes in the cluster is estimated by using the distance error correction algorithm above according to the shortest path composed of the distance between single-hop nodes in the cluster and the geometric relationship between nodes. (4) Each cluster is based on the distance and relative coordinates between multihop nodes in the cluster. (5) e relative coordinate system is fused from the two adjacent clusters with the most common nodes until all clusters are fused into the same relative coordinate system. (6) Convert the relative coordinates of nodes in the network according to the location information of anchor nodes. e absolute coordinates of each node are obtained, and the positioning is finished, so as to realize the positioning of Internet of ings devices.

Simulation Experiment Design
Basic conditions Experimental environment parameters are set as shown in Table 1.

Verifying Key Update Performance.
OPNET was founded in 1986 by two Ph.Ds from the Massachusetts Institute of Technology and commercialized in 1987. OPNET has won a wide range of customers in manufacturing, business, operators, defense, and research institutes for its precise simulation approach to network simulation and the accuracy of the results presented. In order to meet the needs of scientific research, the teaching and research office introduced this software in 2007, and it has been applied in project simulation. is section uses OPNET to simulate SST scheme and analyzes the performance of the scheme in the actual network environment. Experiment sets up a one-to-many network model composed of a key server and multiple user terminals. By setting the number of user terminals, simulate the size of different group members and measure the time delay of the key server to update the group key and the amount of data sent when a single group member joins or quits.
e RSA algorithm, AES algorithm, MD5 algorithm, and d-h key negotiation algorithm used in ACE whiteboard modeling are derived from Crypto++ cryptography library. e length of public and private keys of RSA algorithm is 1024 bit, and the degree of all keys in the key tree is 128 bit. Add user-defined statistics: Re_keying Time and Server Traffic Sent, which, respectively, indicate the average delay of group key update and the number of messages sent by the group controller.
In the process of simulation, several simulation sequences are established according to the different number of group members at the initial moment. e number of group members increased exponentially from 32 to 8192, with a total of nine simulation sequences. e scalar statistics generated during the simulation process are collected and the simulation results are obtained. e time interval for each member to join (quit) follows the exponential distribution with the parameter of 100 (s), and the simulation time is 24 hours.
Reference [9] method and reference [10] method are used as experimental comparison methods, and the test results of key update time delay of different methods are shown in Figure 2.
As can be seen from Figure 2, when the number of group members is 32, the key update cost of [9] method, [10] method, and the method in this paper is the lowest, with time delay of 0.12 s, 0.71 s, and 2 s respectively. However, compared with the method in reference, the key update time delay of the method in this paper is lower, and the practical application effect is better.
Reference [9] method and reference [10] method are used as experimental comparison methods, and the test results of key update traffic of different methods are shown in Figure 3.
When the number of group members is 8192, the key update cost of [9] method, [10] method, and the method in this paper is the largest, and the communication message volume is 760 byte, 1830 byte, and 1900 byte, indicating that the data amount used in the key update process of this method is lower.

Verifying Device Positioning Performance.
In this paper, the Internet of ings device fingerprint is run on the public data set to verify whether the Internet of ings device can be found. e data comes from Censys, an open source platform for collecting data packets in application protocols, including industrial control protocols, HTTP, FTP, and Telnet. Censys data set on August 15, 2020, is used in this paper, as shown in Table 2.
e HTTP protocol comes from port 80, and the data set has 514 G, including 66 million data packets. e FTP protocol comes from port 21 and contains 32 gigabytes of data, including 10 million data packets. Telnet protocol comes from port 23, data volume of 3 G, including 3 million data packets. e SSH protocol comes from port 22 and contains 50 gigabytes of data, including nearly 6 million data packets.
In this paper, the device fingerprints of routers, printers, and cameras are generated using a SVM classifier with 100 dimensional feature vectors and a radial basis kernel function. is paper found 5.52 million (552,333) Internet of ings devices, as shown in Figure 4. at includes more than 3 million routers, 80,000 printers, and 2 million cameras. While the percentage of Internet of ings devices directly exposed to cyberspace is low, probably less than 1%, the absolute numbers are still huge. From a security perspective, these consumer-facing devices should not be visible or accessible from public spaces. ese exposed Internet of ings devices could be exploited by malicious users and attackers. Many devices are hidden behind a private network (that is, a home or business network) and experiments have found that many devices return error codes indicating that they have no access. erefore, on the basis of the above, the positioning error rate and positioning time of Internet of ings devices in [11] method, [12] method, and this paper are compared, and the results are shown in Figures 5 and 6. e analysis of the data in Figure 5 shows that, with the increase of the number of experiments, positioning errors of Internet of ings devices of different methods show a trend of change. e positioning error rate of Internet of ings devices of [11] method varies between −17% and 18%, and that of [12]      positioning error rate of Internet of ings devices in this method varies between −4% and 3%. Compared with [11] method and [12] method, the positioning error rate of Internet of ings devices in this method is lower, indicating that the positioning accuracy of this method is higher. By analyzing the data in Figure 6, it can be seen that the positioning time of Internet of ings devices in [11] method is between 0.8 s and 2.8 s, and that in [12] method is between 0.7 s and 2.5 s. Compared with [11] method and [12] method, the positioning time of Internet of ings devices in this method is less than 0.8 s, indicating that the positioning time of this method is shorter, which fully verifies the effectiveness of this method.
Experiments prove that this method has a lower key update time delay and a lower amount of data used in the key update process, and the positioning error rate of Internet of ings devices varies between −4% and 3%. e positioning time is less than 0.8 s. e positioning error rate of Internet of ings devices is lower and the positioning time is shorter, which fully verifies the effectiveness of this method.

Conclusion
With the development of Internet of ings technology, the number of intelligent devices increases rapidly. e selforganizing network mode adopted by wireless intelligent Internet of ings devices is characterized by dynamic topology, no central distribution, and no fixed infrastructure, etc. However, these characteristics bring many problems to the security of communication and positioning. Firstly, in order to achieve secure communication of wireless intelligent devices, often adopt the combination of single and double key encryption method; however, once a device key is lost or leaked, the key update in self-organizing network synchronization is in time, and the subsequent equipment positioning error rate is rising, so this paper proposes a new intelligent contract based on Internet of ings key updating and device positioning method. Experimental results show that the method has lower key update time delay and lower data amount used in the key update process, the positioning error rate of IoT devices varies between −4% and 3%, and the positioning time is less than 0.8 s, indicating that the method can be used to achieve accurate and rapid positioning of IoT devices, and the practical application effect is better. It can solve the problems existing in traditional methods and lay a solid theoretical foundation for the research on key update and device positioning of the Internet of ings.
Data Availability e raw data supporting the conclusions of this article will be made available by the authors, without undue reservation.     Wireless Communications and Mobile Computing