A Blockchain-based Secure Data Storage and
Trading Model for Wireless Sensor Networks
Shahab Ali, Nadeem Javaid, Danish Javeed, Ijaz Ahmad, Anwar Ali, and Umar
Abstract Data storage on local devices provides fast, secure and complete access to
the users. However, it needs sufﬁcient storage, which is not feasible for light-weight
clients’ environments. In such scenarios, the usage of external devices makes the
system vulnerable to data tampering, privacy leakage, and other data security is-
sues. Wireless Sensor Networks (WSNs) consist of resource constrained devices,
where external storage is preferred due to the lack of storage capacity in local de-
vices. Therefore, using a centralized storage mechanism in WSNs causes slow data
retrieval, which affects further operations on data. Relying on trusted parties also
cause certain privacy and trust issues. Various data trading mechanisms are intro-
duced to efﬁciently utilize the stored data. However, they still lack in certain aspects
as discussed above. Therefore, we propose and implement a Secure Incentive-based
Data Storage and Trading Model (SIDSTM), which provides a secure and efﬁcient
distributed storage mechanism. The proposed scheme uses AES-128 encrytpion
scheme to encrypt the data for privacy purposes. An elliptic curve Difﬁe-Hellman
key exchange is used for securely exchanging the private keys among the network
peers. In WSNs, there are fewer data trading models so far. Anyone can access the
data if he has access to the hash provided by the IPFS in the InterPlanetary File
System (IPFS). Thus, IPFS provides efﬁcient data access and storage mechanism.
However, it deletes the data after a certain time interval due to the limited storage.
Therefore, the proposed model provides incentives to motivate IPFS’s peers for data
storage. It also eliminates the need for the third-party involvement in data trading.
The simulations are conducted to prove the effectiveness of the proposed model by
evaluating its efﬁciency and scalability.
Shahab Ali and Nadeem Javaid (Corresponding Author)
COMSATS University Islamabad, Pakistan; email: email@example.com
Danish Javeed, Ijaz Ahmad, Anwar Ali, and Umar Mohammed Badamasi
Changchun University of Science and Technology, Changchun , China
2 Shahab et al.
Wireless Sensor Networks (WSNs) play an important role in terms of collecting
data from various sensitive and high-risk remote areas, such as monitoring areas,
battleﬁelds, and other areas. A large number of light-weight sensor nodes are used
to gather the information that is used for various purposes, like data trading, weather
forecasting, and for many other applications. WSNs are used as a key technology
in the Internet of Things (IoTs). IoTs have unavoidable signiﬁcance in real-time
environments as well as in research areas . These devices are resource constrained
and perform a limited number of operations. Therefore, the third-party is used to
provide the required functionalities. The usage of third-party resources provides
high computational complexity, such as cloud storage. However, these devices suffer
from high dependencies, as they need high storage space to operate on data in cloud
Storage is the main concern in WSNs as data is used as a key resource. From
users’ perspective, the essential asset is the data itself, rather than how to get it,
the type of network conﬁguration or source of the data gathering used . WSNs
support efﬁcient data storage and data access mechanisms in heterogeneous environ-
ments. The storage of data on the WSNs’ nodes is not feasible due to the continuous
generation of sensed data against limited storage space in the resource constrained
devices. So, the data must be stored on some other devices to effectively use it for the
required purposes. In such scenarios, the network should be properly organized to
effectively transfer the data to a sink node or Base Station (BS). Using cloud storage
in such scenarios is not efﬁcient due to inefﬁcient data retrieval and access opera-
tions. The data storage on third-party resources causes some serious threats such as
privacy leakage and illegal use of sensitive data. Further, there is a possibility of
data loss in case of any system failure or external interference.
WSNs gather data from the surrounding and store the data in the respected stor-
age systems (i.e., cloud, peer devices, etc). There is a speciﬁc goal behind the collec-
tion and storage of the sensors’ data. The data can be traded and utilized for research
or some other scenarios like predictions for any future events or anomalies. Trading
in the Internet paradigm scales the signiﬁcance of traders to get the best return value
of their property. Moreover, from buyers’ perspective, it provides ease of access and
variety of choices to the best of their requirements. Trading can be of various types,
such as energy trading, data trading, and other types of trading. The focus of the
presented work is on data trading. The traditional data trading mechanisms in the
Internet infrastructure use a trusted intermediary to exchange the assets between en-
tities. However, external intermediary involvement makes the system vulnerable to
sensitive information leakage or asset misuse.
To overcome the limitations due to third-party involvement and centralized sys-
tems, blockchain is introduced. Blockchain is a distributed ledger and a decen-
tralized Peer-to-Peer (P2P) network that provides secure, immutable and tamper-
resistant services. In 2008, Nakamoto introduced the concept of a blockchain-based
cryptocurrency for the ﬁrst time . The ﬁrst implementation of blockchain was in
Bitcoins. Afterwards, it is adopted by many domains (i.e., IoTs , energy sector
Secure Data Storage and Trading Model for WSNs 3
, internet of vehicles , etc). After introducing the concept of smart contracts in
blockchain, it becomes more adaptable. IoT devices lack of data privacy and data
protection. While, blockchain causes high latency, low throughput and is computa-
tionally expensive. Therefore, blockchain is not suitable for IoT scenarios. In ,
the authors proposed a secure service provisioning mechanism for IoT with fair
payments system. Further an incentive mechanism is provided based on reputation
given to each entity. In order to tackle the above limitations in IoT scenario, au-
thors in  propose an efﬁcient blockchain-based model that supports security and
privacy in lightweight clients. An overlay network is generated and combined with
blockchain in order to verify the security and privacy issues. To ensure security,
authors in  use Certiﬁcateless Cryptography (CC) and ensures low processing
time, less energy consumption and overhead. The authors claims that the propose
scheme reduces about 50% of processing time in different environments. However,
the proposed scheme was vulnerable to forking.
Further, for centralized server elimination a CC based scheme for record audit-
ing and transaction veriﬁcation through blockchain in the IoT environment . The
solution was proposed to provide secure and protected data storage and trading to
IoT devices using PKI. IoT device was assigned a pair of keys to be publically
identiﬁed and communicate in a secure way. The security of the system was kept
high and accountability of the data was achieved. However, the model did not con-
sider the feasibility of computationally expensive schemes in a resource-restricted
environment. Proof of Work was used as a consensus mechanism, and asymmetric
encryption was performed by resource constrained IoT devices. Further, privacy of
storage data and utilization of data was not mentioned.
A blockchain-based data sharing and access control mechanism is proposed in
. The intentions of the author is to provide a secure authentication and trusted
framework for access control IoT networks. Similarly, another blockchain-based
model is presented in smart grid . The author presents an access control mech-
anism with compensation to the customers that participate in data sharing. Further,
the differential privacy is used to stimulate customers for data sharing. Further, a
blockchain-based mechanism that provide a data sharing platform for a real-time
scenarios . Authorization of data is provided to users-based on RSA-based digi-
tal signatures. The model also, provides IPFS-based storage to efﬁciently share data
among entities. Recently, a blockchain-based storage system is introduced, where
data is stored on wireless sensor nodes . The incentive mechanism is used to
overcome the selﬁsh behavior of the node for data storage. The distinct data is only
stored on each sensor; however, there is a possibility of data loss in case of any node
failure. Further, a node storing other sensors’ data is not able to store its own data
because of the limited storage capabilities.
Moreover, an edge computing-based mechanism, where secure service are pro-
vided to IoT devices . The system calculates reputations for each edge server,
and it incentivizes high reputation edge servers for their honest contributions in
the system. Cloud nodes are utilized to store the reputation and incetivization data.
Some cloud-based storage systems are presented to overcome the limitations of tra-
ditional data storage mechanisms in cloud server . Cloud infrastructure pro-
4 Shahab et al.
vides huge data storage capabilities; while communication time to access data and
data manipulation is very high. Thus, such systems in real-time environment create
slow processing and high computational time. In this article, we present SIDSTM; a
blockchain-based solution for WSNs, that is capable to be implemented in real-time
WSNs. To the best of our knowledge, this is a ﬁrst blockchain-based solution for
WSNs, where data storage and trading mechanism take place side by side.
Our main contribution is mainly two-fold. The ﬁrst is to provide an incentive-
based secure distributed storage mechanism for blockchain-based WSNs using de-
centralized storage. Secondly, the system utilizes the stored data, such as providing
a smart contract-based single auction mechanism for data trading in WSNs, which
eliminates third-party involvement in data trading. The presented model uses a dis-
tributed P2P network-based IPFS for storage. The stored data is efﬁciently retrieved
as IPFS provides faster and safer storage and sharing of data than other storage
2 Proposed System Model
The proposed model provides a secure mechanism to store the WSNs’ data in a
decentralized ﬁle system using blockchain technology and trades the data between
BS and buyers on the basis of smart contracts. In the ﬁrst step, data is collected
from the surrounding environment by various sensor nodes (i.e., SN1,SN2, ..., SNn)
deployed in WSNs. The data from sensor nodes is transferred to the BS for further
computations. The BS, such as BSA,BSB,BSCand BSD, uses IPFS private key KI
to encrypt the data. The data, which is represented as M=m1+m2+... +mnis
encrypted using private key of IPFS. It creates a cipher stream (C=c1+c2+... +
cn), that is given by Ci=EKI
Pr (M)isend to the blockchain. IPFS decrypts the data
using its private key by general encryption equation as,
Afterwards, it stores the data and generates a hash for each stored data. The IPFS
sent the hash back to the corresponding BS using its private key KBSi
Pr via blockchain.
When a buyer needs data, he registers himself with Certiﬁcation Authority (CA),
and adds his bid for the requested data. CA assigns keys to the buyer and the bidding
ethers are added to the smart contract. The smart contract requests the data owner
(i.e., BS) for the hash of the required data. Thus, the single auction is performed
and the buyer with maximum bidding value is selected as a winner. The hash is
transmitted to the winner in returns to the coins given. While transferring the amount
to respected BS, 5% of the revenue is provided to IPFS as an incentive to motivate
it for efﬁcient data storage.
Secure Data Storage and Trading Model for WSNs 5
Fig. 1: Secure Incentive-based Data Storage and Trading Model
2.1 System Components
The proposed system consists of various sensor nodes, CA, BS, IPFS, and buyers as
shown in Fig. 1.
2.1.1 Certiﬁcation Authority
CA is responsible for providing the digital key to each entity, which is a private
key in our case. Wireless sensor nodes are resource-constraint; therefore, it is not
feasible to perform encryption on sensor nodes that cause extra energy consump-
tion of light-weight devices. Also, the subkey generation and key whitening energy
consumption reduce the lifetime of WSNs sensor nodes.
6 Shahab et al.
2.1.2 Sensor Nodes
The sensor nodes sense the surrounding data and extract the corresponding data.
The sensor nodes are resource-restricted; therefore, it is difﬁcult for them to store
the data. There are three types of data: temperature data, pressure data and humidity
data, which are used in proposed SIDSTM model. The sensor nodes forward the
sensed data to the BS, where further computations are performed.
2.1.3 Base Station
BS contains sufﬁcient resources and performs computations for the network. It is
capable to perform validation for the blockchain transactions. The sensor nodes’
data is transmitted to the BS, where it is stored in encrypted form. Data trading uses
this hash as an asset of BS, in return to the payment provided by buyers. The hash
is ﬁrst decrypted by BS and then sent to the smart contract. Buyers that have access
to the hash are able to access the data.
2.1.4 InterPlanetary File System
IPFS is a distributed P2P network used for efﬁcient decentralized data storage. It
stores the data and provides a hash of 32-bytes. In order to preserves the privacy
of required data, the hash is then encrypted with the corresponding BS private key
Pr , etc.,) and transferred to the blockchain. Each node in IPFS stores
the data of its interest. As shown in Fig. 2, the different colors of nodes indicate their
interest in type of data. The data stored in IPFS is only accessed by its hash, which
is only available to the authenticated buyers.
Fig. 2: Structure of IPFS
Secure Data Storage and Trading Model for WSNs 7
A buyer is an entity that buys data for his personal use. The buyer registers himself
with CA and gets a private key. A smart contract takes place between buyer and
BS through blockchain. The buyer requests for data and transfers ether to the smart
contract. After performing auction on the bidding values, the winner gets hash of the
requested data. The ethers are transferred to the data owners’ account, and the rest
of the entities get their credit back. The buyer gets the data by providing the hash. In
the end, BS gets incentives according to the speciﬁed percentage of the total earning
Fig. 3: AES Encryption
2.2 Encryption Scheme
The implementation of encryption schemes on light-weight wireless sensor nodes is
not a good idea due to their less computational power and limited resources. There-
fore, this work does not perform encryption on wireless sensor nodes and assigns BS
to perform the encryption task. So, for this purpose, the proposed model uses AES
128-bit encryption scheme that facilitates efﬁcient, fast encryption and decryption
of data. The abstract view of AES is provided in Fig. 3. In AES 128-bit of data is
taken as an input I, with a key K of 128-bit length that performs encryption on data
to obtain cipher-text of size 128-bit. The AES key size varies with the number of
rounds taken to perform encryption and decryption. AES takes 10-rounds to com-
plete each (i.e., encryption, and decryption). While AES-192 takes 12-rounds and
AES-256 takes 14-rounds for each operation. Each round consists of four layers, as
given below. The last round, which is 14th in AES-256, 12th in AES-192 and 10th in
AES-128, does not contain the mixColumn layer that makes the scheme symmetric.
The internal structure of AES is shown in Fig. 4. AES encryption scheme consists of
four layers, which are; Key Addition Layer (KAL), Byte Substitution Layer (BSL),
ShiftRow Layer (SRL) and MixColumn Layer (MCL) .
8 Shahab et al.
Key Addition Layer
Byte Substitution Layer
Key Addition Layer
Fig. 4: S-box Internal Structure
2.2.1 Key Addition Layer
Unlike DES, AES encrypts all 128-bits of the data path in one round. A 128-bit
subkey is generated from the main key, which is XORed to each output of 1 byte
2.2.2 Byte Substitution Layer
A data path of 128-bit is split into 16-bytes. Where each byte passes through an
S-box providing confusion to data. BSL is also known as Confusion Layer, where
data is divided into 16 bytes. Each byte is taken as input to an S-box, where confu-
sion is created as 50% possibility of bit conversion. The equation given for BSL is
represented as S, and an input polynomial represented as Ii, which belongs to Galois
Field represented by GF. The given Equation 1 is taken from .
S(Ii) = Oi,where,Ii∈GF (1)
Fig. 5: S-box Internal Structure
Secure Data Storage and Trading Model for WSNs 9
2.2.3 ShiftRow Layer
The SRL is explicitly elaborated in Fig. 6, where data is arranged in a 4x4 matrix.
The input matrix indicates the input values to the SRL. The ﬁrst row of the output
matrix does not shift the values in the given input table. While the second row shifts
one value to the left. Third row shifts two values to the left and fourth row shifts three
values. Elements in the starting row a11,a12,a13 ,a14 are in the same manner as in
input matrix as shown in Fig. 6. The second output row that holds a22,a23,a24 ,a21
is obtained through single element shift to the left operation. While two values shift
for row three a33,a34,a31 ,a32 and three elements shift for row four of the output
matrix a44,a41 ,a42,a43 .
Fig. 6: AES ShiftRow Mechanism
Fig. 7: MixColumn Layer
2.2.4 MixColumn Layer
After performing the ShiftRow operation, an output matrix is obtained which con-
tains the shifted rows. Each output matrix column is then multiplied with a 4x4
matrix, which contains polynomials represented in bytes. As given in Fig. 7, matrix
Z represents the output matrix after performing mixColumn operation. Matrix Y
represents the 4x4 matrix consisting polynomial value represented in hexadecimal
and matrix X shows the input column to the operation. AES schemes vary due to
change in a number of rounds as AES-128 contains 10-rounds. Each round contains
10 Shahab et al.
all of the above four steps except last round, which skips the MCL that makes this
encryption symmetric. The decryption of the schemes involve the inverse of each
step mentioned above. The discussion and ﬁgures of AES are taken and discussed
in more details in .
Fig. 8: The Gas Consumption of Data Storage
3 Simulations and Results
WSNs’ sensors are not capable to perform encryption due to the limited computa-
tional and storage resources. Therefore, external storage is used to store the data.
The proposed SIDSTM system uses a distributed P2P storage network (i.e., IPFS),
that stores the data in an efﬁcient manner. The BS collects data from sensor nodes
and encrpts the data with the IPFS private key (i.e., KIPFS
Pr ) through AES-128. Each
BS has its own type of data and the encrypted data is sent to IPFS for storage. More-
over, the system compares AES-128 with two other symmetric schemes, which are:
3-DES and AES-256. Moreover, the BS is considered as a blockchain node, which
is authorized to perform validations of blockchain transactions. As shown in Fig.
8, gas consumption increases linearly with the increase in data storage. Storage of
data ranges from 100 Bytes to 1 kBytes and there is no diversion in increase of gas
consumption with the increase in data storage.
It indicates the scalability of the model in terms of data storage. Also, the usage
of IPFS makes the system reliable and compatible for efﬁcient data trading. While
storing data in IPFS, it returns a 128-bit hash to the data provider that is used to
access the data. The AES-128, a symmetric encryption used to encrypt the hash is
Secure Data Storage and Trading Model for WSNs 11
Fig. 9: Comparison of Encryption Schemes
a faster and light-weight scheme and performs encryption in an efﬁcient time as
clearly seen in Fig. 9.
Fig. 10: Gas Consumption of the Proposed Smart Contracts
The 3-DES algorithm is worst in terms of time complexity (i.e., it takes 56.96464
milliseconds to encrypt a hash of 128-bit size). AES-256 performs better than 3-
DES in terms of computational time. While AES-128 performs better than AES-
256, as it takes 31.98123 milliseconds time for encryption. Therefore, AES-128
performs better than other symmetric schemes. The symmetric schemes are more
12 Shahab et al.
suitable for our scenarios as they are faster than asymmetric and are capable of large
data encryption in an efﬁcient way. In our two-fold SIDSTM, storage and trading of
data work side by side. The deployment cost of our systems’ smart contracts regard-
ing gas consumption is 799274 gas for storage and 1067982 gas for trading which
are acceptable and given in Fig. 10. Gas consumption highlights the resources used
when deploying in real environments. Therefore, the resource utilization of our pro-
posed solution is low and is applicable in real-time environments. The gas consump-
tion of our trading system that uses the single auction mechanism to trade and the
incentives for IPFS to motivate for data storage is manageable. Trading events are
shown in Fig. 11. After registering with CA, the buyer requests for the type of data;
he needs and adds his bid. The results indicate very low gas consumption for the
buyer to request the data (i.e., 88163). The single auction is performed on the bids,
the bidder that bids maximum is selected as a winner. Afterward, a smart contract
takes place between the auction winner and the data owner. The gas consumption
of auction event in the presence of 10 participants is quite low (i.e., 305188 gas).
The above plots are taken after performing experiments on Remix-IDE with system
speciﬁcation as Inspiron Dell-3420 Core i-3, having 2.4 GHz processor with main
memory 8.0 GB and 160 GB SSD.
Fig. 11: Gas Consumption of Trading Events
WSN consists of resource-constraint devices that cannot perform high computa-
tions on data. The proposed model SIDSTM provides an efﬁcient and secure data
storage mechanism that ofﬂoads the data storage from wireless sensor nodes to a
distributed storage network (i.e., IPFS). The IPFS is a content-based storage system
Secure Data Storage and Trading Model for WSNs 13
that provides fast and efﬁcient data retrieval. This technology lacks in data privacy,
which is solved by encryption of the hash with a fast symmetric encryption scheme.
Moreover, the encryption scheme used in the system is compared to other schemes
and the obtained results clearly demonstrate the efﬁciency of the proposed scheme.
PoA is used as a consensus mechanism which provides better performance than
other consensus mechanisms as PoS, PoW, etc. PoS is not suitable for the scenarios
that manage multiple organizations’ data requiring multiple authorized entities for
validation. PoW is computationally complex and causes high resource utilization.
Further, the trading model presented by our scheme eliminates the third party com-
putations for auction-based data trading mechanism in WSN. The trading model
presented is single auction.
1. She, W., Liu, Q., Tian, Z., Chen, J.S., Wang, B. and Liu, W., 2019. Blockchain Trust Model for
Malicious Node Detection in Wireless Sensor Networks. IEEE Access, 7, pp.38947-38956.
2. Ren, Y., Liu, Y., Ji, S., Sangaiah, A.K. and Wang, J., 2018. Incentive mechanism of data
storage based on blockchain for wireless sensor networks. Mobile Information Systems, 2018,
3. Nakamoto, S., 2008. Bitcoin: A peer-to-peer electronic cash system.. [online]. Available at:
4. Li, Z., Kang, J., Yu, R., Ye, D., Deng, Q. and Zhang, Y., 2017. Consortium blockchain for
secure energy trading in industrial internet of things. IEEE transactions on industrial infor-
matics, 14(8), pp.3690-3700.
5. Mengelkamp, E., Notheisen, B., Beer, C., Dauer, D. and Weinhardt, C., 2018. A blockchain-
based smart grid: towards sustainable local energy markets. Computer Science-Research and
Development, 33(1-2), pp.207-214.
6. Huang, X., Zhang, Y., Li, D. and Han, L., 2019. An optimal scheduling algorithm for hybrid
EV charging scenario using consortium blockchains. Future Generation Computer Systems,
7. Alghamdi, T.A., Ali, I., Javaid, N. and Shaﬁq, M., 2019. Secure Service Provisioning Scheme
for Lightweight IoT Devices with a Fair Payment System and an Incentive Mechanism based
on Blockchain. IEEE Access, pp.1-14.
8. Mohanty, S.N., Ramya, K.C., Rani, S.S., Gupta, D., Shankar, K., Lakshmanaprabu, S.K. and
Khanna, A., 2020. An efﬁcient Lightweight integrated Blockchain (ELIB) model for IoT
security and privacy. Future Generation Computer Systems, 102, pp.1027-1037.
9. Li, R., Song, T., Mei, B., Li, H., Cheng, X. and Sun, L., 2018. Blockchain for large-scale
internet of things data storage and protection. IEEE Transactions on Services Computing,
10. Sultana, T., Almogren, A., Akbar, M., Zuair, M., Ullah, I. and Javaid, N., 2020. Data Sharing
System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for
IoT Devices. Applied Sciences, 10(2), p.488.
11. Samuel, O., Javaid, N., Awais, M., Ahmed, Z., Imran, M. and Guizani, M., 2019, July. A
blockchain model for fair data sharing in deregulated smart grids. In IEEE Global Communi-
cations Conference (GLOBCOM 2019).
12. Naz, M., Al-zahrani, F.A., Khalid, R., Javaid, N., Qamar, A.M., Afzal, M.A., and Shaﬁq,
M., 2019. A Secure Data Sharing Platform Using Blockchain and Interplanetary File System.
Sustainability, 11(24), pp.1-24.
14 Shahab et al.
13. Rehman, M., Javaid, N., Awais, M., Imran, M. and Naseer, N., 2019. Cloud based secure
service providing for IoTs using blockchain. In IEEE Global Communications Conference
(GLOBCOM 2019), pp.1-7.
14. Saad, M., 2018. Fog Computing and Its Role in the Internet of Things: Concept, Security and
Privacy Issues. International Journal ofF Computer Applications, 975, p.8887-8889.
15. Paar, C. and Pelzl, J., 2009. Understanding cryptography: a textbook for students and practi-
tioners. Springer Science & Business Media.