Blockchain technology and internet of things: review, challenge and security concern

Blockchain (BC) has received high attention from many researchers recently because it has decentralization, trusted auditability, and transparency as its main properties. BC has contributed fundamentally to the development of applications like cryptocurrencies, health care, the internet of things (IoT), and so on. The IoT is envisioned to include billions of pervasive and mission-critical sensors and actuators connected to the internet. This network of smart devices is expected to generate and have access to vast amounts of information, creating unique opportunities for new applications, but significant security and privacy issues emerge concurrently because it does not contain robust security systems. BC provides many services like privacy, security, and provenance to the systems that depends on. This research includes analyzing and a comprehensive review of BC technologies. Moreover, the proposed solutions in academia with the methodologies that used to integrate blockchain with IoT are presented. Also, the types of attacks on blockchain are collected and classified. Furthermore, the main contributions and challenges that are included in the literature are explored, then the relevant recommendations for solving the explored challenges are proposed. In conclusion, the integration of BC with IoT could produce promising results in enhancing the security and privacy of IoT environment.

= ℎ ℎ ( + ) − Difficulty: It is a fractional hash value collision, and therefore, it based on the computational power of the mining node to compute the hash value that fulfills this fractional collision. The miner will modify the difficulty until reaching the fractional collision. − Transactions: They mean the transmission of data (i.e. data unit of the blockchain). − Merkle trees: It is a structure as binary tree that encapsulates the data and permits it to be tested securely and efficiently within a huge dataset. The transactions in Merkle trees are packed as shown in Figure 4 [13].

Mining
Mining is the process, which is responsible for updating the BC [11]. In a P2P network, the mem_pool is a space that is assigned in the full node memory, which saves and relays the transactions to other nodes. In order to update the status of the BC, certain nodes in the network, called the verifiers or miners, which verify the transactions and compute (cryptographic calculations that are very complicated and they need huge quantities of storage space and power) a block. The miners select certain transactions from the mem_pool that will be put in the blocks. Transactions pay a fee of mining, which can be regarded as an impulse for the miners to so that the transaction can be mined by it. Normally, priority is given by the miner to the transaction that pays a higher fee. Transactions that are not chosen by the miners remain in the mem_pool till another one chooses them for a new block. Otherwise, transactions will be discarded [14].

Chaining of blocks
When the block is filled up, it is broadcasted across the network by the sender's node and then mining must be achieved. After that, the block becomes attached concurrently to the former block to make a ledger. This process goes on for a countless number of epochs to make a never-ending series of blocks [15], as shown in Figure 5.

Addresses and address derivation
Each blockchain networks has an address, which is a short string of alphanumeric characters derived from the user's public key by a cryptographic hash function, along with certain additional information (i.e. checksums and version number) [10]. Most of the implementations of the BC make use of addresses as the "from" and "to" endpoints in a transaction. In general, addresses are shorter than the public keys and they are not secret. There is a method to generate an address, which is by creating a public key to which a cryptographic hash function is applied to it and the hash is converted to a text [10].

→ ℎ ℎ ℎ →
Each blockchain may implement a different method to derive the address. For public BC networks, which allow anonymous account creation, the user of the BC network can generate a considerable number of asymmetric-key pairs, and therefore addresses as desired. This allows a varying degree of pseudo-anonymity. Addresses could act as the public-facing identifier in the BC network for a user, and often an address will be converted into a QR code for the purpose of easier use by mobile devices [10].

Consensus algorithms
One of the key aspects of BC technology is determining which node publishes the next block. This is solved by implementing one algorithm amongst many possible consensus ones. For public BC networks, generally there are many publishing nodes, which compete at the same time to publish the next block. They usually do this to win cryptocurrency and/or transaction fees. They are generally distrusted nodes, who could recognize each other by their addresses [10].
When a node joins a BC network it should agree on the initial state of the system. This is recorded in the only pre-configured block, the genesis block (i.e. the first block in the blockchain). Every BC network has a published genesis block and every block must be added to the BC after it, based on the consensus algorithm agreed-upon. Regardless of the algorithm, however, each block must be valid and accordingly it can be validated in an independent way by each node of the BC. By combining the initial state and to verify every block, nodes can independently agree upon the current state of the BC. From the other hand, if there were two valid chains provided to a full node, the common mechanism almost all BC networks is that the 'longer' chain is regarded as the correct chain, which is to be depended; due to having been worked on more [10].
A major characteristic of the BC technology is that no third party is required to provide the status of the system. Each node in the system can test the integrity of the system. All nodes must be in a common agreement to add a new block to the BC. However, some temporary disagreement is sometimes permitted.
There are many consensus algorithms based on the BC implementations [3]. In Table 1, the basic consensus algorithms are briefly discussed. Every BC consensus attempts to achieved three important properties, which are (safety, liveness and fault tolerance) that can be implement efficiently [16]. In 1999, Markus Jakobsson proposed the PoW. Mining nodes that utilize this algorithm requires to resolve a complex-mathematical processes that is altered repeatedly and should have been decided by all the miners. The decision here depends on a common consensus. The problematic with this algorithm is that it wasted a high power of computation [9]- [11], [14]. Furthermore, it is characterized with a great latency to confirm the present transactions [3]. Proof of stake (PoS) PoS is essentially a generalized form of the PoW. The terms validators are used instead of miners, and they (the minors) are called to the nodes to confirm the transactions [3]. Unlike the PoW, the PoS does not need the mining to calculate the hash value. Instead, the next block creator is selected in a random manner. The chance of a node actually selected to build the new block is based on the stake of node [9], [10], [14], [17]. The PoS keeps great computational resources compared to the PoW [3]. Practical byzantine fault tolerance (PBFT) PBFT is used widely in the private Blockchains, when the network has a higher trust model different from the PoS and PoW. In practical byzantine fault tolerance, the network is rearranged into a cluster of active and passive replicas. A primary replica is specified from active replicas. PBFT process includes four phases: (the pre-prepare, prepare, commit and the reply phases), as shown in Figure 6. Compared to PoW and PoS, the PBFT has a greater message density [11], [14].

Blockchain platforms
There are many platforms related to the BC technology that could be used as primary approaches to construct a wide variety of software such as [18]: a. Bitcoin [19]: It was the leading BC that was theorized and applied and the cryptocurrency that works as a digital financial asset. The Bitcoin utilizes a P2P networking, public key cryptography and a PoW for the purpose of making transactions as well as verifying them. The system of the Bitcoin is programmed so that a fresh block can be created one time each ten minutes [18]. b. Ethereum [20]: It was proposed in 2013 by the developer of Bitcoin Vitalik Buterin. Ethereum [5] is an open-source, public, blockchain-based distributed computing platform featuring smart contract functionality. it utilizes the PoW as its consensus algorithm and mechanism, but it quickly switches to the PoS. The basic building of the proof of work algorithms is that the Ethereum currently used is a memory hard hashing algorithm called Dagger-Hashimoto. The time for creating the block is considerably less compared to the time consumed in several other systems and it is about 12 seconds. As the time of creating the lower block results in a higher rate of stale blocks, therefore the system uses the GHOST protocol to take the heaviest computational chain as the main blockchain. The heaviest chain in this case includes the stale blocks too [18]. As the main platform is a network, which is free for all, a software can be downloaded by anybody or use it in his/her computer. The incentive mechanism for running the software is represented by to getting ether (i.e. a digital currency). While the main platform of Ethereum is a free BC network, the software is an open-source and it permits the software developers to make the network a private one, where nodes participating are only those which were given permission [20]. The most important advantage, however, is the fact that they can be merged-mined with bitcoin and thereby making rootstock as secure as possible [18]. d. Hyperledger fabric [6]: it is the implementation of the private (permissioned) blockchain technology that is employed as a foundation for developing the BC applications that are hosted via the Linux for a wide variety of industries. Therefore, its architecture is modular, which allows components such as consensus and membership services to be plug-and-play. It leverages the container technology (docker) to enable smart contracts called "chaincode", which comprises the system application logic. The Hyperledger fabric is an open-source distributed ledger software, which is built and maintained by the Hyperledger community. It is a collaborative effort aimed at developing the cross-industry blockchain technologies [20]. Moreover, it is uses the PBFT as a consensus algorithm instead of the PoW algorithm. PBFT can process thousands of requests every second with a latency of increase of less than a millisecond [18].

Types
Blockchain could be classify to three main types. They are public blockchain, private blockchain and consortium blockchain. The details of these types are listed in Table 2 [11]. Decentralized ledger platforms can be used by anyone to broadcasting blocks in it without the need to obtaining the approval from the authority site. As permissionless blockchain is exposed to any participant, a hacker may try to broadcast blocks in a fashion that disrupts the system. To inhibit this, the permissionless blockchain repeatedly use a consensus algorithm [10] Private Blockchain (Permissioned) In the private blockchain, users who broadcast the blocks need be certified through a certain authority site [10]. Private organizations could use this type of Blockchains [4] Consortium Blockchain The greatest consortium blockchains are semi-decentralized. More than one party can access the blockchain instead of only one part by means of regulating protocol [4]

Pros and cons of the blockchain
Although blockchain technologies have many important characteristics such as decentralization [3], validity [16], transparency [3], anonymity and identity, redundancy [3], auditability [16] and immutability [3], it has many pros and cons, which are explained as Through the nature of the blockchain design, the pros that are contracted by implementing a blockchain solution are [3]: a. Distributed: The BC has many nodes that are distributed over the world (data availability). e.g., Ethereum. b. Transparency: Data are distributed on a public manner and other concerned node and manager can easily get it. c. Security: It is a main subject of the digital world of nowadays. The certified documents and the transactions are executed and constantly stored in the blocks, which cannot be altered or deleted by anyone (data integrity). d. Trust: Participants in this blockchain are the ones who decide the transactions to be added before inserting them in the blockchain. So, trust becomes higher in terms of altering, writing or even reading the information. e. Efficiency: In the blockchain technology, efficiency of a network can be improved when the financial groups collaborate. f. Resilience: If a huge number of nodes, the strength of information is improved with extended life.
On the other hand, the blockchain has some cons which are [3]: a. Block size: In the blockchain, each block that is inserted in to the blockchain increases the size of the database. b. Speed and cost of the network: It is hard to manage all the nodes in a BC once the node numbers become higher. c. Wasteful: Every node has to continue the consensus alg., which provides the mistake tolerance and ensures zero interruption. Then, they are totally wasteful since every node tracks the relevant task to grasp consensus. So, the chance of calculating a valid nonce rise according to the computing power that the faster computers have. d. Standards: Because blockchain is at its initial age, there are no definite standards. e. Performance: Compared to the centralized database, the blockchain is slower, because the blockchain performs all the operations of a traditional database system in addition to various additional loads like. Consensus algorithm, signature confirmation and others when it executes the transaction. In order to mitigate the drawbacks mentioned above, efforts were made to improve the protocol speed and the efficiency with a special care to the algorithms associated with the limited access and consensus algorithm [21].

Challenges
Based on the literature, the blockchain technology encountered many challenges. Some of these challenges are related to security, attacks, power consumption and so on [3]. The most common challenges of blockchain with their details are presented in Table 3. Currently, criminal activities are growing in BCs. As for bitcoin, customers are provided with addresses, which are not related to users' identities. So, the events that are made via bitcoin is greatly hard to be tracked. Attacks Many malicious users and attackers attempt to attack a node or a network by conducting several hacks, as we discussed in the sub section 2.7.

Standardization
Increasing the number of nodes from dissimilar networks, in the blockchain no standard to permit the customers to cooperate. The absence of standardization permits developers or coders to prepare everything as they hope and this makes issues for the IT. Environmental cost Implementation the blockchain technology in any company, needs definite software and applications that requires to be established via a software organization. Thus, it is acquisition is costly. Also, the company may have not the fixed hardware for the usage of the software.

Energy consumption
Allows the users to operate in the blockchain as some difficult algorithms need to be achieved and their outcome is a large depletion of power.

Slow and cumbersome
The blockchain technology is not fast to perform a transaction related to the traditional fee system (e.g., cash or debit card), because the blockchain achieves more complexity and encryption operations. Public perception People must identify the variances amongst blockchain technologies before adopting the blockchain technology as it can be so useful to eliminate the bad idea about blockchain technology in its own.

Blockchain's attacks
Blockchain is subjected to many attacks. Because the decentralized nature of its operational environment, hackers have conducted numerous multipurpose attacks against blockchain technology by exploiting the vulnerabilities of (structure of the blockchain, peer-to-peer system and applications) [4], [14], as it is shown in Figure 7. In the following, we summarized some attacks against to the structure of the blockchain, peer to peer system, and the applications of blockchain [14]. a. Forks [22]: It exploits the blockchain structure by chain splitting and revenue loss and this in turn affects the blockchain. b. Stale and orphaned blocks [23]: It exploits the blockchain structure by revenue loss that has an effect on the blockchain, miners and mining pools. c. Selfish mining [24]: It exploits the blockchain's peer-to-peer system by revenue loss and malicious mining that have an effect on the blockchain, miners and mining pools. d. Majority attacks (51% attack) [25]: It exploits the blockchain's peer-to-peer system by chain dividing, malicious mining and revenue loss that impact the blockchain, miners and application. e. Domain name system (DNS) hijacks [14]: It exploits the blockchain's peer-to-peer system by revenue loss, partitioning and information theft that have an effect on the miners, exchanges, mining pools and users. f. Border gateway protocol (BGP) hijacks [26]: It exploits the blockchain's peer-to-peer system by revenue loss, partitioning and theft information that effect on the miners, mining pools and users. g. Eclipse attack [27]: It exploits the blockchain's peer-to-peer system by partitioning that effect on the miners and users. A set of hacker nodes separates its bordering nodes utilize internet protocol (IP) addresses, thus compromising their received and leaving traffic. h. Distributed denial-of-service (DDoS) attacks [28]: It exploits the blockchain's peer-to peer system by malicious mining and information theft that have an effect on the blockchain, miners and mining pools. In bitcoin network, 51% attack could lead to denial-of-service (DoS). i. Block withholding [29]: It exploits the blockchain's peer-to-peer system by revenue loss and malicious mining that impact the miners and mining pools. j. Finney attacks [14]: It exploits the blockchain's peer-to-peer system by revenue loss, which affects the miners, mining pools and users, by creating an identical to the preceding transaction and drives it to a receiver. After the receiver gets the transaction and brings the result, the miner publishes the preceding block with the basic transaction in it. k. Consensus delay [29]: It exploits the blockchain's peer-to-peer system by the delay and info loss that have an effect on the miners, mining pools and users. A hacker might insert false blocks to increase the latency or to prevent peers from achieving the consensus success around the state of the blockchain. l. Timejacking attacks [30]: It exploits the blockchain's peer-to-peer system by delaying the malicious mining, chain splitting and revenue loss that affect the miners, mining pools and application. A hacker can calculate a new block and put its timestamp forward of network's timestamp with the values of 50 minutes. m. Blockchain ingestion [14]: It exploits the blockchain's applications by info loss that affects the blockchain. The examination of the public blockchain could expose beneficial information to an opponent. n. Double-spending [31]: It exploits the BC's applications that impacts the blockchain and the users, by using a one-time transactions several times. o. Cryptojacking [32]: It exploits the blockchain's applications by chain splitting and malicious mining that effect on the application and users. p. Wallet theft [33]: It exploits the blockchain's applications by revenue loss and theft that impact the exchanges, application and users. Associated keys with peers in the network are saved in a digital wallet, the "wallet theft" attack get up with sure associations on the applications. q. Smart contract DoS [14]: It exploits the blockchain's applications by revenue loss, delay and theft that affect the blockchain, application and users. r. Reentrancy attacks [14]: It exploits the blockchain's applications by revenue loss and theft and this in turn affects the application and users. s. Replay attacks [14]: It exploits the blockchain's applications by revenue loss and info loss, which impact the blockchain, mining pools, application and users, including the creation of one transaction and send it to dissimilar two blockchains. t. Overflow attacks [14]: It exploits the blockchain's applications by theft that affects the application and users, when the type adaptable value exceeds (2^256). u. Short address attacks [14]: It exploits the blockchain's applications by revenue loss and theft that impact the application. Abuses a bug in Ethereum's virtual machine to create additional tokens on boundless consumptions. v. Balance attacks [14]: It exploits the blockchain's applications by revenue loss and theft, which impact the application and users.

Blockchain applications
Nowadays, a great number of corporations earn their profits means of employing BC, as it could be the most suitable solution, if the following conditions are met [3]: i) when the shared common database is needed, ii) when trust is not reciprocated by participants, iii) when the database is common for various writers or parties, iv) when the system or the network is subjected to hackers and malicious, v) when the same rules are applied to all the participants in the system, vi) when there is transparency in the result of the decision making for all the participants, and vii) when the transactions are no more than 10,000 transactions/second. There are many sectors used a BC, some of them are: − Business: Recently, organizations are in no need to a third party or a host to safeguard their assets [3]. In particular, financial and healthcare are accustomed to encounter security problems because of the malicious users. By using the BC this issue can be settled. − Supply chain: Almost all the organizations possess enterprise resource planning (ERP) and supply chain administration software to ensure that the operations move smoothly [34]. But the restricted details and the visibility related to products are two essential elements, which become vital with the increase of the product number. Therefore, BC is a good solution that can follow every item in the organization by means of the process of the supply chain and can also fulfill a powerful security means. To enhance the product safety, several records should also be updated, like the ambient conditions at each stage that minimizes the loss or harm inflicted on products when shipping. The BC is also used to achieve an update and replacement can be performed during the lifetime of any device or product. − Copy rights: Because of the insufficient transparency, the information of multimedia like photos and music. Encounter the copyright problem when trying to specify the valid owners to use them properly. Authorized owners are not capable of controlling their documents on the internet. A great number of hackers merely by copying the contents of the documents in an unauthorized way and distribute them via the internet. The BC mitigate the issue mentioned earlier by enhancing the information availability concerning the ownership of copyrights. This sort of information is provided as "trusted timestamping". Hence, any timestamp will be identified as an encoded information, which show the time and date of occurrence. So, a trusted timestamping "is a process that takes place to track the modification securely in addition to the creation time of any document". − Electricity management: In the developed states, management of electricity is considered as an essential concern as the user 's information of electricity is often leaked. Since the number of electricity users is tremendous, it is hard to manage the system entirely. So, the BC is utilized to resolve the above problem by adopting private BC and smart contracts [35]. − Distributed storage: Currently, cloud data storage service is one of the popular services that is used by numerous users. However, one of the significant disadvantages of cloud-based service is that it is centralized and the cloud service provider (CSP) controls all the processes [36]. Occasionally, the CSP uses the users' confidential data illegally to obtain revenue even without notifying the user, and therefore, users' data may be at hazard. The BC data storage service CSP minimizes the above problem through its decentralized characteristic [37]. Hence, the users store their unmodifiable data. − Digital identity: In the present time, every state is considering the digital identity. so, the digital identity is used in national security, banking industry, healthcare services, citizenship documentation and online retailing. Several states spend considerable amounts of cash in the digital identity field. Occasionally, a digital identity is misused or hacked by malicious users. Therefore, BC can resolve this problem by managing and tracking the digital identity in a secure and efficient way. In this case, the identity is authenticated in a secure and an immutable way. Instead of using system that is based on the password, in BC, identity will be verified by using the digital signature that depends on the cryptography (public key). − Autonomous organizations: BC is utilized to create decentralized companies through making several smart contracts. These contracts adhere to an interaction in a specific protocol.

Integration blockchain with IoT
Cryptocurrency and financial transactions have firstly used blockchain where all nodes in the blockchain execute and store all the transactions. Also, the blockchain provides many benefits because it could be adapted with many domains and one of the common domains is IoT [38]. There are many networks smart devices, which construct the IoT such as Raspberry, ESP and so on. IoT interconnects heterogeneous objects and smart devices seamlessly to create a network, which is used for sensing, processing and communication processes. IoT smart devices are managed and controlled automatically without the need to human interventions and they consume low energy and have a lightweight process. According to Statista Com [39], the number of IoT objects in 2020 is estimated to be 31 billion devices worldwide. By the end of 2025, this number is predicted to increase to be 75 billion devices [40], as shown in Figure 8.
In IoT, the smart devices have to spend the largest portion of their energy and execute the process to achieve vital application tasks, which makes achieving the privacy and security tasks fairly challenging. Malignant attacks can prevent IoT services in addition to threatening the users' privacy, data security and the confidentiality of the entire network [13]. There are four main categories of attacks in IoT-based system, which are: physical attack, network attack, software attack and data attack [41]. In The first category, which is called the physical attack, the attacker will be physically near to the network and attempt to conduct the malicious processes in the entire system through many forms such as manipulating the IoT device, blocking the RF signals, injection of malicious code and performing the side-channel attack. The researcher used the physical unclonable function (PUF) to provide the authentication of IoT devices [42], and thus physical attacks are prevented. The PUF has a characteristic that is impossible to copy the accurate microstructure of the IoT device. In the second category; (network attack), the attackers attempt to manipulate the network of the IoT using many ways such as RFID spoofing, man-in-the-middle, Traffic analysis and Sybil attacks. To prevent this kind of attacks, authentication technique and the secure hash function are used [43]. From the other hand, in the third category, which is called software attacks, the attacker utilizes the current software advantages in the IoT system. The last category is called the data attack and it could be achieved by the unauthorized access to the data and data inconsistency. To prevent these type of attacks, the blockchain could be used by providing privacy-preserving tech. efficiently [44]. The traditional security approaches tend to be costly for IoT in each of processing overhead and consuming of energy [45]. In addition to that, a lot of the state-of-threat security contexts are extremely centralized and they are not suitable for IoT because of the many-to-one nature of the traffic, difficulty of scale [46] and the single point of failure [47].
Integrating the blockchain with IoT achieves many advantages, which are: − The distributed and decentralize attributes of the blockchain technology do not need a central server that provides a scalable method to manipulate the increasing number of IoT devices. − The blockchain provides more security and privacy because it uses complex cryptography algorithms such as timestamp and hash functions to ensure a secure environment [46]. − The blockchain provides an immutable ledger and tamper-proof to protect the data from malicious attacks. Consequently, the trusted system will be produced (i.e. only the trusted participants of the IoT devices could accept or reject transactions depending on their consent). − The blockchain has an important property, which is called Anonymity [8]. − The blockchain supplies a 160-bit address space, which offers 4.3 billion addresses that enable it to assign addresses for multiple objects. − The monitoring and tracking of ownership, trustworthiness, authorized identity registration could be provided by the blockchain. The capability of applying blockchain in IoT relies on many assumptions [48]. Firstly, the IoT application requires a decentralized peer-to-peer ecosystem. Secondly, the IoT application needs to keep payment operation for the available services between the two parties only. Finally, If the logs and traceability of the ordered transactions are required by IoT applications. However, Implementing the blockchain in IoT will require addressing the following challenges [8], [13]: − The mining process of blocks takes a great deal of time, while most of IoT applications require little latency.

729
− The mining process exhausts energy because of its high computation ability, while the common devices of IoT are resource-constrained. − The basic Blockchain protocols generate a lot of overhead traffic; therefore, it may be unwanted for a certain bandwidth-restricted IoT devices. − The blockchain scales is unwanted when the IoT networks are predictable to cover a huge number of nodes. − IoT sensors produce a huge amount of data, therefore, processing the transactions in blockchain will be very slow or will have a high latency. − The anonymity of transaction history cannot be ensured on public blockchain. So, the hackers can determine the identities of users or devices by examining the transaction style. The researching in the field of integrating the blockchain with IoT have seen a major renaissance after the interest rose in cryptocurrencies and mining process. Also, different research publications have provided an advanced solution for constructing decentralized social networking systems, telecommunications, voting, smart homes, and smart city [15] which were all suggested. Recently, there were many studies that investigated the integration of blockchain technology with IoT to solve the privacy and security challenges in the IoT domain. For instance, Dorri et al. [8] presented a lightweight architecture for IoT, which depends on the blockchain to produce IoT system with high privacy and omits the overhead of blockchain. Uddin et al. [13] suggested an efficient lightweight integrated blockchain (ELIB) model, which was established to meet the constraint of IoT. Polyzos and Fotiou [49] demonstrated the importance of blockchain technologies in examining the requirements of the IoT security and how the security challenges can be solved by combining the IoT with the blockchain technologies. Thakore et al. [50] provided a complete survey on the fundamentals of both technologies and the blockchain-based IoT Architecture. Karthikeyan et al. [51] presented a summary of IoT security problems and suggested the blockchain technologies to resolve these problems. They also explain the probability of integrating the blockchain with the IoT. Ramesh et al. [15] discovered the way to keep the IoT data on a mixture of a Blockchain with Ethereum swarm and inter planetary file system (IPFS) in an encrypted style. Fotiou et al. [52] proposed a smart contract-based solution to solve the privacy and security problems in the IoT system. Uddin et al. [13] investigated the latest state-of-the-arts improvements in Blockchain for cloud and IoT, Blockchain and IoT and B.C. and fog of IoT in various applications are analyzed. Tandon [53] presented a review of blockchain technology and the way in which it provides the suitable solution to resolve privacy and security challenges of the IoT system. In addition to that, he discussed the pros and cons of integrating IoT with blockchain. Minoli and Occhiogrosso [54] provided the places of interest in some of IoT environments where Blockchain Technology play an important role. Khan and Salah [55] presented a review of security challenges for IoT and then they presented blockchain technology to resolve the security problems of the IoT system. Sengupta et al. [41] presented a review about the security attacks and the problems associated with each of the IoT and industrial IoT (IIoT) and that organizing it depends on the vulnerability. Also, authors showed the methodology of using blockchain technology for detecting these attacks. Banerjee et al. [56] proposed a new method represented by using the blockchain to provide IoT dataset for solving the sharing of the IoT dataset problems.
Moreover, the importance of integrating the blockchain with IoT it has been applied on various domains. Tables 4 and 5 shows the most common domains and the recent studies, which depend on the integration of blockchain with IoT applications. Most of these studies were concerned with providing security and privacy services for the IoT environment by using blockchain. As a result, blockchain is considered an effective and active tool to provide these services. We note in Tables 4 and 5 that the articles within this review suffers from some challenges such as (privacy and scale). Thus, we introduce in Table 6 some recommendations for those challenges.
In addition to that, the blockchain can adapt to other technologies such as the following: a. Software-defined networks (SDN): In this technology, the resources of this network are managed via a centralized controller, which acts as the networking operating system (NOS) [19]. Yet, scalability is a big constraint in the single networking environments that are enabled by SDN and thus the adaptability of BC with SDN can facilitate multi-domain SDNs interconnection and communication [57]. b. Decentralized email: Nowadays, the security service of an email is dependent on an ongoing process of planning in addition to management. One of the solutions to address the vulnerabilities of the email can be in the form of a blockchain-powered decentralized and distributed email system. Email addresses can be allocated to the clients over BC. Most vitally, the communication of email by BC is not influenced by the authorities of government that might invest the centralized email providers such as ISPs and technology giants like Google, Facebook, and Amazon [17]. c. Blockchain-based content distribution: Content distribution networks (CDNs) are regarded as effective approach that enhances the quality of the service of Internet through the content replication at various geographic locations represented by data-centers. Blockchain technology can be the solution with the necessary ingredients to significantly resolve the challenges related to content distribution. It can stabilize the rights management related issues for studios and artists by providing a better way of content control [17]. d. Distributed cloud storage: Users and organizations encounter and storage management of data problems resulting from the huge growth of data on non-volatile storage systems. the security, privacy and control of data are still important concerns [58]. The solutions of cloud storage that are based on BC inherit characteristics such as anonymity, decentralization and the trusted execution of transactions for the trusted members and can level the path for a cloud computing era characterized with verification and trust. e. Smart cities: There are inclusive major ingredients related to the smart cities, such as smart healthcare (BC is the well-known method that delivers a major level of democratization in the sector of healthcare and thus enhance their status), supply chain management (SCM), smart transportation (BC can improve information exchange, support the performance of vehicle and enhance the dependability of the network lifetime. Furthermore, BC invigorates the transportation industry by making less turnaround times, faster security detection, swifter data management and inspections), smart grid and financial system [17].  Homomorphic encryption and proxy re-encryption technique have been investigated by several studies of BC and IoT to resolve the issue of user's privacy on the BC network. In addition, Federated learning can be integrated with Blockchain technology to ensure the privacy-preserving computation on users' data [13]. Maintaining security in BC Federated learning allows a machine-learning algorithm to be trained by the participants of the Blockchain without exchanging their data where the Blockchain can guarantee the security of the trained algorithm in the form of a smart contract [13]. Resource and power constraints Energy effective consensus algorithms are introduced to save the transactions conducted recently only (e.g., mini-BC [84], PoS and delegated proof-of-space). Xu et al. [85] suggested the management of smart resource for cloud data-centers by utilizing the BC technology.

Scalability and availability
Sharma et al. [57] also submitted an architecture of cloud that depends on integrating the BC with software-defined networks (SDN) and fog-computing.

RESULTS AND DISCUSSION
In this paper, after examining 49 review literatures, it was found that 50% of those literatures are related to the security of internet of things, 25% related to the privacy of IoT, 25% of them to both security and privacy of IoT. The rest of the literatures were related to other fields such as health, agriculture and supply chain, as shown in Table 7. However, the objective of this paper is to present a general reference guide for researchers and practitioners in the fields which are mentioned.

CONCLUSION AND FUTURE WORKS
Blockchain Technology is a fresh tool for many applications in various organizations, which allows to secure transactions in a decentralized authority. In this paper, an overview on blockchain technology is presented. Generally, fundamentals of blockchain are discussed. Also, some types of attacks on blockchain are demonstrated and summarize. Based on the literatures, the integration of Blockchain with another technology such as IoT could provide a better result in some possible domain. This integration shows the features of Blockchain that makes it an attractive technology to solve some IoT challenges such as privacy and security issues.
In future works, concern should be focused on investigating new tendencies for security and privacy services by using blockchain technology in particular to design intrusion detection systems (IDS) which work in the IoT environment. The main goal includes the reduction of the numbers of the fields in the blocks and also developing a lightweight mining and consensus algorithms.