skip to main content


This content will become publicly available on November 7, 2024

Title: Lightweight Digital Signatures for Internet of Things: Current and Post-Quantum Trends and Visions
The Internet of Things (IoT) harbors a large number of resource-limited devices (e.g., sensors) that continuously generate and offload sensitive information (e.g., financial, health, personal). It is imperative the ensure the trustworthiness of this data with efficient cryptographic mechanisms. Digital signatures can offer scalable authentication with public verifiability and nonrepudiation. However, the state-of-the-art digital signatures do not offer the desired efficiency and are not scalable for the connected resource-limited IoT devices. This is without considering long term security features such as post-quantum security and forward security. In this paper, we summarize the main challenges to an energy-aware and efficient signature scheme. Then, we propose new scheme design improvements that uniquely embed different emerging technologies such as Mutli-Party Computation (MPC) and secure enclaves (e.g., Intel SGX) in order to secret-share confidential keys of low-end IoT devices across multiple cloud servers. We also envision building signature schemes with Fully Homomorphic Encryption (FHE) to enable verifiers to compute expensive commitments under encryption. We provide evaluation metrics that showcase the feasibility and efficiency of our designs for potential deployment on embedded devices in IoT.  more » « less
Award ID(s):
1917627
NSF-PAR ID:
10486663
Author(s) / Creator(s):
;
Publisher / Repository:
IEEE
Date Published:
ISBN:
979-8-3503-8211-2
Page Range / eLocation ID:
1 to 2
Subject(s) / Keyword(s):
Authentication Internet of Things post-quantum security embedded devices lightweight cryptography
Format(s):
Medium: X
Location:
Tampa, FL, USA
Sponsoring Org:
National Science Foundation
More Like this
  1. A digital signature is an essential cryptographic tool to offer authentication with public verifiability, non-repudiation, and scalability. However, digital signatures often rely on expensive operations that can be highly costly for low-end devices, typically seen in the Internet of Things and Systems (IoTs). These efficiency concerns especially deepen when post-quantum secure digital signatures are considered. Hence, it is of vital importance to devise post-quantum secure digital signatures that are designed with the needs of such constraint IoT systems in mind. In this work, we propose a novel lightweight post-quantum digital signature that respects the processing, memory, and bandwidth limitations of resource-limited IoTs. Our new scheme, called ANT, efficiently transforms a one-time signature to a (polynomially bounded) many-time signature via a distributed public key computation method. This new approach enables a resource-limited signer to compute signatures without any costly lattice operations (e.g., rejection samplings, matrix multiplications, etc.), and only with a low-memory footprint and compact signature sizes. We also developed a variant for ANT with forward-security, which is an extremely costly property to attain via the state-of-the-art postquantum signatures. 
    more » « less
  2. Digital signatures provide scalable authentication with non-repudiation and therefore are vital tools for the Internet of Things (IoT). IoT applications harbor vast quantities of low-end devices that are expected to operate for long periods with a risk of compromise. Hence, IoT needs post-quantum cryptography (PQC) that respects the resource limitations of low-end devices while offering compromise resiliency (e.g., forward security). However, as seen in NIST PQC efforts, quantum-safe signatures are extremely costly for low-end IoT. These costs become prohibitive when forward security is considered. We propose a highly lightweight post-quantum digital signature called HArdware-Supported Efficient Signature (HASES) that meets the stringent requirements of resource-limited signers (processor, memory, bandwidth) with forward security. HASES transforms a key-evolving one-time hash-based signature into a polynomial unbounded one by introducing a public key oracle via secure enclaves. The signer is non-interactive and only generates a few hashes per signature. Unlike existing hardware-supported alternatives, HASES does not require secure-hardware on the signer, which is infeasible for low-end IoT. HASES also does not assume non-colluding servers that permit scalable verification. We proved that HASES is secure and implemented it on the commodity hardware and the 8-bit AVR ATmega2560 microcontroller. Our experiments confirm that HASES is 271  and 34  faster than (forward-secure) XMSS and (plain) Dilithium. HASES is more than twice and magnitude more energy-efficient than (forward-secure) ANT and (plain) BLISS, respectively, on an 8-bit device. We open-source HASES for public testing and adaptation. 
    more » « less
  3. Internet of Things (IoT) and Storage-as-a-Service (STaaS) continuum permit cost-effective maintenance of security-sensitive information collected by IoT devices over cloud systems. It is necessary to guarantee the security of sensitive data in IoT-STaaS applications. Especially, log entries trace critical events in computer systems and play a vital role in the trustworthiness of IoT-STaaS. An ideal log protection tool must be scalable and lightweight for vast quantities of resource-limited IoT devices while permitting efficient and public verification at STaaS. However, the existing cryptographic logging schemes either incur significant computation/signature overhead to the logger or extreme storage and verification costs to the cloud. There is a critical need for a cryptographic forensic log tool that respects the efficiency requirements of the IoT-STaaS continuum. In this paper, we created novel digital signatures for logs called Optimal Signatures for secure Logging (OSLO), which are the first (to the best of our knowledge) to offer both small-constant signature and public key sizes with near-optimal signing and batch verification via various granularities. We introduce new design features such as one-time randomness management, flexible aggregation along with various optimizations to attain these seemingly conflicting properties simultaneously. Our experiments show that OSLO offers 50× faster verification (for 235 entries) than the most compact alternative with equal signature sizes, while also being several magnitudes of more compact than its most logger efficient counterparts. These properties make OSLO an ideal choice for the IoT-STaaS, wherein lightweight logging and efficient batch verification of massive-size logs are vital for the IoT edge and cold storage servers, respectively. 
    more » « less
  4. Authentication is vital for the Internet of Things (IoT) applications involving sensitive data (e.g., medical and financial systems). Digital signatures offer scalable authentication with non-repudiation and public verifiability, which are necessary for auditing and dispute resolution in such IoT applications. However, digital signatures have been shown to be highly costly for low-end IoT devices, especially when embedded devices (e.g., medical implants) must operate without a battery replacement for a long time. We propose an Energy-aware Signature for Embedded Medical devices (ESEM) that achieves near-optimal signer efficiency. ESEM signature generation does not require any costly operations (e.g., elliptic curve (EC) scalar multiplication/addition), but only a small constant-number of pseudo-random function calls, additions, and a single modular multiplication. ESEM has the smallest signature size among its EC-based counterparts with an identical private key size. We achieve this by eliminating the use of the ephemeral public key (i.e, commitment) in Schnorrtype signatures from the signing via a distributed construction at the verifier without interaction with the signer while permitting a constant-size public key. We proved that ESEM is secure (in random oracle model), and fully implemented it on an 8-bit AVR microcontroller that is commonly used in medical devices. Our experiments showed that ESEM achieves 8.4× higher energy efficiency over its closest counterpart while offering a smaller signature and code size. Hence, ESEM can be suitable for deployment on resource-limited embedded devices in IoT. We 
    more » « less
  5. Digital Twins (DT) virtually model cyber-physical objects via sensory inputs by simulating or monitoring their behavior. Therefore, DTs usually harbor vast quantities of Internet of Things (IoT) components (e.g., sensors) that gather, process, and offload sensitive information (e.g., healthcare) to the cloud. It is imperative to ensure the trustworthiness of such sensitive information with long-term and compromise-resilient security guarantees. Digital signatures provide scalable authentication and integrity with non-repudiation and are vital tools for DTs. Post-quantum cryptography (PQC) and forward-secure signatures are two fundamental tools to offer long-term security and breach resiliency. However, NIST-PQC signature standards are exorbitantly costly for embedded DT components and are infeasible when forward-security is also considered. Moreover, NIST-PQC signatures do not admit aggregation, which is a highly desirable feature to mitigate the heavy storage and transmission burden in DTs. Finally, NIST recommends hybrid PQ solutions to enable cryptographic agility and transitional security. Yet, there is a significant gap in the state of the art in the achievement of all these advanced features simultaneously. Therefore, there is a significant need for lightweight digital signatures that offer compromise resiliency and compactness while permitting transitional security into the PQ era for DTs.

    We create a series of highly lightweight digital signatures called Hardware-ASisted Efficient Signature (HASES) that meets the above requirements. The core ofHASES is a hardware-assisted cryptographic commitment construct oracle (CCO) that permits verifiers to obtain expensive commitments without signer interaction. We created threeHASES schemes:PQ-HASES is a forward-secure PQ signature,LA-HASES is an efficient aggregate Elliptic-Curve signature, andHY-HASES is a novel hybrid scheme that combinesPQ-HASES andLA-HASES with novel strong nesting and sequential aggregation.HASES does not require a secure-hardware on the signer. We prove thatHASES schemes are secure and implemented them on commodity hardware and and 8-bit AVR ATmega2560. Our experiments confirm thatPQ-HASES andLA-HASES are two magnitudes of times more signer efficient than their PQ and conventional-secure counterparts, respectively.HY-HASES outperforms NIST PQC and conventional signature combinations, offering a standard-compliant transitional solution for emerging DTs. We open-sourceHASES schemes for public-testing and adaptation.

     
    more » « less