Lightweight and Scalable Post-Quantum Authentication for Medical Internet of Things
- URL: http://arxiv.org/abs/2311.18674v3
- Date: Thu, 9 May 2024 19:40:53 GMT
- Title: Lightweight and Scalable Post-Quantum Authentication for Medical Internet of Things
- Authors: Attila A. Yavuz, Saleh Darzi, Saif E. Nouma,
- Abstract summary: Medical Internet of Things (MIoT) harbors resource-limited medical embedded devices that collect security-sensitive data from users for analysis, monitoring, and diagnosis.
Traditional signatures used in current IoT systems may lack the necessary long-term security and are vulnerable to emerging quantum computer threats.
This paper introduces INFinity-HORS, a lightweight PQ digital signature.
- Score: 1.9185059111021852
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The Medical Internet of Things (MIoT) harbors resource-limited medical embedded devices that collect security-sensitive data from users for analysis, monitoring, and diagnosis. Digital signatures play a foundational role in ensuring the authentication and integrity of this sensitive medical information, critical for the trustworthiness of MIoT applications. However, traditional signatures used in current IoT systems may lack the necessary long-term security and are vulnerable to emerging quantum computer threats. NISt's PQC standards impose heavy overhead unsuitable for battery-limited MIoT devices. Efforts to design more computationally efficient PQ signatures have faced challenges, either introducing significant memory overhead and potential vulnerabilities or relying on strong assumptions. Hence, this paper introduces INFinity-HORS (INF-HORS), a lightweight PQ digital signature. To the best of our knowledge, INF-HORS is the first signer-optimal hash-based signature offering polynomial unbounded signing capabilities under minimal architectural assumptions. Unlike other PQ signatures, INF-HORS does not require hyper-tree structures or incur the high memory usage seen in multivariate counterparts. Our performance analysis confirms that INF-HORS is significantly more computationally efficient than NIST PQC standards like Dilithium and SPHINCS+. We prove INF-HORS's security in the random oracle model and show through experiments that it achieves 20x faster signature generation and smaller signature and private key sizes compared to BLISS-I on an 8-bit ATxmega128A1 microcontroller. INF-HORS does not rely on non-colluding verification servers, secure enclaves, or trusted verification assisting entities, minimizing security risks and making it ideal for MIoT with minimal cryptographic overhead and strong security assumptions.
Related papers
- Signer-Optimal Multiple-Time Post-Quantum Hash-Based Signature for Heterogeneous IoT Systems [1.9185059111021852]
Existing NIST-PQC standards are costlier than their conventional counterparts and unsuitable for resource-limited IoTs.
We propose a new multiple-time hash-based signature called Maximum Utilization Multiple HORS (MUM-HORS)
Our experiments confirm up to 40x better utilization with the same signing capacity (220 messages, 128-bit security) compared to multiple-time HORS.
arXiv Detail & Related papers (2024-11-02T23:11:16Z) - Designing Short-Stage CDC-XPUFs: Balancing Reliability, Cost, and
Security in IoT Devices [2.28438857884398]
Physically Unclonable Functions (PUFs) generate unique cryptographic keys from inherent hardware variations.
Traditional PUFs like Arbiter PUFs (APUFs) and XOR Arbiter PUFs (XOR-PUFs) are susceptible to machine learning (ML) and reliability-based attacks.
We propose an optimized CDC-XPUF design that incorporates a pre-selection strategy to enhance reliability and introduces a novel lightweight architecture.
arXiv Detail & Related papers (2024-09-26T14:50:20Z) - Fast and Post-Quantum Authentication for Real-time Next Generation Networks with Bloom Filter [2.156208381257605]
Traditional cryptosystems must be replaced with post-quantum (PQ) secure ones.
We propose a new signature called Time Valid Probabilistic Data Structure HORS (TVPD-HORS)
TVPD-HORS verification is 2.7x and 5x faster than HORS in high-security and time valid settings.
arXiv Detail & Related papers (2024-09-17T01:13:26Z) - An Experimentally Validated Feasible Quantum Protocol for Identity-Based Signature with Application to Secure Email Communication [1.156080039774429]
In 1984, Shamir developed the first Identity-based signature (IBS) to simplify public key infrastructure.
IBS protocols rely on several theoretical assumption-based hard problems.
Quantum cryptography (QC) is one such approach.
arXiv Detail & Related papers (2024-03-27T04:32:41Z) - Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC)
We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
arXiv Detail & Related papers (2024-02-13T12:12:39Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - Tamper-Evident Pairing [55.2480439325792]
Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard.
TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent.
This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
arXiv Detail & Related papers (2023-11-24T18:54:00Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - Hierarchical certification of nonclassical network correlations [50.32788626697182]
We derive linear and nonlinear Bell-like inequalities for networks, whose violation certifies the absence of a minimum number of classical sources in them.
We insert this assumption, which leads to results more amenable to certification in experiments.
arXiv Detail & Related papers (2023-06-27T18:00:01Z) - Practical quantum secure direct communication with squeezed states [55.41644538483948]
We report the first table-top experimental demonstration of a CV-QSDC system and assess its security.
This realization paves the way into future threat-less quantum metropolitan networks, compatible with coexisting advanced wavelength division multiplexing (WDM) systems.
arXiv Detail & Related papers (2023-06-25T19:23:42Z) - Post-Quantum Hybrid Digital Signatures with Hardware-Support for Digital Twins [2.156208381257605]
Digital Twins (DT) virtually model cyber-physical objects using Internet of Things (IoT) components.
NIST PQC signature standards are exorbitantly costly for low-end IoT without considering forward security.
We create Hardware-assisted cryptographic commitment construct oracle (CCO) that permits verifiers to obtain expensive commitments without signer interaction.
arXiv Detail & Related papers (2023-05-20T23:00:14Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.