异构物联网系统的签名者优化多次后量子哈希签名

IF 7.6 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Internet of Things Pub Date : 2025-07-10 DOI:10.1016/j.iot.2025.101694

Kiarash Sedghighadikolaei, Attila A. Yavuz, Saif E. Nouma

{"title":"异构物联网系统的签名者优化多次后量子哈希签名","authors":"Kiarash Sedghighadikolaei, Attila A. Yavuz, Saif E. Nouma","doi":"10.1016/j.iot.2025.101694","DOIUrl":null,"url":null,"abstract":"<div><div>Heterogeneous Internet of Things (IoTs) harboring resource-limited devices like wearable sensors are essential for next-generation networks. Ensuring the authentication and integrity of security-sensitive telemetry in these applications is vital. Digital signatures provide scalable authentication with non-repudiation and public verifiability, making them essential tools for IoTs. However, current NIST-PQC standards are significantly resource-intensive for practical use on constrained IoT devices. This highlights a critical need for lightweight PQ-secure digital signatures that align with the limitations of low-end IoTs.</div><div>We propose a new multiple-time hash-based signature called <em>Maximum Utilization Multiple HORS</em> (<span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span>) that offers PQ security, short signatures, fast signing, and high key utilization for an extended lifespan. <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> addresses the inefficiency and key loss issues of HORS in offline/online settings by introducing compact key management data structures and optimized resistance to weak-message attacks. We tested <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> on two embedded platforms (ARM Cortex A-72 and 8-bit AVR ATmega2560) and commodity hardware. Results show <span><math><mrow><mn>40</mn><mo>×</mo></mrow></math></span> lower resource usage at the same signing capacity (<span><math><msup><mrow><mn>2</mn></mrow><mrow><mn>20</mn></mrow></msup></math></span> messages, 128-bit security) than multiple-time HORS. Furthermore, <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> achieves <span><math><mrow><mn>2</mn><mo>×</mo></mrow></math></span> and up to 4000<span><math><mo>×</mo></math></span> faster signing than conventional secure schemes on the ARM Cortex and state-of-the-art PQ-secure schemes for IoTs, respectively.</div></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"33 ","pages":"Article 101694"},"PeriodicalIF":7.6000,"publicationDate":"2025-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Signer-optimal multiple-time post-quantum hash-based signature for heterogeneous IoT Systems\",\"authors\":\"Kiarash Sedghighadikolaei, Attila A. Yavuz, Saif E. Nouma\",\"doi\":\"10.1016/j.iot.2025.101694\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Heterogeneous Internet of Things (IoTs) harboring resource-limited devices like wearable sensors are essential for next-generation networks. Ensuring the authentication and integrity of security-sensitive telemetry in these applications is vital. Digital signatures provide scalable authentication with non-repudiation and public verifiability, making them essential tools for IoTs. However, current NIST-PQC standards are significantly resource-intensive for practical use on constrained IoT devices. This highlights a critical need for lightweight PQ-secure digital signatures that align with the limitations of low-end IoTs.</div><div>We propose a new multiple-time hash-based signature called <em>Maximum Utilization Multiple HORS</em> (<span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span>) that offers PQ security, short signatures, fast signing, and high key utilization for an extended lifespan. <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> addresses the inefficiency and key loss issues of HORS in offline/online settings by introducing compact key management data structures and optimized resistance to weak-message attacks. We tested <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> on two embedded platforms (ARM Cortex A-72 and 8-bit AVR ATmega2560) and commodity hardware. Results show <span><math><mrow><mn>40</mn><mo>×</mo></mrow></math></span> lower resource usage at the same signing capacity (<span><math><msup><mrow><mn>2</mn></mrow><mrow><mn>20</mn></mrow></msup></math></span> messages, 128-bit security) than multiple-time HORS. Furthermore, <span><math><mstyle><mi>M</mi><mi>U</mi><mi>M</mi><mo>−</mo><mi>H</mi><mi>O</mi><mi>R</mi><mi>S</mi></mstyle></math></span> achieves <span><math><mrow><mn>2</mn><mo>×</mo></mrow></math></span> and up to 4000<span><math><mo>×</mo></math></span> faster signing than conventional secure schemes on the ARM Cortex and state-of-the-art PQ-secure schemes for IoTs, respectively.</div></div>\",\"PeriodicalId\":29968,\"journal\":{\"name\":\"Internet of Things\",\"volume\":\"33 \",\"pages\":\"Article 101694\"},\"PeriodicalIF\":7.6000,\"publicationDate\":\"2025-07-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Internet of Things\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2542660525002082\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660525002082","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

异构物联网（iot）包含资源有限的设备，如可穿戴传感器，对于下一代网络至关重要。确保这些应用程序中安全敏感遥测的身份验证和完整性至关重要。数字签名提供了具有不可否认性和公共可验证性的可扩展身份验证，使其成为物联网的重要工具。然而，目前的NIST-PQC标准对于受限物联网设备的实际使用来说是非常资源密集型的。这凸显了对轻量级pq安全数字签名的迫切需求，这些数字签名与低端物联网的限制保持一致。我们提出了一种新的基于多次哈希的签名，称为Maximum Utilization Multiple HORS (MUM - HORS)，它提供了PQ安全性、短签名、快速签名和高密钥利用率，并延长了生命周期。MUM−HORS通过引入紧凑的密钥管理数据结构和优化的抗弱消息攻击能力，解决了HORS在离线/在线设置中的低效率和密钥丢失问题。我们在两个嵌入式平台（ARM Cortex A-72和8位AVR ATmega2560）和商用硬件上测试了MUM - HORS。结果表明，在相同的签名容量（220条消息，128位安全性）下，与多次HORS相比，资源使用量降低了40倍。此外，MUM - HORS的签名速度分别比ARM Cortex上的传统安全方案和最先进的物联网pq安全方案快2倍和高达4000倍。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Signer-optimal multiple-time post-quantum hash-based signature for heterogeneous IoT Systems

Heterogeneous Internet of Things (IoTs) harboring resource-limited devices like wearable sensors are essential for next-generation networks. Ensuring the authentication and integrity of security-sensitive telemetry in these applications is vital. Digital signatures provide scalable authentication with non-repudiation and public verifiability, making them essential tools for IoTs. However, current NIST-PQC standards are significantly resource-intensive for practical use on constrained IoT devices. This highlights a critical need for lightweight PQ-secure digital signatures that align with the limitations of low-end IoTs.

We propose a new multiple-time hash-based signature called Maximum Utilization Multiple HORS (

M U M - H O R S

) that offers PQ security, short signatures, fast signing, and high key utilization for an extended lifespan.

M U M - H O R S

addresses the inefficiency and key loss issues of HORS in offline/online settings by introducing compact key management data structures and optimized resistance to weak-message attacks. We tested

M U M - H O R S

on two embedded platforms (ARM Cortex A-72 and 8-bit AVR ATmega2560) and commodity hardware. Results show

40 \times

lower resource usage at the same signing capacity (

2^{20}

messages, 128-bit security) than multiple-time HORS. Furthermore,

M U M - H O R S

achieves

2 \times

and up to 4000

\times

faster signing than conventional secure schemes on the ARM Cortex and state-of-the-art PQ-secure schemes for IoTs, respectively.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Internet of Things Multiple-

CiteScore

3.60

自引率

5.10%

发文量

115

审稿时长

37 days

期刊介绍： Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT. The journal will place a high priority on timely publication, and provide a home for high quality. Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.