Internet of Things (IoT) applications are composed of massive quantities of resource-limited devices that collect sensitive data with long-term operational and security requirements. With the threat of emerging quantum computers, Post-Quantum Cryptography (PQC) is a critical requirement for IoTs. In particular, digital signatures offer scalable authentication with non-repudiation and are an essential tool for IoTs. However, as seen in NIST PQC standardization, post-quantum signatures are extremely costly for resource-limited IoTs. Hence, there is a significant need for quantum-safe signatures that respect the processing, memory, and bandwidth limitations of IoTs. In this paper, we created a new lightweight quantum-safe digital signature referred to as INFinity-HORS (INF-HORS), which is (to the best of our knowledge) the first signer-optimal hash-based signature with (polynomially) unbounded signing capability. INF-HORS enables a verifier to non-interactively construct one-time public keys from a master public key via encrypted function evaluations. This strategy avoids the performance bottleneck of hash-based standards (e.g., SPHINCS+) by eliminating hyper-tree structures. It also does not require a trusted party or non-colliding servers to distribute public keys. Our performance analysis confirms that INF-HORS is magnitudes of times more signer computation efficient than selected NIST PQC schemes (e.g., SPHINCS+, Dilithium, Falcon) with a small memory footprint.

翻译：物联网应用由大量资源受限的设备组成，这些设备收集敏感数据并具有长期运行和安全需求。随着新兴量子计算机的威胁，后量子密码学（PQC）成为物联网的关键需求。特别是，数字签名提供了具有不可否认性的可扩展认证，是物联网的重要工具。然而，正如NIST PQC标准化中所见，后量子签名对于资源受限的物联网来说成本极高。因此，亟需一种能够适应物联网处理能力、存储和带宽限制的量子安全签名。本文提出了一种新型轻量级量子安全数字签名，称为INFinity-HORS（INF-HORS），据我们所知，这是首个具有（多项式）无界签名能力的签名者最优哈希基签名。INF-HORS通过加密函数评估，使验证者能够从主公钥中非交互式地构建一次性公钥。该策略通过消除超树结构，避免了哈希基标准（如SPHINCS+）的性能瓶颈，且无需可信方或非冲突服务器来分发公钥。性能分析证实，与选定的NIST PQC方案（如SPHINCS+、Dilithium、Falcon）相比，INF-HORS在签名者计算效率上提升了多个数量级，且内存占用较小。