Heterogeneous Internet of Things (IoTs) harboring resource-limited devices like wearable sensors are essential for next-generation networks. Ensuring the authentication and integrity of security-sensitive telemetry in these applications is vital. Digital signatures provide scalable authentication with non-repudiation and public verifiability, making them essential tools for IoTs. However, emerging quantum computers necessitate post-quantum (PQ) secure solutions, yet existing NIST-PQC standards are costlier than their conventional counterparts and unsuitable for resource-limited IoTs. There is a significant need for lightweight PQ-secure digital signatures that respect the resource constraints of low-end IoTs. We propose a new multiple-time hash-based signature called Maximum Utilization Multiple HORS (MUM-HORS) that offers PQ security, short signatures, fast signing, and high key utilization for an extended lifespan. MUM-HORS addresses the inefficiency and key loss issues of HORS in offline/online settings by introducing compact key management data structures and optimized resistance to weak-message attacks. We tested MUM-HORS on two embedded platforms (ARM Cortex A-72 and 8-bit AVR ATmega2560) and commodity hardware. Our experiments confirm up to 40x better utilization with the same signing capacity (2^20 messages, 128-bit security) compared to multiple-time HORS while achieving 2x and 156-2463x faster signing than conventional-secure and NIST PQ-secure schemes, respectively, on an ARM Cortex. These features make MUM-HORS ideal multiple-time PQ-secure signature for heterogeneous IoTs.
翻译:包含可穿戴传感器等资源受限设备的异构物联网(IoT)对于下一代网络至关重要。确保这些应用中安全敏感遥测数据的认证与完整性极为重要。数字签名通过不可否认性和公开可验证性提供可扩展的认证机制,成为物联网不可或缺的工具。然而,新兴量子计算机要求采用后量子(PQ)安全方案,而现有NIST-PQC标准相较于传统方案成本更高,且不适用于资源受限的物联网设备。当前亟需能适应低端物联网资源限制的轻量级PQ安全数字签名方案。本文提出一种新型多重哈希签名方案——最大利用率多重HORS(MUM-HORS),该方案具备PQ安全性、短签名长度、快速签名能力以及高密钥利用率,可延长系统生命周期。MUM-HORS通过引入紧凑的密钥管理数据结构及优化的抗弱消息攻击机制,解决了离线/在线场景下HORS方案的效率低下与密钥损耗问题。我们在两种嵌入式平台(ARM Cortex A-72和8位AVR ATmega2560)及商用硬件上测试了MUM-HORS。实验表明,在相同签名容量(2^20条消息,128位安全级别)下,相较于多重HORS方案,本方案实现了高达40倍的利用率提升;在ARM Cortex平台上,其签名速度分别达到传统安全方案和NIST PQ安全方案的2倍及156-2463倍。这些特性使MUM-HORS成为异构物联网的理想多重PQ安全签名方案。