The Medical Internet of Things (MIoT) harbors resource-limited medical embedded devices that collect security-sensitive data from users for analysis, monitoring, and diagnosis. Digital signatures play a foundational role in ensuring the authentication and integrity of this sensitive medical information, critical for the trustworthiness of MIoT applications. However, traditional signatures used in current IoT systems may lack the necessary long-term security and are vulnerable to emerging quantum computer threats. NISt's PQC standards impose heavy overhead unsuitable for battery-limited MIoT devices. Efforts to design more computationally efficient PQ signatures have faced challenges, either introducing significant memory overhead and potential vulnerabilities or relying on strong assumptions. Hence, this paper introduces INFinity-HORS (INF-HORS), a lightweight PQ digital signature. To the best of our knowledge, INF-HORS is the first signer-optimal hash-based signature offering polynomial unbounded signing capabilities under minimal architectural assumptions. Unlike other PQ signatures, INF-HORS does not require hyper-tree structures or incur the high memory usage seen in multivariate counterparts. Our performance analysis confirms that INF-HORS is significantly more computationally efficient than NIST PQC standards like Dilithium and SPHINCS+. We prove INF-HORS's security in the random oracle model and show through experiments that it achieves 20x faster signature generation and smaller signature and private key sizes compared to BLISS-I on an 8-bit ATxmega128A1 microcontroller. INF-HORS does not rely on non-colluding verification servers, secure enclaves, or trusted verification assisting entities, minimizing security risks and making it ideal for MIoT with minimal cryptographic overhead and strong security assumptions.
翻译:医疗物联网(MIoT)包含资源受限的医疗嵌入式设备,这些设备收集用户的安全敏感数据用于分析、监测和诊断。数字签名在确保这些敏感医疗信息的认证和完整性方面起着基础性作用,这对MIoT应用的可信性至关重要。然而,当前物联网系统中使用的传统签名可能缺乏必要的长期安全性,且易受新兴量子计算机威胁。美国国家标准与技术研究院(NIST)的后量子密码(PQC)标准引入的重计算开销不适用于电池受限的MIoT设备。为提高计算效率而设计的后量子签名方案面临挑战,要么引入显著的内存开销和潜在漏洞,要么依赖强假设。为此,本文提出INFinity-HORS(INF-HORS),一种轻量级后量子数字签名方案。据我们所知,INF-HORS是首个在最小架构假设下提供多项式无界签名能力的签名者最优哈希签名方案。与其他后量子签名不同,INF-HORS无需超树结构,也不引入多元签名方案中的高内存消耗。性能分析证实,INF-HORS在计算效率上显著优于Dilithium和SPHINCS+等NIST PQC标准。我们证明了INF-HORS在随机预言机模型下的安全性,并通过实验表明,在8位ATxmega128A1微控制器上,其签名生成速度比BLISS-I快20倍,且签名和私钥尺寸更小。INF-HORS不依赖非共谋验证服务器、安全飞地或可信验证辅助实体,从而最小化安全风险,使其成为密码开销极小且安全假设强健的理想MIoT方案。