Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
139 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Lightweight and Scalable Post-Quantum Authentication for Medical Internet of Things (2311.18674v3)

Published 30 Nov 2023 in cs.CR

Abstract: The Medical Internet of Things (MIoT) harbors resource-limited medical embedded devices that collect security-sensitive data from users for analysis, monitoring, and diagnosis. Digital signatures play a foundational role in ensuring the authentication and integrity of this sensitive medical information, critical for the trustworthiness of MIoT applications. However, traditional signatures used in current IoT systems may lack the necessary long-term security and are vulnerable to emerging quantum computer threats. NISt's PQC standards impose heavy overhead unsuitable for battery-limited MIoT devices. Efforts to design more computationally efficient PQ signatures have faced challenges, either introducing significant memory overhead and potential vulnerabilities or relying on strong assumptions. Hence, this paper introduces INFinity-HORS (INF-HORS), a lightweight PQ digital signature. To the best of our knowledge, INF-HORS is the first signer-optimal hash-based signature offering polynomial unbounded signing capabilities under minimal architectural assumptions. Unlike other PQ signatures, INF-HORS does not require hyper-tree structures or incur the high memory usage seen in multivariate counterparts. Our performance analysis confirms that INF-HORS is significantly more computationally efficient than NIST PQC standards like Dilithium and SPHINCS+. We prove INF-HORS's security in the random oracle model and show through experiments that it achieves 20x faster signature generation and smaller signature and private key sizes compared to BLISS-I on an 8-bit ATxmega128A1 microcontroller. INF-HORS does not rely on non-colluding verification servers, secure enclaves, or trusted verification assisting entities, minimizing security risks and making it ideal for MIoT with minimal cryptographic overhead and strong security assumptions.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (75)
  1. 6G internet of things: A comprehensive survey, IEEE Internet of Things Journal (2021).
  2. Digital twin networks: A survey, IEEE Internet of Things Journal 8 (2021) 13789–13804.
  3. Technologies trend towards 5G network for smart health-care using iot: A review, Sensors 20 (2020) 4047.
  4. M. Pradhan, J. Noll, Security, privacy, and dependability evaluation in verification and validation life cycles for military iot systems, IEEE Communications Magazine 58 (2020) 14–20.
  5. Y.-H. Joung, Development of implantable medical devices: from an engineering perspective, International neurourology journal 17 (2013) 98.
  6. P. B. Adamson, Pathophysiology of the transition from chronic compensated and acute decompensated heart failure: new insights from continuous monitoring devices, Current heart failure reports 6 (2009) 287–292.
  7. Transition from chronic compensated to acute decompensated heart failure: pathophysiological insights obtained from continuous monitoring of intracardiac pressures, Circulation 118 (2008) 1433–1441.
  8. Heart disease and stroke statistics—2020 update: a report from the american heart association, Circulation 141 (2020) e139–e596.
  9. R. Behnia, A. A. Yavuz, Towards practical post-quantum signatures for resource-limited internet of things, in: Annual Computer Security Applications Conference, 2021, pp. 119–130.
  10. A. Mudgerikar, E. Bertino, Iot attacks and malware, Cyber Security Meets Machine Learning (2021) 1–25.
  11. Security challenges for medical devices, Communications of the ACM 58 (2015) 74–82.
  12. Post-quantum forward-secure signatures with hardware-support for internet of things, IEEE International Conference on Communications (ICC), IEEE, 2023, p. 1–7.
  13. Security and privacy issues in implantable medical devices: A comprehensive survey, Journal of biomedical informatics 55 (2015) 272–289.
  14. Rfid guardian: A battery-powered mobile device for rfid privacy management, in: Australasian Conference on Information Security and Privacy, Springer, 2005, pp. 184–194.
  15. Access control for implantable medical devices, IEEE Transactions on Emerging Topics in Computing 9 (2020) 1126–1138.
  16. Medmon: Securing medical devices through wireless monitoring and anomaly detection, IEEE Transactions on Biomedical circuits and Systems 7 (2013) 871–881.
  17. Security and privacy for implantable medical devices, IEEE pervasive computing 7 (2008) 30–39.
  18. P. W. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, SIAM review 41 (1999) 303–332.
  19. J.-P. Aumasson, The impact of quantum computing on cryptography, Computer Fraud & Security 2017 (2017) 8–11.
  20. Envisioning the future of cyber security in post-quantum era: A survey on pq standardization, applications, challenges and opportunities, arXiv preprint arXiv:2310.12037 (2023).
  21. Securing the internet of things in a quantum world, IEEE Communications Magazine 55 (2017) 116–120.
  22. A post-quantum compliant authentication scheme for iot healthcare systems, IEEE Internet of Things Journal (2023).
  23. S. E. Nouma, A. A. Yavuz, Trustworthy and efficient digital twins in post-quantum era with hybrid hardware-assisted signatures, ACM Transactions on Multimedia Computing, Communications and Applications 20 (2024) 1–30.
  24. Security vulnerabilities in mobile health applications, in: 2018 IEEE Conference on application, information and network security (AINS), IEEE, 2018, pp. 21–26.
  25. A comprehensive model for securing sensitive patient data in a clinical scenario, IEEE Access 11 (2023) 137083–137098.
  26. S. E. Nouma, A. A. Yavuz, Practical cryptographic forensic tools for lightweight internet of things and cold storage systems, in: Proceedings of the 8th ACM/IEEE Conference on Internet of Things Design and Implementation, 2023, pp. 340–353.
  27. A high-speed public-key signature scheme for 8-b iot-constrained devices, IEEE Internet of Things Journal 7 (2020) 3663–3677.
  28. C. Costello, P. Longa, SchnorrQ: Schnorr signatures on fourQ, MSR Tech Report, 2016 (2016).
  29. Crystals-dilithium: A lattice-based digital signature scheme, IACR Transactions on Cryptographic Hardware and Embedded Systems (2018) 238–268.
  30. Management of resource constrained devices in the internet of things, IEEE Communications Magazine 50 (2012) 144–149.
  31. Falcon: Fast-fourier lattice-based compact signatures over NTRU, Submission to the NIST’s post-quantum cryptography standardization process (2018).
  32. Lattice signatures and bimodal gaussians, in: Cryptology Conf., 2013, pp. 40–56.
  33. E. Karabulut, A. Aysu, Falcon down: Breaking falcon post-quantum signature scheme through side-channel attacks, in: 2021 58th ACM/IEEE Design Automation Conference (DAC), 2021, pp. 691–696.
  34. M. Tibouchi, A. Wallet, One bit is all it takes: a devastating timing attack on BLISS’s non-constant time sign flips, Journal of Mathematical Cryptology 15 (2021) 131–142.
  35. A. A. Yavuz, M. O. Ozmen, Ultra lightweight multiple-time digital signature for the internet of things devices, IEEE Transactions on Services Computing (2019) 215–227.
  36. Cb-cas: Certificate-based efficient signature scheme with compact aggregation for industrial internet of things environment, IEEE Internet of Things Journal 7 (2019) 2563–2572.
  37. A secure certificateless signcryption scheme without pairing for internet of medical things, IEEE Internet of Things Journal 10 (2022) 9136–9147.
  38. Idenmultisig: Identity-based decentralized multi-signature in internet of things, IEEE Transactions on Computational Social Systems (2023).
  39. Security analysis of an identity-based signature from factorization problem, IEEE Access 8 (2020) 23277–23283.
  40. The SPHINCS+ signature framework, in: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, 2019, pp. 2129–2146.
  41. L. Reyzin, N. Reyzin, Better than BiBa: Short one-time signatures with fast signing and verifying, in: Australasian Conference on Information Security and Privacy, 2002, pp. 144–153.
  42. Optimal parameters for XMSS MT, in: International conference on availability, reliability, and security, 2013, pp. 194–208.
  43. R. C. Merkle, A certified digital signature, in: Conference on the Theory and Application of Cryptology, Springer, 1989, pp. 218–238.
  44. Beyond basic trust: Envisioning the future of nextgen networked systems and digital signatures, in: 2023 5th IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), IEEE Computer Society, 2023, pp. 267–276.
  45. Zero knowledge protocols and signatures from the restricted syndrome decoding problem, in: IACR International Conference on Public-Key Cryptography, Springer, 2024, pp. 243–274.
  46. W. Beullens, Mayo: practical post-quantum signatures from oil-and-vinegar maps, in: International Conference on Selected Areas in Cryptography, Springer, 2021, pp. 355–376.
  47. Aim: symmetric primitive for shorter signatures with stronger security, in: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023, pp. 401–415.
  48. An efficient quantum-resistant undeniable signature protocol for the e-voting system, Journal of Information Security and Applications 81 (2024) 103714.
  49. S. Shaw, R. Dutta, Post-quantum secure identity-based signature achieving forward secrecy, Journal of Information Security and Applications 69 (2022) 103275.
  50. On the security of multivariate-based ring signature and other related primitives, Journal of Information Security and Applications 74 (2023) 103474.
  51. General fault attacks on multivariate public key cryptosystems, in: Post-Quantum Cryptography: 4th International Workshop, PQCrypto 2011, Taipei, Taiwan, November 29–December 2, 2011. Proceedings 4, Springer, 2011, pp. 1–18.
  52. Scb: Flexible and efficient asymmetric computations utilizing symmetric cryptosystems implemented with intel sgx, in: 2021 IEEE International Performance, Computing, and Communications Conference (IPCCC), IEEE, 2021, pp. 1–8.
  53. K. Sedghighadikolaei, A. A. Yavuz, A comprehensive survey of threshold digital signatures: Nist standards, post-quantum cryptography, exotic techniques, and real-world applications, arXiv preprint arXiv:2311.05514 (2023).
  54. Optimal parameters for XMSS^ MT, Cryptology ePrint Archive, Paper 2017/966 (2017).
  55. Aris: authentication for real-time iot systems, in: ICC 2019-2019 IEEE International Conference on Communications (ICC), IEEE, 2019, pp. 1–6.
  56. A. A. Yavuz, Eta: efficient and tiny and authentication for heterogeneous wireless systems, in: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, 2013, pp. 67–72.
  57. A guide to fully homomorphic encryption, Cryptology Archive (2015).
  58. (leveled) fully homomorphic encryption without bootstrapping, ACM Transactions on Computation Theory (TOCT) 6 (2014) 1–36.
  59. Y. Yu, X. Xie, Privacy-preserving computation in the post-quantum era, National Science Review 8 (2021). doi:10.1093/nsr/nwab115, nwab115.
  60. B. Preneel, Davies-meyer hash function, in: Encyclopedia of Cryptography and Security, 2005, pp. 136–136.
  61. S. E. Nouma, A. A. Yavuz, Trustworthy and efficient digital twins in post-quantum era with hybrid hardware-assisted signatures, ACM Trans. Multimedia Comput. Commun. Appl. 20 (2024).
  62. Notions, definitions, and models, Introduction to Security Reduction (2018) 5–12.
  63. S. Darzi, A. A. Yavuz, Pqc meets ml or ai: Exploring the synergy of machine learning and post-quantum cryptography, Authorea Preprints (2024).
  64. S. Mella, R. Susella, On the homomorphic computation of symmetric cryptographic primitives, in: Proceedings of the 14th IMA International Conference on Cryptography and Coding - Volume 8308, IMACC 2013, Springer-Verlag, Berlin, Heidelberg, 2013, p. 28–44.
  65. Tfhe: fast fully homomorphic encryption over the torus, Journal of Cryptology 33 (2020) 34–91.
  66. Practical homomorphic evaluation of block-cipher-based hash functions with applications, in: International Symposium on Foundations and Practice of Security, Springer, 2022, pp. 88–103.
  67. Fregata: Faster homomorphic evaluation of aes via tfhe, in: International Conference on Information Security, Springer, 2023, pp. 392–412.
  68. S. Hirose, Some plausible constructions of double-block-length hash functions, in: Fast Software Encryption, Springer Berlin Heidelberg, Berlin, Heidelberg, 2006, pp. 210–225.
  69. S. Halevi, V. Shoup, Design and implementation of HElib: a homomorphic encryption library, Cryptology Archive (2020).
  70. The elliptic curve digital signature algorithm (ECDSA), International journal of information security 1 (2001) 36–63.
  71. High-speed high-security signatures, Journal of cryptographic engineering 2 (2012) 77–89.
  72. G. Hofemeier, R. Chesebrough, Introduction to intel aes-ni and intel secure key instructions, Intel, White Paper 62 (2012).
  73. High-performance ideal lattice-based cryptography on 8-bit atxmega microcontrollers, in: International conference on cryptology and information security in Latin America, Springer, 2015, pp. 346–365.
  74. Short signatures from the weil pairing, in: International conference on the theory and application of cryptology and information security, Springer, 2001, pp. 514–532.
  75. J. Howe, B. Westerbaan, Benchmarking and Analysing the NIST PQC Finalist Lattice-Based Signature Schemes on the ARM Cortex M7, Paper 2022/405, Cryptology ePrint Archive (2022).
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets