Abstract
In today’s era, numerous applications are evolving into smart applications by leveraging technologies like the Internet of Things (IoT), Artificial Intelligence (AI), and Big Data. The incorporation of advanced sensors, AI-driven embedded devices, and cloud-based remote control has significantly enhanced the efficiency and profitability of IoT applications in numerous eras. Ensuring the security of IoT applications is crucial, with authentication emerging as a top priority. Lack of proper authentication may lead to unauthorized and risky activities, potentially causing hazardous situations within IoT applications. The current cryptographic methods employed in IoT devices rely on public-key cryptographic primitives, which, unfortunately, are susceptible to future quantum attacks. Therefore, there is a need to develop an effective signature scheme that can authenticate IoT devices resiliently against potential quantum threats. Hash-based post-quantum signature scheme stood as the best candidate to design quantum-safe authentication mechanisms. This paper presents a practical client–server implementation scenario tailored for IoT applications, showcasing the utilization of hash-based post-quantum digital signatures. Highlighting the complexity and computational demands of these signatures, the model architecture is illustrated using Raspberry Pi 3 and Pi 0 as servers, complemented by the widely used ESP32 as client devices in IoT applications achieving 32.83% optimized memory usage.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Figa_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Figb_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Figc_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11761-024-00414-x/MediaObjects/11761_2024_414_Fig4_HTML.png)
Similar content being viewed by others
References
Abdullah GM, Mehmood Q, Khan CBA (2018) Adoption of lamport signature scheme to implement digital signatures in iot. https://doi.org/10.1109/ICOMET.2018.8346359
Alagic G, Alperin-Sheriff J, Apon D et al (2022) Status report on the first round of the nist post-quantum cryptography standardization process. https://doi.org/10.6028/NIST.IR.8240
Alfrhan A, Moulahi T, Alabdulatif A (2021) Comparative study on hash functions for lightweight blockchain in internet of things (iot). Blockchain Res Appl 2:100036. https://doi.org/10.1016/j.bcra.2021.100036
Bellini E, Caullery F, Hasikos A, et al (2018) You shall not pass! (once again): an iot application of post-quantum stateful signature schemes. https://doi.org/10.1145/3197507.3197512
Bernstein DJ, Buchmann J, Dahmen E (2009) Post-quantum cryptography. Springer, Berlin
Bernstein DJ, Hopwood D, Hülsing A, et al (2015) Sphincs: practical stateless hash-based signatures. https://doi.org/10.1007/978-3-662-46800-5_15
Bos JW, Hülsing A, Renes J et al (2021) Rapidly verifiable xmss signatures. IACR Trans Cryptogr Hardw Embed Syst 2021:137–168. https://doi.org/10.46586/tches.v2021.i1.137-168
Buchmann J, Dahmen E, Schneider M (2008) Merkle tree traversal revisited. https://doi.org/10.1007/978-3-540-88403-3_5
Buchmann J, Dahmen E, Hülsing A (2011) Xmss—a practical forward secure signature scheme based on minimal security assumptions. https://doi.org/10.1007/978-3-642-25405-5_8
Buldas A, Laanoja R, Truu A (2018) A blockchain-assisted hash-based signature scheme. https://doi.org/10.1007/978-3-030-03638-6_9
Campos F, Kohlstadt T, Reith S, et al (2020) Lms vs xmss: comparison of stateful hash-based signature schemes on arm cortex-m4. https://doi.org/10.1007/978-3-030-51938-4_13
Cao Y, Wu Y, Lu X et al (2022) An efficient full hardware implementation of extended merkle signature scheme. IEEE Trans Circuits Syst I Regul Pap 69:682-693. https://doi.org/10.1109/TCSI.2021.3115786
Cao Y, Wu Y, Qin L et al (2022) Area, time and energy efficient multicore hardware accelerators for extended Merkle signature scheme. IEEE Trans Circuits Syst I Regul Pap 69:4908–4918. https://doi.org/10.1109/TCSI.2022.3200987
Carneiro J, Oliveira LB (2019) Evaluating post-quantum signatures for iot devices. https://doi.org/10.1007/978-3-030-19223-5_8
Cooper DA, Apon D, Dang Q et al (2020) Recommendation for stateful hash-based signature schemes. https://doi.org/10.6028/nist.sp.800-208-draft
Genêt A (2023) On protecting sphincs+ against fault attacks. IACR Trans Cryptogr Hardw Embed Syst 2023:80–114. https://doi.org/10.46586/tches.v2023.i2.80-11410.46586/tches.v2023.i2.80-114
Ghosh S, Misoczki R, Sastry MR (2019) Lightweight post-quantum-secure digital signature approach for iot motes. Eprint 2019-122
Gurung D, Pokhrel SR, Li G (2023) Performance analysis and evaluation of post quantum secure blockchain federated learning. Ar**v ar**v:2306.14772. https://api.semanticscholar.org/CorpusID:259313763
Hosoyamada A, Sasaki Y (2021) Quantum collision attacks on reduced sha-256 and sha-512. https://doi.org/10.1007/978-3-030-84242-0_22
Hülsing A (2013) Practical forward secure signatures using minimal security assumptions. Ph.D. thesis, Technische Universität, Darmstadt, http://tuprints.ulb.tu-darmstadt.de/3651/
Hülsing A (2013) W-ots+ - shorter signatures for hash-based signature schemes.https://doi.org/10.1007/978-3-642-38553-7_10
Hülsing A, Kudinov M (2022) Recovering the tight security proof of sphincs+.https://doi.org/10.1007/978-3-031-22972-5_1
Hülsing A, Busold C, Buchmann J (2013) Forward secure signatures on smart cards. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics) 7707 LNCS
Hülsing A, Rausch L, Buchmann J (2013) Optimal parameters for xmssmt. https://doi.org/10.1007/978-3-642-40588-4_14
Hülsing A, Rijneveld J, Schwabe P (2016) Armed sphincs computing a 41kb signature in 16kb of ram, vol 9614. Springer, Berlin, pp 446–470. https://doi.org/10.1007/978-3-662-49384-7_17
Hülsing A, Kudinov M, Ronen E et al (2023) Sphincs+c: compressing sphincs+ with (almost) no cost, vol 2023. Institute of Electrical and Electronics Engineers Inc., Piscataway, pp 1435–1453. https://doi.org/10.1109/SP46215.2023.10179381
Kampanakis P, Fluhrer SR (2017) Lms vs xmss: a comparison of the stateful hash-based signature proposed standards. IACR Cryptol ePrint Arch 2017:349
Kampanakis P, Sikeridis D (2019) Two post-quantum signature use-cases: non-issues, challenges and potential solutions. https://api.semanticscholar.org/CorpusID:207999552
Karakaya A, Ulu A (2024) A survey on post-quantum based approaches for edge computing security. WIREs Comput Stat 16(1):e1644. https://doi.org/10.1002/wics.1644
Kerimbayeva A (2023) Analysis of existing approaches and algorithms of post-quantum cryptography. Revue d’Intelligence Artificielle. https://doi.org/10.18280/ria.370314
Kosuge H, Tanaka H (2022) Simple and memory-efficient signature generation of xmssmt. https://doi.org/10.1007/978-3-030-99277-4_18
Kudinov MA, Kiktenko EO, Fedorov AK (2021) Security analysis of the w-ots\(^+\) signature scheme: updating security bounds. https://doi.org/10.4213/mvk362
Kumar A, Ottaviani C, Gill SS et al (2022) Securing the future internet of things with post-quantum cryptography. Secur Priv. https://doi.org/10.1002/spy2.200
Kumari S, Singh M, Singh R et al (2022) Post-quantum cryptography techniques for secure communication in resource-constrained internet of things devices: a comprehensive survey. Softw Pract Exp. https://doi.org/10.1002/spe.3121
Lafrance P, Menezes A (2019) On the security of the wots-prf signature scheme. Adv Math Commun. https://doi.org/10.3934/amc.2019012
Li L, Lu X, Wang K (2022) Hash-based signature revisited. https://doi.org/10.1186/s42400-022-00117-w
Li N, Liu D, Nepal S (2017) Lightweight mutual authentication for iot and its applications. IEEE Trans Sustain Comput 2:359–370. https://doi.org/10.1109/TSUSC.2017.2716953
Liu T, Ramachandran G, Jurdak R (2024) Post-quantum cryptography for internet of things: a survey on performance and optimization. ar**v:2401.17538
Lohachab A, Lohachab A, Jangra A (2020) A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum iot networks. https://doi.org/10.1016/j.iot.2020.100174
Mavroeidis V, Vishi KDM et al (2018) The impact of quantum computing on present cryptography. Int J Adv Comput Sci Appl. https://doi.org/10.14569/ijacsa.2018.090354
McGrew D, Kampanakis P, Fluhrer S et al (2016) State management for hash-based signatures. https://doi.org/10.1007/978-3-319-49100-4_11
Mohan P, Wang W, Jungk B et al (2020) Asic accelerator in 28 nm for the post-quantum digital signature scheme xmss. Inst Electr Electron Eng. https://doi.org/10.1109/ICCD50377.2020.00112
Naor D, Naor D, Shenhav A, et al (2005) One-time signatures revisited: have they become practical. (manuscript)
Oraei H, Dehkordi MH (2022) A new variant of the winternitz one time signature based on graded encoding schemes. ISC Int J Inf Secur 14:1–11. https://doi.org/10.22042/ISECURE.2021.272908.639
Pauls F, Wittig R, Fettweis G (2019) A latency-optimized hash-based digital signature accelerator for the tactile internet. https://doi.org/10.1007/978-3-030-27562-4_7
Pereira GC, Puodzius C, Barreto PS (2016) Shorter hash-based signatures. J Syst Softw 116:95–100. https://doi.org/10.1016/j.jss.2015.07.007
Rao V, Prema KV (2019) Comparative study of lightweight hashing functions for resource constrained devices of iot. https://doi.org/10.1109/CSITSS47250.2019.9031038
Regnath E, Steinhorst S (2020) Amsa: adaptive merkle signature architecture. https://doi.org/10.23919/DATE48585.2020.9116517
Rohde S, Eisenbarth T, Dahmen E et al (2008) Fast hash-based signatures on constrained devices. https://doi.org/10.1007/978-3-540-85893-5_8
Romásun R, Arjona R, Baturone I (2023) A lightweight remote attestation using pufs and hash-based signatures for low-end iot devices. Future Gener Comput Syst 148:425–435. https://doi.org/10.1016/j.future.2023.06.008
Roy KS, Kalita HK (2019) A survey on post-quantum cryptography for constrained devices
Saldamli G, Ertaul L, Kodirangaiah B (2018) Post-quantum cryptography on iot: Merkle’s tree authentication. In: Proceedings of the 2018 international conference on wireless networks, ICWN’18
Shahid F, Khan A (2020) Smart digital signatures (sds): a post-quantum digital signature scheme for distributed ledgers. Future Gener Comput Syst 111:241–253. https://doi.org/10.1016/j.future.2020.04.042
Sharma N, Sultana HP, Singh R et al (2019) Secure hash authentication in iot based applications. https://doi.org/10.1016/j.procs.2020.01.042
Srivastava V, Baksi A, Debnath SK (2023) An overview of hash based signatures. Cryptology ePrint Archive
Suhail S, Hussain R, Khan A et al (2021) On the role of hash-based signatures in quantum-safe internet of things: current solutions and future directions. IEEE Internet Things J 8:1–7. https://doi.org/10.1109/JIOT.2020.3013019
Tsentseria O, Hleha K, Matiyko A et al (2023) The state of standardization of post-quantum crypto-algorithms at the global level. Autom Technol Bus Process 15:66–71. https://doi.org/10.15673/atbp.v15i2.2527
Wagner A, Oberhansl F, Schink M (2022) To be, or not to be stateful: post-quantum secure boot using hash-based signatures. Assoc Comput Mach 10(1145/3560834):3563831
Wang W, Jungk B, Wälde J et al (2020) Xmss and embedded systems: xmss hardware accelerators for risc-v. https://doi.org/10.1007/978-3-030-38471-5_21
Wang Z, Dong X, Chen H et al (2023) Efficient gpu implementations of post-quantum signature xmss. IEEE Trans Parallel Distrib Syst 34:938–954. https://doi.org/10.1109/TPDS.2022.3233348
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors do not have any Conflict of interest relevant to content presented in this article. The authors have no relevant financial or non-financial interests to disclose, nor Conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Tandel, P., Nasriwala, J. Secure authentication framework for IoT applications using a hash-based post-quantum signature scheme. SOCA (2024). https://doi.org/10.1007/s11761-024-00414-x
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11761-024-00414-x