SpringerLink
Log in

Secure authentication framework for IoT applications using a hash-based post-quantum signature scheme

  • Original Research Paper
  • Published:
Service Oriented Computing and Applications Aims and scope Submit manuscript

Abstract

In today’s era, numerous applications are evolving into smart applications by leveraging technologies like the Internet of Things (IoT), Artificial Intelligence (AI), and Big Data. The incorporation of advanced sensors, AI-driven embedded devices, and cloud-based remote control has significantly enhanced the efficiency and profitability of IoT applications in numerous eras. Ensuring the security of IoT applications is crucial, with authentication emerging as a top priority. Lack of proper authentication may lead to unauthorized and risky activities, potentially causing hazardous situations within IoT applications. The current cryptographic methods employed in IoT devices rely on public-key cryptographic primitives, which, unfortunately, are susceptible to future quantum attacks. Therefore, there is a need to develop an effective signature scheme that can authenticate IoT devices resiliently against potential quantum threats. Hash-based post-quantum signature scheme stood as the best candidate to design quantum-safe authentication mechanisms. This paper presents a practical client–server implementation scenario tailored for IoT applications, showcasing the utilization of hash-based post-quantum digital signatures. Highlighting the complexity and computational demands of these signatures, the model architecture is illustrated using Raspberry Pi 3 and Pi 0 as servers, complemented by the widely used ESP32 as client devices in IoT applications achieving 32.83% optimized memory usage.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Algorithm 1
Algorithm 2
Algorithm 3
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Abdullah GM, Mehmood Q, Khan CBA (2018) Adoption of lamport signature scheme to implement digital signatures in iot. https://doi.org/10.1109/ICOMET.2018.8346359

  2. Alagic G, Alperin-Sheriff J, Apon D et al (2022) Status report on the first round of the nist post-quantum cryptography standardization process. https://doi.org/10.6028/NIST.IR.8240

  3. Alfrhan A, Moulahi T, Alabdulatif A (2021) Comparative study on hash functions for lightweight blockchain in internet of things (iot). Blockchain Res Appl 2:100036. https://doi.org/10.1016/j.bcra.2021.100036

    Article  Google Scholar 

  4. Bellini E, Caullery F, Hasikos A, et al (2018) You shall not pass! (once again): an iot application of post-quantum stateful signature schemes. https://doi.org/10.1145/3197507.3197512

  5. Bernstein DJ, Buchmann J, Dahmen E (2009) Post-quantum cryptography. Springer, Berlin

    Book  Google Scholar 

  6. Bernstein DJ, Hopwood D, Hülsing A, et al (2015) Sphincs: practical stateless hash-based signatures. https://doi.org/10.1007/978-3-662-46800-5_15

  7. Bos JW, Hülsing A, Renes J et al (2021) Rapidly verifiable xmss signatures. IACR Trans Cryptogr Hardw Embed Syst 2021:137–168. https://doi.org/10.46586/tches.v2021.i1.137-168

    Article  Google Scholar 

  8. Buchmann J, Dahmen E, Schneider M (2008) Merkle tree traversal revisited. https://doi.org/10.1007/978-3-540-88403-3_5

  9. Buchmann J, Dahmen E, Hülsing A (2011) Xmss—a practical forward secure signature scheme based on minimal security assumptions. https://doi.org/10.1007/978-3-642-25405-5_8

  10. Buldas A, Laanoja R, Truu A (2018) A blockchain-assisted hash-based signature scheme. https://doi.org/10.1007/978-3-030-03638-6_9

  11. Campos F, Kohlstadt T, Reith S, et al (2020) Lms vs xmss: comparison of stateful hash-based signature schemes on arm cortex-m4. https://doi.org/10.1007/978-3-030-51938-4_13

  12. Cao Y, Wu Y, Lu X et al (2022) An efficient full hardware implementation of extended merkle signature scheme. IEEE Trans Circuits Syst I Regul Pap 69:682-693. https://doi.org/10.1109/TCSI.2021.3115786

  13. Cao Y, Wu Y, Qin L et al (2022) Area, time and energy efficient multicore hardware accelerators for extended Merkle signature scheme. IEEE Trans Circuits Syst I Regul Pap 69:4908–4918. https://doi.org/10.1109/TCSI.2022.3200987

    Article  Google Scholar 

  14. Carneiro J, Oliveira LB (2019) Evaluating post-quantum signatures for iot devices. https://doi.org/10.1007/978-3-030-19223-5_8

  15. Cooper DA, Apon D, Dang Q et al (2020) Recommendation for stateful hash-based signature schemes. https://doi.org/10.6028/nist.sp.800-208-draft

  16. Genêt A (2023) On protecting sphincs+ against fault attacks. IACR Trans Cryptogr Hardw Embed Syst 2023:80–114. https://doi.org/10.46586/tches.v2023.i2.80-11410.46586/tches.v2023.i2.80-114

    Article  Google Scholar 

  17. Ghosh S, Misoczki R, Sastry MR (2019) Lightweight post-quantum-secure digital signature approach for iot motes. Eprint 2019-122

  18. Gurung D, Pokhrel SR, Li G (2023) Performance analysis and evaluation of post quantum secure blockchain federated learning. Ar**v ar**v:2306.14772. https://api.semanticscholar.org/CorpusID:259313763

  19. Hosoyamada A, Sasaki Y (2021) Quantum collision attacks on reduced sha-256 and sha-512. https://doi.org/10.1007/978-3-030-84242-0_22

  20. Hülsing A (2013) Practical forward secure signatures using minimal security assumptions. Ph.D. thesis, Technische Universität, Darmstadt, http://tuprints.ulb.tu-darmstadt.de/3651/

  21. Hülsing A (2013) W-ots+ - shorter signatures for hash-based signature schemes.https://doi.org/10.1007/978-3-642-38553-7_10

  22. Hülsing A, Kudinov M (2022) Recovering the tight security proof of sphincs+.https://doi.org/10.1007/978-3-031-22972-5_1

  23. Hülsing A, Busold C, Buchmann J (2013) Forward secure signatures on smart cards. In: Lecture notes in computer science (including subseries lecture notes in artificial intelligence and lecture notes in bioinformatics) 7707 LNCS

  24. Hülsing A, Rausch L, Buchmann J (2013) Optimal parameters for xmssmt. https://doi.org/10.1007/978-3-642-40588-4_14

  25. Hülsing A, Rijneveld J, Schwabe P (2016) Armed sphincs computing a 41kb signature in 16kb of ram, vol 9614. Springer, Berlin, pp 446–470. https://doi.org/10.1007/978-3-662-49384-7_17

    Book  Google Scholar 

  26. Hülsing A, Kudinov M, Ronen E et al (2023) Sphincs+c: compressing sphincs+ with (almost) no cost, vol 2023. Institute of Electrical and Electronics Engineers Inc., Piscataway, pp 1435–1453. https://doi.org/10.1109/SP46215.2023.10179381

    Book  Google Scholar 

  27. Kampanakis P, Fluhrer SR (2017) Lms vs xmss: a comparison of the stateful hash-based signature proposed standards. IACR Cryptol ePrint Arch 2017:349

    Google Scholar 

  28. Kampanakis P, Sikeridis D (2019) Two post-quantum signature use-cases: non-issues, challenges and potential solutions. https://api.semanticscholar.org/CorpusID:207999552

  29. Karakaya A, Ulu A (2024) A survey on post-quantum based approaches for edge computing security. WIREs Comput Stat 16(1):e1644. https://doi.org/10.1002/wics.1644

    Article  MathSciNet  Google Scholar 

  30. Kerimbayeva A (2023) Analysis of existing approaches and algorithms of post-quantum cryptography. Revue d’Intelligence Artificielle. https://doi.org/10.18280/ria.370314

  31. Kosuge H, Tanaka H (2022) Simple and memory-efficient signature generation of xmssmt. https://doi.org/10.1007/978-3-030-99277-4_18

  32. Kudinov MA, Kiktenko EO, Fedorov AK (2021) Security analysis of the w-ots\(^+\) signature scheme: updating security bounds. https://doi.org/10.4213/mvk362

  33. Kumar A, Ottaviani C, Gill SS et al (2022) Securing the future internet of things with post-quantum cryptography. Secur Priv. https://doi.org/10.1002/spy2.200

    Article  Google Scholar 

  34. Kumari S, Singh M, Singh R et al (2022) Post-quantum cryptography techniques for secure communication in resource-constrained internet of things devices: a comprehensive survey. Softw Pract Exp. https://doi.org/10.1002/spe.3121

    Article  Google Scholar 

  35. Lafrance P, Menezes A (2019) On the security of the wots-prf signature scheme. Adv Math Commun. https://doi.org/10.3934/amc.2019012

    Article  MathSciNet  Google Scholar 

  36. Li L, Lu X, Wang K (2022) Hash-based signature revisited. https://doi.org/10.1186/s42400-022-00117-w

  37. Li N, Liu D, Nepal S (2017) Lightweight mutual authentication for iot and its applications. IEEE Trans Sustain Comput 2:359–370. https://doi.org/10.1109/TSUSC.2017.2716953

    Article  Google Scholar 

  38. Liu T, Ramachandran G, Jurdak R (2024) Post-quantum cryptography for internet of things: a survey on performance and optimization. ar**v:2401.17538

  39. Lohachab A, Lohachab A, Jangra A (2020) A comprehensive survey of prominent cryptographic aspects for securing communication in post-quantum iot networks. https://doi.org/10.1016/j.iot.2020.100174

  40. Mavroeidis V, Vishi KDM et al (2018) The impact of quantum computing on present cryptography. Int J Adv Comput Sci Appl. https://doi.org/10.14569/ijacsa.2018.090354

    Article  Google Scholar 

  41. McGrew D, Kampanakis P, Fluhrer S et al (2016) State management for hash-based signatures. https://doi.org/10.1007/978-3-319-49100-4_11

  42. Mohan P, Wang W, Jungk B et al (2020) Asic accelerator in 28 nm for the post-quantum digital signature scheme xmss. Inst Electr Electron Eng. https://doi.org/10.1109/ICCD50377.2020.00112

    Article  Google Scholar 

  43. Naor D, Naor D, Shenhav A, et al (2005) One-time signatures revisited: have they become practical. (manuscript)

  44. Oraei H, Dehkordi MH (2022) A new variant of the winternitz one time signature based on graded encoding schemes. ISC Int J Inf Secur 14:1–11. https://doi.org/10.22042/ISECURE.2021.272908.639

    Article  Google Scholar 

  45. Pauls F, Wittig R, Fettweis G (2019) A latency-optimized hash-based digital signature accelerator for the tactile internet. https://doi.org/10.1007/978-3-030-27562-4_7

  46. Pereira GC, Puodzius C, Barreto PS (2016) Shorter hash-based signatures. J Syst Softw 116:95–100. https://doi.org/10.1016/j.jss.2015.07.007

    Article  Google Scholar 

  47. Rao V, Prema KV (2019) Comparative study of lightweight hashing functions for resource constrained devices of iot. https://doi.org/10.1109/CSITSS47250.2019.9031038

  48. Regnath E, Steinhorst S (2020) Amsa: adaptive merkle signature architecture. https://doi.org/10.23919/DATE48585.2020.9116517

  49. Rohde S, Eisenbarth T, Dahmen E et al (2008) Fast hash-based signatures on constrained devices. https://doi.org/10.1007/978-3-540-85893-5_8

  50. Romásun R, Arjona R, Baturone I (2023) A lightweight remote attestation using pufs and hash-based signatures for low-end iot devices. Future Gener Comput Syst 148:425–435. https://doi.org/10.1016/j.future.2023.06.008

  51. Roy KS, Kalita HK (2019) A survey on post-quantum cryptography for constrained devices

  52. Saldamli G, Ertaul L, Kodirangaiah B (2018) Post-quantum cryptography on iot: Merkle’s tree authentication. In: Proceedings of the 2018 international conference on wireless networks, ICWN’18

  53. Shahid F, Khan A (2020) Smart digital signatures (sds): a post-quantum digital signature scheme for distributed ledgers. Future Gener Comput Syst 111:241–253. https://doi.org/10.1016/j.future.2020.04.042

    Article  Google Scholar 

  54. Sharma N, Sultana HP, Singh R et al (2019) Secure hash authentication in iot based applications. https://doi.org/10.1016/j.procs.2020.01.042

  55. Srivastava V, Baksi A, Debnath SK (2023) An overview of hash based signatures. Cryptology ePrint Archive

  56. Suhail S, Hussain R, Khan A et al (2021) On the role of hash-based signatures in quantum-safe internet of things: current solutions and future directions. IEEE Internet Things J 8:1–7. https://doi.org/10.1109/JIOT.2020.3013019

    Article  Google Scholar 

  57. Tsentseria O, Hleha K, Matiyko A et al (2023) The state of standardization of post-quantum crypto-algorithms at the global level. Autom Technol Bus Process 15:66–71. https://doi.org/10.15673/atbp.v15i2.2527

    Article  Google Scholar 

  58. Wagner A, Oberhansl F, Schink M (2022) To be, or not to be stateful: post-quantum secure boot using hash-based signatures. Assoc Comput Mach 10(1145/3560834):3563831

    Google Scholar 

  59. Wang W, Jungk B, Wälde J et al (2020) Xmss and embedded systems: xmss hardware accelerators for risc-v. https://doi.org/10.1007/978-3-030-38471-5_21

  60. Wang Z, Dong X, Chen H et al (2023) Efficient gpu implementations of post-quantum signature xmss. IEEE Trans Parallel Distrib Syst 34:938–954. https://doi.org/10.1109/TPDS.2022.3233348

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology and Cyber Security, C G Patel Institute of Technology, Uka Tarsadia University, Surat, Gujarat, 394350, India

    Purvi Tandel

  2. Babu Madhav Institute of Information Technology, Uka Tarsadia University, Surat, Gujarat, 394350, India

    Jitendra Nasriwala

Authors
  1. Purvi Tandel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jitendra Nasriwala
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Purvi Tandel.

Ethics declarations

Conflict of interest

The authors do not have any Conflict of interest relevant to content presented in this article. The authors have no relevant financial or non-financial interests to disclose, nor Conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Tandel, P., Nasriwala, J. Secure authentication framework for IoT applications using a hash-based post-quantum signature scheme. SOCA (2024). https://doi.org/10.1007/s11761-024-00414-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11761-024-00414-x

Keywords

Search

Navigation