2 research outputs found
On the Role of Hash-Based Signatures in Quantum-Safe Internet of Things:Current Solutions and Future Directions
The Internet of Things (IoT) is gaining ground as a pervasive presence around
us by enabling miniaturized things with computation and communication
capabilities to collect, process, analyze, and interpret information.
Consequently, trustworthy data act as fuel for applications that rely on the
data generated by these things, for critical decision-making processes, data
debugging, risk assessment, forensic analysis, and performance tuning.
Currently, secure and reliable data communication in IoT is based on public-key
cryptosystems such as Elliptic Curve Cryptosystem (ECC). Nevertheless, reliance
on the security of de-facto cryptographic primitives is at risk of being broken
by the impending quantum computers. Therefore, the transition from classical
primitives to quantum-safe primitives is indispensable to ensure the overall
security of data en route. In this paper, we investigate applications of one of
the post-quantum signatures called Hash-Based Signature (HBS) schemes for the
security of IoT devices in the quantum era. We give a succinct overview of the
evolution of HBS schemes with emphasis on their construction parameters and
associated strengths and weaknesses. Then, we outline the striking features of
HBS schemes and their significance for the IoT security in the quantum era. We
investigate the optimal selection of HBS in the IoT networks with respect to
their performance-constrained requirements, resource-constrained nature, and
design optimization objectives. In addition to ongoing standardization efforts,
we also highlight current and future research and deployment challenges along
with possible solutions. Finally, we outline the essential measures and
recommendations that must be adopted by the IoT ecosystem while preparing for
the quantum world.Comment: 18 pages, 7 tables, 7 figure
Real-World Post-Quantum Digital Signatures
Digital signatures are ubiquitous in modern security infrastructures.
Their lack of diversity in industrial settings makes most
contemporary systems susceptible to quantum computer-aided attacks.
Alternatives exist, among which a family of well-understood schemes
with minimal security requirements: hash-based signatures. In addition
to being quantum-safe, hash-based signatures are modular, providing
long-term security. Unfortunately, they are not yet being used in practice.
We discuss the reasons for this gap between theory and practice and
outline a strategy to bridge it. We then detail our work to realise the
described plan