LiteQSign: Lightweight and Quantum-Safe Signatures for Heterogeneous IoT Applications
Attila A. Yavuz, Saleh Darzi, Saif E. Nouma
TL;DR
LiteQS tackles the user- and energy-centric needs of IoT in a quantum-enabled future by offering a lightweight post-quantum signature that preserves signer efficiency through a fixed number of PRF calls and enables verifiers to derive one-time public keys from a master public key via encrypted evaluations. The scheme combines HORS-based signing, Davies-Meyer OWF, AES-128 PRFs, and a BGV-based FHE instantiation to achieve non-interactive, scalable public-key construction without trusted third parties. Security is established in the ROM via reductions to EU-CMA on HORS, while performance demonstrates substantial gains in signer efficiency, memory footprint, and energy consumption on both commodity hardware and constrained 8-bit MCUs, with reasonable verifier overhead and offline/online trade-offs. These results indicate that LiteQS can provide practical, quantum-resilient authentication for heterogeneous IoT deployments, enabling longer device lifetimes and scalable, verifiable security in large networks.
Abstract
The rapid proliferation of resource-constrained IoT devices across sectors like healthcare, industrial automation, and finance introduces major security challenges. Traditional digital signatures, though foundational for authentication, are often infeasible for low-end devices with limited computational, memory, and energy resources. Also, the rise of quantum computing necessitates post-quantum (PQ) secure alternatives. However, NIST-standardized PQ signatures impose substantial overhead, limiting their practicality in energy-sensitive applications such as wearables, where signer-side efficiency is critical. To address these challenges, we present LightQSign (LightQS), a novel lightweight PQ signature that achieves near-optimal signature generation efficiency with only a small, constant number of hash operations per signing. Its core innovation enables verifiers to obtain one-time hash-based public keys without interacting with signers or third parties through secure computation. We formally prove the security of LightQSign in the random oracle model and evaluate its performance on commodity hardware and a resource-constrained 8-bit AtMega128A1 microcontroller. Experimental results show that LightQSign outperforms NIST PQC standards with lower computational overhead, minimal memory usage, and compact signatures. On an 8-bit microcontroller, it achieves up to 1.5-24x higher energy efficiency and 1.7-22x shorter signatures than PQ counterparts, and 56-76x better energy efficiency than conventional standards-enabling longer device lifespans and scalable, quantum-resilient authentication.