Fast and Post-Quantum Authentication for Real-time Next Generation Networks with Bloom Filter
Kiarash Sedghighadikolaei, Attila A Yavuz
TL;DR
The paper tackles the challenge of authenticating real-time messages in delay-sensitive NextG networks under quantum threats. It introduces TVPD-HORS, a time-valid hash-based signature built from HORS and a OneHashingBloomFilter probabilistic data structure, offering tunable PQ security with fast verification. Empirical results show verification improvements of 2.7×–5× over standard HORS, faster key generation, and smaller public keys, making TVPD-HORS a practical building block for time-valid versions of XMSS and SPHINCS+. This work demonstrates that fast, time-bounded PQ-signature primitives can enable real-time authentication for next-generation networks on resource-constrained devices.
Abstract
Large-scale next-generation networked systems like smart grids and vehicular networks facilitate extensive automation and autonomy through real-time communication of sensitive messages. Digital signatures are vital for such applications since they offer scalable broadcast authentication with non-repudiation. Yet, even conventional secure signatures (e.g., ECDSA, RSA) introduce significant cryptographic delays that can disrupt the safety of such delay-aware systems. With the rise of quantum computers breaking conventional intractability problems, these traditional cryptosystems must be replaced with post-quantum (PQ) secure ones. However, PQ-secure signatures are significantly costlier than their conventional counterparts, vastly exacerbating delay hurdles for real-time applications. We propose a new signature called Time Valid Probabilistic Data Structure HORS (TVPD-HORS) that achieves significantly lower end-to-end delay with a tunable PQ-security for real-time applications. We harness special probabilistic data structures as an efficient one-way function at the heart of our novelty, thereby vastly fastening HORS as a primitive for NIST PQ cryptography standards. TVPD-HORS permits tunable and fast processing for varying input sizes via One-hash Bloom Filter, excelling in time valid cases, wherein authentication with shorter security parameters is used for short-lived yet safety-critical messages. We show that TVPD-HORS verification is 2.7x and 5x faster than HORS in high-security and time valid settings, respectively. TVPD-HORS key generation is also faster, with a similar signing speed to HORS. Moreover, TVPD-HORS can increase the speed of HORS variants over a magnitude of time. These features make TVPD-HORS an ideal primitive to raise high-speed time valid versions of PQ-safe standards like XMSS and SPHINCS+, paving the way for real-time authentication of next-generation networks.