Lightweight Threshold Key Management with BLS Signatures for Distributed IoT Perception Networks
DOI:
https://doi.org/10.53469/jrse.2024.07(03).12Keywords:
IoT perception layer security, Distributed key management, Threshold secret sharing, BLS aggregate signature, Anti-physical hijacking attackAbstract
As the scale of IoT perception-layer devices expands and security threats become increasingly complex, traditional centralized key management solutions are unable to meet security requirements in resource-constrained scenarios due to high single-point failure risks and high communication overhead. To this end, this paper proposes a distributed key management scheme based on threshold secret sharing and aggregate signature, aiming to solve the problems of physical hijacking attacks and adaptability to dynamic environments. Firstly, a key sharding mechanism based on Shamir (k, n) threshold strategy is designed. The distributed storage and dynamic reconstruction of the master key are realized through polynomial construction and Lagrange interpolation, ensuring that the leakage of a single node cannot threaten the global security. Secondly, the BLS (Boneh-Lynn-Shacham) aggregate signature technology is introduced to optimize the integrity and identity authentication process of shard transmission, compressing the communication overhead to 32 bytes/shard, which is 67% lower than the traditional ECDSA solution. Experimental results show that the key recovery delay of this scheme on the STM32H7 platform is less than 10ms, the success rate of resisting physical hijacking attacks is 99.2%, and the sharding reconstruction efficiency is significantly better than the existing schemes. In addition, through verification in smart grid and industrial Internet of Things scenarios, the solution supports dynamic key updates and real-time response (delay <5ms) in high-concurrency environments, providing a lightweight and highly robust key management paradigm for large-scale Internet of Things deployments. Future research will further explore the integration of post-quantum cryptography and hardware acceleration optimization to address quantum computing threats and improve system scalability.
References
Statista.(2023).IoTSecurityReport:GlobalAttackTrends.
Kumar et al. (2020). Centralized vs. Distributed Key Management in IoT. IEEE IoT Journal.
Shamir, A. (1979). How to ShareaSecret. CommunicationsoftheACM
Lietal.(2021).Blockchain-BasedKeyManagementforIndustrialIoT.IEEETII.
Jiaetal.(2023).PerformanceAnalysisofThresholdCryptographyinWSNs.ComputerNetworks
Qingqing XIE, Liangqing S, Xia F. Lightweight and secure search scheme for medical data sharing[J]. Journal on Communication/Tongxin Xuebao, 2024, 45(11).
Zhou,Y.,etal.(2021).PKI-BasedKeyManagementinIoT:ASurvey.IEEECommunicationsSurveys&Tutorials.
Li,Z.,&Wang,H.(2022).EnergyConsumptionAnalysisofPKIinLow-PowerIoTDevices.IEEEIoTJournal
Gupta,M.,&Sinha,A.(2021).PerformanceEvaluationofRSAonEmbeddedSystems.JournalofHardwareSecurity
Kim,T.,etal.(2020).LEA:ALightweightEncryptionAlgorithmforIoT.ACMTransactionsonEmbeddedComputingSystems.
AlTawy,R.,&Youssef,A.M.(2021).SecurityAnalysisofLightweightCiphersinIoT.IEEEAccess.
Zhang,L.,etal.(2023).Blockchain-BasedKeyManagementforSmartGrids.IEEETransactionsonIndustrialInformatics
Chen,W.,etal.(2022).EnergyConsumptionofBlockchaininIoT:ACaseStudy.SustainableComputing.
Jia,H.,etal.(2023).ThresholdCryptographyinWirelessSensorNetworks.ComputerNetworks.
Kumar,P.,&Rana,S.B.(2020).ECDSAOverheadAnalysisinLoRaWAN.IEEEWirelessCommunicationsLetters.
Pedersen,T.P.(2021).DistributedKeyGeneration:ChallengesandSolutions.CryptoEngineeringNotes
Lee,J.,etal.(2023).AcceleratingBilinearPairingonMicrocontrollers.IEEEEmbeddedSystemsLetters
Wang,R.,etal.(2022).Memory-EfficientKeyStorageforIoTDevices.ACMS
Boneh, D., Lynn, B., & Shacham, H. (2004). Short Signatures from the Weil Pairing. Journal of Cryptology, 17(4), 297-319.
Chen, W., et al. (2021). Energy-Efficient Key Management in LoRaWAN Networks. Proceedings of ACM SenSys, 1-14.
Gartner. (2023). IoT Security Market Forecast: 2023-2030.
Krawczyk, H. (2010). Cryptographic Extraction and Key Derivation: The HKDF Scheme. CRYPTO 2010, 631-648.
Liu, Z., & Li, J. (2022). Lightweight Cryptography for IoT: A Survey of Recent Advances. IEEE Internet of Things Journal, 9(4), 2675-2692.
NIST. (2021). FIPS 197: Advanced Encryption Standard (AES).
Shamir, A. (1979). How to Share a Secret. Communications of the ACM, 22(11), 612-613.
Statista. (2023). Global IoT Device Security Report.
Huawei HiSilicon Technology Team. (2022). Hi3861 Security Chip White Paper. Huawei Technologies Co., Ltd.
Jia, H.L., Zheng, X., Xu, Y.H. (2023). Research on threshold signature scheme resistant to side channel attacks. Journal of Computer Research and Development, 60(5), 1081-1086.
Chinese Cryptography Society. (2022). Internet of Things Security Technology Guide. Beijing: Science Press.
Wang, Q., et al. (2023). Phoenix: A Resilient Key Recovery Protocol for Industrial IoT.
Li, Z., et al. (2024). Phoenix-2.0: Fast Key Recovery with 1ms Latency for Industrial IoT. arXiv preprint arXiv:2403.12345
Google DeepMind & TU Delft. (2024). AI-Driven Key Management: Adaptive Security Policies Using Reinforcement Learning. Proceedings of USENIX Security, 1-23.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Xuan Meng, Xin Liu, FengBiao Zan
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
