A Secure and Robust Scheme for Sharing Confidential Information in IoT Systems
This addresses security challenges for IoT networks with sensitive data, but it is incremental as it builds on existing secret sharing techniques.
The paper tackles the problem of securely distributing sensitive information in IoT systems by designing a scheme that uses Threshold Secret Sharing to split information among devices, ensuring privacy and integrity even when attackers compromise multiple devices, with results including the ability to identify compromised devices and guarantee confidentiality and authenticity.
In Internet of Things (IoT) systems with security demands, there is often a need to distribute sensitive information (such as encryption keys, digital signatures, or login credentials, etc.) among the devices, so that it can be retrieved for confidential purposes at a later moment. However, this information cannot be entrusted to any one device, since the failure of that device or an attack on it will jeopardize the security of the entire network. Even if the information is divided among devices, there is still the danger that an attacker can compromise a group of devices and expose the sensitive information. In this work, we design and implement a secure and robust scheme to enable the distribution of sensitive information in IoT networks. The proposed approach has two important properties: (1) it uses Threshold Secret Sharing (TSS) to split the information into pieces distributed among all devices in the system - and so the information can only be retrieved collaboratively by groups of devices; and (2) it ensures the privacy and integrity of the information, even when attackers hijack a large number of devices and use them in concert - specifically, all the compromised devices can be identified, the confidentiality of information is kept, and authenticity of the secret can be guaranteed.