IoT-REX: A Secure Remote-Control System for IoT Devices from Centralized Multi-Designated Verifier Signatures

IoT technology has been developing rapidly, while at the same time, notorious IoT malware such as Mirai is a severe and inherent threat. We believe it is essential to consider systems that enable us to remotely control infected devices in order to prevent or limit malicious behaviors of infected devices. In this paper, we design a promising candidate for such remote-control systems, called IoT-REX (REmote-Control System for IoT devices). IoT-REX allows a systems manager to designate an arbitrary subset of all IoT devices in the system, and every device can confirm whether or not the device itself was designated; if so, the device executes a command given by the systems manager. Towards realizing IoT-REX, we introduce a novel cryptographic primitive called centralized multi-designated verifier signatures (CMDVS). Although CMDVS works under a restricted condition compared to conventional MDVS, it is sufficient for realizing IoT-REX. We provide an efficient CMDVS construction from any approximate membership query structures and digital signatures, yielding compact communication sizes and efficient verification procedures for IoT-REX. We then discuss the feasibility of IoT-REX through the cryptographic implementation of the CMDVS construction on a Raspberry Pi. Our promising results demonstrate that the CMDVS construction can compress communication size to about 30% compared to a trivial construction, and thus its resulting IoT-REX becomes three times faster than a trivial construction over typical low-power wide area networks with an IoT device.