IoT-REX: A Secure Remote-Control System for IoT Devices from Centralized Multi-Designated Verifier Signatures

IoT technology has been developing rapidly, while at the same time, it raises cybersecurity concerns. Mirai, a notorious IoT malware, is one of the representative threats; it infects many IoT devices and turns them into botnets, and the botnets rapidly spread infection over IoT networks. It seems hard to eliminate the chance of devices being infected with malware completely. Therefore, we believe it is essential to consider systems that enable us to remotely stop (or control) infected devices as soon as possible to prevent or limit malicious behaviors of infected devices. In this paper, we design a promising candidate for such remote-control systems, called IoT-REX (REemote-Control System for IoT devices). IoT-REX allows a systems manager to designate an arbitrary subset of all IoT devices in the system and generate authenticated information that contains any command the system manager wants. Every device can confirm whether or not the device itself was designated; if so, the device executes the command. Towards realizing IoT-REX, we introduce a novel cryptographic primitive called centralized multi-designated verifier signatures (CMDVS). Although CMDVS works under a restricted condition compared to conventional MDVS, it is sufficient for realizing IoT-REX. We provide an efficient CMDVS construction from any approximate membership query structures and digital signatures, yielding compact communication sizes and efficient verification procedures for IoT-REX.