A secure and robust scheme for sharing confidential information in IoT systems

In Internet of Things (IoT) systems with security demands, there is often a need to distribute sensitive information (such as encryption keys, digital signatures, or login credentials etc.) to the devices, so that it can be retrieved for confidential purposes at a later moment. However, this piece of information cannot be entrusted to any individual device, since the malfunction of one device will jeopardize the security of the entire network. Even if the information is split among the devices, there is still a danger when attackers compromise a group of them. Therefore we have designed and implemented a secure and robust scheme to facilitate the sharing of sensitive information in IoT networks. This solution provides two important features: 1) This scheme uses Threshold Secret Sharing (TSS) to split the information into shares to be kept by all devices in the system. And so the information can only be retrieved collaboratively by groups of devices. 2) This scheme ensures the privacy and integrity of that piece of information even when there is a large amount of sophisticated and collusive attackers who can hijack the devices. It is able to identify all the compromised devices, while still keeping the secret unknown and unforgeable to attackers.