Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats

Dmytro Shvets; Edona Fasllija; Jakob Heher; Stefan More

doi:10.1007/978-3-031-92886-4_3

Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats

Dmytro Shvets^*
, Edona Fasllija
, Jakob Heher
, Stefan More

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Abstract

The increasing adoption of Internet of Things (IoT) in critical sectors like healthcare, energy, and industrial systems underscores the need for robust and secure data backup solutions. IoT devices often handle sensitive and mission-critical data, but they are prone to failure due to cyberattacks, hardware failures, and environmental factors. Ensuring end-to-end security and asynchronous recovery in such environments is essential to maintaining operational continuity and data integrity.
We address the challenge of securely backing up sensitive data stored in Trusted Execution Environments (TEEs) on IoT devices. We focus on devices that fail without prior knowledge of replacement devices. Such scenarios necessitate secure backup mechanisms that work without requiring interaction between old and new devices. We formulate several architectures that leverage Key Encapsulation Mechanisms (KEM), Proxy Re-Encryption (PRE), and Attribute-Based Encryption (ABE). We address emerging quantum threats by also considering PQC primitives.
We evaluate multiple backup schemes regarding security, flexibility, and resilience in a unified testbed. We further validate two approaches through a full proof-of-concept implementation and experimental evaluation using a real-world IoT testbed. Our findings show that secure, scalable, and quantum-resilient IoT backup systems can be built using modular cryptographic approaches. Our comparative evaluation of multiple backup schemes provides crucial insights for designing future-proof IoT Infrastructures, highlighting the trade-offs between different architectural approaches and cryptographic primitives.

Original language	English
Title of host publication	ICT Systems Security and Privacy Protection. SEC 2025.
Editors	Lili Nemec Zlatolas, Kai Rannenberg, Tatjana Welzer, Joaquin Garcia-Alfaro
Publisher	Springer
Pages	34-48
Number of pages	15
ISBN (Electronic)	978-3-031-92886-4
ISBN (Print)	9783031928857
DOIs	https://doi.org/10.1007/978-3-031-92886-4_3
Publication status	Published - 23 May 2025
Event	40th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2025 - University of Maribor, Maribor, Slovenia Duration: 21 May 2025 → 23 May 2025 Conference number: 40 https://sec2025.um.si

Publication series

Name	IFIP Advances in Information and Communication Technology
Volume	746 IFIPAICT
ISSN (Print)	1868-4238
ISSN (Electronic)	1868-422X

Conference

Conference	40th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2025
Abbreviated title	IFIP SEC 2025
Country/Territory	Slovenia
City	Maribor
Period	21/05/25 → 23/05/25
Internet address	https://sec2025.um.si

Keywords

Data Backup
End-to-End Security
Internet of Things

ASJC Scopus subject areas

Information Systems and Management

Access to Document

10.1007/978-3-031-92886-4_3

Cite this

Shvets, D., Fasllija, E., Heher, J., & More, S. (2025). Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats. In L. Nemec Zlatolas, K. Rannenberg, T. Welzer, & J. Garcia-Alfaro (Eds.), ICT Systems Security and Privacy Protection. SEC 2025. (pp. 34-48). (IFIP Advances in Information and Communication Technology; Vol. 746 IFIPAICT). Springer. https://doi.org/10.1007/978-3-031-92886-4_3

Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats. / Shvets, Dmytro ; Fasllija, Edona ; Heher, Jakob et al.
ICT Systems Security and Privacy Protection. SEC 2025.. ed. / Lili Nemec Zlatolas; Kai Rannenberg; Tatjana Welzer; Joaquin Garcia-Alfaro. Springer, 2025. p. 34-48 (IFIP Advances in Information and Communication Technology; Vol. 746 IFIPAICT).

Research output: Chapter in Book/Report/Conference proceeding › Conference paper › peer-review

Shvets, D , Fasllija, E , Heher, J & More, S 2025, Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats. in L Nemec Zlatolas, K Rannenberg, T Welzer & J Garcia-Alfaro (eds), ICT Systems Security and Privacy Protection. SEC 2025.. IFIP Advances in Information and Communication Technology, vol. 746 IFIPAICT, Springer, pp. 34-48, 40th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2025, Maribor, Slovenia, 21/05/25. https://doi.org/10.1007/978-3-031-92886-4_3

Shvets D , Fasllija E , Heher J , More S. Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats. In Nemec Zlatolas L, Rannenberg K, Welzer T, Garcia-Alfaro J, editors, ICT Systems Security and Privacy Protection. SEC 2025.. Springer. 2025. p. 34-48. (IFIP Advances in Information and Communication Technology). doi: 10.1007/978-3-031-92886-4_3

Shvets, Dmytro ; Fasllija, Edona ; Heher, Jakob et al. / Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats. ICT Systems Security and Privacy Protection. SEC 2025.. editor / Lili Nemec Zlatolas ; Kai Rannenberg ; Tatjana Welzer ; Joaquin Garcia-Alfaro. Springer, 2025. pp. 34-48 (IFIP Advances in Information and Communication Technology).

@inproceedings{dd7b30159a364c0e9bb3e45cafba50cf,

title = "Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats",

abstract = "The increasing adoption of Internet of Things (IoT) in critical sectors like healthcare, energy, and industrial systems underscores the need for robust and secure data backup solutions. IoT devices often handle sensitive and mission-critical data, but they are prone to failure due to cyberattacks, hardware failures, and environmental factors. Ensuring end-to-end security and asynchronous recovery in such environments is essential to maintaining operational continuity and data integrity. We address the challenge of securely backing up sensitive data stored in Trusted Execution Environments (TEEs) on IoT devices. We focus on devices that fail without prior knowledge of replacement devices. Such scenarios necessitate secure backup mechanisms that work without requiring interaction between old and new devices. We formulate several architectures that leverage Key Encapsulation Mechanisms (KEM), Proxy Re-Encryption (PRE), and Attribute-Based Encryption (ABE). We address emerging quantum threats by also considering PQC primitives. We evaluate multiple backup schemes regarding security, flexibility, and resilience in a unified testbed. We further validate two approaches through a full proof-of-concept implementation and experimental evaluation using a real-world IoT testbed. Our findings show that secure, scalable, and quantum-resilient IoT backup systems can be built using modular cryptographic approaches. Our comparative evaluation of multiple backup schemes provides crucial insights for designing future-proof IoT Infrastructures, highlighting the trade-offs between different architectural approaches and cryptographic primitives.",

keywords = "Data Backup, End-to-End Security, Internet of Things",

author = "Dmytro Shvets and Edona Fasllija and Jakob Heher and Stefan More",

year = "2025",

month = may,

day = "23",

doi = "10.1007/978-3-031-92886-4\_3",

language = "English",

isbn = "9783031928857",

series = "IFIP Advances in Information and Communication Technology",

publisher = "Springer",

pages = "34--48",

editor = "\{Nemec Zlatolas\}, Lili and Kai Rannenberg and Tatjana Welzer and Joaquin Garcia-Alfaro",

booktitle = "ICT Systems Security and Privacy Protection. SEC 2025.",

address = "United States",

note = "40th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2025, IFIP SEC 2025 ; Conference date: 21-05-2025 Through 23-05-2025",

url = "https://sec2025.um.si",

}

TY - GEN

T1 - Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats

AU - Shvets, Dmytro

AU - Fasllija, Edona

AU - Heher, Jakob

AU - More, Stefan

N1 - Conference code: 40

PY - 2025/5/23

Y1 - 2025/5/23

N2 - The increasing adoption of Internet of Things (IoT) in critical sectors like healthcare, energy, and industrial systems underscores the need for robust and secure data backup solutions. IoT devices often handle sensitive and mission-critical data, but they are prone to failure due to cyberattacks, hardware failures, and environmental factors. Ensuring end-to-end security and asynchronous recovery in such environments is essential to maintaining operational continuity and data integrity. We address the challenge of securely backing up sensitive data stored in Trusted Execution Environments (TEEs) on IoT devices. We focus on devices that fail without prior knowledge of replacement devices. Such scenarios necessitate secure backup mechanisms that work without requiring interaction between old and new devices. We formulate several architectures that leverage Key Encapsulation Mechanisms (KEM), Proxy Re-Encryption (PRE), and Attribute-Based Encryption (ABE). We address emerging quantum threats by also considering PQC primitives. We evaluate multiple backup schemes regarding security, flexibility, and resilience in a unified testbed. We further validate two approaches through a full proof-of-concept implementation and experimental evaluation using a real-world IoT testbed. Our findings show that secure, scalable, and quantum-resilient IoT backup systems can be built using modular cryptographic approaches. Our comparative evaluation of multiple backup schemes provides crucial insights for designing future-proof IoT Infrastructures, highlighting the trade-offs between different architectural approaches and cryptographic primitives.

AB - The increasing adoption of Internet of Things (IoT) in critical sectors like healthcare, energy, and industrial systems underscores the need for robust and secure data backup solutions. IoT devices often handle sensitive and mission-critical data, but they are prone to failure due to cyberattacks, hardware failures, and environmental factors. Ensuring end-to-end security and asynchronous recovery in such environments is essential to maintaining operational continuity and data integrity. We address the challenge of securely backing up sensitive data stored in Trusted Execution Environments (TEEs) on IoT devices. We focus on devices that fail without prior knowledge of replacement devices. Such scenarios necessitate secure backup mechanisms that work without requiring interaction between old and new devices. We formulate several architectures that leverage Key Encapsulation Mechanisms (KEM), Proxy Re-Encryption (PRE), and Attribute-Based Encryption (ABE). We address emerging quantum threats by also considering PQC primitives. We evaluate multiple backup schemes regarding security, flexibility, and resilience in a unified testbed. We further validate two approaches through a full proof-of-concept implementation and experimental evaluation using a real-world IoT testbed. Our findings show that secure, scalable, and quantum-resilient IoT backup systems can be built using modular cryptographic approaches. Our comparative evaluation of multiple backup schemes provides crucial insights for designing future-proof IoT Infrastructures, highlighting the trade-offs between different architectural approaches and cryptographic primitives.

KW - Data Backup

KW - End-to-End Security

KW - Internet of Things

UR - https://sec2025.um.si

UR - https://www.scopus.com/pages/publications/105006627783

U2 - 10.1007/978-3-031-92886-4_3

DO - 10.1007/978-3-031-92886-4_3

M3 - Conference paper

SN - 9783031928857

T3 - IFIP Advances in Information and Communication Technology

SP - 34

EP - 48

BT - ICT Systems Security and Privacy Protection. SEC 2025.

A2 - Nemec Zlatolas, Lili

A2 - Rannenberg, Kai

A2 - Welzer, Tatjana

A2 - Garcia-Alfaro, Joaquin

PB - Springer

T2 - 40th International Conference on ICT Systems Security and Privacy Protection, IFIP SEC 2025

Y2 - 21 May 2025 through 23 May 2025

ER -

Future-Proof Asynchronous IoT Backups: An Evaluation of Secure IoT Data Recovery Considering Post-Quantum Threats

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

EU - LICORICE - reLIable and sCalable tOols foR self-sovereIgn identity and data proteCtion framEwork

EU - ERATOSTHENES - Secure management of IoT devices lifecycle through identities, trust and distributed ledgers