Curbing Address Reuse in the IOTA Distributed Ledger: A Cuckoo-Filter-Based Approach

IOTA is a lightweight quantum-resistant distributed ledger protocol designed for Internet of Things devices. The protocol uses a one-time cryptographic signature scheme that is resistant against attacks by quantum computers. This one-time signature scheme results in a portion of an address's private key being revealed in the signature of each outgoing transaction from that address. If an address is used for multiple outgoing transfers, it is feasible for an adversary to forge a signature by using parts of the private key associated with the address that have been revealed. In this paper, we propose the use of the cuckoo filter in the IOTA core lightweight client in order to avoid address reuse. We validate our proposed approach by implementation and evaluation in the real IOTA architecture. The obtained performance results show that the cuckoo filter integration in the IOTA core lightweight client avoids address reuse and makes the process of new address generation much more efficient and secure. Additionally, our approach can be integrated directly into the current IOTA core lightweight client.