计算机科学 ›› 2022, Vol. 49 ›› Issue (8): 306-313.doi: 10.11896/jsjkx.220200098

• 信息安全 • 上一篇    下一篇

面向无人机通信的认证和密钥协商协议

蹇奇芮1,2, 陈泽茂1,2, 武晓康3   

  1. 1 空天信息安全与可信计算教育部重点实验室 武汉 430072
    2 武汉大学国家网络安全学院 武汉 430072
    3 海军工程大学电气工程学院 武汉 430033
  • 收稿日期:2022-02-18 修回日期:2022-03-08 发布日期:2022-08-02
  • 通讯作者: 陈泽茂(chenzemao@163.com)
  • 作者简介:(jianqirui@whu.edu.cn)
  • 基金资助:
    国家自然科学基金面上项目(61872430);国家优秀青年科学基金(42122025);湖北省杰出青年科学基金(2019CFA086)

Authentication and Key Agreement Protocol for UAV Communication

JIAN Qi-rui1,2, CHEN Ze-mao1,2, WU Xiao-kang3   

  1. 1 Key Laboratory of Aerospace Information Security and Trusted Computing,Ministry of Education,Wuhan 430072,China
    2 School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China
    3 School of Electrical Engineering,Naval University of Engineering,Wuhan 430033,China
  • Received:2022-02-18 Revised:2022-03-08 Published:2022-08-02
  • About author:JIAN Qi-rui,born in 1998,postgra-duate.His main research interests include trusted computing for embedded system and security protocol.
    CHEN Ze-mao,born in 1975,Ph.D,professor,Ph.D supervisor.His main research interests include cyber physical system security,trusted computing and so on.
  • Supported by:
    National Natural Science Foundation of China(61872430),National Science Foundation for Outstanding Young Scholars(42122025) and Natural Science Foundation for Distinguished Young Scholars of Hubei Province,China(2019CFA086).

摘要: 针对无人机通信中密钥配置的安全性和轻量化需求,面向不同计算性能的无人机系统分别提出了基于椭圆曲线密码算法的认证和密钥协商协议DroneSec,以及基于对称密码算法的认证和密钥协商协议DroneSec-lite。所提协议实现了无人机和地面站之间的双向身份认证和通信密钥配置功能,其中DroneSec协议通过结合使用ECDH(Elliptic-Curve Diffie-Hellman)和消息认证码,在保证前向安全性的情况下减小了计算开销,适用于较高性能的计算平台;DroneSec-lite协议仅使用了对称密码算法,因而计算开销极低,适用于低性能平台。使用安全协议形式化验证工具ProVerif验证了协议在加强的Dolve-Yao威胁模型下进行双向认证和密钥配置的安全性,并通过仿真环境实验对协议的性能进行了对比测试和分析。结果显示,协议的计算、通信开销和安全性优于已有协议。

关键词: 安全协议, 密钥协商, 双向认证, 通信安全, 无人机, 形式化验证

Abstract: In order to achieve the requirement for security and lightweight in unmanned aerial vehicle(UAV)communication,two authentication and key agreement protocols targeted for UAVs with different computational performance are proposed,including an ECC based protocol,DroneSec,and a symmetric cipher based protocol,DroneSec-lite.The two protocols achieve secure mutual authentication and key configuration between ground stations and UAVs.DroneSec protocol achieves relatively low computational overhead while ensuring forward secrecy through combining ECDH and MAC,which is suitable for relatively high-performance platforms.DroneSec-lite protocol achieves extremely low computational overhead through using only symmetric ciphers,which is suitable for low-performance platforms.The security of the proposed protocols under the enhanced Dolve-Yao model is verified using ProVerif,a formal protocol verification tool,and the performance of the protocols is analyzed in the simulation environment.The results show that it is superior to existing protocols in terms of computation overhead,communication overhead and security.

Key words: Communication security, Formal verification, Key agreement, Mutual authentication, Security protocol, Unmanned aerial vehicle

中图分类号: 

  • TP309
[1]Frost & Sulliva.Chinese Industrial UAV Industry research report[EB/OL].(2020-02-14) [2021-05-28].http://www.frostchina.com/?p=16157.
[2]HE D J,DU X,QIAO Y R,et al.A Survey on Cyber Security of Unmanned Aerial Vehicles[J].Chinese Journal of Computers,2019,42(5):1076-1094.
[3]SCHUMANN J,MOOSBRUGGER P,ROZIER K Y.R2U2:monitoring and diagnosis of security threats for unmanned aerial systems[C]//Runtime Verification.Springer,2015:233-249.
[4]HE D,CHAN S,GUIZANI M.Communication security of unmanned aerial vehicles[J].IEEE Wireless Communications,2016,24(4):134-139.
[5]YAACOUB J P,NOURA H,SALMAN O,et al.Security analysis of drones systems:Attacks,limitations,and recommendations[J/OL].Internet of Things,2020,11.https://doi.org/10.1016/j.iot.2020.100218.
[6]Internet Engineering Task Force(IETF).RFC 6347:Datagram transport layer security version 1.2[EB/OL].[2021-05-28].https://datatracker.ietf.org/doc/html/rfc6347.
[7]Internet Engineering Task Force(IETF).The Transport Layer Security(TLS) Protocol Version 1.3 [EB/OL].[2021-05-28].https://datatracker.ietf.org/doc/html/rfc8446.
[8]BLANCHET B.Modeling and verifying security protocols with the applied pi calculus and ProVerif[J].Foundations and Trends in Privacy and Security.2016,1(1/2):1-135.
[9]DOLEV D,YAO A.On the security of public key protocols[J].IEEE Transactions on information theory,1983,29(2):198-208.
[10]CHOUDHARY G,SHARMA V,YOU I.Sustainable and secure trajectories for the military Internet of Drones(IoD) through an efficient Medium Access Control (MAC) protocol[J/OL].Computers & Electrical Engineering,2019,74:59-73.https://doi.org/10.1016/j.compeleceng.2019.01.007.
[11]LIU P P.Research on Key Technologies of High Secure Transmission in UAV Communication Networks[D].Nanchang:Nanchang University,2020.
[12]SUN X,NG D W,DING Z,et al.Physical layer security in UAV systems:Challenges and opportunities[J].IEEE Wireless Communications,2019,26(5):40-47.
[13]SHOUFAN A,ALNOON H,BAEK J.Secure communication in civil drones[C]//International Conference on Information Systems Security and Privacy.Springer,2015:177-195.
[14]YOON K,PARK D,YIM Y,et al.Security authentication system using encrypted channel on uav network[C]//2017 First IEEE International Conference on Robotic Computing(IRC).IEEE,2017:393-398.
[15]ZHU H,ZHANG Y P,YU P,et al.Key Management and Authentication Protocol for UAV Network[J].Advanced Engineering Sciences,2019,51(3):158-166.
[16]ALLOUCH A,CHEIKHROUHOU O,KOUBÂA A,et al.MAVSec:Securing the MAVLink protocol for ardupilot/PX4 unmanned aerial systems[C]//2019 15th International Wireless Communications & Mobile Computing Conference(IWCMC).IEEE,2019:621-628.
[17]ZHANG L H,WANG S,ZHOU H,et al.Secure communication scheme of unmanned aerial vehicle system based on MAVLink protocol[J].Journal of Computer Applications,2020,40(8):2286-2292.
[18]LI S N.Research on Security of UAV communication Protocol[D].Beijing:Beijing Jiaotong University,2020.
[19]CORTEZ D M,SISON A M,MEDINA R P.Cryptographic Randomness Test of the Modified Hashing Function of SHA256 to Address Length Extension Attack[C]//Proceedings of the 2020 8th International Conference on Communications and Broadband Networking.2020:24-28.
[20]ALLADI T,BANSAL G,CHAMOLA V,et al.SecAuthUAV:A Novel Authentication Scheme for UAV-Ground Station and UAV-UAV Communication[J].IEEE Transactions on Vehicular Technology,2020,69(12):15068-15077.
[21]SUN J,WANG W,KOU L,et al.A data authentication scheme for UAV ad hoc network communication[J].The Journal of Supercomputing,2020,76(6):4041-4056.
[22]CHO G,CHO J,HYUN S,et al.SENTINEL:A secure and efficient authentication framework for unmanned aerial vehicles[J/OL].Applied Sciences,2020,10(9).https://doi.org/10.3390/app10093149.
[23]TENG L,JIANFENG M,PENGBIN F,et al.Lightweight secu-rity authentication mechanism towards uav networks[C]//2019 International Conference on Networking and Network Applications(NaNA).IEEE,2019:379-384.
[24]KO Y,KIM J,DUGUMA D G,et al.Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone[J/OL].Sensors,2021,21(6).https://doi.org/10.3390/s21062057.
[25]Standard curve database.secp256r1[EB/OL].[2021-05-28].https://neuromancer.sk/std/secg/secp256r1.
[26]GOPE P.PMAKE:Privacy-aware multi-factor authenticated key establishment scheme for advance metering infrastructure in smart grid[J].Computer Communications,2020,152:338-344.
[1] 刘漳辉, 郑鸿强, 张建山, 陈哲毅.
多无人机使能移动边缘计算系统中的计算卸载与部署优化
Computation Offloading and Deployment Optimization in Multi-UAV-Enabled Mobile Edge Computing Systems
计算机科学, 2022, 49(6A): 619-627. https://doi.org/10.11896/jsjkx.210600165
[2] 陈博琛, 唐文兵, 黄鸿云, 丁佐华.
基于改进人工势场的未知障碍物无人机编队避障
Pop-up Obstacles Avoidance for UAV Formation Based on Improved Artificial Potential Field
计算机科学, 2022, 49(6A): 686-693. https://doi.org/10.11896/jsjkx.210500194
[3] 梁珍珍, 徐明.
基于海洋水声信道的密钥协商方案
Key Agreement Scheme Based on Ocean Acoustic Channel
计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097
[4] 谢万城, 李斌, 代玥玥.
空中智能反射面辅助边缘计算中基于PPO的任务卸载方案
PPO Based Task Offloading Scheme in Aerial Reconfigurable Intelligent Surface-assisted Edge Computing
计算机科学, 2022, 49(6): 3-11. https://doi.org/10.11896/jsjkx.220100249
[5] 史殿习, 刘聪, 佘馥江, 张拥军.
GPS拒止环境下基于定位置信度的多无人机协同定位方法
Cooperation Localization Method Based on Location Confidence of Multi-UAV in GPS-deniedEnvironment
计算机科学, 2022, 49(4): 302-311. https://doi.org/10.11896/jsjkx.210200106
[6] 赵耿, 宋鑫宇, 马英杰.
混沌子载波调制的无人机安全数据链路
Secure Data Link of Unmanned Aerial Vehicle Based on Chaotic Sub-carrier Modulation
计算机科学, 2022, 49(3): 322-328. https://doi.org/10.11896/jsjkx.210200022
[7] 成昭炜, 沈航, 汪悦, 王敏, 白光伟.
基于深度强化学习的无人机辅助弹性视频多播机制
Deep Reinforcement Learning Based UAV Assisted SVC Video Multicast
计算机科学, 2021, 48(9): 271-277. https://doi.org/10.11896/jsjkx.201000078
[8] 徐浩, 刘岳镭.
基于深度学习的无人机声音识别算法
UAV Sound Recognition Algorithm Based on Deep Learning
计算机科学, 2021, 48(7): 225-232. https://doi.org/10.11896/jsjkx.200500091
[9] 蔡雨桐, 王勇, 王然然, 姜正涛, 代桂平.
基于进程代数的Otway-Rees协议的形式化验证
Formal Verification of Otway-Rees Protocol Based on Process Algebra
计算机科学, 2021, 48(6A): 477-480. https://doi.org/10.11896/jsjkx.200500072
[10] 孙一凡, 米志超, 王海, 赵宁.
基于分簇的拓扑自适应的无人机蜂群OLSR路由协议
Cluster-based Topology Adaptive OLSR Protocol for UAV Swarm Network
计算机科学, 2021, 48(6): 268-275. https://doi.org/10.11896/jsjkx.200500130
[11] 王宇晨, 齐文慧, 徐立臻.
基于区块链的无人机集群安全协作
Security Cooperation of UAV Swarm Based on Blockchain
计算机科学, 2021, 48(11A): 528-532. https://doi.org/10.11896/jsjkx.201100199
[12] 杨章林, 谢钧, 张耕强.
基于定向天线的飞行自组网定向路由协议综述
Review of Directional Routing Protocols for Flying Ad-Hoc Networks Based on Directional Antennas
计算机科学, 2021, 48(11): 334-344. https://doi.org/10.11896/jsjkx.210400182
[13] 赵晓薇, 朱小军, 韩周卿.
面向定位应用的无人机的悬停位置和飞行路径优化
Hover Location Selection and Flight Path Optimization for UAV for Localization Applications
计算机科学, 2021, 48(11): 345-355. https://doi.org/10.11896/jsjkx.201000105
[14] 杨萍, 王生原.
CompCert编译器目标代码生成机制分析
Analysis of Target Code Generation Mechanism of CompCert Compiler
计算机科学, 2020, 47(9): 17-23. https://doi.org/10.11896/jsjkx.200400018
[15] 游文静, 董超, 吴启晖.
大规模无人机自组网分层体系架构研究综述
Survey of Layered Architecture in Large-scale FANETs
计算机科学, 2020, 47(9): 226-231. https://doi.org/10.11896/jsjkx.190900164
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!