Group Authentication Key Agreement Protocol Based on Certificateless Cryptography in UAV Network
ObjectiveUAV technology is increasingly applied in the logistics industry,the military field,and other scenarios.Due to the nature of certain tasks,the collected data must be exchanged between UAVs in scenarios requiring multiple UAVs to work together.However,the network com-munication environment is open and insecure,necessitating the use of a symmetric key to encrypt and decrypt data during the data exchange pro-cess.Ensuring that the UAV group negotiates the session key safely and efficiently becomes a key issue in the process.This study presents a group authentication key negotiation protocol based on a certificateless key system to meet the requirements of identity authentication and data privacy in UAV network communication.Diffie and Hellman proposed a key exchange algorithm that requires only one round of message ex-change between the two sides of the session to calculate the same session key.Even if a malicious attacker eavesdrops on the data during the ex-change,the attacker cannot compute the complete session key.However,this key exchange algorithm does not address the issue of a man-in-the-middle attack.If a malicious third party forges the identities of both session parties,it can determine two session keys with both parties,allowing it to arbitrarily steal and tamper with subsequently transmitted data.Due to the small size of UAVs,the computational and communication over-heads they can bear must remain low,and the key agreement scheme must meet the requirements of lightweight scenarios.If directly applied to multi-party interaction scenarios,traditional two-party key negotiation protocols require numerous interaction rounds,resulting in significant com-putational and communication overhead.Therefore,group key agreement protocols for UAV networks must provide a lighter computing process and stronger security guarantees.Methods This protocol adopts a certificateless key system.As a third-party trusted server,the Key Generation Center(KGC)primarily facilitates identity registration before drone networking.Each drone member sends its identity ID to the KGC,which calculates the corresponding public-private key pairs based on the IDs in collaboration with the drone members.This protocol classifies the drone group into a central node with high computing power and multiple nodes with low computing power to reduce communication and computing expenses.The protocol comprises three stages:registration,negotiation,and joining/withdrawal.In the registration stage,a key pair is generated for each node.In the negotiation stage,the session key negotiation is conducted.The central node with high computing power in the group functions as the hub node,undertaking most computing and communication tasks.Once all nodes calculate their key pairs in the registration stage,only two rounds of interaction between the central high-computing-power node and the low-computing-power nodes are needed to complete the key negotiation.In addition,in scenarios where drones withdraw from or join the group,this protocol supports the dynamic alteration of the drone unit and group keys.Since the high-com-puting-power nodes bear most of the computational and communication overhead during the key negotiation process,they must be distinguished from the general low-computing-power nodes.The central and low-power nodes verify the digital signature to ensure identity reliability,and the protocol supports dynamic changes to the UAV unit and group keys.Once all nodes calculate their key pairs during the registration stage,only two rounds of interaction between the central high-computing-power node and the low-computing-power nodes are required to complete the key negotiation.Results and Discussions This study demonstrates the protocol's security under the eCK model,which withstands guessing attacks,key duplica-tion attacks,and forgery attacks in the eCK model.In the analysis,multiple query capabilities are granted to the adversary,and the proof con-cludes that if the CDH problem is difficult to solve,the adversary's attack advantage is negligible.Based on the eCK model,this study establishes that the proposed protocol satisfies unforgeability,forward and backward confidentiality,and resists public key replacement attacks.A simulation experiment of the protocol is conducted to compare the calculation and communication costs with similar protocols.The simulation results indic-ate that the protocol achieves lower calculation and communication costs.Since the protocol does not rely on bilinear pairing construction,it is more suitable for lightweight UAV communication scenarios.In addition,this study evaluates the protocol's performance against existing ones in terms of computational overhead,communication cost overhead,and security properties.A simulation verifies the actual performance of the pro-tocol.The scheme employs secure hash function operations and elliptic curve scalar dot product operations with lower computational overhead,making it highly suitable for lightweight scenario requirements.Experimental results showed that both high-computing power nodes and low-computing power nodes in the scheme exhibit the lowest computational overhead.Whether in theoretical analysis or experimental simulation,the scheme shows good lightweight characteristics and high security,making it ideal for key negotiation scenarios of UAV swarms.Conclusions The proposed scheme divides the UAV cluster into a high-computing node and multiple low-computing nodes.The high-computing node undertakes most of the computational and communication tasks for the cluster,reducing the overhead of the other nodes and enabling the en-tire UAV cluster to negotiate the session key efficiently and quickly.This study also conducts a security analysis and proof under the eCK model,demonstrating that the scheme satisfies multiple security features,ensuring secure data transmission between UAVs.Finally,the analysis and ex-perimental simulation of computational overhead and communication overhead confirm that the scheme exhibits good lightweight characteristics,meeting the requirements of UAVs with small sizes and low computing power.
unmanned aerial vehicles(UAV)certificateless public key cryptographyidentity authenticationkey agreementelliptic curve cryp-tography
万方数据
