无人机网络中基于多因子的认证密钥协商协议研究

doi:10.3969/j.issn.1671-1122.2022.09.003

信息网络安全 ›› 2022, Vol. 22 ›› Issue (9): 21-30.doi: 10.3969/j.issn.1671-1122.2022.09.003

无人机网络中基于多因子的认证密钥协商协议研究

张敏¹^,², 许春香¹, 张建华²()

1.电子科技大学网络空间安全学院，成都 611731
2.西南民族大学计算机科学与工程学院，成都 610225

收稿日期:2022-05-15 出版日期:2022-09-10 发布日期:2022-11-14
通讯作者: 张建华 E-mail:xnmdzjh@swun.edu.cn
作者简介:张敏（1983—），男，四川，高级实验师，博士，主要研究方向为信息安全与网络安全|许春香（1965—），女，湖南，教授，博士，主要研究方向为信息安全、密码学|张建华（1971—），男，四川，教授，博士，主要研究方向为信息安全与网络安全
基金资助:
国家自然科学基金(61872060);国家重点研发计划(2017YFB0802000)

Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones

ZHANG Min¹^,², XU Chunxiang¹, ZHANG Jianhua²()

1. School of Cyberspace Security, University of Electronic Science and Technology of China, Chengdu 611731, China
2. School of Computer Science and Engineer, Southwest Minzu University, Chengdu 610225, China

Received:2022-05-15 Online:2022-09-10 Published:2022-11-14
Contact: ZHANG Jianhua E-mail:xnmdzjh@swun.edu.cn

摘要/Abstract

摘要：

随着无人机技术的发展，无人机网络日益普及，无人机网络安全也越来越受到人们的关注。解决无人机网络的安全问题，研究和设计安全、高效且轻量级的认证密钥协商协议至关重要。2021年，HUSSAIN等人提出一种基于椭圆曲线加密算法的无人机网络认证密钥协商协议，但该协议存在无人机伪装攻击、会话密钥泄露等安全问题。基于此，文章提出一种基于多因子的认证密钥协商协议，利用安全概略算法和椭圆曲线加密算法解决HUSSAIN等人协议的安全威胁，且可实现访问控制。安全分析、安全证明及仿真实验表明，该协议的计算开销和通信开销虽然略有增长，但安全性更高。

关键词: 无人机网络, 安全概略, 认证密钥协商, 多因子身份认证

Abstract:

With the development of drone technology, Internet of drones(IoD) is becoming more and more popular, and the security of IoD has also become a hot topic in academic circles. To solve the security problems faced by IoD, it is very important to study and design a secure, efficient and lightweight authentication key agreement protocol. In 2021, HUSSAIN et al. proposed a key agreement protocol for IoD authentication key agreement based on elliptic curve encryption algorithm. This paper found that this protocol can be suffered from serious security attacks such as drone impersonation attack, session key leakage attack and so on. Aiming at the security problems faced by Hussain et al., this paper proposed a new authenticated key agreement scheme based on multi-factors. The scheme is based on secure sketch algorithm and elliptic curve encryption algorithm, which can effectively solve the security threats faced by HUSSAIN et al.’s scheme. What’s more, the proposed scheme can realize access control also. From security analysis, security proof and simulation experiments, the result shows that the proposed scheme has higher security, although the computational and communication overhead has increased slightly.

Key words: Internet of drones, secure sketch algorithm, authentication key agreement, multi-factor authentication

中图分类号:

TP309

张敏, 许春香, 张建华. 无人机网络中基于多因子的认证密钥协商协议研究[J]. 信息网络安全, 2022, 22(9): 21-30.

ZHANG Min, XU Chunxiang, ZHANG Jianhua. Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones[J]. Netinfo Security, 2022, 22(9): 21-30.

图/表 14

图1

图2

图3

表1

图4

图5

图6

表2

表3

表4

表5

表6

表7

表8

参考文献 16

[1]	ABUALIGAH L, DIABAT A, SUMARI P, et al. Applications, Deployments, and Integration of Internet of Drones(IoD): A Review[J]. IEEE Sensors Journal, 2021, 21(2): 25532-25546.
[2]	LIN Chao, HE Debiao, KUMAR N, et al. Security and Privacy for the Internet of Drones: Challenges and Solutions[J]. IEEE Communications Magazine, 2018, 56(1): 64-69.
[3]	YAHUZA M, IDRIS M Y I, AHMEDY I B, et al. Internet of Drones Security and Privacy Issues: Taxonomy and Open Challenges[J]. IEEE Access, 2021, 9: 57243-57270.
[4]	SRINIVAS J, DAS A K, KUMAR N, et al. TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment[J]. IEEE Transactions on Vehicular Technology, 2019, 68(7): 6903-6916.
[5]	ALI Z, CHAUDHRY S A, RAMZAN M S, et al. Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles[J]. IEEE Access, 2020, 8: 43711-43724.
[6]	WAZID M, DAS A K, KUMAR N, et al. Design and Analysis of Secure Lightweight Remote User Authentication And Key Agreement Scheme in Internet of Drones Deployment[J]. IEEE Internet of Things Journal, 2018, 6(2): 3572-3584.
[7]	BERA B, CHATTARAJ D, DAS A K. Designing Secure Blockchain-Based Access Control Scheme in IoT-Enabled Internet of Drones deployment[J]. Computer Communications, 2020, 153: 229-249.
[8]	HUSSAIN S, CHAUDHRY S A, ALOMARI O A, et al. Amassing the Security: An ECC-Based Authentication Scheme for Internet of Drones[J]. IEEE Systems Journal, 2021, 15(3): 4431-4438.
[9]	ZHANG Min, XU Chunxiang, LI Shanshan, et al. On the Security of an ECC-Based Authentication Scheme for Internet of Drones[J]. IEEE Systems Journal, 2022, 4(2): 1-4.
[10]	ZHANG Min, XU Chunxiang, HUANG Minying. Research on Multi-Server Lightweight Multifactor Authentication Protocol in Telemedicine Environment[J]. Netinfo Security, 2019, 19(10): 42-49.
	张敏, 许春香, 黄闽英. 远程医疗环境下面向多服务器的轻量级多因子身份认证协议研究[J]. 信息网络安全, 2019, 19(10):42-49.
[11]	ZHANG Min, ZHANG Jiashu, TAN Wenrong. A Secure Sketch-Based Authentication Scheme for Telecare Medicine Information Systems[J]. Journal of Information Science and Engineering, 2016, 32: 395-408.
[12]	DOLEV D, YAO A. On the Security of Public Key Protocols[J]. IEEE Transactions on Information Theory, 1983, 29(2): 198-208.
[13]	LAMACCHIA B, LAUTER K, MITYAGIN A. Stronger Security of Authenticated Key Exchange[C]// Springer. International Conference on Provable Security. Heidelberg: Springer, 2007: 1-16.
[14]	MESSERGES T S, DABBISH E A, SLOAN R H. Examining Smart-Card Security under the Threat of Power Analysis Attacks[J]. IEEE Transactions on Computers, 2002, 51(5): 541-552.
[15]	HANKERSON D, MENEZES A J, VANSTONE S. Guide to Elliptic Curve Cryptography[M]. Berlin: Springer Science & Business Media, 2006.
[16]	NESSETT D M. A Critique of the Burrows, Abadi and Needham Logic[J]. ACM SIGOPS Operating Systems Review, 1990, 24(2): 35-38.

符号	描述
${{U}_{i}},D{{R}_{j}},BI{{O}_{i}}$	用户、无人机、用户生物特征
GSS	地面服务器
$k$	GSS私钥
${{P}_{pub}}=kP$	GSS公钥
${{E}_{p}}\left( \alpha,\beta \right),P$	ECC、ECC上的点P
$N_{i}^{x},N_{i}^{y}$	${{N}_{i}}\in {{E}_{p}}(\alpha,\beta )$，X,Y是${{N}_{i}}$坐标点
$I{{D}_{i}},RI{{D}_{i}}$	用户U_i的真实身份和别名
$I{{D}_{j}},RI{{D}_{D{{R}_{j}}}}$	无人机DR_j的真实身份和别名
$PI{{D}_{j}},PI{{D}_{D{{R}_{j}}}}$	用户和无人机的动态身份标识
$\parallel \text{, }h(\cdot )$	连接符和哈希函数
$A?=B$	判断A与B是否相等
${{U}_{AT}}$	已经成功注册但不诚实的用户
$D{{R}_{AT}}$	${{U}_{AT}}$部署的傀儡无人机
$MA{{C}_{D{{R}_{j}}}}$	无人机DR_j的物理地址

无人机标识	无人机物理地址	注册时间	当前状态
$I{{D}_{D{{R}_{1}}}}$	$MA{{C}_{D{{R}_{1}}}}$	${{T}_{D{{R}_{1}}}}$	在线
$I{{D}_{D{{R}_{2}}}}$	$MA{{C}_{D{{R}_{2}}}}$	${{T}_{D{{R}_{2}}}}$	不在线
$I{{D}_{D{{R}_{j}}}}$	$MA{{C}_{D{{R}_{j}}}}$	${{T}_{D{{R}_{j}}}}$	在线或不在线

用户身份标识	用户当前状态
$RI{{D}_{1}}$	正常
$RI{{D}_{2}}$	无权限
$RI{{D}_{i}}$	正常/无权限

安全特征	HUSSAIN^[8]等人方案	本文协议
无人机私钥安全	×	√
抵御无人机伪装攻击	×	√
会话密钥安全	×	√
实现访问控制	×	√
实现多因子认证	√	√
特权攻击	√	√
口令猜测攻击	√	√
身份匿名攻击	√	√
实现口令更改	√	√
生物特征更换	√	√

符号	描述
$P\|\equiv X$	P相信X
$P\triangleleft X$	P收到X
$P\|\sim X$	P曾经说过X
$P\|\Rightarrow X$	P对X有仲裁权
$\#(X)$	X是新鲜的，即X是新生成的随机数
$P\overset{K}{\longleftrightarrow}Q$	K是P和Q之间共享的密钥
${{\{X\}}_{K}}$	X被密钥K加密
User/GSS/DR	User表示用户，GSS表示可信第三方，DR表示无人机

无人机网络中基于多因子的认证密钥协商协议研究

Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 14

参考文献 16

相关文章 4

编辑推荐

Metrics

本文评价

	用户端/ms	GSS/ms	无人机端/ms
双线性对操作（T_b）	17.36	4.038	12.52
ECC点乘操作（T_e）	5.116	0.926	4.107
ECC点加操作（T_a）	0.013	0.006	0.018
哈希函数（T_h）	0.009	0.004	0.006
随机数生成（T_r）	2.011	0.118	1.185
安全概率算法中的SS算法（T_ss）	5.116	0.926	4.107

	用户端	GSS	无人机端	合计
HUSSAIN^[8]等人方案	$2{{T}_{e}}+8{{T}_{h}}+{{T}_{f}}+2{{T}_{r}}$	${{T}_{e}}+7{{T}_{h}}$	$6{{T}_{h}}+{{T}_{r}}$	21.617 ms
本文协议	$2{{T}_{e}}+8{{T}_{h}}+{{T}_{ss}}+2{{T}_{r}}$	${{T}_{e}}+10{{T}_{h}}$	$7{{T}_{h}}+{{T}_{r}}$	21.635 ms

[1]	张敏, 许春香, 黄闽英. 远程医疗环境下面向多服务器的轻量级多因子身份认证协议研究[J]. 信息网络安全, 2019, 19(10): 42-49.
[2]	矢敏, 叶伟伟, 欧庆于. 不需双线性对的基于身份的认证密钥协商协议[J]. 信息网络安全, 2016, 16(10): 21-27.
[3]	袁艳祥;游林. 基于身份加密的可认证密钥协商协议[J]. , 2014, 14(3): 0-0.
[4]	. 基于身份加密的可认证密钥协商协议[J]. , 2014, 14(3): 1-.

	HUSSAIN^[8]等人方案	本文协议
总传输量/bit	2208	2374
消息数量/个	3	3