Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones

doi:10.3969/j.issn.1671-1122.2022.09.003

Abstract

Abstract:

With the development of drone technology, Internet of drones(IoD) is becoming more and more popular, and the security of IoD has also become a hot topic in academic circles. To solve the security problems faced by IoD, it is very important to study and design a secure, efficient and lightweight authentication key agreement protocol. In 2021, HUSSAIN et al. proposed a key agreement protocol for IoD authentication key agreement based on elliptic curve encryption algorithm. This paper found that this protocol can be suffered from serious security attacks such as drone impersonation attack, session key leakage attack and so on. Aiming at the security problems faced by Hussain et al., this paper proposed a new authenticated key agreement scheme based on multi-factors. The scheme is based on secure sketch algorithm and elliptic curve encryption algorithm, which can effectively solve the security threats faced by HUSSAIN et al.’s scheme. What’s more, the proposed scheme can realize access control also. From security analysis, security proof and simulation experiments, the result shows that the proposed scheme has higher security, although the computational and communication overhead has increased slightly.

Key words: Internet of drones, secure sketch algorithm, authentication key agreement, multi-factor authentication

CLC Number:

TP309

ZHANG Min, XU Chunxiang, ZHANG Jianhua. Research on Authentication Key Agreement Protocol Based on Multi-Factor in Internet of Drones[J]. Netinfo Security, 2022, 22(9): 21-30.

Figures/Tables 14

References 16

[1]	ABUALIGAH L, DIABAT A, SUMARI P, et al. Applications, Deployments, and Integration of Internet of Drones(IoD): A Review[J]. IEEE Sensors Journal, 2021, 21(2): 25532-25546.
[2]	LIN Chao, HE Debiao, KUMAR N, et al. Security and Privacy for the Internet of Drones: Challenges and Solutions[J]. IEEE Communications Magazine, 2018, 56(1): 64-69.
[3]	YAHUZA M, IDRIS M Y I, AHMEDY I B, et al. Internet of Drones Security and Privacy Issues: Taxonomy and Open Challenges[J]. IEEE Access, 2021, 9: 57243-57270.
[4]	SRINIVAS J, DAS A K, KUMAR N, et al. TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment[J]. IEEE Transactions on Vehicular Technology, 2019, 68(7): 6903-6916.
[5]	ALI Z, CHAUDHRY S A, RAMZAN M S, et al. Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles[J]. IEEE Access, 2020, 8: 43711-43724.
[6]	WAZID M, DAS A K, KUMAR N, et al. Design and Analysis of Secure Lightweight Remote User Authentication And Key Agreement Scheme in Internet of Drones Deployment[J]. IEEE Internet of Things Journal, 2018, 6(2): 3572-3584.
[7]	BERA B, CHATTARAJ D, DAS A K. Designing Secure Blockchain-Based Access Control Scheme in IoT-Enabled Internet of Drones deployment[J]. Computer Communications, 2020, 153: 229-249.
[8]	HUSSAIN S, CHAUDHRY S A, ALOMARI O A, et al. Amassing the Security: An ECC-Based Authentication Scheme for Internet of Drones[J]. IEEE Systems Journal, 2021, 15(3): 4431-4438.
[9]	ZHANG Min, XU Chunxiang, LI Shanshan, et al. On the Security of an ECC-Based Authentication Scheme for Internet of Drones[J]. IEEE Systems Journal, 2022, 4(2): 1-4.
[10]	ZHANG Min, XU Chunxiang, HUANG Minying. Research on Multi-Server Lightweight Multifactor Authentication Protocol in Telemedicine Environment[J]. Netinfo Security, 2019, 19(10): 42-49.
	张敏, 许春香, 黄闽英. 远程医疗环境下面向多服务器的轻量级多因子身份认证协议研究[J]. 信息网络安全, 2019, 19(10):42-49.
[11]	ZHANG Min, ZHANG Jiashu, TAN Wenrong. A Secure Sketch-Based Authentication Scheme for Telecare Medicine Information Systems[J]. Journal of Information Science and Engineering, 2016, 32: 395-408.
[12]	DOLEV D, YAO A. On the Security of Public Key Protocols[J]. IEEE Transactions on Information Theory, 1983, 29(2): 198-208.
[13]	LAMACCHIA B, LAUTER K, MITYAGIN A. Stronger Security of Authenticated Key Exchange[C]// Springer. International Conference on Provable Security. Heidelberg: Springer, 2007: 1-16.
[14]	MESSERGES T S, DABBISH E A, SLOAN R H. Examining Smart-Card Security under the Threat of Power Analysis Attacks[J]. IEEE Transactions on Computers, 2002, 51(5): 541-552.
[15]	HANKERSON D, MENEZES A J, VANSTONE S. Guide to Elliptic Curve Cryptography[M]. Berlin: Springer Science & Business Media, 2006.
[16]	NESSETT D M. A Critique of the Burrows, Abadi and Needham Logic[J]. ACM SIGOPS Operating Systems Review, 1990, 24(2): 35-38.

符号	描述
${{U}_{i}},D{{R}_{j}},BI{{O}_{i}}$	用户、无人机、用户生物特征
GSS	地面服务器
$k$	GSS私钥
${{P}_{pub}}=kP$	GSS公钥
${{E}_{p}}\left( \alpha,\beta \right),P$	ECC、ECC上的点P
$N_{i}^{x},N_{i}^{y}$	${{N}_{i}}\in {{E}_{p}}(\alpha,\beta )$，X,Y是${{N}_{i}}$坐标点
$I{{D}_{i}},RI{{D}_{i}}$	用户U_i的真实身份和别名
$I{{D}_{j}},RI{{D}_{D{{R}_{j}}}}$	无人机DR_j的真实身份和别名
$PI{{D}_{j}},PI{{D}_{D{{R}_{j}}}}$	用户和无人机的动态身份标识
$\parallel \text{, }h(\cdot )$	连接符和哈希函数
$A?=B$	判断A与B是否相等
${{U}_{AT}}$	已经成功注册但不诚实的用户
$D{{R}_{AT}}$	${{U}_{AT}}$部署的傀儡无人机
$MA{{C}_{D{{R}_{j}}}}$	无人机DR_j的物理地址

无人机标识	无人机物理地址	注册时间	当前状态
$I{{D}_{D{{R}_{1}}}}$	$MA{{C}_{D{{R}_{1}}}}$	${{T}_{D{{R}_{1}}}}$	在线
$I{{D}_{D{{R}_{2}}}}$	$MA{{C}_{D{{R}_{2}}}}$	${{T}_{D{{R}_{2}}}}$	不在线
$I{{D}_{D{{R}_{j}}}}$	$MA{{C}_{D{{R}_{j}}}}$	${{T}_{D{{R}_{j}}}}$	在线或不在线

用户身份标识	用户当前状态
$RI{{D}_{1}}$	正常
$RI{{D}_{2}}$	无权限
$RI{{D}_{i}}$	正常/无权限

安全特征	HUSSAIN^[8]等人方案	本文协议
无人机私钥安全	×	√
抵御无人机伪装攻击	×	√
会话密钥安全	×	√
实现访问控制	×	√
实现多因子认证	√	√
特权攻击	√	√
口令猜测攻击	√	√
身份匿名攻击	√	√
实现口令更改	√	√
生物特征更换	√	√

符号	描述
$P\|\equiv X$	P相信X
$P\triangleleft X$	P收到X
$P\|\sim X$	P曾经说过X
$P\|\Rightarrow X$	P对X有仲裁权
$\#(X)$	X是新鲜的，即X是新生成的随机数
$P\overset{K}{\longleftrightarrow}Q$	K是P和Q之间共享的密钥
${{\{X\}}_{K}}$	X被密钥K加密
User/GSS/DR	User表示用户，GSS表示可信第三方，DR表示无人机