CSECMAS: An Efficient and Secure Certificate Signing Based Elliptic Curve Multiple Authentication Scheme for Drone Communication Networks
Abstract
:1. Introduction
- Eavesdropping attack: This type of attack is a passive attack. During the execution of the protocol, attackers can listen and obtain communication messages between nodes through an insecure communication channel without interfering with the normal operation of the protocol, and then attackers can analyze the messages to obtain some communication information or key information to carry out further attacks.
- Replay attack: After attackers intercept the communication message between nodes, they retransmit the intercepted message, causing all nodes in the system to process the message again. If nodes in the system do not judge the expired message, the replayed message may have unpredictable consequences for the network system.
- Message tampering attack: Attackers intercept the message sent by the node and modify it according to the attack purpose, then send the modified message to the recipient of the original message. In this type of attack, attackers can change the intercepted message in part or in whole in any way desired.
- Man-in-the-middle attack: This type of attack is usually found in protocols that lack mutual authentication between the two parties. Attackers can submit the question asked by one subject in the protocol to another participant for an answer, and then submit the answer to the subject who asked the question.
- Denial of Service Attack (DoS Attack): Attackers make the system network unavailable to other legitimate users by continuously taking up resources on the system network. The rapid relative movement between UAVs easily causes frequent connection and disconnection of communication links, whereas nodes can join or leave the network at any time, which makes the network topology change rapidly and causing frequent changes in the trust relationship between nodes. If the authentication of the leaving nodes or newly joined nodes into the network is too simple, attackers will get the disconnected node’s information and then simulate the disconnected nodes to request re-entry authentication, causing security risks to the system.
- Session Key Agreement: The generated session key should be negotiated by both parties, rather than generated and distributed by the other party. Both parties shall contribute equally to the generation of the session key.
- User Anonymity and Untraceability: The protocol needs to achieve user anonymity and untraceability, which means that attackers cannot get the user’s identity. As a result, attackers cannot judge whether the session content is from the same user, cannot distinguish the specific identity of the user, and therefore cannot trace the user’s behavior.
- Message Integrity: Integrity means that the data has not been destroyed or altered during transmission or storage. The recipient of the message must be able to verify the integrity of the received message. If the message was found to have been tampered with or lost, the session should be stopped immediately and a resend requested. At the same time, the sender of the message cannot deny that it has ever sent the message. The most common methods of achieving integrity are encapsulation and signing.
- Mutual authentication: Each communication node in the network can authenticate with each other to confirm the legitimacy of the identity of the communicating nodes.
- Confidentiality: Data transmitted in the public network must be transmitted in encrypted cipher text, and the transmission of sensitive information in clear text is prohibited. It is mainly divided into forward and backward confidentiality. If the long-term private key of the protocol participant is intercepted by attackers, and attackers cannot thereby roll out the session key that the participant negotiated to obtain before the private key was compromised. Forward confidentiality means that a node leaving the network cannot gain access to confidential data transmitted afterwards. Backward confidentiality means that a newly joined node cannot read confidential data that has been transmitted before.
- Freshness: The recipient of the message should first check the timestamp of the received message to determine whether it meets the freshness requirement.
- We propose a certificate signing based on an Elliptic Curve multiple authentication scheme (CSECMAS) to achieve secure sessions between UAVs and the GCS.
- The key node is selected using the fitness function, through which a secure session can be established between any two UAVs in the network. Increasing the resistance of the entire network to destruction.
- The proposed scheme is analyzed using formal and informal analysis techniques to ensure the security of the protocol.
- Compared with other related protocols in terms of security properties and node computational overhead, the results shows that the protocol is resistant to a wide range of attacks and performs better.
2. Related Works
3. The Proposed Protocol
3.1. System Model
3.2. Attacker Model
- The ability to listen to, intercept and store all messages passing through the UAV network, including authentication and communication information.
- The ability to decrypt intercepted authentication messages and to use the key parameters obtained to forge authentication and communication messages.
- The ability to establish a link to the UAV via a proxy node and send constructed or intercepted authentication and communication messages to participate in the authentication and communication between the UAV and the GCS.
3.3. The Proposed Scheme
- The master key: The master key is generated via the Elliptic Curve Diffie-Hellman Key Exchange (ECDH) protocol, but is not used to encrypt messages, but rather to assist in the generation of session keys and authentication keys.
- The refreshing key: Shared between the UAV and the ground control station and used with the primary key to generate the session key and authentication key. After each generation of the session key and authentication key, a new refresh key is generated by applying a hash function to the current refresh key and deleting the current key and replacing it with the new key. This provides forward secrecy to the protocol; it is assumed that when a node is attacked, information about that node’s previous communications will not be compromised. Because attackers cannot generate the old key, the previous refresh key is no longer available at the time of the attack, nor is the master key.
- The authentication key and the session key: The session key is used as the key for the data-to-data encryption algorithm that provides data confidentiality for communication between the ground control station and the UAV and between UAVs. The authentication key uses a separate key for encryption and authentication to guarantee the legitimacy of the identity.
3.3.1. The Initialization Phase
- The CA uses a random number generator to generate a random number as the CA’s private key and calculates the public key: .
- Select the public parameter set, set to and publish.
3.3.2. The Registration Phase
- The drone chooses its own identifier , then generates a random number as the private key , calculates the message digest , and computes the public key .
- The drone generates message and calculates encrypted message . The certificate private key is used to over-encrypt the message sent, and sends a message to the CA requesting registration.
- The CA decrypts the information after receiving it and calculates the certificate information .
- The CA loads out the drone certificate for the drone
3.3.3. UAV-GCS Authentication Phase
- The UAV generates a random number as its private key , and calculates the public key .
- The UAV generates information , and then signs , namely , calculates value, namely .
- The UAV generates the transmission information: .
- When the GCS receives the information from the UAV , first verify the freshness of the timestamp . If the requirements are met, continuing to the next step, otherwise, the authentication fails.
- It will calculate , and compare it with the received value. If it is the same, continue to the next step, if not, authentication fails.
- The GCS will check the validity of the certificate and use the public key of the UAV’s certificate to verify the signature . If correct, the GCS successfully certifies the UAV and will continue; otherwise, the authentication fails.
- The GCS generates a random number as its private key , and calculates the master key ; the session key , the identity authentication key .
- Then information is generated, and the message is signed, namely ;
- Encrypting the information and calculate and .
- Generating the transmission information .
- The UAV receives the information from the GCS , the freshness of the timestamp should be verified firstly. Judging whether it meets the freshness requirement.
- It will verify the validity of the certificate and use the certificate public key of the GCS to verify the signature . If correct, the UAV successfully certifies the GCS. Will continue; otherwise, the authentication fails.
- The UAV will compute the master key , the session key , and the identity authentication key .
- The value will be calculated and compared to the received value. Similarly, the UAV successfully authenticates the GCS.
- After decrypting the encrypted information , the UAV will receive the information sent by the GCS.
- The UAV will generate information , sign the message , namely , and calculate . It generates the send information .
- When the GCS receives the message , the freshness of the timestamp should be verified firstly.
- It will verify whether the value is consistent with the received one.
- If so, will verify the validity of the certificate and use the certificate public key of the UAV to verify the signature.
- If the verification is successfully, it can be judged that the UAV has successfully received the message sent by the GCS. Similarly, the UAV can verify that the GCS has successfully received the information sent by the UAV by signing .
3.3.4. UAV-UAV Authentication Phase
- A.
- Selection of the Key Node
- The remaining energy
- 2.
- Speed
- 3.
- Distance
- is the value of the fitness function of the node i.
- are the weight representing distance, speed, and the remaining energy, respectively, derived from the Analytic Hierarchy Process and satisfying the requirement that .
- is the average distance between the UAV and its neighbors.
- B.
- Mutual authentication between UAVs
3.3.5. Key Refreshing and Dynamic Joining of Drones
- The GCS generates a new session key and authentication key by refreshing the key.
- The GCS send encrypted messages to the UAV.
- The UAV receives the encrypted message and generates its own new session key and authentication key, and then decrypts the encrypted message. If the decryption is successful, the key refresh is successful, otherwise, it fails, this means that the drone may be controlled or badly damaged.
- Immediately afterwards, the UAV generates a new refresh key and then the UAV sends an encrypted message to the GCS to keep the counters in synchronization.
- The GCS also generates a new refresh key, while both the UAV and the ground control station delete the old key.
4. Security Analysis
4.1. Formal Analysis
4.1.1. The Honest Subject Modeling
4.1.2. The Attackers Modeling
4.1.3. Property Characterization
4.1.4. Analysis of Experimental Results
4.2. Informal analysis
4.2.1. Mutual Authentication
- : The GCS first verifies and HMAC values, then uses the public key of the UAV certificate to verify , if successful, the UAV is successfully authenticated
- , is verified firstly, and then is verified with the public key of the GCS certificate, followed by multiple key, and HMAC value authentication. This method ensures the security of the two-way authentication phase of the protocol. Participants can authenticate each other by verifying that the received message is valid.
4.2.2. Perfect Forward Secrecy
4.2.3. Session Key Agreement
4.2.4. Privileged Internal Attacks
4.2.5. Replay Attack
4.2.6. Man-in-the-Middle Attacks
4.2.7. Denial of Service Attacks (DoS)
4.2.8. Drone Capture Attacks
4.2.9. Desynchronization Attack
5. Performance Analysis
- Comparison of safety characteristics
- Comparison of node overhead calculations
- Comparison of communication overheads
6. NS3 Simulation
7. Conclusions
Author Contributions
Funding
Conflicts of Interest
References
- Liu, J.; Wang, W.; Wang, T.; Shu, Z.; Li, X. A Motif-Based Rescue Mission Planning Method for UAV Swarms Using an Improved PICEA. IEEE Access 2018, 6, 40778–40791. [Google Scholar] [CrossRef]
- Sutheerakul, C.; Kronprasert, N.; Kaewmoracharoen, M.; Pichayapan, P. Application of Unmanned Aerial Vehicles to Pedestrian Traffic Monitoring and Management for Shopping Streets. Transp. Res. Procedia 2017, 25, 1717–1734. [Google Scholar] [CrossRef]
- Fan, R.; Cui, J.; Jin, S.; Yang, K.; An, J. Optimal Node Placement and Resource Allocation for UAV Relaying Network. IEEE Commun. Lett. 2018, 22, 808–811. [Google Scholar] [CrossRef]
- Khan, M.A.; Ectors, W.; Bellemans, T.; Ruichek, Y.; Yasar, A.-U.; Janssens, D.; Wets, G. Unmanned Aerial Vehicle-based Traffic Analysis: A Case Study to Analyze Traffic Streams at Urban Roundabouts. Procedia Comput. Sci. 2018, 130, 636–643. [Google Scholar] [CrossRef]
- Bunse, C.; Plotz, S. Security analysis of drone communication protocols. In Proceedings of the International Symposium on Engineering Secure Software and Systems, Paris, France, 26–27 June 2018; Springer: Cham, Switzerland, 2018; Volume 9, pp. 96–107. [Google Scholar] [CrossRef]
- Humphreys, T. Statement on the Vulnerability of Civil Unmanned Aerial Vehicles and Other Systems to Civil GPS Spoofing; University of Texas at Austin: Austin, TX, USA, 2012; pp. 1–16. [Google Scholar]
- Krishna, C.G.L.; Murphy, R.R. A review on cybersecurity vulnerabilities for unmanned aerial vehicles. In Proceedings of the 2017 IEEE International Symposium on Safety, Security and Rescue Robotics (SSRR), Shanghai, China, 11–13 October 2017; Volume 4, pp. 194–199. [Google Scholar] [CrossRef]
- Choudhary, G.; Sharma, V.; You, I. Sustainable and secure trajectories for the military Internet of Drones (IoD) through an efficient Medium Access Control (MAC) protocol. Comput. Electr. Eng. 2019, 74, 59–73. [Google Scholar] [CrossRef]
- Won, J.; Seo, S.-H.; Bertino, E. A secure communication protocol for drones and smart objects. In Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, Singapore, 14–17 April 2015; ACM: New York, NY, USA, 2015; pp. 249–260. [Google Scholar] [CrossRef]
- Rodday, N.M.; Schmidt, R.D.O.; Pras, A. Exploring security vulnerabilities of unmanned aerial vehicles. In Proceedings of the NOMS 2016—2016 IEEE/IFIP Network Operations and Management Symposium, Istanbul, Turkey, 25–29 April 2016; Volume 16, pp. 993–994. [Google Scholar] [CrossRef]
- Chriki, A.; Touati, H.; Snoussi, H.; Kamoun, F. FANET: Communication, mobility models and security issues. Comput. Netw. 2019, 163, 106877. [Google Scholar] [CrossRef]
- Khan, N.A.; Jhanjhi, N.Z.; Brohi, S.N.; Nayyar, A. Emerging Use of UAV’s: Secure Communication Protocol Issues and Challenges. In Drones in Smart-Cities; Elsevier: Amsterdam, The Netherlands, 2020; pp. 37–55. [Google Scholar]
- Abdi, F.; Chen, C.-Y.; Hasan, M.; Liu, S.; Mohan, S.; Caccamo, M. Preserving Physical Safety Under Cyber Attacks. IEEE Internet Things J. 2018, 6, 6285–6300. [Google Scholar] [CrossRef]
- Petit, J.; Mammeri, Z. Authentication and consensus overhead in vehicular ad hoc networks. Telecommun. Syst. 2011, 52, 2699–2712. [Google Scholar] [CrossRef]
- Seo, S.-H.; Won, J.; Bertino, E.; Kang, Y.; Choi, D. A Security Framework for a Drone Delivery Service. In Proceedings of the 2nd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications for Civilian Use, Singapore, 26 June 2016; Volume 26, pp. 29–34. [Google Scholar] [CrossRef]
- Wang, G.; Lim, K.; Lee, B.-S.; Ahn, J.Y. Handover Key Management in an LTE-based Unmanned Aerial Vehicle Control Network. In Proceedings of the 2017 5th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Prague, Czech Republic, 21–23 August 2017; Volume 5, pp. 200–205. [Google Scholar] [CrossRef]
- Blazy, O.; Bonnefoi, P.-F.; Conchon, E.; Sauveron, D.; Akram, R.N.; Markantonakis, K.; Mayes, K.; Chaumette, S. An Efficient Protocol for UAS Security. In Proceedings of the 2017 Integrated Communications, Navigation and Surveillance Conference (ICNS), Herdon, VA, USA, 18–20 April 2017; Volume 4, pp. 1–21. [Google Scholar] [CrossRef]
- Li, F.; Han, Y.; Jin, C. Practical access control for sensor networks in the context of the Internet of Things. Comput. Commun. 2016, 89, 154–164. [Google Scholar] [CrossRef]
- Benzarti, S.; Triki, B.; Korbaa, O. Privacy Preservation and Drone Authentication Using ID-Based Signcryption. SOMET 2018, 303, 226–239. [Google Scholar] [CrossRef]
- Chen, L.; Qian, S.; Lim, M.K.; Wang, S. An enhanced direct anonymous attestation scheme with mutual authentication for network-connected UAV communication systems. China Commun. 2018, 15, 61–76. [Google Scholar] [CrossRef]
- Tian, Y.; Yuan, J.; Song, H. Efficient privacy-preserving authentication framework for edge-assisted Internet of Drones. J. Inf. Secur. Appl. 2019, 48, 102354. [Google Scholar] [CrossRef]
- Semal, B.; Markantonakis, K.; Akram, R.N. A Certificateless Group Authenticated Key Agreement Protocol for Secure Communication in Untrusted UAV Networks. In Proceedings of the 2018 IEEE/AIAA 37th Digital Avionics Systems Conference (DASC), London, UK, 23–27 September 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–8. [Google Scholar] [CrossRef]
- Turkanović, M.; Brumen, B.; Hölbl, M. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw. 2014, 20, 96–112. [Google Scholar] [CrossRef]
- Farash, M.S.; Turkanović, M.; Kumari, S.; Hölbl, M. An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Netw. 2016, 36, 152–176. [Google Scholar] [CrossRef]
- Amin, R.; Islam, S.H.; Biswas, G.; Khan, M.K.; Leng, L.; Kumar, N. Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks. Comput. Netw. 2016, 101, 42–62. [Google Scholar] [CrossRef]
- Challa, S.; Wazid, M.; Das, A.K.; Kumar, N.; Reddy, A.G.; Yoon, E.-J.; Yoo, K.-Y. Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications. IEEE Access 2017, 5, 3028–3043. [Google Scholar] [CrossRef]
- Wazid, M.; Das, A.K.; Kumar, N.; Vasilakos, A.V.; Rodrigues, J.J.P.C. Design and Analysis of Secure Lightweight Remote User Authentication and Key Agreement Scheme in Internet of Drones Deployment. IEEE Internet Things J. 2018, 6, 3572–3584. [Google Scholar] [CrossRef]
- Zhang, Y.; He, D.; Li, L.; Chen, B. A lightweight authentication and key agreement scheme for Internet of Drones. Comput. Commun. 2020, 154, 455–464. [Google Scholar] [CrossRef]
- Dolev, D.; Yao, A. On the security of public key protocols. IEEE Trans. Inf. Theory 1983, 29, 198–208. [Google Scholar] [CrossRef]
- Guido, M.D.; Brooks, M.W. Insider threat program best practices. In Proceedings of the 46th Hawaii International Conference on System Sciences, Wailea, HI, USA, 7–10 January 2013; IEEE: Piscataway, NJ, USA, 2013; Volume 46, pp. 1831–1839. [Google Scholar] [CrossRef]
- Singh, J.; Gimekar, A.; Venkatesan, S. An efficient lightweight authentication scheme for human-centered industrial Internet of Things. Int. J. Commun. Syst. 2019, 6, e4189. [Google Scholar] [CrossRef]
- Ever, Y.K. A secure authentication scheme framework for mobile-sinks used in the Internet of Drones applications. Comput. Commun. 2020, 155, 143–149. [Google Scholar] [CrossRef]
- Yahuza, M.; Idris, M.Y.I.; Wahab, A.W.A.; Nandy, T.; Bin Ahmedy, I.; Ramli, R. An Edge Assisted Secure Lightweight Authentication Technique for Safe Communication on the Internet of Drones Network. IEEE Access 2021, 9, 31420–31440. [Google Scholar] [CrossRef]
- Tanveer, M.; Zahid, A.H.; Ahmad, M.; Baz, A.; Alhakami, H. LAKE-IoD: Lightweight Authenticated Key Exchange Protocol for the Internet of Drone Environment. IEEE Access 2020, 8, 155645–155659. [Google Scholar] [CrossRef]
- Abbasinezhad-Mood, D.; Nikooghadam, M. Design and hardware implementation of a security-enhanced elliptic curve cryptography based lightweight authentication scheme for smart grid communications. Futur. Gener. Comput. Syst. 2018, 84, 47–57. [Google Scholar] [CrossRef]
Schemes | Techniques Applied | Advantages | Limitations |
---|---|---|---|
Ref. [9] | Certificate-free tag key encapsulation mechanism. | The solution significantly improves computational efficiency. | The solution was not resistant to drone capture attacks. |
Ref. [15] | White-Box Cryptography (WBC). Public Key Infrastructure (PKI). | Considering also security properties such as confidentiality, integrity, and non-repudiation. | The scheme was vulnerable under man-in-middle attack. |
Ref. [16] | Long-Term Evolution (LTE). | The authors discussed in depth security attributes such as authentication, confidentiality, and integrity. | The scheme required high maintenance costs because of the LTE involved. |
Ref. [18] | A bilinear pairing-based algorithm. | The scheme is resistant to known attacks that affect confidentiality and mutual authentication. | The cost of asymmetric bilinear pairing was very high. |
Ref. [19] | RFID tag that provides a unique identification. | The scheme ensures confidentiality, availability, and privacy-preservation requirement. | The scheme lacked mutual authentication, which makes the system vulnerable to man-in-the-middle attacks and simulation attacks. |
Ref. [20] | An asymmetric bilinear pairing-based algorithm. | The scheme provided the required mutual authentication in the IoD network. | The cost of asymmetric bilinear pairing was very high, as such the lightweight feature is not efficient. |
Ref. [21] | Online/offline signature, buffer pseudonym, and public key update methods. | The authors considered the high mobility features of flying drones by incorporating the mobile edge computing (MEC) devices which significantly reduces the authentication cost. | The proposed authentication protocol was not supported by security formal proof. It failed to consider mutual authentication for ensuring secured communication by the entities. |
Ref. [22] | A certificateless AKA algorithm based on asymmetric bilinear pairing. | The schemes provided the required mutual authentication in the IoD network. | The cost of asymmetric bilinear pairing was very high, as such the lightweight feature was inefficient. |
Ref. [23] | AKA algorithm using only Hash functions and XOR operations. | The scheme is lightweight as only XOR operations and hash functions were used. | The scheme is not secured under MITM attack, node impersonation attack and cannot ensure node anonymity and traceability. |
Ref. [24] | AKA algorithm using only Hash functions and XOR operations. | The scheme is lightweight as only XOR operations and hash functions were used. | The scheme was not secured under the known-specific session temporary information attack. Vulnerable to password offline guessing attack, and impersonation attack. |
Ref. [25] | AKA algorithm using only Hash functions and XOR operations and fuzzy-verifier. | The scheme solved the problems suffered by the scheme of Ref. [24]. | The scheme suffered from smart card lost attack and password offline guessing attacks. |
Ref. [26] | AKA algorithm using signature and elliptic curve mechanisms. | The scheme is much lighter than other benchmarking techniques. | It failed to ensure the entities’ prefect forward secrecy. |
Ref. [27] | AKA algorithm using only fuzzy extractor, XOR operations, and hash functions. | The scheme has excellent lightweight features with memory overhead and computational and communication costs because only fuzzy extractor and hash functions are employed. | The proposed authentication protocol was vulnerable to session-specific temporary information attack where the ephemeral key is compromised by a strong CK adversary that can eavesdrop on all the exchanged messages. |
Ref. [28] | AKA algorithm using only Hash functions and XOR operations. | The technique is lightweight with minimal computational and communication costs. | Formal security proof of the proposed AKA protocols using the available automated cryptographic protocol analytical tools or methods is missing. |
Notation | Description |
---|---|
The identity of the drone | |
The Pseudo identity of the drone | |
The private key of A | |
The public key of A | |
Certificate of A | |
The master key shared between A and B | |
The authentication key shared between A and B | |
The Session Key shared between A and B | |
The Refresh key shared between A and B | |
HAMC | Hash-based Message Authentication Code |
The sending counter value of node i that is sharedwith node j (SC(i,j) = RC(j,i)) | |
The receiving counter of node i that is shared with node j (RC(i,j) = SC(j,i)) | |
Deadline for Certificate A | |
Hash value of X | |
Encrypt plaintext X with key K and symmetric algorithm | |
Encryption of messages using MAC algorithm and the key K | |
Hash-based message authentication codes | |
Timestamp |
Criteria | A | B | C | Priority Vector |
---|---|---|---|---|
A | 1 | 3 | 7 | 64.34% |
B | 1/3 | 1 | 5 | 28.28% |
C | 1/7 | 1/5 | 1 | 7.38% |
Number Rating | Verbal Judgment of Preferences |
---|---|
1 | Equally preferred |
3 | Moderately preferred |
5 | Strongly preferred |
7 | Very strongly preferred |
9 | Extremely preferred |
Dimension | RI |
---|---|
1 | 0 |
2 | 0 |
3 | 0.58 |
4 | 0.9 |
5 | 1.12 |
6 | 1.24 |
7 | 1.32 |
8 | 1.41 |
9 | 1.45 |
10 | 1.49 |
Received Message | Learned Item |
---|---|
…… | …… |
, …… |
, , , ,,,, |
Security Features | Schemes | |||
---|---|---|---|---|
Ref. [31] | Ref. [32] | Ref. [33] | Our Scheme | |
Anonymity | √ | √ | √ | √ |
Perfect Forward Secrecy | √ | × | √ | √ |
Perfect Backward Secrecy | NA | NA | NA | √ |
Mutual Authentication | √ | √ | √ | √ |
Session Key Agreement | √ | √ | √ | √ |
Resisting Privileged Internal Attacks | × | × | √ | √ |
Resisting Replay Attacks | √ | √ | √ | √ |
Resisting Man-in-the-middle Attacks | √ | √ | √ | √ |
Resisting Denial of Service Attacks | √ | √ | √ | √ |
Resisting Drone Capture Attacks | × | NA | √ | √ |
Desynchronization Attack: | NA | NA | NA | √ |
Formal Verification | √ | √ | √ | √ |
Communication Overhead Calculation | ||||
---|---|---|---|---|
Schemes | Ref. [31] | Ref. [32] | Ref. [33] | Our Scheme |
Commun. (bits) | 3254 | 3312 | 2496 | 2944 |
Parameter | Description | |
---|---|---|
Platform | Ubuntu16.04.7 LTS | |
Tool used | NS3 3.27 | |
Scenarios | The number of drones | The number of GCS |
A | 6 | 1 |
B | 12 | 1 |
C | 18 | 1 |
D | 24 | 1 |
E | 30 | 1 |
F | 36 | 1 |
Mobility of UAVs | 25 mps–40 mps | |
Simulation time | 1800 s |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Li, L.; Lian, X.; Wang, Y.; Tan, L. CSECMAS: An Efficient and Secure Certificate Signing Based Elliptic Curve Multiple Authentication Scheme for Drone Communication Networks. Appl. Sci. 2022, 12, 9203. https://doi.org/10.3390/app12189203
Li L, Lian X, Wang Y, Tan L. CSECMAS: An Efficient and Secure Certificate Signing Based Elliptic Curve Multiple Authentication Scheme for Drone Communication Networks. Applied Sciences. 2022; 12(18):9203. https://doi.org/10.3390/app12189203
Chicago/Turabian StyleLi, Lin, Xiaofeng Lian, Yulong Wang, and Li Tan. 2022. "CSECMAS: An Efficient and Secure Certificate Signing Based Elliptic Curve Multiple Authentication Scheme for Drone Communication Networks" Applied Sciences 12, no. 18: 9203. https://doi.org/10.3390/app12189203