CN114679268A - Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium - Google Patents

Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium Download PDF

Info

Publication number
CN114679268A
CN114679268A CN202210319290.0A CN202210319290A CN114679268A CN 114679268 A CN114679268 A CN 114679268A CN 202210319290 A CN202210319290 A CN 202210319290A CN 114679268 A CN114679268 A CN 114679268A
Authority
CN
China
Prior art keywords
unmanned aerial
aerial vehicle
point
ground station
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210319290.0A
Other languages
Chinese (zh)
Other versions
CN114679268B (en
Inventor
张媛媛
孟令哲
张明武
阮鸥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Technology
Original Assignee
Hubei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Technology filed Critical Hubei University of Technology
Priority to CN202210319290.0A priority Critical patent/CN114679268B/en
Publication of CN114679268A publication Critical patent/CN114679268A/en
Application granted granted Critical
Publication of CN114679268B publication Critical patent/CN114679268B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Traffic Control Systems (AREA)

Abstract

The invention provides a method for mutual authentication and key agreement between unmanned aerial vehicles, which comprises the following steps: s1, generating system public parameters and a private key of a ground station; s2, registering the unmanned aerial vehicles at the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private keys of the ground station; and S3, the unmanned aerial vehicle and the unmanned aerial vehicle carry out mutual authentication and negotiate a session key. The authentication and key agreement method between unmanned aerial vehicles provided by the embodiment of the invention comprises the following steps: the ground station is a system which can provide registration service for the unmanned aerial vehicle and generate parameters required by authentication. In addition, a Physical Unclonable Function (PUF) is embedded in the unmanned aerial vehicle, so that the safety of authentication information stored by the unmanned aerial vehicle is ensured.

Description

Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium
Technical Field
The invention relates to the technical field of information security, in particular to a method, computing equipment and a storage medium for mutual authentication and key agreement among multiple unmanned aerial vehicles.
Background
As an unmanned micro-aircraft, an Unmanned Aerial Vehicle (UAV) is an unmanned aerial vehicle operated by a radio remote control technology and a control device embedded in the UAV, and is widely applied to the fields of remote sensing surveying and mapping, express transportation, pipeline inspection, environmental detection, military reconnaissance and the like.
With the development of unmanned aerial vehicle technology, it has become a reality to collaborate unmanned aerial vehicles to complete designated tasks. A plurality of unmanned aerial vehicles are combined according to a certain scale and structure, and a cooperation effect is generated through information sharing among the unmanned aerial vehicles so as to realize intelligent cooperation to execute tasks. The mode of cooperation between this kind of unmanned aerial vehicle is extensive in many fields applications, like in the aspect of the disaster rescue, when unmanned aerial vehicle carries out search and rescue work in the mountain area, because the environment in region is complicated changeable, the problem that communication signal can appear sheltering from. Adopt unmanned aerial vehicle cooperative mode, different unmanned aerial vehicles can be each other for communication relay, carry out data sharing, and the communication that can effectively avoid appearing shelters from the problem to promote search and rescue efficiency.
The mode of drone collaboration provides many benefits for production and life, but presents some security issues. Since communication between drones is performed over a common channel, an attacker can eavesdrop communication information within the network, tamper information, or forge fake information to inject into the communication. Therefore, ensuring secure communication between drones and drones is an aspect that needs to be considered, namely how to perform identity authentication and key agreement between drones. Finally, considering that the unmanned aerial vehicle is easily attacked by physical capture, how to ensure that the unmanned aerial vehicle is captured and steals internal data has no influence on the security of the authentication scheme is also a problem that needs to be studied in depth.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method for mutual authentication and key agreement between unmanned aerial vehicles, where mutual authentication and key agreement between an unmanned aerial vehicle and an unmanned aerial vehicle are performed, so as to ensure security and efficiency of implementing cooperation by the unmanned aerial vehicle; meanwhile, under the condition that an attacker is prevented from capturing the unmanned aerial vehicle and stealing internal data, the safety of authentication and key agreement is not influenced.
In order to achieve the above object, an embodiment of the present invention provides a method for authentication and key agreement between unmanned aerial vehicles, where the method includes:
s1, generating system public parameters and a private key of a ground station;
s2, registering the unmanned aerial vehicles at the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private keys of the ground station;
and S3, the unmanned aerial vehicle and the unmanned aerial vehicle carry out mutual authentication and negotiate a session key.
In another aspect, an embodiment of the present invention further provides a computer-readable storage medium, where at least one instruction, at least one program, a code set, or a set of instructions is stored in the storage medium, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by a processor to implement the method for authentication and key agreement between drones as described above.
In yet another aspect, an embodiment of the present invention further provides a computing device, where the computing device includes a processor and a memory, where the memory stores at least one instruction, at least one program, a set of codes, or a set of instructions, and the at least one instruction, the at least one program, the set of codes, or the set of instructions is loaded and executed by the processor to implement the method for authentication and key agreement between drones as described above.
The authentication and key agreement method between unmanned aerial vehicles provided by the embodiment of the invention comprises the following steps: the unmanned aerial vehicle is an unmanned aerial vehicle for executing corresponding tasks; the ground station is a system which can provide registration service for the unmanned aerial vehicle and generate parameters required by authentication, and an elliptic curve, a base point, two hash functions, a ground station public key and a pseudonym are required to be used as public parameters. The embodiment of the invention realizes mutual authentication and key agreement between the unmanned aerial vehicle and the unmanned aerial vehicle, and ensures future safe communication between the unmanned aerial vehicle and the unmanned aerial vehicle. In addition, a Physical Unclonable Function (PUF) is embedded in the unmanned aerial vehicle, so that the safety of authentication information stored by the unmanned aerial vehicle is ensured.
Drawings
The following description of the embodiments of the present invention will be made with reference to the accompanying drawings.
Fig. 1 is a flow chart of unmanned aerial vehicle registration according to an embodiment of the present invention;
fig. 2 is a flowchart of authentication between the drones according to the embodiment of the present invention;
fig. 3 is a new unmanned aerial vehicle addition flow chart according to an embodiment of the present invention;
fig. 4 is a block diagram of a computing device according to an embodiment of the present invention.
Detailed Description
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description will be made with reference to the accompanying drawings. It is obvious that the drawings in the following description are only some examples of the invention, and that for a person skilled in the art, other drawings and embodiments can be derived from them without inventive effort. For the sake of simplicity, the drawings only schematically show the parts relevant to the present invention, and they do not represent the actual structure as a product.
In order to solve the technical problem of the embodiment of the present invention, the embodiment of the present invention provides the following technical solutions:
an authentication and key agreement method between unmanned aerial vehicles comprises the following steps:
s1, generating system public parameters and a private key of a ground station;
s2, registering the unmanned aerial vehicles at the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private keys of the ground station;
and S3, the unmanned aerial vehicle and the unmanned aerial vehicle carry out mutual authentication and negotiate a session key.
Preferably, the S1 includes the following steps:
s1.1: let GF (q) be a finite field, where q is a large prime number representing the size of GF (q), and the ground station selects the elliptical curve E over GF (q)q(a,b):y2=x3+ ax + b (mod q), where (a, b) E GF (p) and U is EqA base point on (a, b);
s1.2: the ground station selects a first random number
Figure BDA0003570941000000031
As the self-private key, among others,
Figure BDA0003570941000000032
performing dot product operation on the private key s and the base point U to obtain a ground station public key Ppub
Namely, calculating Ppub=s·U;
S1.3: the ground station selects its pseudonym SID and two hash functions h1(. cndot.) and h2(. wherein h) is1(. h) mapping strings of arbitrary length to an integer, h2() mapping a string of arbitrary length to a fixed length string;
s1.4: the ground station saves the private key s and discloses the elliptic curve Eq(a, b), large prime number q, base point U and ground station public key PpubA ground station pseudonym SID and two Hash functions h1(. and h)2(·)。
As shown in fig. 1, preferably, the S2 includes the following steps:
s2.1: assuming a total of n drones, the ground station selects a second random number for each drone
Figure BDA0003570941000000033
The random number diPerforming point multiplication operation with the elliptic curve base point U to obtain
Figure BDA0003570941000000034
Wherein
Figure BDA0003570941000000035
And
Figure BDA0003570941000000036
are respectively a point DiThe abscissa and ordinate of (a);
namely calculation
Figure BDA0003570941000000037
S2.2: the ground station converts the self pseudonym SID and point DiAbscissa of
Figure BDA0003570941000000038
After merging, utilizing the hash function h1(. o) generating a first hash value of the product of the first hash value and the ground station private key s plus the second random number diThe results obtained are then modulo q to give Fi. Ground station point DiAnd FiSending the data to a corresponding unmanned aerial vehicle through a safety channel;
namely calculation
Figure BDA0003570941000000039
S2.3: unmanned aerial vehicle receives DiAnd FiThen, a challenge C is selectediThe challenge is the input of a PUF embedded in the drone, outputting a corresponding response Ri=PUFi(Ci);
S2.4: the response R of the PUF is used by the unmanned aerial vehicleiAnd received point DiOrdinate of
Figure BDA00035709410000000310
After merging, utilizing the hash function h2(. The) the generated second hash value with the received FiXOR to Gi. Then the unmanned aerial vehicle authenticates the information point Di、GiAnd CiIs stored in the internal memory of the computer,
namely calculation
Figure BDA00035709410000000311
As shown in fig. 2, preferably, the S3 includes the following steps:
s3.1: challenge C stored in memory by unmanned aerial vehicle alpha (alpha is more than or equal to 1 and less than or equal to n)αAs an input to the PUF, the PUF outputs a corresponding response Rα=PUFα(Cα) Then outputs the response RαAnd a point D stored in the memoryαOrdinate of
Figure BDA00035709410000000312
After merging, utilizing the hash function h2(. G) generating a third hash value, stored in memoryαXOR'd with the third hash value to yield Fα
Namely calculation
Figure BDA0003570941000000041
S3.2: unmanned plane alpha generates third random number
Figure BDA0003570941000000042
The random number k is addedαPerforming point multiplication operation with the elliptic curve base point U to obtain
Figure BDA0003570941000000043
Wherein
Figure BDA0003570941000000044
And
Figure BDA0003570941000000045
are respectively a point KαThe abscissa and the ordinate. Then the unmanned plane alpha will FαPlus a third random number kαThe result of the addition is modulo q to yield Jα
Namely calculation
Figure BDA0003570941000000046
And Jα=Fα+kα mod q;
S3.3: point D stored in memory of unmanned aerial vehicle alpha handleαThe point KαAnd JαSending to the unmanned plane beta (beta is more than or equal to 1 and less than or equal to n, alpha is not equal to beta) through a public channel;
s3.4: after the unmanned aerial vehicle beta receives the information, J is receivedαPerforming point multiplication operation with the elliptic curve base point U to obtain Zα1And using said pseudonym SID of the ground station and the received point DαAbscissa of
Figure BDA0003570941000000047
After merging, utilizing the hash function h1(. The fourth hash value generated with the ground station public key PpubPerforming dot product operation to obtain Zα2Then receiving the point DαCalculated Zα2And received KαAdding, the result modulo q after adding to obtain Zα3Is a reaction of Zα1And Zα3Make a comparison, i.e.
Figure BDA0003570941000000048
If the two are equal, the unmanned aerial vehicle alpha passes through the authentication of the unmanned aerial vehicle beta, S3.5 is continued, otherwise, the authentication is terminated;
s3.5: drone beta challenge C to be stored in memoryβInput into the PUF, which outputs a corresponding response Rβ=PUFβ(Cβ) Then outputs the response RβAnd a point D stored in the memoryβOrdinate of
Figure BDA0003570941000000049
After merging, utilizing the hash function h2(. G) generating a fifth hash value, stored in memoryβXOR'd with the fifth hash value to yield Fβ;;
Namely calculation
Figure BDA00035709410000000410
S3.6: unmanned aerial vehicle beta generates fourth random number
Figure BDA00035709410000000411
The random number k is divided intoβPerforming point multiplication operation with the elliptic curve base point U to obtain
Figure BDA00035709410000000412
Center point KβAbscissa ofAnd ordinate are respectively
Figure BDA00035709410000000413
And
Figure BDA00035709410000000414
then unmanned plane beta will FβAnd a fourth random number kβThe result after addition modulo q yields JβIs then reused as the
Figure BDA00035709410000000415
And
Figure BDA00035709410000000416
after merging, utilizing the hash function h2(. h) the sixth hash value generated with the calculated JβXOR is carried out to obtain L;
namely calculation
Figure BDA00035709410000000417
Jβ=Fβ+kβmod q and
Figure BDA00035709410000000418
s3.7: point D stored in memory of unmanned aerial vehicle beta handleβThe point KβAnd L is sent to the unmanned plane alpha through a public channel;
s3.8: after receiving the information, the unmanned aerial vehicle alpha sends the information
Figure BDA00035709410000000419
And received point DβAbscissa of
Figure BDA00035709410000000420
After merging, utilizing the hash function h2(. h) generating a seventh hash value, XOR-ing the received L with the seventh hash value to obtain Jβ
Namely calculation
Figure BDA00035709410000000421
Will JβPerforming point multiplication operation with the elliptic curve base point U to obtain Zβ1And using said pseudonym SID of the ground station and the received point DβAbscissa of
Figure BDA0003570941000000051
After merging, utilizing the hash function h1(. h) the generated eighth hash value with the ground station public key PpubPerforming dot product operation to obtain Zβ2Then receiving the point DβCalculated Zβ2And received KβThe result of the addition modulo q yields Zβ3A 1 is formed ofβ1And Zβ3A comparison is made, namely:
Figure BDA0003570941000000052
if the two are equal, the unmanned plane beta passes the authentication of the unmanned plane alpha, and S3.9 is continued, otherwise, the authentication session is terminated;
s3.9: the unmanned aerial vehicle alpha sends the third random number kαAnd point KβPerforming dot product operation to obtain V ═ V (V)x,Vy) In which V isxAnd VyRespectively the abscissa and ordinate of the point V, and calculating the obtained Vx、VyThe point DαOrdinate of
Figure BDA0003570941000000053
And point DβOrdinate of (2)
Figure BDA0003570941000000054
After merging, utilizing the hash function h2(. to) generate a ninth hash value SK as the negotiated first session key, and then use the ninth hash value SK
Figure BDA0003570941000000055
And
Figure BDA0003570941000000056
after merging, utilizing the hash function h2(. to) generate a tenth hash value W;
i.e. calculating V ═ kα·Kβ=(Vx,Vy)、
Figure BDA0003570941000000057
And
Figure BDA0003570941000000058
s3.10: the unmanned aerial vehicle alpha sends the tenth hash value W to the unmanned aerial vehicle beta through a public channel;
s3.11: after receiving the information, the unmanned aerial vehicle beta sends the fourth random number kβAnd point KαPerforming dot product operation to obtain V ═ V (V)x,Vy) Then the calculated V is calculatedx、VyThe point DαOrdinate of
Figure BDA0003570941000000059
And point DβOrdinate of (2)
Figure BDA00035709410000000510
After merging, utilizing the hash function h2(. to) generate an eleventh hash value SK;
i.e. calculating V ═ kβ·Kα=(Vx,Vy) And
Figure BDA00035709410000000511
s3.12: comparing by drone β whether the received tenth hash value W is equal to the eleventh hash value SK,
Figure BDA00035709410000000512
And
Figure BDA00035709410000000513
after merging, utilizing the hash functionNumber h2(. the twelfth generated hash value
Figure BDA00035709410000000514
And if the session key and the session key are not equal, terminating the session, otherwise, taking the eleventh hash value SK as a negotiated second session key, and then, using the session key SK to communicate between the unmanned aerial vehicle alpha and the unmanned aerial vehicle beta until the authentication and key negotiation are finished.
As shown in fig. 3, further, the method includes adding a new drone, and specifically includes the following steps:
s4.1: the ground station selects a fifth random number for a new pre-registered drone
Figure BDA00035709410000000515
The fifth random number
Figure BDA00035709410000000516
Performing point multiplication operation with the elliptic curve base point U to obtain
Figure BDA00035709410000000517
Wherein
Figure BDA00035709410000000518
And
Figure BDA00035709410000000519
are respectively points
Figure BDA00035709410000000520
The abscissa and ordinate of (a);
namely calculation
Figure BDA00035709410000000521
S4.2: the ground station adds the self pseudonym SID and the point
Figure BDA00035709410000000522
Abscissa of
Figure BDA00035709410000000523
After merging, utilizing the hash function h1(. generating a thirteenth hash value of the product of the thirteenth hash value and the ground station private key s plus the fifth random number
Figure BDA00035709410000000524
The results obtained are then modulo q to give Fi newGround station, point of
Figure BDA00035709410000000525
And Fi newSending the information to a new unmanned aerial vehicle through a safety channel;
namely calculation
Figure BDA00035709410000000526
S4.3: after receiving the information, the new drone selects a challenge
Figure BDA0003570941000000061
As an input to a PUF embedded in a drone, the PUF outputs a corresponding response
Figure BDA0003570941000000062
S4.4: new drone uses the response from the PUF
Figure BDA0003570941000000063
And received point
Figure BDA0003570941000000064
Ordinate of
Figure BDA0003570941000000065
After merging, utilizing the hash function h2(. The fourteenth Hash value generated and F receivedi newXOR to get
Figure BDA0003570941000000066
Then the unmanned aerial vehicle authenticates the information point
Figure BDA0003570941000000067
And
Figure BDA0003570941000000068
is stored in the internal memory of the computer,
namely calculation
Figure BDA0003570941000000069
Referring to fig. 4, a schematic structural diagram of a computing device 1500 according to an embodiment of the present application is shown. The computing device 1500 may be used to implement the method for mutual authentication and key agreement between drones provided in the embodiments described above.
Specifically, the method comprises the following steps:
the computing device 1500 includes a Central Processing Unit (CPU)1501, a system memory 1504 including a Random Access Memory (RAM)1502 and a Read Only Memory (ROM)1503, and a system bus 1505 connecting the system memory 1504 and the central processing unit 1501. The computing device 1500 also includes a basic input/output system (I/O system) 1506 for facilitating information transfer between devices within the computer, and a mass storage device 1507 for storing an operating system 1513, application programs 1514, and other program modules 1515.
The basic input/output system 1506 includes a display 1508 for displaying information and an input device 1509 such as a mouse, keyboard, etc. for a user to input information. Therein, the display 1508 and the input device 1509 are connected to the central processing unit 1501 through an input output controller 1510 connected to the system bus 1505. The basic input/output system 1506 may also include an input/output controller 1510 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, the input-output controller 1510 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1507 is connected to the central processing unit 1501 through a mass storage controller (not shown) connected to the system bus 1505. The mass storage device 1507 and its associated computer-readable media provide non-volatile storage for the computing device 1500. That is, the mass storage device 1507 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
Without loss of generality, the computer-readable media may comprise computer storage media and communication media. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices.
Of course, those skilled in the art will appreciate that the computer storage media is not limited to the foregoing. The system memory 1504 and mass storage device 1507 described above may be collectively referred to as memory.
According to various embodiments of the present application, the computing device 1500 may also operate as a remote computer connected to a network via a network, such as the Internet. That is, the computing device 1500 may be connected to the network 1512 through the network interface unit 1511 connected to the system bus 1505 or may alternatively be connected to other types of networks or remote computer systems (not shown) using the network interface unit 1511.
The memory also includes one or more programs stored in the memory and configured to be executed by one or more processors. The one or more programs include methods for enabling mutual authentication and key agreement between the drones.
In an exemplary embodiment, a computing device is also provided that includes a processor and a memory having at least one instruction, at least one program, set of codes, or set of instructions stored therein. The at least one instruction, the at least one program, the set of codes, or the set of instructions is configured to be executed by the processor to implement a method for mutual authentication and key agreement between the drones.
In an exemplary embodiment, there is also provided a computer readable storage medium having at least one instruction, at least one program, a set of codes, or a set of instructions stored therein, which when executed by a processor of a terminal, implement the method for mutual authentication and key agreement between drones of the above-described embodiments. Alternatively, the computer-readable storage medium may be a ROM (Read-Only Memory), a RAM (Random Access Memory), a CD-ROM (Compact Disc Read-Only Memory), a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, a computer program product is also provided, which when executed, is configured to implement the above-described method for mutual authentication and key agreement between drones.
More than two "and/or" describing the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
In addition, the step numbers described herein only exemplarily show one possible execution sequence among the steps, and in some other embodiments, the steps may also be executed out of the numbering sequence, for example, two steps with different numbers are executed simultaneously, or two steps with different numbers are executed in a reverse order to the order shown in the figure, which is not limited by the embodiment of the present application.
The above description is only exemplary of the present application and should not be taken as limiting the present application, and any modifications, equivalents, improvements and the like that are made within the spirit and principle of the present application should be included in the protection scope of the present application.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (7)

1. A method for authentication and key agreement between unmanned aerial vehicles is characterized by comprising the following steps:
s1, generating system public parameters and a private key of a ground station;
s2, registering the unmanned aerial vehicles at the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private keys of the ground station;
and S3, the unmanned aerial vehicle and the unmanned aerial vehicle carry out mutual authentication and negotiate a session key.
2. The method for authentication and key agreement between drones, according to claim 1, characterized in that said S1 comprises the steps of:
s1.1, setting GF (q) as a finite field, wherein q is a large prime number and represents the size of GF (q), and selecting an elliptical curve E on GF (q) by a ground stationq(a,b):y2=x3+ ax + b (mod q), where (a, b) E GF (p) and U is EqA base point on (a, b);
s1.2, selecting a first random number by the ground station
Figure FDA0003570940990000011
As the self-private key, among others,
Figure FDA0003570940990000012
(gcd (α, q) ═ 1 denotes α and q mutilins),
performing dot product operation on the private key s and the base point U to obtain a ground station public key PpubI.e. Ppub=s·U;
S1.3, the ground station selects the pseudonym SID of the ground station and two hash functions h1(. and h)2(. wherein h) is1(. mapping character strings of arbitrary lengthIs an integer, h2() mapping a string of arbitrary length to a fixed length string;
s1.4: the ground station saves the private key s and discloses the elliptic curve Eq(a, b), large prime number q, base point U and ground station public key PpubA ground station pseudonym SID and two Hash functions h1(. and h)2(·)。
3. The method for authentication and key agreement between drones according to claim 2, wherein the S2 includes the steps of:
s2.1, assuming that n unmanned aerial vehicles are in total, the ground station selects a second random number for each unmanned aerial vehicle
Figure FDA0003570940990000014
S2.2, the ground station carries out the self pseudonym SID and point DiAbscissa of
Figure FDA0003570940990000017
After merging, utilizing the hash function h1(. o) generating a first hash value of the product of the first hash value and the ground station private key s plus the second random number diThe results obtained are then modulo q to give FiGround station node DiAnd FiSent to the corresponding drone through a secure channel, i.e.
Figure FDA0003570940990000015
S2.3, unmanned aerial vehicle receives DiAnd FiThen, a challenge C is selectediThe challenge is the input of a PUF embedded in the drone, outputting a corresponding response Ri=PUFi(Ci);
S2.4, using response R of the PUF by the unmanned planeiAnd the received point DiOrdinate of
Figure FDA0003570940990000016
MergingThen using the hash function h2(. The) the generated second hash value with the received FiXOR to GiAnd the unmanned aerial vehicle authenticates the information point Di、GiAnd CiStored in a memory, i.e.
Figure FDA0003570940990000021
4. The method for authentication and key agreement between drones according to claim 3, wherein the S3 includes the following steps:
s3.1, storing challenge C in memory by unmanned aerial vehicle alpha (alpha is more than or equal to 1 and less than or equal to n)αAs an input to the PUF, the PUF outputs a corresponding response Rα=PUFα(Cα) Then outputs the response RαAnd a point D stored in the memoryαOrdinate of
Figure FDA00035709409900000215
After merging, utilizing the hash function h2(. G) generating a third hash value, stored in memoryαXOR'd with the third hash value to yield FαI.e. by
Figure FDA0003570940990000022
Figure FDA0003570940990000023
Abscissa and ordinate, drone α will again said FαPlus a third random number kαThe result of the addition is modulo q to yield JαI.e. by
Figure FDA0003570940990000024
And Jα=Fα+kαmod q;
S3.3, storing the point D in the memory by the unmanned aerial vehicle alphaαThe point KαAnd JαSending to the unmanned plane beta (beta is more than or equal to 1 and less than or equal to n, alpha is not equal to beta) through a public channel;
s3.4, after receiving the information sent by the unmanned aerial vehicle alpha, the unmanned aerial vehicle beta receives JαPerforming point multiplication operation with the elliptic curve base point U to obtain Zα1Then the pseudonym SID of the ground station and the received point DαAbscissa of
Figure FDA00035709409900000216
After merging, utilizing the hash function h1(. The fourth hash value generated with the ground station public key PpubPerforming dot product operation to obtain Zα2Then receiving the point DαCalculated Zα2And received KαAdding, the result modulo q after adding to obtain Zα3Is a reaction of Zα1And Zα3Make a comparison, i.e.
Figure FDA0003570940990000025
If the two are equal, the unmanned aerial vehicle alpha passes through the authentication of the unmanned aerial vehicle beta, S3.5 is continued, otherwise, the authentication is terminated;
s3.5, storing challenge C in memory by unmanned aerial vehicle betaβInput into the PUF, which outputs a corresponding response Rβ=PUFβ(Cβ) Then outputs the response RβAnd a point D stored in the memoryβOrdinate of (2)
Figure FDA0003570940990000026
After merging, utilizing the hash function h2(. G) generating a fifth hash value, stored in memoryβXOR'd with the fifth hash value to yield FβI.e. by
Figure FDA0003570940990000027
Figure FDA0003570940990000028
Are respectively
Figure FDA0003570940990000029
And
Figure FDA00035709409900000210
then unmanned plane beta will FβAnd a fourth random number kβThe result after addition modulo q yields JβIs then reused as the
Figure FDA00035709409900000211
And
Figure FDA00035709409900000212
after merging, utilizing the hash function h2(. preparation) is prepared from
Figure FDA00035709409900000213
S3.7, unmanned aerial vehicle beta is the point D of storage in the memoryβThe point KβAnd L is sent to the unmanned plane alpha through a public channel;
s3.8, after the unmanned aerial vehicle alpha receives the information, the unmanned aerial vehicle alpha sends the information
Figure FDA00035709409900000214
And received point DβAbscissa of (2)
Figure FDA0003570940990000031
After merging, utilizing the hash function h2(. h) generating a seventh hash value, XOR-ing the received L with the seventh hash value to obtain JβI.e. by
Figure FDA0003570940990000032
Will JβPerforming point multiplication operation with the elliptic curve base point U to obtain Zβ1And using said pseudonym SID of the ground station and the received point DβAbscissa of
Figure FDA0003570940990000033
After merging, utilizing the hash function h1Eighth Ha of (v)His value and said ground station public key PpubPerforming dot product operation to obtain Zβ2Then receiving the point DβCalculated Zβ2And received KβThe result of the addition modulo q yields Zβ3Is a reaction of Zβ1And Zβ3A comparison is made, namely:
Figure FDA0003570940990000034
if the two are equal, the unmanned plane beta passes the authentication of the unmanned plane alpha, S3.9 is continued, otherwise, the authentication session is terminated;
s3.9, enabling the unmanned aerial vehicle alpha to use the third random number kαAnd point KβPerforming a dot product operation to obtain V ═ V (V)x,Vy) In which V isxAnd VyRespectively the abscissa and ordinate of the point V, and calculating the obtained Vx、VyThe point DαOrdinate of
Figure FDA00035709409900000314
And point DβOrdinate of
Figure FDA00035709409900000315
After merging, utilizing the hash function h2(. to) generate a ninth hash value SK as the negotiated first session key, and then use the ninth hash value SK
Figure FDA0003570940990000035
And
Figure FDA0003570940990000036
after merging, utilizing the hash function h2(. to) generate a tenth hash value W;
Figure FDA0003570940990000037
s3.10, the unmanned aerial vehicle alpha sends the tenth hash value W to the unmanned aerial vehicle beta through a public channel;
s3.11, after receiving the information, the unmanned aerial vehicle beta sends the fourth random number kβAnd point KαPerforming dot product operation to obtain V ═ V (V)x,Vy) Then the calculated V is calculatedx、VyThe point DαOrdinate of
Figure FDA0003570940990000038
And point DβOrdinate of
Figure FDA0003570940990000039
After merging, utilizing the hash function h2(. o) generating an eleventh hash value SK;
i.e. calculating V ═ kβ·Kα=(Vx,Vy) And
Figure FDA00035709409900000310
s3.12, comparing whether the received tenth hash value W is equal to the eleventh hash value by the unmanned aerial vehicle beta
Figure FDA00035709409900000311
The eleventh hash value SK is used as the negotiated second session key, and then the drone α and the drone β communicate with each other by using the second session key SK.
5. The method of claim 4, wherein the method further comprises:
s4.1, the ground station selects a fifth random number for the new unmanned aerial vehicle which is registered in advance
Figure FDA00035709409900000312
Figure FDA00035709409900000313
The hash function h1(. generating a thirteenth hash value of the product of the thirteenth hash value and the ground station private key s plus the fifth random number
Figure FDA0003570940990000041
The results obtained are then modulo q to give Fi newGround station, point of contact
Figure FDA0003570940990000042
And Fi newSending the information to a new unmanned aerial vehicle through a safety channel;
Figure FDA0003570940990000043
input to the PUF, the PUF outputting a corresponding response
Figure FDA0003570940990000044
S4.4, New unmanned aerial vehicle uses the response by the PUF
Figure FDA0003570940990000045
And received point
Figure FDA0003570940990000046
Ordinate of (2)
Figure FDA0003570940990000047
6. A computing device comprising a processor and a memory, the memory having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, the at least one instruction, the at least one program, the set of codes, or the set of instructions being loaded and executed by the processor to implement the method of mutual authentication and key agreement between drones as claimed in any of claims 1 to 5.
7. A computer readable storage medium having stored therein at least one instruction, at least one program, a set of codes, or a set of instructions, which is loaded and executed by a processor to implement the method of mutual authentication and key agreement between drones as claimed in any of claims 1 to 5.
CN202210319290.0A 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium Active CN114679268B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210319290.0A CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210319290.0A CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Publications (2)

Publication Number Publication Date
CN114679268A true CN114679268A (en) 2022-06-28
CN114679268B CN114679268B (en) 2023-07-21

Family

ID=82075913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210319290.0A Active CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Country Status (1)

Country Link
CN (1) CN114679268B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150828A (en) * 2022-07-12 2022-10-04 西安电子科技大学 Unmanned aerial vehicle identity authentication and key agreement method based on position password
CN115314228A (en) * 2022-10-10 2022-11-08 广东电网有限责任公司佛山供电局 Unmanned aerial vehicle identity authentication method, device and system
CN116528229A (en) * 2023-07-03 2023-08-01 北京中科网芯科技有限公司 5G secure communication method and system thereof
CN117892967A (en) * 2024-01-18 2024-04-16 国网经济技术研究院有限公司 Pumped storage power station inspection system based on space remote sensing

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130146659A1 (en) * 2011-07-18 2013-06-13 Dylan T X Zhou Wearable personal digital device for facilitating mobile device payments and personal use
CN105913691A (en) * 2016-06-06 2016-08-31 北京威胜通达科技有限公司 Flight space declaration service method
CN106714166A (en) * 2016-12-23 2017-05-24 成都赫尔墨斯科技有限公司 Anti-UAV method based on user authentication
US20170278410A1 (en) * 2016-03-28 2017-09-28 Cisco Technology, Inc. Multi-modal UAV Certification
WO2017202161A1 (en) * 2016-05-26 2017-11-30 中兴通讯股份有限公司 Certificateless two-party authenticated key agreement method, device, and data storage medium
CN108521401A (en) * 2018-03-06 2018-09-11 西安电子科技大学 A method of enhancing unmanned plane MSNET network safety
CN108683641A (en) * 2018-04-24 2018-10-19 广州亿航智能技术有限公司 A kind of data communications method, device, unmanned plane and computer storage media
CN108966174A (en) * 2018-07-27 2018-12-07 长春草莓科技有限公司 A kind of communication encryption method of unmanned plane and earth station
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature
CN110855427A (en) * 2019-11-18 2020-02-28 国网四川省电力公司电力科学研究院 Unmanned aerial vehicle identity authentication method and system
CN110972132A (en) * 2019-11-12 2020-04-07 江苏恒宝智能***技术有限公司 Unmanned aerial vehicle queue identity authentication method
US20200204978A1 (en) * 2018-12-20 2020-06-25 The Johns Hopkins University Space-Based Long Term Evolution (LTE) Communications Architecture
US20200221280A1 (en) * 2017-08-10 2020-07-09 Beijing Xiaomi Mobile Software Co., Ltd. Unmanned aerial vehicle access method and device
CN111628959A (en) * 2019-11-20 2020-09-04 南京航空航天大学 Large-scale unmanned aerial vehicle group security authentication mechanism based on random label
CN113872761A (en) * 2021-11-17 2021-12-31 湖北工业大学 Smart home equipment batch authentication method, computing equipment and storable medium
CN114063651A (en) * 2021-11-18 2022-02-18 湖北工业大学 Method for mutual authentication between user and multiple unmanned aerial vehicles and storage medium

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130146659A1 (en) * 2011-07-18 2013-06-13 Dylan T X Zhou Wearable personal digital device for facilitating mobile device payments and personal use
US20170278410A1 (en) * 2016-03-28 2017-09-28 Cisco Technology, Inc. Multi-modal UAV Certification
WO2017202161A1 (en) * 2016-05-26 2017-11-30 中兴通讯股份有限公司 Certificateless two-party authenticated key agreement method, device, and data storage medium
CN105913691A (en) * 2016-06-06 2016-08-31 北京威胜通达科技有限公司 Flight space declaration service method
CN106714166A (en) * 2016-12-23 2017-05-24 成都赫尔墨斯科技有限公司 Anti-UAV method based on user authentication
US20200221280A1 (en) * 2017-08-10 2020-07-09 Beijing Xiaomi Mobile Software Co., Ltd. Unmanned aerial vehicle access method and device
CN108521401A (en) * 2018-03-06 2018-09-11 西安电子科技大学 A method of enhancing unmanned plane MSNET network safety
CN108683641A (en) * 2018-04-24 2018-10-19 广州亿航智能技术有限公司 A kind of data communications method, device, unmanned plane and computer storage media
CN108966174A (en) * 2018-07-27 2018-12-07 长春草莓科技有限公司 A kind of communication encryption method of unmanned plane and earth station
US20200204978A1 (en) * 2018-12-20 2020-06-25 The Johns Hopkins University Space-Based Long Term Evolution (LTE) Communications Architecture
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature
CN110972132A (en) * 2019-11-12 2020-04-07 江苏恒宝智能***技术有限公司 Unmanned aerial vehicle queue identity authentication method
CN110855427A (en) * 2019-11-18 2020-02-28 国网四川省电力公司电力科学研究院 Unmanned aerial vehicle identity authentication method and system
CN111628959A (en) * 2019-11-20 2020-09-04 南京航空航天大学 Large-scale unmanned aerial vehicle group security authentication mechanism based on random label
CN113872761A (en) * 2021-11-17 2021-12-31 湖北工业大学 Smart home equipment batch authentication method, computing equipment and storable medium
CN114063651A (en) * 2021-11-18 2022-02-18 湖北工业大学 Method for mutual authentication between user and multiple unmanned aerial vehicles and storage medium

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
TEJASVI ALLADI: "SecAuthUAV: A Novel Authentication Scheme for UAV-Ground Station and UAV-UAV Communication", 《IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY》 *
张正文,陈卓,阮鸥: "城市应急联动***中三台合一的研究与应用", 《计算机与数字工程》 *
曹天杰;雷红;: "基于椭圆曲线的隐私增强认证密钥协商协议", 电子学报, no. 02 *
李冬雪;高志强;尚伟涛;姜晓鹏;宋德彬;张媛媛;: "基于无人机多光谱影像的海滨景区浒苔信息提取研究", 海洋环境科学, no. 03 *
盛蔚;卢东辉;: "基于云的无人机远程技术支持***设计与实现", 计算机工程与设计, no. 06 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150828A (en) * 2022-07-12 2022-10-04 西安电子科技大学 Unmanned aerial vehicle identity authentication and key agreement method based on position password
CN115314228A (en) * 2022-10-10 2022-11-08 广东电网有限责任公司佛山供电局 Unmanned aerial vehicle identity authentication method, device and system
CN116528229A (en) * 2023-07-03 2023-08-01 北京中科网芯科技有限公司 5G secure communication method and system thereof
CN116528229B (en) * 2023-07-03 2023-09-05 北京中科网芯科技有限公司 5G secure communication method and system thereof
CN117892967A (en) * 2024-01-18 2024-04-16 国网经济技术研究院有限公司 Pumped storage power station inspection system based on space remote sensing

Also Published As

Publication number Publication date
CN114679268B (en) 2023-07-21

Similar Documents

Publication Publication Date Title
CN114679268B (en) Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium
US11838415B2 (en) Blockchain-implemented method and system
JP6544038B2 (en) Biometrics with privacy protection
CN111490878B (en) Key generation method, device, equipment and medium
CN112367164B (en) Service request processing method and device, computer equipment and storage medium
US11509469B2 (en) Methods and systems for password recovery based on user location
CN114063651B (en) Method for mutual authentication between user and multiple unmanned aerial vehicles and storable medium
CN111832044B (en) Safe collaborative computing processing method and system
CN110190964A (en) Identity identifying method and electronic equipment
Liu et al. Privacy-preserving public cloud audit scheme supporting dynamic data for unmanned aerial vehicles
CN103731424B (en) A kind of transmission method of network data, apparatus and system
WO2016112575A1 (en) Cryptographic construction method and system for set member relationship determination
CN110781503B (en) Data calling method and device and computer readable storage medium
Liu et al. Privacy-preserving cloud-aided broad learning system
CN107947944B (en) Incremental signature method based on lattice
Nishida et al. Efficient secure neural network prediction protocol reducing accuracy degradation
Samanth et al. CLEA-256-based text and image encryption algorithm for security in IOD networks
CN112565081B (en) Privacy protection processing method and device for shortest path
CN113094745B (en) Data transformation method and device based on privacy protection and server
US11601263B2 (en) Systems and methods for efficient key management in a vehicular intranet
Zhang et al. Cost-effective provable secure cloud storage self-auditing scheme for big data in WMSNS
CN113806755A (en) Power data privacy protection and access control method based on block chain
CN117034370A (en) Data processing method based on block chain network and related equipment
CN113806766A (en) Data encryption method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant