Zero Knowledge Authentication Modification for Drone and Server Communication Security

Abstract

Drones are now being used in various fields. One of the uses of drones is for delivery service. When delivering goods, the drone needs to report its condition while traveling to the server so that the server can monitor the drone and the server can give some commands to the drone. However, when the drone receives data from the server, there are many vulnerabilities it has against the attacker that can take control of the drone device. Taking control of the drone can occur if the attacker manages to send a script that can take over control of the drone. If the attacker can take control over the drone device, the attacker can steal the drone both physically or data of the drone. For this reason, in this study, we propose an authentication algorithm that can filter out who is allowed to send data to the system. The algorithm used is Zero-Knowledge Authentication. To improve the performance of the Zero-Knowledge Authentication algorithm in terms of authentication speed, we try to combine it with the secret key generated from the Secret Key Generation process. From the results of authentication testing, the effectiveness of the proposed algorithm after a Brute Force attack experiment is 100% for single attacker scenarios and for multiple attackers the effectiveness is 100% in LOS and NLOS conditions. Because drones have limited resources, the authentication time experiment is also performed and the result is that in all scenarios the time required to authenticate is in microseconds so that the proposed algorithm can be implemented on drones with limited resources.