Unmanned aerial vehicles (UAV) play a vital role in many fields, such as agricultural planting, security patrol, emergency rescue, and so on. The development and implementation of these devices have become vital in terms of reachability and usability. Unfortunately, as drones become more widely used in various fields, they become more and more vulnerable to attacks and security threats, including, but not limited to, eavesdropping, man-in-the-middle attacks, and known session key attacks. In order to deal with these attacks and security threats and meet the needs of lightweight UAV communication, a secure and efficient authentication scheme is essential. To meet the security and lightweight requirements of an identity authentication scheme in a UAV communication network, this paper proposes an identity authentication scheme sdronelig based on an elliptic curve cryptosystem. The scheme realizes the mutual authentication and session key agreement configuration between the UAV and the ground station, and the authentication and key agreement between the UAVs can be realized with the help of the control station. The sdronelig authentication scheme is based on the ECDH key exchange protocol in the elliptic curve cryptography algorithm and adopts the MAC message authentication code technology and the method of pre-calculating part of the process. Under the premise of ensuring the security of the UAV communication network, the authentication efficiency is improved, the communication overhead and communication times are reduced, and the lightweight requirement of the UAV authentication scheme is met. Additionally, a formal verification tool is used to verify the security of the sdronelig scheme under the Dolev-Yao threat model, which is suitable for UAV networks. Finally, a detailed comparative study was conducted on security features, communication overhead, the number of communications, and computational overhead. The results show that the proposed sdronelig authentication scheme not only provides superior security features but also has better or comparable overhead compared to other existing authentication schemes.
Read full abstract