无人机网络中基于无证书的群组认证密钥协商协议
TN918%TP393; 随着无人机技术在物流行业等场景下的应用越来越广泛,在一些需要多无人机协同工作的场景下无人机之间需要对收集的数据进行交换,使用对称密钥进行加密和解密操作时,由于网络的通信环境是开放的,极易遭到第三方的窃听,通信前无人机协商的会话密钥也容易遭到泄露.因此,本文面向无人机网络通信中的身份认证及数据隐私需求,提出一种基于无证书密钥体系的群组认证密钥协商协议.本文协议将无人机群组分为一个高算力的中心节点和多个低算力的节点,以降低通信开销及计算开销.协议共分为注册、协商、加入/退出3个阶段.注册阶段会为每个节点生成密钥对;协商阶段进行会话密钥的计算,群组中高算力中心节点是中枢节点...
Saved in:
| Published in | 工程科学与技术 Vol. 57; no. 1; pp. 213 - 224 |
|---|---|
| Main Authors | , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
南京航空航天大学 计算机科学与技术学院,江苏 南京 210016
2025
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2096-3246 |
| DOI | 10.12454/j.jsuese.202300569 |
Cover
| Abstract | TN918%TP393; 随着无人机技术在物流行业等场景下的应用越来越广泛,在一些需要多无人机协同工作的场景下无人机之间需要对收集的数据进行交换,使用对称密钥进行加密和解密操作时,由于网络的通信环境是开放的,极易遭到第三方的窃听,通信前无人机协商的会话密钥也容易遭到泄露.因此,本文面向无人机网络通信中的身份认证及数据隐私需求,提出一种基于无证书密钥体系的群组认证密钥协商协议.本文协议将无人机群组分为一个高算力的中心节点和多个低算力的节点,以降低通信开销及计算开销.协议共分为注册、协商、加入/退出3个阶段.注册阶段会为每个节点生成密钥对;协商阶段进行会话密钥的计算,群组中高算力中心节点是中枢节点,承担大部分的计算与通信任务,所有节点在注册阶段计算好密钥对后,只需进行高算力的中心节点与低算力节点的两轮交互即可完成密钥协商;此外,在有无人机退出或加入群组的情况下,该协议支持无人机单元及群组密钥的动态变更.本文对所提协议进行了安全性分析并在eCK模型下进行了安全证明,分析结果表明,该协议满足不可否认性、前后向保密性以及抗公钥替换攻击.在模拟实验中与同类型协议进行了计算开销和通信开销的对比,实验结果表明,该协议具有较低的计算开销和通信开销.由于该协议不基于双线性配对构造,所以更适合轻量化的无人机通信场景. |
|---|---|
| AbstractList | TN918%TP393; 随着无人机技术在物流行业等场景下的应用越来越广泛,在一些需要多无人机协同工作的场景下无人机之间需要对收集的数据进行交换,使用对称密钥进行加密和解密操作时,由于网络的通信环境是开放的,极易遭到第三方的窃听,通信前无人机协商的会话密钥也容易遭到泄露.因此,本文面向无人机网络通信中的身份认证及数据隐私需求,提出一种基于无证书密钥体系的群组认证密钥协商协议.本文协议将无人机群组分为一个高算力的中心节点和多个低算力的节点,以降低通信开销及计算开销.协议共分为注册、协商、加入/退出3个阶段.注册阶段会为每个节点生成密钥对;协商阶段进行会话密钥的计算,群组中高算力中心节点是中枢节点,承担大部分的计算与通信任务,所有节点在注册阶段计算好密钥对后,只需进行高算力的中心节点与低算力节点的两轮交互即可完成密钥协商;此外,在有无人机退出或加入群组的情况下,该协议支持无人机单元及群组密钥的动态变更.本文对所提协议进行了安全性分析并在eCK模型下进行了安全证明,分析结果表明,该协议满足不可否认性、前后向保密性以及抗公钥替换攻击.在模拟实验中与同类型协议进行了计算开销和通信开销的对比,实验结果表明,该协议具有较低的计算开销和通信开销.由于该协议不基于双线性配对构造,所以更适合轻量化的无人机通信场景. |
| Abstract_FL | ObjectiveUAV technology is increasingly applied in the logistics industry,the military field,and other scenarios.Due to the nature of certain tasks,the collected data must be exchanged between UAVs in scenarios requiring multiple UAVs to work together.However,the network com-munication environment is open and insecure,necessitating the use of a symmetric key to encrypt and decrypt data during the data exchange pro-cess.Ensuring that the UAV group negotiates the session key safely and efficiently becomes a key issue in the process.This study presents a group authentication key negotiation protocol based on a certificateless key system to meet the requirements of identity authentication and data privacy in UAV network communication.Diffie and Hellman proposed a key exchange algorithm that requires only one round of message ex-change between the two sides of the session to calculate the same session key.Even if a malicious attacker eavesdrops on the data during the ex-change,the attacker cannot compute the complete session key.However,this key exchange algorithm does not address the issue of a man-in-the-middle attack.If a malicious third party forges the identities of both session parties,it can determine two session keys with both parties,allowing it to arbitrarily steal and tamper with subsequently transmitted data.Due to the small size of UAVs,the computational and communication over-heads they can bear must remain low,and the key agreement scheme must meet the requirements of lightweight scenarios.If directly applied to multi-party interaction scenarios,traditional two-party key negotiation protocols require numerous interaction rounds,resulting in significant com-putational and communication overhead.Therefore,group key agreement protocols for UAV networks must provide a lighter computing process and stronger security guarantees.
Methods This protocol adopts a certificateless key system.As a third-party trusted server,the Key Generation Center(KGC)primarily facilitates identity registration before drone networking.Each drone member sends its identity ID to the KGC,which calculates the corresponding public-private key pairs based on the IDs in collaboration with the drone members.This protocol classifies the drone group into a central node with high computing power and multiple nodes with low computing power to reduce communication and computing expenses.The protocol comprises three stages:registration,negotiation,and joining/withdrawal.In the registration stage,a key pair is generated for each node.In the negotiation stage,the session key negotiation is conducted.The central node with high computing power in the group functions as the hub node,undertaking most computing and communication tasks.Once all nodes calculate their key pairs in the registration stage,only two rounds of interaction between the central high-computing-power node and the low-computing-power nodes are needed to complete the key negotiation.In addition,in scenarios where drones withdraw from or join the group,this protocol supports the dynamic alteration of the drone unit and group keys.Since the high-com-puting-power nodes bear most of the computational and communication overhead during the key negotiation process,they must be distinguished from the general low-computing-power nodes.The central and low-power nodes verify the digital signature to ensure identity reliability,and the protocol supports dynamic changes to the UAV unit and group keys.Once all nodes calculate their key pairs during the registration stage,only two rounds of interaction between the central high-computing-power node and the low-computing-power nodes are required to complete the key negotiation.
Results and Discussions This study demonstrates the protocol's security under the eCK model,which withstands guessing attacks,key duplica-tion attacks,and forgery attacks in the eCK model.In the analysis,multiple query capabilities are granted to the adversary,and the proof con-cludes that if the CDH problem is difficult to solve,the adversary's attack advantage is negligible.Based on the eCK model,this study establishes that the proposed protocol satisfies unforgeability,forward and backward confidentiality,and resists public key replacement attacks.A simulation experiment of the protocol is conducted to compare the calculation and communication costs with similar protocols.The simulation results indic-ate that the protocol achieves lower calculation and communication costs.Since the protocol does not rely on bilinear pairing construction,it is more suitable for lightweight UAV communication scenarios.In addition,this study evaluates the protocol's performance against existing ones in terms of computational overhead,communication cost overhead,and security properties.A simulation verifies the actual performance of the pro-tocol.The scheme employs secure hash function operations and elliptic curve scalar dot product operations with lower computational overhead,making it highly suitable for lightweight scenario requirements.Experimental results showed that both high-computing power nodes and low-computing power nodes in the scheme exhibit the lowest computational overhead.Whether in theoretical analysis or experimental simulation,the scheme shows good lightweight characteristics and high security,making it ideal for key negotiation scenarios of UAV swarms.
Conclusions The proposed scheme divides the UAV cluster into a high-computing node and multiple low-computing nodes.The high-computing node undertakes most of the computational and communication tasks for the cluster,reducing the overhead of the other nodes and enabling the en-tire UAV cluster to negotiate the session key efficiently and quickly.This study also conducts a security analysis and proof under the eCK model,demonstrating that the scheme satisfies multiple security features,ensuring secure data transmission between UAVs.Finally,the analysis and ex-perimental simulation of computational overhead and communication overhead confirm that the scheme exhibits good lightweight characteristics,meeting the requirements of UAVs with small sizes and low computing power. |
| Author | 朱友文 王钺程 张志强 |
| AuthorAffiliation | 南京航空航天大学 计算机科学与技术学院,江苏 南京 210016 |
| AuthorAffiliation_xml | – name: 南京航空航天大学 计算机科学与技术学院,江苏 南京 210016 |
| Author_FL | ZHU Youwen WANG Yuecheng ZHANG Zhiqiang |
| Author_FL_xml | – sequence: 1 fullname: WANG Yuecheng – sequence: 2 fullname: ZHU Youwen – sequence: 3 fullname: ZHANG Zhiqiang |
| Author_xml | – sequence: 1 fullname: 王钺程 – sequence: 2 fullname: 朱友文 – sequence: 3 fullname: 张志强 |
| BookMark | eNotj8tKw0AARWdRwVr7Bf6CifNOZ6nFFxTc6DrMJDPFKCk4FLMVSncqCiJIQRfVne1WU_Rrkib-hQO6uRfO4h7uGmikg1QDsIGgjzBldCvxEzvUVvsYYgIh46IBmhgK7hFM-SpoW3uqIOGUMMZZE-wsH1-KPF9O8urrrlpMio_38jkv8hvH6_lV8flWPY2q72m1GNWzqSPlfPxz_1pe35YPY5f1bLYOVow8t7r93y1wsrd73D3wekf7h93tnmcRDJAnlNQUKSWdXAaRiCXnKtYYcqYo7qCOCbgSgQskFAk0ZiIyMsCGx8JQg0kLbP7tXsrUyLQfJoPhReqMoY3iLFNhPzrL3G0GEcSI_ALdq2lg |
| ClassificationCodes | TN918%TP393 |
| ContentType | Journal Article |
| Copyright | Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| Copyright_xml | – notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| DBID | 2B. 4A8 92I 93N PSX TCJ |
| DOI | 10.12454/j.jsuese.202300569 |
| DatabaseName | Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ) |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| DocumentTitle_FL | Group Authentication Key Agreement Protocol Based on Certificateless Cryptography in UAV Network |
| EndPage | 224 |
| ExternalDocumentID | scdxxb_gckx202501021 |
| GrantInformation_xml | – fundername: (江苏省重点研发计划产业前瞻与关键核心技术项目); (国家自然科学基金); (江苏省自然科学基金) funderid: (江苏省重点研发计划产业前瞻与关键核心技术项目); (国家自然科学基金); (江苏省自然科学基金) |
| GroupedDBID | -0C -SC -S~ 2B. 2RA 4A8 5VR 92I 92M 93N 9D9 9DC AFUIB ALMA_UNASSIGNED_HOLDINGS CAJEC CQIGP GROUPED_DOAJ PB1 PB9 PSX Q-- R-C RT3 T8S TCJ U1F U5C |
| ID | FETCH-LOGICAL-s1071-9bae41bba364a7c9da66bde2065b42818f76b9776b19b37e259cfa72f6d9f4f23 |
| ISSN | 2096-3246 |
| IngestDate | Thu May 29 03:53:58 EDT 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Keywords | key agreement unmanned aerial vehicles(UAV) certificateless public key cryptography 无人机 无证书公钥体系 群密钥协商 椭圆曲线加密 elliptic curve cryp-tography 身份认证 identity authentication |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-s1071-9bae41bba364a7c9da66bde2065b42818f76b9776b19b37e259cfa72f6d9f4f23 |
| PageCount | 12 |
| ParticipantIDs | wanfang_journals_scdxxb_gckx202501021 |
| PublicationCentury | 2000 |
| PublicationDate | 2025 |
| PublicationDateYYYYMMDD | 2025-01-01 |
| PublicationDate_xml | – year: 2025 text: 2025 |
| PublicationDecade | 2020 |
| PublicationTitle | 工程科学与技术 |
| PublicationTitle_FL | Advanced Engineering Sciences |
| PublicationYear | 2025 |
| Publisher | 南京航空航天大学 计算机科学与技术学院,江苏 南京 210016 |
| Publisher_xml | – name: 南京航空航天大学 计算机科学与技术学院,江苏 南京 210016 |
| SSID | ssib036435565 ssib050593459 ssib041261190 ssib030194745 ssib051371919 ssj0003313526 ssib027967859 |
| Score | 2.407913 |
| Snippet | TN918%TP393; 随着无人机技术在物流行业等场景下的应用越来越广泛,在一些需要多无人机协同工作的场景下无人机之间需要对收集的数据进行交换,使用对称密钥进行加密和解密操... |
| SourceID | wanfang |
| SourceType | Aggregation Database |
| StartPage | 213 |
| Title | 无人机网络中基于无证书的群组认证密钥协商协议 |
| URI | https://d.wanfangdata.com.cn/periodical/scdxxb-gckx202501021 |
| Volume | 57 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals issn: 2096-3246 databaseCode: DOA dateStart: 20220101 customDbUrl: isFulltext: true dateEnd: 99991231 titleUrlDefault: https://www.doaj.org/ omitProxy: true ssIdentifier: ssj0003313526 providerName: Directory of Open Access Journals |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnR3LahRBcEjixYsoKmpUcrBPYTTd0z09fZzdzBIEPSWQW-ie2YkorOAmEHITQm4qCiJIQA_Rm8lVN-g3-BG72fgXVlVPdkeTQxSWoaiuqq3HznZ1z3RVENyxuXRRHJUht6odSqttmBhVhPSIy0YyntN4OPnBw3hhSd5fVssTkz9rby2tr7m7-eap50r-J6qAg7jiKdl_iOxIKCAAhvjCFSIM1zPFmGUxM5qlcyyTrJHiBzFNAjRrzDPDCWggEmkSls6zTDHTIhriSrKaHCBoQXZJQ4alMbIboJEkJ2OprAQiBog9ZsSlCAAuw4xgqUJMMs-SFn2poqERxrNn9fwYRxuaGOGasKRBgCZDFCqPKpEhXu0kxXc1vNXp6C1lZIJx5CZFvD9I3pjEe4rkgjZICxiQqMckoEyT3AJAC13kMdXmRrVZ4o9U0w-7Mg4JybVpE61MwFCvgCFNRhiFzgNkBeiRibPHzqHwAYASa5E9s0NqNOAICKiAewpHwW5DIQC7k9bsScVnBdbNiscThYBlaAiJcVyf1XzZ7z_u3uMpKqplO8KfYD8xkQqpJM2kj7EHJNaTFdjYwLfV-atCeTcvNjbcymr-ZAN9Tt3iJ4NzAnfIapsc8A8vtIHkaJxAw-xiZK3fQgT5sVLj5-6SwwKfj5_jKmxAWat-pHikuakKEmLuFUUcGz5gR8ljp1SlxtCgeyfNobN6ndJ2Vmtp5eLF4EK1HpxJ_c19KZjYfHQ5aBy--9jv9Q53esPvr4cHO_2vXwYfev3eS8Af7T_vf_s8fL81_LE7PNg62tsFzGB_-9ebT4MXrwZvt-F6tLd3JVhqZYvNhbBqdhJ2OaT5oXG2LblzFnxgdW4KG8euaAtYIjiJJdtKHTtYrMWOGxfptlAmL60WZVyYUpYiuhpMdZ522teCGetKWxjIyxOTS1zD6cjmnEe8mCtFqfj1gFU2r1R_Zt2V02J444x008F5hP3G5M1gau3ZevsWpOpr7jZF_zfhWLA4 |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=%E6%97%A0%E4%BA%BA%E6%9C%BA%E7%BD%91%E7%BB%9C%E4%B8%AD%E5%9F%BA%E4%BA%8E%E6%97%A0%E8%AF%81%E4%B9%A6%E7%9A%84%E7%BE%A4%E7%BB%84%E8%AE%A4%E8%AF%81%E5%AF%86%E9%92%A5%E5%8D%8F%E5%95%86%E5%8D%8F%E8%AE%AE&rft.jtitle=%E5%B7%A5%E7%A8%8B%E7%A7%91%E5%AD%A6%E4%B8%8E%E6%8A%80%E6%9C%AF&rft.au=%E7%8E%8B%E9%92%BA%E7%A8%8B&rft.au=%E6%9C%B1%E5%8F%8B%E6%96%87&rft.au=%E5%BC%A0%E5%BF%97%E5%BC%BA&rft.date=2025&rft.pub=%E5%8D%97%E4%BA%AC%E8%88%AA%E7%A9%BA%E8%88%AA%E5%A4%A9%E5%A4%A7%E5%AD%A6+%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%A7%91%E5%AD%A6%E4%B8%8E%E6%8A%80%E6%9C%AF%E5%AD%A6%E9%99%A2%2C%E6%B1%9F%E8%8B%8F+%E5%8D%97%E4%BA%AC+210016&rft.issn=2096-3246&rft.volume=57&rft.issue=1&rft.spage=213&rft.epage=224&rft_id=info:doi/10.12454%2Fj.jsuese.202300569&rft.externalDocID=scdxxb_gckx202501021 |
| thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Fscdxxb-gckx%2Fscdxxb-gckx.jpg |