CN114679268B - Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium - Google Patents

Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium Download PDF

Info

Publication number
CN114679268B
CN114679268B CN202210319290.0A CN202210319290A CN114679268B CN 114679268 B CN114679268 B CN 114679268B CN 202210319290 A CN202210319290 A CN 202210319290A CN 114679268 B CN114679268 B CN 114679268B
Authority
CN
China
Prior art keywords
unmanned aerial
point
aerial vehicle
ground station
hash value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210319290.0A
Other languages
Chinese (zh)
Other versions
CN114679268A (en
Inventor
张媛媛
孟令哲
张明武
阮鸥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Technology
Original Assignee
Hubei University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Technology filed Critical Hubei University of Technology
Priority to CN202210319290.0A priority Critical patent/CN114679268B/en
Publication of CN114679268A publication Critical patent/CN114679268A/en
Application granted granted Critical
Publication of CN114679268B publication Critical patent/CN114679268B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Traffic Control Systems (AREA)

Abstract

The invention provides a method for mutual authentication and key negotiation between unmanned aerial vehicles, which comprises the following steps: s1, a ground station generates a system public parameter and a private key thereof; s2, registering the unmanned aerial vehicles on the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private key of the unmanned aerial vehicles; s3, the unmanned aerial vehicle and the unmanned aerial vehicle perform mutual authentication and negotiate a session key. The authentication and key negotiation method between unmanned aerial vehicles provided by the embodiment of the invention comprises the unmanned aerial vehicles and a ground station: the ground station is a system capable of providing registration service for the unmanned aerial vehicle and generating parameters required by authentication, and the embodiment of the invention realizes mutual authentication and key negotiation between the unmanned aerial vehicle and the unmanned aerial vehicle, and ensures future secure communication of the unmanned aerial vehicle and the unmanned aerial vehicle. In addition, a Physical Unclonable Function (PUF) is embedded in the unmanned aerial vehicle, so that the security of authentication information stored by the unmanned aerial vehicle is ensured.

Description

Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, a computing device, and a storable medium for performing mutual authentication and key agreement between multiple unmanned aerial vehicles.
Background
Unmanned aerial vehicle is as unmanned miniature aircraft, utilizes radio remote control technique and embedded unmanned aerial vehicle's controlling means to operate unmanned aerial vehicle, and it is widely used in remote sensing survey and drawing, express delivery transportation, pipeline inspection, environmental detection and military reconnaissance etc. fields.
With the development of unmanned aerial vehicle technology, the cooperative completion of specified tasks among unmanned aerial vehicles has become a reality. And the unmanned aerial vehicles are combined according to a certain scale and structure, and a cooperative effect is generated through information sharing among the unmanned aerial vehicles so as to realize intelligent cooperative execution tasks. The mode of cooperation among unmanned aerial vehicles is widely applied in various fields, such as disaster relief, and when the unmanned aerial vehicles perform search and rescue work in mountain areas, the communication signals can be shielded due to complex and changeable environments of the areas. Adopt unmanned aerial vehicle cooperation mode, different unmanned aerial vehicles can each other be communication relay, carry out data sharing, can effectively avoid the communication that appears to shelter from the problem to promote search and rescue efficiency.
The mode of unmanned aerial vehicle collaboration provides many benefits for production and life, but presents some safety issues. Since communications between drones are made over a common channel, an attacker can eavesdrop on the communications within the network, tamper with the information, or forge spurious information to inject into the communications. Therefore, ensuring secure communication between unmanned aerial vehicles is an aspect of research that needs to be considered, namely how identity authentication and key agreement are performed between unmanned aerial vehicles. Finally, considering that the unmanned aerial vehicle is easy to be attacked by physical capture, how to ensure that the unmanned aerial vehicle has no influence on the security of an authentication scheme after being captured and stealing internal data is also a problem that needs to be studied in depth.
Disclosure of Invention
In view of the above, the embodiment of the invention provides a method for mutual authentication and key negotiation between unmanned aerial vehicles, wherein the unmanned aerial vehicles perform mutual authentication and session key negotiation between the unmanned aerial vehicles, so as to ensure the security and efficiency of the cooperation of the unmanned aerial vehicles; meanwhile, under the condition that an attacker captures the unmanned aerial vehicle and steals internal data, the security of authentication and key negotiation is not affected.
In order to achieve the above object, an embodiment of the present invention provides a method for authentication and key agreement between unmanned aerial vehicles, the method including:
s1, a ground station generates a system public parameter and a private key thereof;
s2, registering the unmanned aerial vehicles on the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private key of the unmanned aerial vehicles;
s3, the unmanned aerial vehicle and the unmanned aerial vehicle perform mutual authentication and negotiate a session key.
In another aspect, an embodiment of the present invention further provides a computer readable storage medium, where at least one instruction, at least one section of program, a code set, or an instruction set is stored, where the at least one instruction, the at least one section of program, the code set, or the instruction set is loaded and executed by a processor to implement the authentication and key negotiation method between unmanned aerial vehicles as described above.
In yet another aspect, in another aspect, an embodiment of the present invention further provides a computing device, where the computing device includes a processor and a memory, where the memory stores at least one instruction, at least one program, a code set, or an instruction set, and the at least one instruction, the at least one program, the code set, or the instruction set is loaded and executed by the processor to implement the method for authentication and key negotiation between unmanned aerial vehicles as described above.
The authentication and key negotiation method between unmanned aerial vehicles provided by the embodiment of the invention comprises the unmanned aerial vehicles and a ground station: the unmanned aerial vehicle is an unmanned aerial vehicle for executing corresponding tasks; the ground station refers to a system capable of providing registration service and generating parameters required by authentication for the unmanned aerial vehicle, and an elliptic curve, a base point, two hash functions, a ground station public key and a pseudonym are required to be used as common parameters. The embodiment of the invention realizes mutual authentication and key negotiation between the unmanned aerial vehicle and the unmanned aerial vehicle, and ensures future safety communication of the unmanned aerial vehicle and the unmanned aerial vehicle. In addition, a Physical Unclonable Function (PUF) is embedded in the unmanned aerial vehicle, so that the security of authentication information stored by the unmanned aerial vehicle is ensured.
Drawings
Specific embodiments of the present invention will be described below by way of example with reference to the accompanying drawings.
Fig. 1 is a flowchart of unmanned aerial vehicle registration according to an embodiment of the present invention;
fig. 2 is a flowchart of authentication between unmanned aerial vehicles according to an embodiment of the present invention;
fig. 3 is a new unmanned aerial vehicle adding flow chart according to the embodiment of the invention;
fig. 4 is a block diagram of a computing device according to an embodiment of the present invention.
Detailed Description
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the following description will explain the specific embodiments of the present invention with reference to the accompanying drawings. It is evident that the drawings in the following description are only examples of the invention, from which other drawings and other embodiments can be obtained by a person skilled in the art without inventive effort. For simplicity of the drawing, only the parts relevant to the present invention are schematically shown in each drawing, and they do not represent the actual structure thereof as a product.
In order to solve the technical problems of the embodiments of the present invention, the embodiments of the present invention provide the following technical solutions:
an authentication and key agreement method between unmanned aerial vehicles comprises the following steps:
s1, a ground station generates a system public parameter and a private key thereof;
s2, registering the unmanned aerial vehicles on the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private key of the unmanned aerial vehicles;
s3, the unmanned aerial vehicle and the unmanned aerial vehicle perform mutual authentication and negotiate a session key.
Preferably, the step S1 includes the steps of:
s1.1: let GF (q) be a finite field, where q is a large prime number representing the size of GF (q), the ground station selects elliptic curve E over GF (q) q (a,b):y 2 =x 3 +ax+b (mod q), where (a, b) ∈GF (p), U is E q A base point on (a, b);
s1.2: the ground station selects a first random numberAs a self-private key, wherein,
performing point multiplication operation on the private key s and the base point U to obtain a public key P of the ground station pub
I.e. calculate P pub =s·U;
S1.3: the ground station selects its pseudonym SID and two hash functions h 1 (. Cndot.) and h 2 (. Cndot.) wherein h 1 (. Cndot.) mapping arbitrary length strings to an integer, h 2 (. Cndot.) mapping a string of arbitrary length into a string of fixed length;
s1.4: the ground station stores the private key s and discloses the elliptic curve E q (a, b), big prime q, base point U, ground station public key P pub Ground station pseudonym SID and two hash functions h 1 (. Cndot.) and h 2 (·)。
As shown in fig. 1, preferably, the step S2 includes the steps of:
s2.1: assuming a total of n unmanned aerial vehicles, the ground station selects a second random number for each unmanned aerial vehicleThe random number d i Performing point multiplication operation with the elliptic curve base point U to obtainWherein->And->Respectively point D i Is the abscissa and ordinate of (2);
i.e. calculation
S2.2: the ground station transmits the self-pseudonym SID and the point D i Is the abscissa of (2)After merging, utilizing the hash function h 1 (. Cndot.) generating a first hash value, the product of the first hash value and the ground station private key s plus the second random number d i The obtained result is then subjected to a model q to obtainF i . Ground station will point D i And F i Sending the data to a corresponding unmanned aerial vehicle through a safety channel;
i.e. calculation
S2.3: unmanned aerial vehicle receives D i And F i After that, select a challenge C i The challenge is the input of the PUF embedded in the drone, outputting the corresponding response R i =PUF i (C i );
S2.4: response R of unmanned aerial vehicle by said PUF i And the received point D i Is the ordinate of (2)After merging, utilizing the hash function h 2 (-) generated second hash value and received F i Exclusive OR to obtain G i . Then the unmanned aerial vehicle will authenticate the information point D i 、G i And C i Is stored in the memory of the computer,
i.e. calculation
As shown in fig. 2, preferably, the step S3 includes the steps of:
s3.1: challenge C stored in internal memory by unmanned plane alpha (alpha is more than or equal to 1 and less than or equal to n) α As input to the PUF, the PUF outputs a corresponding response R α =PUF α (C α ) And then output response R α And point D stored in memory α Is the ordinate of (2)After merging, utilizing the hash function h 2 (. Cndot.) generating a third hash value, G stored in memory α Exclusive-or with the third hash value to obtain F α
I.e. calculation
S3.2: the unmanned plane alpha generates a third random numberThe random number k α Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein->And->Respectively is the point K α And the abscissa and ordinate of (c). Unmanned aerial vehicle α then subjects the F α Adding a third random number k α The added result is modulo q to obtain J α
I.e. calculationAnd J α =F α +k α mod q;
S3.3: point D stored in memory of unmanned aerial vehicle alpha α Said point K α And J α Sending the information to the unmanned plane beta (beta is more than or equal to 1 and less than or equal to n, alpha is not equal to beta) through a public channel;
s3.4: after receiving the information, the unmanned plane beta receives J α Performing point multiplication operation with the elliptic curve base point U to obtain Z α1 Reuse of the received point D and the pseudonym SID by the ground station α Is the abscissa of (2)After merging, utilizing the hash function h 1 (-) -generated fourth hash value with said ground station public key P pub Performing dot product operation to obtain Z α2 Then the received point D α Calculated Z α2 And received K α Adding, and obtaining Z by the added result modulo q α3 Will Z α1 And Z is α3 Comparing, i.e
If the two are equal, the unmanned plane alpha passes the authentication of the unmanned plane beta, and the step S3.5 is continued, otherwise, the authentication is terminated;
s3.5: challenge C that drone β will store in memory β Input into the PUF, the PUF outputs a corresponding response R β =PUF β (C β ) And then output response R β And point D stored in memory β Is the ordinate of (2)After merging, utilizing the hash function h 2 (. Cndot.) generating a fifth hash value, G stored in memory β Exclusive-or with the fifth hash value to obtain F β ;;
I.e. calculation
S3.6: unmanned aerial vehicle beta generates fourth random numberThe random number k β Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein point K β Is +.about.L and +.about.L respectively>And->Unmanned plane beta then subjects the F β And a fourth random number k β The added result is modulo q to obtain J β Reuse by the->And->After merging, utilizing the hash function h 2 (. Cndot.) generated sixth hash value and calculated J β Obtaining L by exclusive OR;
i.e. calculationJ β =F β +k β mod q and
s3.7: point D stored in memory of unmanned aerial vehicle beta β Said point K β And L is sent to the unmanned plane alpha through a public channel;
s3.8: after receiving the information, the unmanned aerial vehicle alpha sends the information to the unmanned aerial vehicleAnd the received point D β Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generating a seventh hash value, and xoring the received L with the seventh hash value to obtain J β
I.e. calculation
Will J β Performing point multiplication operation with the elliptic curve base point U to obtain Z β1 Reuse of the received point D and the pseudonym SID by the ground station β Is the abscissa of (2)After merging, utilizing the hash function h 1 (-) -generated eighth hash value with said ground station public key P pub Performing dot product operation to obtain Z β2 Then the received pointD β Calculated Z β2 And received K β The added result is modulo q to obtain Z β3 Will Z β1 And Z is β3 Comparison is performed, namely:
if the two are equal, the unmanned plane beta passes the authentication of the unmanned plane alpha, and the step S3.9 is continued, otherwise, the authentication session is terminated;
s3.9: the unmanned aerial vehicle alpha uses the third random number k α And point K β Performing dot product operation to obtain V= (V) x ,V y ) Wherein V is x And V y Respectively the abscissa and the ordinate of the point V, and then calculating the obtained V x 、V y Said point D α Is the ordinate of (2)Sum point D β Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generating a ninth hash value SK, using the ninth hash value as the negotiated first session key, and then using the ninth hash value SK, said +.>And->After merging, utilizing the hash function h 2 (. Cndot.) generating a tenth hash value W;
i.e. calculate v=k α ·K β =(V x ,V y )、And
s3.10: the unmanned aerial vehicle alpha sends the tenth hash value W to the unmanned aerial vehicle beta through a public channel;
s3.11: after receiving the information, the unmanned plane beta receives the fourth random number k β And point K α Performing dot product operation to obtain V= (V) x ,V y ) And then V is calculated x 、V y Said point D α Is the ordinate of (2)Sum point D β Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generating an eleventh hash value SK;
i.e. calculate v=k β ·K α =(V x ,V y ) And
s3.12: the unmanned plane beta compares whether the received tenth hash value W is equal to the value SK,And->After merging, utilizing the hash function h 2 (. Cndot.) generated twelfth hash valueIf the two are not equal, the session is terminated, otherwise, the eleventh hash value SK is used as a negotiated second session key, and then the unmanned aerial vehicle alpha and the unmanned aerial vehicle beta use the session key SK to communicate, so that authentication and key negotiation are finished.
As shown in fig. 3, the method further includes a new unmanned aerial vehicle, specifically including the following steps:
s4.1: the ground station selects a fifth random number for a pre-registered new droneThe fifth random number +.>Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein->And->Are respectively the points->Is the abscissa and ordinate of (2);
i.e. calculation
S4.2: the ground station adds the self-pseudonym SID and the pointIs +.>After merging, utilizing the hash function h 1 (. Cndot.) generating a thirteenth hash value, the product of the thirteenth hash value and the ground station private key s plus the fifth random number +.>The obtained result is then modulo q to obtain F i new Ground station, point->And F i new Sending the information to a new unmanned aerial vehicle through a safety channel;
i.e. calculation
S4.3: after receiving the information, the new unmanned aerial vehicle selects a challengeAs input to the PUF embedded in the drone, the PUF outputs the corresponding response +.>
S4.4: response by the PUF for a new droneAnd received dot->Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generated fourteenth hash value with received F i new Exclusive or get->Then the unmanned aerial vehicle will authenticate the information point +.>And->Is stored in the memory of the computer,
i.e. calculation
Referring to FIG. 4, a schematic diagram of a computing device 1500 according to one embodiment of the present application is shown. The computing device 1500 may be used to implement the method of mutual authentication and key agreement between drones provided in the embodiments described above.
Specifically, the present invention relates to a method for manufacturing a semiconductor device.
The computing device 1500 includes a Central Processing Unit (CPU) 1501, a system memory 1504 including a Random Access Memory (RAM) 1502 and a Read Only Memory (ROM) 1503, and a system bus 1505 connecting the system memory 1504 and the central processing unit 1501. The computing device 1500 also includes a basic input/output system (I/O system) 1506, and a mass storage device 1507 for storing an operating system 1513, application programs 1514, and other program modules 1515, which facilitate the transfer of information between the various devices within the computer.
The basic input/output system 1506 includes a display 1508 for displaying information and an input device 1509, such as a mouse, keyboard, etc., for the user to input information. Wherein the display 1508 and the input device 1509 are both connected to the central processing unit 1501 via an input-output controller 1510 connected to the system bus 1505. The basic input/output system 1506 may also include an input/output controller 1510 for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus. Similarly, the input output controller 1510 also provides output to a display screen, a printer, or other type of output device.
The mass storage device 1507 is connected to the central processing unit 1501 via a mass storage controller (not shown) connected to the system bus 1505. The mass storage device 1507 and its associated computer-readable media provide non-volatile storage for the computing device 1500. That is, the mass storage device 1507 may include a computer-readable medium (not shown) such as a hard disk or CD-ROM drive.
The computer readable medium may include computer storage media and communication media without loss of generality. Computer storage media includes volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Computer storage media includes RAM, ROM, EPROM, EEPROM, flash memory or other solid state memory technology, CD-ROM, DVD or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices.
Of course, those skilled in the art will recognize that the computer storage medium is not limited to the one described above. The system memory 1504 and mass storage device 1507 described above may be collectively referred to as memory.
According to various embodiments of the application, the computing device 1500 may also be operated by a remote computer connected to the network through a network, such as the Internet. That is, the computing device 1500 may be connected to the network 1512 via a network interface unit 1511 coupled to the system bus 1505, or alternatively, the network interface unit 1511 may be used to connect to other types of networks or remote computer systems (not shown).
The memory also includes one or more programs stored in the memory and configured to be executed by the one or more processors. The one or more programs include means for implementing mutual authentication and key agreement between the drones.
In an exemplary embodiment, a computing device is also provided that includes a processor and a memory having at least one instruction, at least one program, set of codes, or set of instructions stored therein. The at least one instruction, at least one program, code set, or instruction set is configured to be executed by the processor to implement the method of mutual authentication and key agreement between drones described above.
In an exemplary embodiment, there is also provided a computer readable storage medium having stored therein at least one instruction, at least one program, a set of codes or a set of instructions, which when executed by a processor of a terminal, implement the method of mutual authentication and key agreement between drones of the above embodiments. Alternatively, the above-mentioned computer-readable storage medium may be a ROM (Read-Only Memory), a RAM (Random Access Memory ), a CD-ROM (Compact Disc Read-Only Memory), a magnetic tape, a floppy disk, an optical data storage device, or the like.
In an exemplary embodiment, a computer program product is also provided, which, when executed, is adapted to carry out the above-described method of mutual authentication and key agreement between drones.
Two or more "and/or", describing the association relationship of the association object, means that there may be three relationships, for example, a and/or B, may represent: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship.
In addition, the step numbers described herein are merely exemplary of one possible execution sequence among steps, and in some other embodiments, the steps may be executed out of the order of numbers, such as two differently numbered steps being executed simultaneously, or two differently numbered steps being executed in an order opposite to that shown, which is not limited by the embodiments of the present application.
The foregoing description of the exemplary embodiments of the present application is not intended to limit the invention to the particular embodiments disclosed, but on the contrary, the intention is to cover all modifications, equivalents, alternatives, and alternatives falling within the spirit and scope of the invention.
The foregoing is only a partial embodiment of the present invention, and it should be noted that it will be apparent to those skilled in the art that modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.

Claims (6)

1. An authentication and key agreement method between unmanned aerial vehicles, characterized in that the method comprises the following steps:
s1, ground station generationThe system public parameters and the private key thereof specifically comprise: s1.1, setting GF (q) as a finite field, wherein q is a large prime number representing the size of GF (q), and the ground station selects an elliptic curve E over GF (q) q (a,b):y 2 =x 3 +ax+b (mod q), where (a, b) ∈GF (p), U is E q A base point on (a, b);
s1.2, the ground station selects a first random numberAs a self-private key, wherein,
performing point multiplication operation on the private key s and the base point U to obtain a public key P of the ground station pub I.e. P pub =s·U;
S1.3, the ground station selects the pseudonym SID of the ground station and two hash functions h 1 (. Cndot.) and h 2 (. Cndot.) wherein h 1 (. Cndot.) mapping arbitrary length strings to an integer, h 2 (. Cndot.) mapping a string of arbitrary length into a string of fixed length;
s1.4: the ground station stores the private key s and discloses the elliptic curve E q (a, b), big prime q, base point U, ground station public key P pub Ground station pseudonym SID and two hash functions h 1 (. Cndot.) and h 2 (·);
S2, registering the unmanned aerial vehicles on the ground station, and generating authentication information for each unmanned aerial vehicle by the ground station according to the public parameters and the private key of the unmanned aerial vehicles;
s3, the unmanned aerial vehicle and the unmanned aerial vehicle perform mutual authentication and negotiate a session key.
2. The authentication and key agreement method between unmanned aerial vehicles according to claim 1, wherein S2 comprises the steps of:
s2.1, assuming that n unmanned aerial vehicles are in total, the ground station selects a second random number for each unmanned aerial vehicleThe random number d i Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein->And->Respectively point D i Is the abscissa and ordinate of (2), i.e. +.>
S2.2 the ground station adds its own pseudonym SID and point D i Is the abscissa of (2)After merging, utilizing the hash function h 1 (. Cndot.) generating a first hash value, the product of the first hash value and the ground station private key s plus the second random number d i The obtained result is then modulo q to obtain F i The ground station will point D i And F i Is sent to the corresponding unmanned aerial vehicle through a safety channel, namely
S2.3, the unmanned aerial vehicle receives D i And F i After that, select a challenge C i The challenge is the input of the PUF embedded in the drone, outputting the corresponding response R i =PUF i (C i );
S2.4, response R of unmanned aerial vehicle by the PUF i And the received point D i Is the ordinate of (2)After merging, utilizing the hash function h 2 (-) generated second hash value and received F i Exclusive OR to obtain G i Unmanned aerial vehicle will authenticate information point D i 、G i And C i Stored in memory, i.e.)>
3. The method for authentication and key agreement between unmanned aerial vehicles according to claim 2, wherein S3 comprises the steps of:
s3.1, challenge C stored in internal memory by unmanned plane alpha (alpha is more than or equal to 1 and less than or equal to n) α As input to the PUF, the PUF outputs a corresponding response R α =PUF α (C α ) And then output response R α And point D stored in memory α Is the ordinate of (2)After merging, utilizing the hash function h 2 (. Cndot.) generating a third hash value, G stored in memory α Exclusive-or with the third hash value to obtain F α I.e.
S3.2, generating a third random number by the unmanned aerial vehicle alphaThe third random number k α Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein->And->Respectively is the point K α Is the unmanned plane alpha to re-divide the F α Adding a third random number k α The added result is modulo q to obtain J α I.e. +.>And J α =(F α +k α )mod q;
S3.3, point D stored in memory by unmanned plane alpha α Said point K α And J α Sending the information to the unmanned plane beta (beta is more than or equal to 1 and less than or equal to n, alpha is not equal to beta) through a public channel;
s3.4, after the unmanned aerial vehicle beta receives the information sent by the unmanned aerial vehicle alpha, the received J α Performing point multiplication operation with the elliptic curve base point U to obtain Z α1 Then the pseudonym SID of the ground station and the received point D α Is the abscissa of (2)After merging, utilizing the hash function h 1 (-) generated fourth hash value and ground station public key P pub Performing dot product operation to obtain Z α2 Then the received point D α Calculated Z α2 And received K α Adding, and obtaining Z by the added result modulo q α3 Will Z α1 And Z is α3 Comparing, i.e. comparing J α U andif the two are equal, the unmanned plane alpha passes the authentication of the unmanned plane beta, and the step S3.5 is continued, otherwise, the authentication is terminated;
s3.5 challenge C for storing unmanned plane beta in memory β Input into the PUF, the PUF outputs a corresponding response R β =PUF β (C β ) And then output response R β And point D stored in memory β Is the ordinate of (2)After merging, utilizing the hash function h 2 (. Cndot.) generating a fifth hash value, G stored in memory β Exclusive-or with the fifth hash value to obtain F β I.e.
S3.6, generating fourth random number by unmanned plane betaThe fourth random number k β Performing point multiplication operation with the elliptic curve base point U to obtain +.>Wherein point K β Is +.about.L and +.about.L respectively>And->Unmanned plane beta then subjects the F β And a fourth random number k β The added result is modulo q to obtain J β Reuse by the->And->After merging, utilizing the hash function h 2 (. Cndot.) generated sixth hash value and calculated J β Obtaining L by exclusive OR;
i.e.J β =(F β +k β ) mod q and
s3.7, point D stored in memory is processed by unmanned plane beta β Said point K β And L is sent to the unmanned plane alpha through a public channel;
s3.8, after receiving the information, the unmanned aerial vehicle alpha receives the informationAnd the received point D β Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generating a seventh hash value, and xoring the received L with the seventh hash value to obtain J β I.e.
Will J β Performing point multiplication operation with the elliptic curve base point U to obtain Z β1 Reuse of the received point D and the pseudonym SID by the ground station β Is the abscissa of (2)After merging, utilizing the hash function h 1 (-) -generated eighth hash value with said ground station public key P pub Performing dot product operation to obtain Z β2 Then the received point D β Calculated Z β2 And received K β The added result is modulo q to obtain Z β3 Will Z β1 And Z is β3 Comparison is performed, namely:
comparative J β U and
if the two are equal, the unmanned plane beta passes the authentication of the unmanned plane alpha, and the step S3.9 is continued, otherwise, the authentication session is terminated;
s3.9, the unmanned plane alpha uses the third random number k α And point K β Performing dot product operation to obtain V= (V) x ,V y ) Wherein V is x And V y Respectively the abscissa and the ordinate of the point V, and then calculating the obtained V x 、V y Said point D α Is the ordinate of (2)Sum point D β Is the ordinate of (2)After merging, utilizing the hash function h 2 (. Cndot.) generating a ninth hash value SK, using the ninth hash value as the negotiated first session key, and then using the ninth hash value SK, said +.>And->After merging, utilizing the hash function h 2 (. Cndot.) generating a tenth hash value W;
i.e. calculate v=k α ·K β =(V x ,V y )、And
s3.10, the unmanned aerial vehicle alpha transmits the tenth hash value W to the unmanned aerial vehicle beta through a public channel;
s3.11, after receiving the information, the unmanned plane beta receives the fourth random number k β And point K α Performing dot product operation to obtain V= (V) x ,V y ) And then V is calculated x 、V y Said point D α Is the ordinate of (2)Sum point D β Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generating an eleventh hash value SK;
i.e. calculate v=k β ·K α =(V x ,V y ) And
s3.12, comparing whether the received tenth hash value W is equal to the eleventh hash value SK by the unmanned aerial vehicle beta,And->After merging, utilizing the hash function h 2 (. Cndot.) generated twelfth hash valueIf the two are not equal, the key negotiation session is terminated, otherwise, the eleventh hash value SK is used as a negotiated second session key, and then the unmanned aerial vehicle alpha and the unmanned aerial vehicle beta communicate by using the second session key SK.
4. A method of authentication and key agreement between drones according to claim 3, further comprising:
s4.1, the ground station selects a fifth random number for a new pre-registered unmanned aerial vehicleThe fifth random numberPerforming point multiplication operation with the elliptic curve base point U to obtain +.>Wherein->And->Are respectively the points->Is defined by the abscissa and the ordinate of (c),
i.e.
S4.2, the ground station adds the self-pseudonym SID and the pointIs +.>After merging, utilizing the hash function h 1 (. Cndot.) generating a thirteenth hash value, the product of the thirteenth hash value and the ground station private key s plus the fifth random number +.>The obtained result is then modulo q to obtain F i new Ground station, point->And F i new Sending the information to a new unmanned aerial vehicle through a safety channel;
i.e. calculation
S4.3, after the new unmanned aerial vehicle receives the information, selecting a challengeAs input to the PUF embedded in the drone, the PUF outputs the corresponding response +.>
S4.4 response by the PUF for a new unmanned aerial vehicleAnd received dot->Is +.>After merging, utilizing the hash function h 2 (. Cndot.) generated fourteenth hash value with received F i new Exclusive or get->I.e.The unmanned aerial vehicle then sends the authentication information point +.>And->Stored in a memory.
5. A computing device comprising a processor and a memory having stored therein at least one instruction, at least one program, code set, or instruction set loaded and executed by the processor to implement the method of mutual authentication and key agreement between drones according to any one of claims 1 to 4.
6. A computer readable storage medium having stored therein at least one instruction, at least one program, code set, or instruction set loaded and executed by a processor to implement the method of mutual authentication and key agreement between drones according to any one of claims 1 to 4.
CN202210319290.0A 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium Active CN114679268B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210319290.0A CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210319290.0A CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Publications (2)

Publication Number Publication Date
CN114679268A CN114679268A (en) 2022-06-28
CN114679268B true CN114679268B (en) 2023-07-21

Family

ID=82075913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210319290.0A Active CN114679268B (en) 2022-03-29 2022-03-29 Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium

Country Status (1)

Country Link
CN (1) CN114679268B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115150828A (en) * 2022-07-12 2022-10-04 西安电子科技大学 Unmanned aerial vehicle identity authentication and key agreement method based on position password
CN115314228B (en) * 2022-10-10 2023-03-24 广东电网有限责任公司佛山供电局 Unmanned aerial vehicle identity authentication method, device and system
CN116528229B (en) * 2023-07-03 2023-09-05 北京中科网芯科技有限公司 5G secure communication method and system thereof
CN117892967A (en) * 2024-01-18 2024-04-16 国网经济技术研究院有限公司 Pumped storage power station inspection system based on space remote sensing

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9016565B2 (en) * 2011-07-18 2015-04-28 Dylan T X Zhou Wearable personal digital device for facilitating mobile device payments and personal use
US9875660B2 (en) * 2016-03-28 2018-01-23 Cisco Technology, Inc. Multi-modal UAV certification
CN107437993A (en) * 2016-05-26 2017-12-05 中兴通讯股份有限公司 One kind is based on without the side's authentication key agreement method of certificate two and device
CN105913691B (en) * 2016-06-06 2018-06-29 北京威胜通达科技有限公司 A kind of method that service is declared in flying area
CN106714166A (en) * 2016-12-23 2017-05-24 成都赫尔墨斯科技有限公司 Anti-UAV method based on user authentication
EP3668126A4 (en) * 2017-08-10 2021-01-20 Beijing Xiaomi Mobile Software Co., Ltd. Unmanned aerial vehicle access method and device
CN108521401B (en) * 2018-03-06 2020-05-12 西安电子科技大学 Method for enhancing safety of MANET network of unmanned aerial vehicle
CN108683641A (en) * 2018-04-24 2018-10-19 广州亿航智能技术有限公司 A kind of data communications method, device, unmanned plane and computer storage media
CN108966174A (en) * 2018-07-27 2018-12-07 长春草莓科技有限公司 A kind of communication encryption method of unmanned plane and earth station
US10798557B2 (en) * 2018-12-20 2020-10-06 The Johns Hopkins University Space-based long term evolution (LTE) communications architecture
CN110972132B (en) * 2019-11-12 2023-07-18 江苏恒宝智能系统技术有限公司 Unmanned aerial vehicle queue identity authentication method
CN110855427B (en) * 2019-11-18 2023-05-30 国网四川省电力公司电力科学研究院 Unmanned aerial vehicle authentication method and system
CN111628959B (en) * 2019-11-20 2021-07-09 南京航空航天大学 Large-scale unmanned aerial vehicle group security authentication mechanism based on random label
CN113872761B (en) * 2021-11-17 2023-07-07 湖北工业大学 Batch authentication method for intelligent household equipment, computing equipment and storable medium
CN114063651B (en) * 2021-11-18 2023-07-04 湖北工业大学 Method for mutual authentication between user and multiple unmanned aerial vehicles and storable medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714167A (en) * 2019-03-15 2019-05-03 北京邮电大学 Authentication and cryptographic key negotiation method and equipment suitable for mobile application signature

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
城市应急联动系统中三台合一的研究与应用;张正文,陈卓,阮鸥;《计算机与数字工程》;全文 *
基于无人机多光谱影像的海滨景区浒苔信息提取研究;李冬雪;高志强;尚伟涛;姜晓鹏;宋德彬;张媛媛;;海洋环境科学(第03期);全文 *
基于椭圆曲线的隐私增强认证密钥协商协议;曹天杰;雷红;;电子学报(第02期);全文 *

Also Published As

Publication number Publication date
CN114679268A (en) 2022-06-28

Similar Documents

Publication Publication Date Title
CN114679268B (en) Method for mutual authentication and key agreement between unmanned aerial vehicles and storable medium
CN112288097B (en) Federal learning data processing method, federal learning data processing device, computer equipment and storage medium
US10878248B2 (en) Media authentication using distributed ledger
CN111490878B (en) Key generation method, device, equipment and medium
CN110603557B (en) System and method for controlling transaction ledger
US20190356472A1 (en) Blockchain-implemented method and system
US20150341349A1 (en) Privacy-preserving biometric authentication
CN112367164B (en) Service request processing method and device, computer equipment and storage medium
CN110572468A (en) server cluster file synchronization method and device, electronic equipment and storage medium
CN111489159A (en) Data processing method, data processing device, computer equipment and medium
CN105577602A (en) Data pushing method and data pushing device based on open application programming interface
CN111614761A (en) Block chain message transmission method, device, computer and readable storage medium
EP3742304A1 (en) Validation of measurement datasets in a distributed database
CN114063651B (en) Method for mutual authentication between user and multiple unmanned aerial vehicles and storable medium
CN110190964A (en) Identity identifying method and electronic equipment
CN104504347A (en) Data consistency matching processing method and device
CN103731424B (en) A kind of transmission method of network data, apparatus and system
CN115168827B (en) Two-dimensional code generation method containing identity information and two-dimensional code reading method
CN114650182B (en) Identity authentication method, system, device, gateway equipment, equipment and terminal
CN116488873A (en) Information transmission method, apparatus, computer device and storage medium
CN113595742B (en) Data transmission method, system, computer device and storage medium
CN114666155A (en) Equipment access method, system and device, Internet of things equipment and gateway equipment
CN117728962B (en) Signature transmission method for ensuring storage consistency of multi-level video data
CN114499869B (en) Resource cross-chain exchange method and device based on block chain and computer equipment
CN113094745B (en) Data transformation method and device based on privacy protection and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant