US20210144007A1 - Uav authentication method and system - Google Patents

Uav authentication method and system Download PDF

Info

Publication number
US20210144007A1
US20210144007A1 US17/125,504 US202017125504A US2021144007A1 US 20210144007 A1 US20210144007 A1 US 20210144007A1 US 202017125504 A US202017125504 A US 202017125504A US 2021144007 A1 US2021144007 A1 US 2021144007A1
Authority
US
United States
Prior art keywords
random number
authentication
key
uav
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US17/125,504
Inventor
Yongsen CHEN
Ming Gong
Ming Chen
Zhun DING
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SZ DJI Technology Co Ltd
Original Assignee
SZ DJI Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SZ DJI Technology Co Ltd filed Critical SZ DJI Technology Co Ltd
Priority to US17/125,504 priority Critical patent/US20210144007A1/en
Assigned to SZ DJI Technology Co., Ltd. reassignment SZ DJI Technology Co., Ltd. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHEN, Yongsen, GONG, Ming, CHEN, MING, DING, Zhun
Publication of US20210144007A1 publication Critical patent/US20210144007A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G5/00Traffic control systems for aircraft, e.g. air-traffic control [ATC]
    • G08G5/0004Transmission of traffic-related information to or from an aircraft
    • G08G5/0013Transmission of traffic-related information to or from an aircraft with a ground station
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G5/00Traffic control systems for aircraft, e.g. air-traffic control [ATC]
    • G08G5/0017Arrangements for implementing traffic-related aircraft activities, e.g. arrangements for generating, displaying, acquiring or managing traffic information
    • G08G5/0021Arrangements for implementing traffic-related aircraft activities, e.g. arrangements for generating, displaying, acquiring or managing traffic information located in the aircraft
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G5/00Traffic control systems for aircraft, e.g. air-traffic control [ATC]
    • G08G5/0047Navigation or guidance aids for a single aircraft
    • G08G5/0069Navigation or guidance aids for a single aircraft specially adapted for an unmanned aircraft
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B64AIRCRAFT; AVIATION; COSMONAUTICS
    • B64CAEROPLANES; HELICOPTERS
    • B64C39/00Aircraft not otherwise provided for
    • B64C39/02Aircraft not otherwise provided for characterised by special use
    • B64C39/024Aircraft not otherwise provided for characterised by special use of the remote controlled vehicle type, i.e. RPV
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B64AIRCRAFT; AVIATION; COSMONAUTICS
    • B64UUNMANNED AERIAL VEHICLES [UAV]; EQUIPMENT THEREFOR
    • B64U20/00Constructional aspects of UAVs
    • B64U20/80Arrangement of on-board electronics, e.g. avionics systems or wiring
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B64AIRCRAFT; AVIATION; COSMONAUTICS
    • B64UUNMANNED AERIAL VEHICLES [UAV]; EQUIPMENT THEREFOR
    • B64U20/00Constructional aspects of UAVs
    • B64U20/80Arrangement of on-board electronics, e.g. avionics systems or wiring
    • B64U20/87Mounting of imaging devices, e.g. mounting of gimbals

Definitions

  • the present disclosure relates to unmanned aerial vehicle (UAV) security technology and, more particularly, to a UAV authentication method and system.
  • UAV unmanned aerial vehicle
  • An unmanned aerial vehicle is an unmanned aircraft controlled by a radio remote control device and a programming control device of the UAV.
  • a radio remote control device controls components of the UAV.
  • components of the UAV are started without authentication.
  • the replaced component is started without authentication.
  • the replaced component can carry out an attack, causing security risks.
  • an authentication method including that an authentication apparatus of an unmanned aerial vehicle (UAV) generates a session key, the authentication apparatus receives a device identification (ID) of a device and a randomly generated random number from the device of the UAV, the authentication apparatus obtains a device key of the device according to the device ID of the device, the authentication apparatus encrypts the session key and the random number according to the device key of the device, and the authentication apparatus sends the encrypted session key and the encrypted random number to the device.
  • UAV unmanned aerial vehicle
  • a secure communication method including that a first device obtains a session key and a command sequence number, the first device generates a message request to communicate with a second device, the first device updates the command sequence number, the first device encrypts the message request and performs message authorization code (MAC) computation on the message request, and the first device sends the encrypted and MAC-computed message request and the updated command sequence number to the second device.
  • MAC message authorization code
  • a flight controller of an unmanned aerial vehicle (UAV).
  • the flight controller is configured to generate a session key, receive a device ID of a functional assembly of the UAV and a random number, obtain a device key of the functional assembly according to the device ID of the functional assembly, encrypt the session key and the random number according to the device key of the functional assembly, and send the encrypted session key and the encrypted random number to the functional assembly.
  • FIG. 1 is a schematic diagram of an application environment of an unmanned aerial vehicle (UAV) authentication system according to the disclosure.
  • UAV unmanned aerial vehicle
  • FIG. 2 is a schematic diagram of a multi-layered key according to the disclosure.
  • FIG. 3 is a block diagram of a UAV authentication system according to the disclosure.
  • FIG. 4 is a flowchart of a UAV authentication method according to the disclosure.
  • FIG. 5 is a flowchart of another UAV authentication method according to the disclosure.
  • FIG. 6 is a flowchart of another UAV authentication method according to the disclosure.
  • FIG. 7 schematically shows an interaction between at least one device and an authentication apparatus according to the disclosure.
  • FIG. 8 schematically shows a secure communication between two devices according to the disclosure.
  • FIG. 1 is a schematic diagram of an application environment of an unmanned aerial vehicle (UAV) authentication system 10 consistent with the disclosure.
  • UAV unmanned aerial vehicle
  • the UAV authentication system 10 is provided in a UAV 1 .
  • the UAV 1 also includes an authentication apparatus 11 , at least one device 12 , a storage apparatus 13 , a controller 14 , or the like.
  • the authentication apparatus 11 can include a flight controller of the UAV 1 .
  • the UAV authentication system 10 can be a separate system coupled to the authentication apparatus 11 and the at least one device 12 .
  • the UAV authentication system 10 can be integrated in the authentication apparatus 11 and the at least one device 12 .
  • the authentication apparatus 11 , the storage apparatus 13 , and the controller 14 can be integrated in the flight controller of the UAV 1 .
  • the flight controller (not shown in FIG.
  • the at least one device 12 can include a plurality of components of the UAV 1 or a plurality of functional assemblies of the UAV 1 .
  • the plurality of functional assemblies may include one or more of a camera, a gimbal, a remote controller, and a positioning apparatus.
  • each of the at least one device 12 corresponds to a unique device identification (ID) that is used for identifying each of the at least one device 12 .
  • ID unique device identification
  • the at least one device 12 can be divided into a plurality of groups, for example, a first group of devices, a second group of devices, . . . , an Nth group of devices, or the like. Each group of devices can include at least one functional assembly.
  • the first group of devices can include a camera, camera-associated components and/or similar components, or the like;
  • the second group of devices can include a gimbal, gimbal-associated components and/or similar components, or the like;
  • the third group of devices can include a remote controller, remote controller-associated components and/or similar components, or the like.
  • Each group of devices corresponds to a device type.
  • Each device type corresponds to a unique device type ID that is used for identifying each group of devices.
  • FIG. 2 is a schematic diagram of a multi-layered key consistent with the disclosure.
  • the authentication apparatus 11 corresponds to a unique authentication key.
  • Each device type corresponds to a device type key
  • each of the at least one device 12 corresponds to a device key.
  • Each device type key can be generated according to the device type ID of the corresponding each device type.
  • the device key of each of the at least one device 12 can be generated, according to the corresponding device ID, the authentication key, and the device type key of the device type to which each of the at least one device 12 belongs.
  • a session key can be established.
  • the at least one device 12 there is no need to divide the at least one device 12 into the plurality of groups.
  • the device key of each of the at least one device 12 can be directly generated based on the corresponding device ID and the authentication key.
  • the device key of each of the at least one device 12 can be generated by a server during a generating process, according to the above-described processes. After being generated, the device key of each of the at least one device 12 can be pre-programmed in a chip of the UAV 1 and/or be solidified in a firmware of the UAV 1 . As such, the security of the UAV 1 can be increased.
  • the controller 14 can be configured to implement and process various types of message commands and data of the UAV 1 .
  • the storage apparatus 13 can be configured to store various types of data of the UAV 1 .
  • the storage apparatus 13 may be a memory externally connected to the UAV 1 or may be a flash memory.
  • FIG. 3 is a block diagram of the UAV authentication system 10 consistent with the disclosure. As shown in FIG. 3 , the UAV authentication system 10 is divided into one or more circuits. In some embodiments, functions of the one or more circuits can be implemented by one or more software programs stored in the storage apparatus 13 and executed by one or more controllers (such as the controller 14 ), such that an authentication between the authentication apparatus 11 of the UAV 1 and each of the at least one device 12 described above can be achieved.
  • controllers such as the controller 14
  • the UAV authentication system 10 provided at the authentication apparatus 11 includes a generating circuit 100 , a first receiving circuit 101 , an acquisition circuit 102 , an encryption circuit 103 , a first sending circuit 104 , and a first determination circuit 105 . Furthermore, the UAV authentication system 10 provided at one of the at least one device 12 includes a second sending circuit 106 , a second receiving circuit 107 , a decryption circuit 108 , and a second determination circuit 109 .
  • FIG. 4 is a flowchart of a UAV authentication method consistent with the disclosure.
  • FIG. 4 illustrates implementation processes of the UAV authentication system 10 at the authentication apparatus 11 .
  • the generating circuit 100 when the UAV 1 is powered up or reset, the generating circuit 100 generates a session key for each of the at least one device 12 .
  • each of the at least one device 12 can provide a randomly generated random number in a plaintext manner and send the device ID and the randomly generated random number to the authentication apparatus 11 in a plaintext manner.
  • the first receiving circuit 101 receives the device ID and the random number sent by each of the at least one device 12 .
  • the acquisition circuit 102 obtains the device key of each of the at least one device 12 according to the device ID of each of the at least one device 12 .
  • the device key and the device ID of each of the at least one device 12 are stored in the storage apparatus 13 .
  • the acquisition circuit 102 can directly read the device key of each of the at least one device 12 from the storage apparatus 13 , according to the device ID of each of the at least one device 12 .
  • the acquisition circuit 102 can generate the device key of each of the at least one device 12 , according to the device ID of each of the at least one device 12 , the authentication key of the authentication apparatus 11 , and the device type key of the device type to which each of the at least one device 12 belongs.
  • the acquisition circuit 102 can directly generate the device key of each of the at least one device 12 , according to the device ID of each of the at least one device 12 and the authentication key. In some embodiments, the device key is generated in real time.
  • the encryption circuit 103 encrypts the session key and the random number, according to the device key of each of the at least one device 12 .
  • the encryption circuit 103 can use an encryption algorithm for performing encryption.
  • the encryption algorithm may be a Triple Data Encryption Algorithm (TDEA), an Advanced Encryption Standard (AES), or the like.
  • An encryption mode can use Counter (CTR) mode, Galois/Counter Mode (GCM) mode, or another mode.
  • CTR Counter
  • GCM Galois/Counter Mode
  • the first sending circuit 104 sends the encrypted session key and the encrypted random number to each of the at least one device 12 .
  • each of the at least one device 12 can decrypt the received encrypted session key and the received encrypted random number based on the device key of each of the at least one device 12 . After decryption, each of the at least one device 12 can send a message command to the authentication apparatus 11 using the session key and the device key.
  • the first receiving circuit 101 receives the message command sent by each of the at least one device 12 .
  • the first determination circuit 105 determines whether an authentication of each of the at least one device 12 is passed according to the received message command.
  • the first determination circuit 105 may check whether the authentication of each of the at least one device 12 is passed by checking the received message command through a Cyclic Redundancy Check (CRC).
  • CRC Cyclic Redundancy Check
  • the received message command can be checked for each of the at least one device 12 .
  • the first determining circuit 105 can determine that corresponding one of the at least one device 12 is not authenticated.
  • the first determining circuit 105 can determine that each of the at least one device 12 is authenticated.
  • the first determination circuit 105 can also determine whether the authentication of each of the at least one device 12 is passed by verifying an integrity of the message command using a Message Digest.
  • the digest generated by the received message command can be compared with the digest generated by the message command sent by each of the at least one device 12 .
  • the first determination circuit 105 can determine that the authentication of each of the at least one device 12 is passed.
  • the first determination circuit 105 can determine that the authentication of the at least one device 12 is failed.
  • the CRC code and Message Digest can be used at the same time to verify the received message command.
  • the processes at S 15 and S 16 can be omitted.
  • FIG. 5 is a flowchart of another UAV authentication method consistent with the disclosure.
  • FIG. 5 illustrates implementation processes of the UAV authentication system 10 at each of the at least one device 12 .
  • the authentication apparatus 11 when the UAV 1 is powered up or reset, the authentication apparatus 11 generates a session key for each of the at least one device 12 , and each of the second sending circuit 106 sends the device ID of each of the second sending circuit 106 and the randomly generated random number to the authentication apparatus 11 in a plaintext manner.
  • the authentication apparatus 11 can encrypt the session key and the random number according to the device key of each of the at least one device 12 .
  • the second receiving circuit 107 of each of the at least one device 12 receives the encrypted session key and the encrypted random number sent by the authentication apparatus 11 .
  • the decryption circuit 108 of each of the at least one device 12 decrypts the received encrypted session key and the received encrypted random number according to the device key of each of the at least one device 12 .
  • the decryption circuit 108 can use an encryption algorithm for encryption.
  • the encryption algorithm may be a Triple Data Encryption Algorithm (TDEA), an Advanced Encryption Standard (AES), or the like.
  • the second determination circuit 109 of each of the at least one device 12 determines whether an authentication with the authentication apparatus 11 by each of the at least one device 12 is passed, according to the decrypted random number and the randomly generated random number.
  • the second determination circuit 109 can determine that the authentication with the authentication apparatus 11 by each of the at least one device 12 is passed and the process at S 34 can be performed.
  • the second determination circuit 109 can determine that the authentication with the authentication apparatus 11 by one of the at least one device 12 is failed.
  • the second sending circuit 106 sends a message command to the authentication apparatus 11 .
  • the second sending circuit 106 can process the message command, according to the decrypted session key and the device key of each of the at least one device 12 and can send the processed message command to the authentication apparatus 11 .
  • the authentication apparatus 11 can verify the integrity and correctness of the received message command using a cyclic redundancy check code and/or a Message Digest.
  • the process at S 34 can be omitted.
  • FIG. 6 is a flowchart of another UAV authentication method consistent with the disclosure.
  • FIG. 7 schematically shows an interaction between the at least one device 12 and the authentication apparatus 11 consistent with the disclosure.
  • FIG. 6 and FIG. 7 illustrate implementation processes of the UAV authentication system 10 at the authentication apparatus 11 and each of the at least one device 12 .
  • the generating circuit 100 when the UAV 1 is powered up or reset, the generating circuit 100 generates a session key for each of the at least one device 12 .
  • the second sending circuit 106 sends the device ID of each of the at least one device 12 and the randomly generated random number to the authentication apparatus 11 .
  • the first receiving circuit 101 receives the device ID and random number sent by each of the at least one device 12 .
  • the acquisition circuit 102 obtains the device key of each of the at least one device 12 , according to the device ID of each of the at least one device 12 .
  • the encryption circuit 103 encrypts the session key and the random number according to the device key of each of the at least one device 12 .
  • the first sending circuit 104 sends the encrypted session key and the encrypted random number to each of the at least one device 12 .
  • the second receiving circuit 107 of each of the at least one device 12 receives the encrypted session key and the encrypted random number sent by the authentication apparatus 11 .
  • the decryption circuit 108 of each of the at least one device 12 decrypts the received encrypted session key and the received encrypted random number according to the device key of each of the at least one device 12 .
  • the second determination circuit 109 of each of the at least one device 12 determines whether the authentication with the authentication apparatus 11 by each of the at least one device 12 is passed, according to the decrypted random number and the randomly generated random number.
  • the second sending circuit 106 of each of the at least one device 12 sends a message command to the authentication apparatus 11 , according to the decrypted session key and the device key of each of the at least one device 12 .
  • the first receiving circuit 101 receives the message command sent by each of the at least one device 12 .
  • the first determination circuit 105 determines whether the authentication of each of the at least one device 12 is passed, according to the received message command.
  • the processes at S 59 -S 61 can be omitted.
  • the UAV authentication system 10 can divide the at least one device 12 into at least two groups including a group of necessary devices and a group of unnecessary devices.
  • the UAV authentication system 10 can prohibit the UAV 1 from starting, when at least one of the necessary devices fails to pass the authentication.
  • the UAV authentication system 10 can start the UAV 1 .
  • the authentication apparatus 11 can inform each of the at least one device 12 to perform key exchange again using feedback information (such as by returning a feedback value or by broadcasting).
  • feedback information such as by returning a feedback value or by broadcasting
  • the one of the at least one device 12 can inform the authentication apparatus 11 to perform key exchange again or to resend the session key using feedback information (such as by returning a feedback value or by broadcasting).
  • the authentication apparatus 11 can be notified to repower-up and perform key exchange again.
  • the authentication apparatus 11 when generating the session key, can generate a command sequence number at the same time, encrypt the session key, the random number, and the command sequence number, according to the device key of each of the at least one device 12 , and send the encrypted session key, the encrypted random number, and the encrypted command sequence number to each of the at least one device 12 .
  • Each of the at least one device 12 can decrypt the received encrypted session key, the received encrypted random number, and the received encrypted command sequence number.
  • the command sequence number can be automatically sent at a preset time interval (e.g., every 20 ms) or every time a command is sent (e.g., between one of the at least one device 12 and another one of the at least one device 12 or between one of the at least one device 12 and the authentication apparatus 11 ) and can be automatically incremented by a preset value (e.g., one).
  • an initial value of the command sequence number can be zero or another preset value.
  • the command sequence number can be automatically incremented each time the command is sent or can be automatically incremented according to the above preset time interval.
  • the generated session key and the generated command sequence number can be stored in the storage apparatus 13 or an external storage apparatus for protection.
  • each of the at least one device 12 can directly read the session key and the command sequence number from the storage apparatus 13 and the process of rekey exchange can be omitted.
  • the command sequence number can be configured to determine whether the message command sent by one of the at least one device 12 or the authentication apparatus 11 to another one of the at least one device 12 is an expired command. When the message command is an expired command, the another one of the at least one device 12 will not respond to the received message command, which will be described in detailed in FIG. 8 .
  • the flight controller of the UAV 1 can be configured to generate a session key for each functional assembly.
  • Each functional assembly i.e., each of the above-described at least one device 12 , such as a camera, a gimbal, a remote controller, or the like, can be configured to send the device ID of each functional assembly and the randomly generated random number to the flight controller.
  • the flight controller can obtain the device key of each functional assembly according to the device ID, encrypt the session key and the random number according to the device key of each functional assembly, and send the encrypted session key and the encrypted random number to each functional assembly.
  • Each functional assembly can decrypt the received encrypted session key and the received encrypted random number according to the device key of each functional assembly, and determine whether the authentication of the flight controller is passed according to the decrypted random numbers and the decrypted randomly generated random numbers.
  • FIG. 8 schematically shows a secure communication between two devices consistent with the disclosure.
  • a first device 61 is to establish a communication connection with a second device 62 .
  • the first device 61 obtains the session key and the command sequence number.
  • the first device 61 receives the encrypted session key, the encrypted random number, and the command sequence number sent by the authentication apparatus 11 during the authentication process with the authentication apparatus 11 .
  • the first device 61 generates a message request to communicate with the second device 62 .
  • the first device 61 updates the acquired command sequence number.
  • the first device 61 uses the session key to encrypt the message request and perform message authorization code (MAC) computation on the message request.
  • the first device 61 sends the encrypted and MAC-computed message request and the updated command sequence number to the second device 62 .
  • MAC message authorization code
  • the session key can include an encryption key and a MAC key correspond to the encryption and the MAC computation, respectively. In some embodiments, the session key can include only one of the encryption key and the MAC key. In some other embodiments, the session key can also include a plurality of other types of session keys in addition to the encryption key and the MAC key.
  • the second device 62 receives a MAC, the encrypted message request, and the updated command sequence number sent by the first device 61 .
  • the second device 62 updates the stored command sequence number.
  • the second device 62 decrypts the encrypted message request using the session key.
  • the second device 62 verifies the received MAC.
  • the second device 62 generates a response message based on the decrypted message request.
  • the second device 62 generates another MAC based on the received command sequence number, the received session key, and the response message.
  • the second device 62 encrypts the response message using the session key.
  • the second device 62 sends the another MAC, the encrypted response message, and the received command sequence number to the first device 61 .
  • the received command sequence number is less than or equal to the command sequence number stored in the storage apparatus of the second device 62 , it indicates that the message request sent by the first device 61 to the second device 62 has been processed and is an expired command. As such, replay attacks can be effectively prevented.
  • the first device 61 can receive the another MAC generated based on the received command sequence number, the session key, and the response message, the encrypted response message, and the command sequence number sent by the second device 62 .
  • the first device 61 can verify the received MAC. When the verification of the MAC is passed, the first device 61 can decrypt the received encrypted response message.

Abstract

An authentication method includes sending, by a device of an unmanned aerial vehicle (UAV), a device identification (ID) of the device and a randomly generated random number to an authentication apparatus of the UAV; receiving, by the device from the authentication apparatus, an encrypted session key and an encrypted random number that are obtained by the authentication apparatus based on the device identification; decrypting, by the device according to a device key of the device, the encrypted session key and the encrypted random number to obtain decrypted session key and decrypted random number, respectively; and determining, by the device, whether an authentication of the authentication apparatus is passed based on the randomly generated random number and the decrypted random number.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation application of application Ser. No. 16/003,799, filed on Jun. 8, 2018, which is a continuation application of International Application No. PCT/CN2015/097046, filed on Dec. 10, 2015, the entire contents of both of which are incorporated herein by reference.
    • TECHNICAL FIELD
  • The present disclosure relates to unmanned aerial vehicle (UAV) security technology and, more particularly, to a UAV authentication method and system.
    • BACKGROUND
  • An unmanned aerial vehicle (UAV) is an unmanned aircraft controlled by a radio remote control device and a programming control device of the UAV. Currently, when the UAV is powered up or reset, components of the UAV are started without authentication. When a component of the UAV is replaced, the replaced component is started without authentication. The replaced component can carry out an attack, causing security risks.
    • SUMMARY
  • In accordance with the disclosure, there is provided an authentication method including that an authentication apparatus of an unmanned aerial vehicle (UAV) generates a session key, the authentication apparatus receives a device identification (ID) of a device and a randomly generated random number from the device of the UAV, the authentication apparatus obtains a device key of the device according to the device ID of the device, the authentication apparatus encrypts the session key and the random number according to the device key of the device, and the authentication apparatus sends the encrypted session key and the encrypted random number to the device.
  • Also in accordance with the disclosure, there is provided a secure communication method including that a first device obtains a session key and a command sequence number, the first device generates a message request to communicate with a second device, the first device updates the command sequence number, the first device encrypts the message request and performs message authorization code (MAC) computation on the message request, and the first device sends the encrypted and MAC-computed message request and the updated command sequence number to the second device.
  • Also in accordance with the disclosure, there is provided a flight controller of an unmanned aerial vehicle (UAV). The flight controller is configured to generate a session key, receive a device ID of a functional assembly of the UAV and a random number, obtain a device key of the functional assembly according to the device ID of the functional assembly, encrypt the session key and the random number according to the device key of the functional assembly, and send the encrypted session key and the encrypted random number to the functional assembly.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a schematic diagram of an application environment of an unmanned aerial vehicle (UAV) authentication system according to the disclosure.
  • FIG. 2 is a schematic diagram of a multi-layered key according to the disclosure.
  • FIG. 3 is a block diagram of a UAV authentication system according to the disclosure.
  • FIG. 4 is a flowchart of a UAV authentication method according to the disclosure.
  • FIG. 5 is a flowchart of another UAV authentication method according to the disclosure.
  • FIG. 6 is a flowchart of another UAV authentication method according to the disclosure.
  • FIG. 7 schematically shows an interaction between at least one device and an authentication apparatus according to the disclosure.
  • FIG. 8 schematically shows a secure communication between two devices according to the disclosure.
    •  DESCRIPTION OF MAIN COMPONENTS AND REFERENCE NUMERALS
    • UAV 1
    • UAV authentication system 10
    • Authentication apparatus 11
    • Device 12
    • Storage apparatus 13
    • Controller 14
    • Generating circuit 100
    • First receiving circuit 101
    • Acquisition circuit 102
    • Encryption circuit 103
    • First sending circuit 104
    • First determination circuit 105
    • Second sending circuit 106
    • Second receiving circuit 107
    • Decryption circuit 108
    • Second determination circuit 109
    • First device 61
    • Second device 62
    DETAILED DESCRIPTION OF THE EMBODIMENTS
  • Technical solutions of the present disclosure will be described with reference to the drawings. It will be appreciated that the described embodiments are some rather than all of the embodiments of the present disclosure. Other embodiments conceived by those having ordinary skills in the art on the basis of the described embodiments without inventive efforts should fall within the scope of the present disclosure.
  • Exemplary embodiments will be described with reference to the accompanying drawings.
  • FIG. 1 is a schematic diagram of an application environment of an unmanned aerial vehicle (UAV) authentication system 10 consistent with the disclosure.
  • As shown in FIG. 1, the UAV authentication system 10 is provided in a UAV 1. The UAV 1 also includes an authentication apparatus 11, at least one device 12, a storage apparatus 13, a controller 14, or the like. The authentication apparatus 11 can include a flight controller of the UAV 1. In some embodiments, the UAV authentication system 10 can be a separate system coupled to the authentication apparatus 11 and the at least one device 12. In some other embodiments, the UAV authentication system 10 can be integrated in the authentication apparatus 11 and the at least one device 12. The authentication apparatus 11, the storage apparatus 13, and the controller 14 can be integrated in the flight controller of the UAV 1. The flight controller (not shown in FIG. 1) of the UAV 1 can be arranged at a fuselage of the UAV 1. The at least one device 12 can include a plurality of components of the UAV 1 or a plurality of functional assemblies of the UAV 1. For example, the plurality of functional assemblies may include one or more of a camera, a gimbal, a remote controller, and a positioning apparatus.
  • In some embodiments, each of the at least one device 12 corresponds to a unique device identification (ID) that is used for identifying each of the at least one device 12. In some embodiments, the at least one device 12 can be divided into a plurality of groups, for example, a first group of devices, a second group of devices, . . . , an Nth group of devices, or the like. Each group of devices can include at least one functional assembly. For example, the first group of devices can include a camera, camera-associated components and/or similar components, or the like; the second group of devices can include a gimbal, gimbal-associated components and/or similar components, or the like; and the third group of devices can include a remote controller, remote controller-associated components and/or similar components, or the like. Each group of devices corresponds to a device type. Each device type corresponds to a unique device type ID that is used for identifying each group of devices.
  • FIG. 2 is a schematic diagram of a multi-layered key consistent with the disclosure. The authentication apparatus 11 corresponds to a unique authentication key. Each device type corresponds to a device type key, and each of the at least one device 12 corresponds to a device key. Each device type key can be generated according to the device type ID of the corresponding each device type. The device key of each of the at least one device 12 can be generated, according to the corresponding device ID, the authentication key, and the device type key of the device type to which each of the at least one device 12 belongs. When the authentication apparatus 11 performs communication authentication with each of at least one device 12, a session key can be established.
  • In some embodiments, there is no need to divide the at least one device 12 into the plurality of groups. The device key of each of the at least one device 12 can be directly generated based on the corresponding device ID and the authentication key.
  • In some embodiments, the device key of each of the at least one device 12 can be generated by a server during a generating process, according to the above-described processes. After being generated, the device key of each of the at least one device 12 can be pre-programmed in a chip of the UAV 1 and/or be solidified in a firmware of the UAV 1. As such, the security of the UAV 1 can be increased.
  • In some embodiments, the controller 14 can be configured to implement and process various types of message commands and data of the UAV 1. The storage apparatus 13 can be configured to store various types of data of the UAV 1. In some embodiments, the storage apparatus 13 may be a memory externally connected to the UAV 1 or may be a flash memory.
  • FIG. 3 is a block diagram of the UAV authentication system 10 consistent with the disclosure. As shown in FIG. 3, the UAV authentication system 10 is divided into one or more circuits. In some embodiments, functions of the one or more circuits can be implemented by one or more software programs stored in the storage apparatus 13 and executed by one or more controllers (such as the controller 14), such that an authentication between the authentication apparatus 11 of the UAV 1 and each of the at least one device 12 described above can be achieved.
  • As shown in FIG. 3, the UAV authentication system 10 provided at the authentication apparatus 11 includes a generating circuit 100, a first receiving circuit 101, an acquisition circuit 102, an encryption circuit 103, a first sending circuit 104, and a first determination circuit 105. Furthermore, the UAV authentication system 10 provided at one of the at least one device 12 includes a second sending circuit 106, a second receiving circuit 107, a decryption circuit 108, and a second determination circuit 109.
  • FIG. 4 is a flowchart of a UAV authentication method consistent with the disclosure. FIG. 4 illustrates implementation processes of the UAV authentication system 10 at the authentication apparatus 11.
  • At S10, when the UAV 1 is powered up or reset, the generating circuit 100 generates a session key for each of the at least one device 12.
  • In some embodiments, each of the at least one device 12 can provide a randomly generated random number in a plaintext manner and send the device ID and the randomly generated random number to the authentication apparatus 11 in a plaintext manner.
  • At S11, the first receiving circuit 101 receives the device ID and the random number sent by each of the at least one device 12.
  • At S12, the acquisition circuit 102 obtains the device key of each of the at least one device 12 according to the device ID of each of the at least one device 12.
  • In some embodiments, the device key and the device ID of each of the at least one device 12 are stored in the storage apparatus 13. The acquisition circuit 102 can directly read the device key of each of the at least one device 12 from the storage apparatus 13, according to the device ID of each of the at least one device 12. In some embodiments, the acquisition circuit 102 can generate the device key of each of the at least one device 12, according to the device ID of each of the at least one device 12, the authentication key of the authentication apparatus 11, and the device type key of the device type to which each of the at least one device 12 belongs. In some other embodiments, when the at least one device 12 is not divided into the plurality of groups, the acquisition circuit 102 can directly generate the device key of each of the at least one device 12, according to the device ID of each of the at least one device 12 and the authentication key. In some embodiments, the device key is generated in real time.
  • At S13, the encryption circuit 103 encrypts the session key and the random number, according to the device key of each of the at least one device 12.
  • In some embodiments, the encryption circuit 103 can use an encryption algorithm for performing encryption. The encryption algorithm may be a Triple Data Encryption Algorithm (TDEA), an Advanced Encryption Standard (AES), or the like. An encryption mode can use Counter (CTR) mode, Galois/Counter Mode (GCM) mode, or another mode.
  • At S14, the first sending circuit 104 sends the encrypted session key and the encrypted random number to each of the at least one device 12.
  • In some embodiments, each of the at least one device 12 can decrypt the received encrypted session key and the received encrypted random number based on the device key of each of the at least one device 12. After decryption, each of the at least one device 12 can send a message command to the authentication apparatus 11 using the session key and the device key.
  • At S15, the first receiving circuit 101 receives the message command sent by each of the at least one device 12.
  • At S16, the first determination circuit 105 determines whether an authentication of each of the at least one device 12 is passed according to the received message command.
  • In some embodiments, the first determination circuit 105 may check whether the authentication of each of the at least one device 12 is passed by checking the received message command through a Cyclic Redundancy Check (CRC). The received message command can be checked for each of the at least one device 12. When an error is detected in the received message command, the first determining circuit 105 can determine that corresponding one of the at least one device 12 is not authenticated. When no error is detected in the received message command of each of the at least one device 12, the first determining circuit 105 can determine that each of the at least one device 12 is authenticated.
  • In some embodiments, the first determination circuit 105 can also determine whether the authentication of each of the at least one device 12 is passed by verifying an integrity of the message command using a Message Digest. The digest generated by the received message command can be compared with the digest generated by the message command sent by each of the at least one device 12. When the digest generated by the received message command is consistent with the digest generated by the message command sent by each of the at least one device 12, the first determination circuit 105 can determine that the authentication of each of the at least one device 12 is passed. When the digest generated by the received message command is inconsistent with the digest generated by the message command sent by each of the at least one device 12, the first determination circuit 105 can determine that the authentication of the at least one device 12 is failed.
  • In some embodiments, the CRC code and Message Digest can be used at the same time to verify the received message command.
  • In some other embodiments, the processes at S15 and S16 can be omitted.
  • FIG. 5 is a flowchart of another UAV authentication method consistent with the disclosure. FIG. 5 illustrates implementation processes of the UAV authentication system 10 at each of the at least one device 12.
  • At S30, when the UAV 1 is powered up or reset, the authentication apparatus 11 generates a session key for each of the at least one device 12, and each of the second sending circuit 106 sends the device ID of each of the second sending circuit 106 and the randomly generated random number to the authentication apparatus 11 in a plaintext manner.
  • In some embodiment, the authentication apparatus 11 can encrypt the session key and the random number according to the device key of each of the at least one device 12.
  • At S31, the second receiving circuit 107 of each of the at least one device 12 receives the encrypted session key and the encrypted random number sent by the authentication apparatus 11.
  • At S32, the decryption circuit 108 of each of the at least one device 12 decrypts the received encrypted session key and the received encrypted random number according to the device key of each of the at least one device 12.
  • In some embodiments, the decryption circuit 108 can use an encryption algorithm for encryption. The encryption algorithm may be a Triple Data Encryption Algorithm (TDEA), an Advanced Encryption Standard (AES), or the like.
  • At S33, the second determination circuit 109 of each of the at least one device 12 determines whether an authentication with the authentication apparatus 11 by each of the at least one device 12 is passed, according to the decrypted random number and the randomly generated random number.
  • In some embodiments, when the decrypted random number is the same as the randomly generated random number of each of the at least one device 12, the second determination circuit 109 can determine that the authentication with the authentication apparatus 11 by each of the at least one device 12 is passed and the process at S34 can be performed. When the decrypted random number is different from the randomly generated random number of one of the at least one device 12, the second determination circuit 109 can determine that the authentication with the authentication apparatus 11 by one of the at least one device 12 is failed.
  • At S34, the second sending circuit 106 sends a message command to the authentication apparatus 11.
  • In some embodiments, the second sending circuit 106 can process the message command, according to the decrypted session key and the device key of each of the at least one device 12 and can send the processed message command to the authentication apparatus 11. The authentication apparatus 11 can verify the integrity and correctness of the received message command using a cyclic redundancy check code and/or a Message Digest.
  • In some other embodiments, the process at S34 can be omitted.
  • FIG. 6 is a flowchart of another UAV authentication method consistent with the disclosure. FIG. 7 schematically shows an interaction between the at least one device 12 and the authentication apparatus 11 consistent with the disclosure. FIG. 6 and FIG. 7 illustrate implementation processes of the UAV authentication system 10 at the authentication apparatus 11 and each of the at least one device 12.
  • At S50, when the UAV 1 is powered up or reset, the generating circuit 100 generates a session key for each of the at least one device 12.
  • At S51, the second sending circuit 106 sends the device ID of each of the at least one device 12 and the randomly generated random number to the authentication apparatus 11.
  • At S52, the first receiving circuit 101 receives the device ID and random number sent by each of the at least one device 12.
  • At S53, the acquisition circuit 102 obtains the device key of each of the at least one device 12, according to the device ID of each of the at least one device 12.
  • At S54, the encryption circuit 103 encrypts the session key and the random number according to the device key of each of the at least one device 12.
  • At S55, the first sending circuit 104 sends the encrypted session key and the encrypted random number to each of the at least one device 12.
  • At S56, the second receiving circuit 107 of each of the at least one device 12 receives the encrypted session key and the encrypted random number sent by the authentication apparatus 11.
  • At S57, the decryption circuit 108 of each of the at least one device 12 decrypts the received encrypted session key and the received encrypted random number according to the device key of each of the at least one device 12.
  • At S58, the second determination circuit 109 of each of the at least one device 12 determines whether the authentication with the authentication apparatus 11 by each of the at least one device 12 is passed, according to the decrypted random number and the randomly generated random number.
  • At S59, when the authentication with the authentication apparatus by each of the at least one device 12 is passed, the second sending circuit 106 of each of the at least one device 12 sends a message command to the authentication apparatus 11, according to the decrypted session key and the device key of each of the at least one device 12.
  • At S60, the first receiving circuit 101 receives the message command sent by each of the at least one device 12.
  • At S61, the first determination circuit 105 determines whether the authentication of each of the at least one device 12 is passed, according to the received message command.
  • In some embodiments, the processes at S59-S61 can be omitted.
  • In some embodiments, the UAV authentication system 10 can divide the at least one device 12 into at least two groups including a group of necessary devices and a group of unnecessary devices. The UAV authentication system 10 can prohibit the UAV 1 from starting, when at least one of the necessary devices fails to pass the authentication. In some embodiments, when all of the at least one device 12 pass the authentication with the authentication apparatus 11 or when at least one necessary device fails to pass the authentication with the authentication apparatus 11, the UAV authentication system 10 can start the UAV 1.
  • In some embodiments, if the authentication apparatus 11 loses power during the authentication process between the authentication apparatus 11 and each of the at least one device 12, the authentication apparatus 11 can inform each of the at least one device 12 to perform key exchange again using feedback information (such as by returning a feedback value or by broadcasting). When one of the at least one device 12 loses power during the authentication process between the authentication apparatus 11 and each of the at least one device 12, the one of the at least one device 12 can inform the authentication apparatus 11 to perform key exchange again or to resend the session key using feedback information (such as by returning a feedback value or by broadcasting). In some embodiments, the authentication apparatus 11 can be notified to repower-up and perform key exchange again.
  • In some embodiments, when generating the session key, the authentication apparatus 11 can generate a command sequence number at the same time, encrypt the session key, the random number, and the command sequence number, according to the device key of each of the at least one device 12, and send the encrypted session key, the encrypted random number, and the encrypted command sequence number to each of the at least one device 12. Each of the at least one device 12 can decrypt the received encrypted session key, the received encrypted random number, and the received encrypted command sequence number. The command sequence number can be automatically sent at a preset time interval (e.g., every 20 ms) or every time a command is sent (e.g., between one of the at least one device 12 and another one of the at least one device 12 or between one of the at least one device 12 and the authentication apparatus 11) and can be automatically incremented by a preset value (e.g., one).
  • In some embodiments, an initial value of the command sequence number can be zero or another preset value. The command sequence number can be automatically incremented each time the command is sent or can be automatically incremented according to the above preset time interval.
  • In some embodiments, the generated session key and the generated command sequence number can be stored in the storage apparatus 13 or an external storage apparatus for protection. When the authentication apparatus 11 undergoes a warm restart during the authentication process, each of the at least one device 12 can directly read the session key and the command sequence number from the storage apparatus 13 and the process of rekey exchange can be omitted. The command sequence number can be configured to determine whether the message command sent by one of the at least one device 12 or the authentication apparatus 11 to another one of the at least one device 12 is an expired command. When the message command is an expired command, the another one of the at least one device 12 will not respond to the received message command, which will be described in detailed in FIG. 8.
  • In some embodiments, the flight controller of the UAV 1 can be configured to generate a session key for each functional assembly. Each functional assembly, i.e., each of the above-described at least one device 12, such as a camera, a gimbal, a remote controller, or the like, can be configured to send the device ID of each functional assembly and the randomly generated random number to the flight controller. The flight controller can obtain the device key of each functional assembly according to the device ID, encrypt the session key and the random number according to the device key of each functional assembly, and send the encrypted session key and the encrypted random number to each functional assembly. Each functional assembly can decrypt the received encrypted session key and the received encrypted random number according to the device key of each functional assembly, and determine whether the authentication of the flight controller is passed according to the decrypted random numbers and the decrypted randomly generated random numbers.
  • FIG. 8 schematically shows a secure communication between two devices consistent with the disclosure. As shown in FIG. 8, a first device 61 is to establish a communication connection with a second device 62. The first device 61 obtains the session key and the command sequence number. In some embodiment, the first device 61 receives the encrypted session key, the encrypted random number, and the command sequence number sent by the authentication apparatus 11 during the authentication process with the authentication apparatus 11. The first device 61 generates a message request to communicate with the second device 62. The first device 61 updates the acquired command sequence number. The first device 61 uses the session key to encrypt the message request and perform message authorization code (MAC) computation on the message request. The first device 61 sends the encrypted and MAC-computed message request and the updated command sequence number to the second device 62.
  • In some embodiments, the session key can include an encryption key and a MAC key correspond to the encryption and the MAC computation, respectively. In some embodiments, the session key can include only one of the encryption key and the MAC key. In some other embodiments, the session key can also include a plurality of other types of session keys in addition to the encryption key and the MAC key.
  • The second device 62 receives a MAC, the encrypted message request, and the updated command sequence number sent by the first device 61. When the received command sequence number is greater than the command sequence number stored in the storage apparatus of the second device 62, the second device 62 updates the stored command sequence number. The second device 62 decrypts the encrypted message request using the session key. The second device 62 verifies the received MAC. When a verification of the received MAC is passed, the second device 62 generates a response message based on the decrypted message request. The second device 62 generates another MAC based on the received command sequence number, the received session key, and the response message. The second device 62 encrypts the response message using the session key. The second device 62 sends the another MAC, the encrypted response message, and the received command sequence number to the first device 61.
  • When the received command sequence number is less than or equal to the command sequence number stored in the storage apparatus of the second device 62, it indicates that the message request sent by the first device 61 to the second device 62 has been processed and is an expired command. As such, replay attacks can be effectively prevented.
  • The first device 61 can receive the another MAC generated based on the received command sequence number, the session key, and the response message, the encrypted response message, and the command sequence number sent by the second device 62. The first device 61 can verify the received MAC. When the verification of the MAC is passed, the first device 61 can decrypt the received encrypted response message.
  • It is intended that the specification and examples be considered as exemplary only and not to limit the scope of the disclosure. Those skilled in the art will be appreciated that any modification or equivalents to the disclosed embodiments are intended to be encompassed within the scope of the present disclosure.

Claims (20)

What is claimed is:
1. An authentication method comprising:
sending, by a device of an unmanned aerial vehicle (UAV), a device identification (ID) of the device and a randomly generated random number to an authentication apparatus of the UAV;
receiving, by the device from the authentication apparatus, an encrypted session key and an encrypted random number that are obtained by the authentication apparatus based on the device identification;
decrypting, by the device according to a device key of the device, the encrypted session key and the encrypted random number to obtain decrypted session key and decrypted random number, respectively; and
determining, by the device, whether an authentication of the authentication apparatus is passed based on the randomly generated random number and the decrypted random number.
2. The method of claim 1, further comprising:
sending, by the device, a message command to the authentication apparatus in response to determining that the authentication of the authentication apparatus is passed.
3. The method of claim 2, further comprising:
generating, by the device, the message command using the decrypted session key and the device key.
4. The method of claim 1, wherein the device key is generated based on at least the device ID of the device.
5. The method of claim 4, wherein the device key is generated based on the device ID of the device and an authentication key of the authentication apparatus.
6. The method of claim 5, wherein:
the device belongs to one of a plurality of groups of devices; and
each of the plurality of groups of devices corresponds to a device type having a device type ID identifying the device type.
7. The method of claim 6, wherein the device key is generated based on the device ID of the device, the authentication key of the authentication apparatus, and a device type key of a device type corresponding to the one of the plurality of groups of devices to which the device belongs.
8. The method of claim 4, wherein the device key is generated in real time.
9. The method of claim 1, wherein the device key is pre-programmed in a storage chip of the UAV and/or solidified in firmware of the UAV.
10. The method of claim 1, wherein determining whether an authentication of the authentication apparatus is passed based on the randomly generated random number and the decrypted random number includes:
determining that the authentication of the authentication apparatus is passed in response to the decrypted random number being consistent with the randomly generated random number; and
determining that the authentication with the authentication apparatus is failed in response to the decrypted random number being inconsistent with the randomly generated random number.
11. The method of claim 1, further comprising:
receiving, from the authentication apparatus, an encrypted command sequence number that is obtained by the authentication apparatus encrypting a command sequence number according to the device key of the device, the command sequence number being generated by the authentication apparatus when a session key corresponding to the encrypted session key is generated; and
decrypting the encrypted command sequence number to obtain decrypted command sequence number.
12. The method of claim 11, wherein:
the command sequence number is automatically incremented by a preset value at a preset time interval or every time a command is sent.
13. The method of claim 1, wherein:
the encrypted session key is obtained by the authentication apparatus by encrypting a session key, the session key being generated by the authentication apparatus for the device in response to the UAV being powered up or reset.
14. The method of claim 1, wherein sending the device ID of the device and the randomly generated random number to the authentication apparatus of the UAV includes:
sending the device ID of the device and the randomly generated random number to the authentication apparatus of the UAV in a plaintext manner.
15. An functional assembly of an unmanned aerial vehicle (UAV), the functional assembly being configured to:
send a device identification (ID) of the functional assembly and a randomly generated random number to a flight controller of the UAV;
receiving, by the functional assembly from the flight controller, an encrypted session key and an encrypted random number that are obtained by the flight controller based on the device identification;
decrypt, according to a device key of the functional assembly, the encrypted session key and the encrypted random number to obtain decrypted session key and decrypted random number, respectively; and
determine whether an authentication of the flight controller is passed based on the randomly generated random number and the decrypted random number.
16. An unmanned aerial vehicle (UAV), comprising:
a flight controller; and
a functional assembly coupled to the flight controller, the functional assembly being configured to:
send a device identification (ID) of the functional assembly and a randomly generated random number to the flight controller;
receive, from the flight controller, an encrypted session key and an encrypted random number that are obtained by the flight controller based on the device identification;
decrypt, according to a device key of the functional assembly, the encrypted session key and the encrypted random number to obtain decrypted session key and decrypted random number, respectively; and
determine whether an authentication of the flight controller is passed based on the randomly generated random number and the decrypted random number.
17. The UAV of claim 16, wherein the functional assembly is further configured to:
send a message command to the flight controller in response to determining that the authentication of the flight controller is passed.
18. The UAV of claim 17, wherein the functional assembly is further configured to:
generate the message command using the decrypted session key and the device key.
19. The UAV of claim 16, wherein the functional assembly is further configured to:
determine that the authentication of the flight controller is passed in response to the decrypted random number being consistent with the randomly generated random number; and
determine that the authentication with the flight controller is failed in response to the decrypted random number being inconsistent with the randomly generated random number.
20. The UAV of claim 16, wherein the functional assembly is further configured to:
receive, from the flight controller, an encrypted command sequence number that is obtained by the flight controller encrypting a command sequence number according to the device key of the functional assembly, the command sequence number being generated by the flight controller when a session key corresponding to the encrypted session key is generated; and
decrypt the encrypted command sequence number to obtain decrypted command sequence number.
US17/125,504 2015-12-10 2020-12-17 Uav authentication method and system Abandoned US20210144007A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US17/125,504 US20210144007A1 (en) 2015-12-10 2020-12-17 Uav authentication method and system

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
PCT/CN2015/097046 WO2017096596A1 (en) 2015-12-10 2015-12-10 Unmanned aerial vehicle authentication method and system, and secure communication method and system
US16/003,799 US10873460B2 (en) 2015-12-10 2018-06-08 UAV authentication method and system
US17/125,504 US20210144007A1 (en) 2015-12-10 2020-12-17 Uav authentication method and system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US16/003,799 Continuation US10873460B2 (en) 2015-12-10 2018-06-08 UAV authentication method and system

Publications (1)

Publication Number Publication Date
US20210144007A1 true US20210144007A1 (en) 2021-05-13

Family

ID=59012436

Family Applications (2)

Application Number Title Priority Date Filing Date
US16/003,799 Active 2036-03-11 US10873460B2 (en) 2015-12-10 2018-06-08 UAV authentication method and system
US17/125,504 Abandoned US20210144007A1 (en) 2015-12-10 2020-12-17 Uav authentication method and system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US16/003,799 Active 2036-03-11 US10873460B2 (en) 2015-12-10 2018-06-08 UAV authentication method and system

Country Status (3)

Country Link
US (2) US10873460B2 (en)
CN (1) CN107113172B (en)
WO (1) WO2017096596A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108848086B (en) * 2018-06-07 2020-10-23 广东工业大学 Authentication method, device, equipment and storage medium for unmanned equipment communication network
CN109144110B (en) * 2018-09-14 2020-11-24 北京领云时代科技有限公司 Unmanned aerial vehicle cluster target tracking system
CN113169959B (en) * 2018-11-15 2023-03-24 华为技术有限公司 Rekeying security alliance SA
WO2020133085A1 (en) * 2018-12-27 2020-07-02 深圳市大疆软件科技有限公司 Information transmission method, storage medium, information transmission system and unmanned aerial vehicle
TWI699990B (en) * 2019-04-02 2020-07-21 俊華電子企業股份有限公司 Lightweight remote control communication protocol signal transmission method

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5196840A (en) * 1990-11-05 1993-03-23 International Business Machines Corporation Secure communications system for remotely located computers
US5937067A (en) * 1996-11-12 1999-08-10 Scientific-Atlanta, Inc. Apparatus and method for local encryption control of a global transport data stream
KR100279522B1 (en) * 1997-11-20 2001-03-02 니시무로 타이죠 Copy protection device and information recording medium used in such a copy protection device
US20040218762A1 (en) * 2003-04-29 2004-11-04 Eric Le Saint Universal secure messaging for cryptographic modules
US20030053629A1 (en) * 2001-09-14 2003-03-20 Koninklijke Philips Electronics N.V. USB authentication interface
US20090210695A1 (en) * 2005-01-06 2009-08-20 Amir Shahindoust System and method for securely communicating electronic documents to an associated document processing device
CN101272251B (en) * 2007-03-22 2012-04-18 华为技术有限公司 Authentication and cryptographic key negotiation method, authentication method, system and equipment
US8379854B2 (en) * 2007-10-09 2013-02-19 Alcatel Lucent Secure wireless communication
CN101330420A (en) * 2008-07-24 2008-12-24 中兴通讯股份有限公司 Authentication method and device, mobile terminal
KR101031977B1 (en) * 2008-08-29 2011-04-29 경희대학교 산학협력단 Method for authenticating device with encrypted authentication ticket
KR101574618B1 (en) * 2008-09-24 2015-12-04 파나소닉 주식회사 Recordingreproducing system recording medium device and recordingreproducing device
CN101378320B (en) * 2008-09-27 2011-09-28 北京数字太和科技有限责任公司 Authentication method and system
US20100332832A1 (en) * 2009-06-26 2010-12-30 Institute For Information Industry Two-factor authentication method and system for securing online transactions
TWI519098B (en) * 2009-12-28 2016-01-21 內數位專利控股公司 Machine-to-machine gateway architecture
CN101782891B (en) * 2010-03-26 2013-12-11 中兴通讯股份有限公司 Method and system for communication of distributed system
US8644512B2 (en) * 2011-03-17 2014-02-04 Massachusetts Institute Of Technology Mission planning interface for accessing vehicle resources
US9165146B2 (en) * 2011-08-26 2015-10-20 Panasonic Intellectual Property Management Co., Ltd. Content management device and content management method
EP2903202A4 (en) * 2012-09-28 2015-11-04 Fujitsu Ltd Information processing device and semiconductor device
JP6301579B2 (en) * 2012-12-03 2018-03-28 フェリカネットワークス株式会社 COMMUNICATION TERMINAL, COMMUNICATION METHOD, PROGRAM, AND COMMUNICATION SYSTEM
US8938792B2 (en) * 2012-12-28 2015-01-20 Intel Corporation Device authentication using a physically unclonable functions based key generation system
US9766322B2 (en) * 2013-03-14 2017-09-19 Ensco, Inc. Geolocation with radio-frequency ranging
US9959403B2 (en) * 2013-07-03 2018-05-01 Megachips Corporation Information processing system for mutual authentication between communication device and storage
CN103560886B (en) * 2013-11-04 2016-08-17 北京旋极信息技术股份有限公司 Authentication method for electronic signature equipment
KR101475629B1 (en) * 2013-11-22 2014-12-22 인하공업전문대학산학협력단 Control apparatus for exchange of unmanned aerial vehicle and method thereof
JP6187251B2 (en) * 2013-12-27 2017-08-30 富士通株式会社 Data communication method and data communication apparatus
EP2903204A1 (en) * 2014-02-03 2015-08-05 Tata Consultancy Services Limited A computer implemented system and method for lightweight authentication on datagram transport for internet of things
CN104519066B (en) * 2014-12-23 2017-11-28 飞天诚信科技股份有限公司 A kind of method for activating mobile terminal token
CN107409051B (en) * 2015-03-31 2021-02-26 深圳市大疆创新科技有限公司 Authentication system and method for generating flight controls
US9836047B2 (en) * 2015-06-10 2017-12-05 Kespry, Inc. Aerial vehicle data communication system
US20190103030A1 (en) * 2015-06-12 2019-04-04 Airspace Systems, Inc. Aerial vehicle identification beacon and reader system
CN106326763B (en) * 2015-06-15 2020-01-14 阿里巴巴集团控股有限公司 Method and device for acquiring electronic file
US20170063853A1 (en) * 2015-07-10 2017-03-02 Infineon Technologies Ag Data cipher and decipher based on device and data authentication
CN105162772B (en) * 2015-08-04 2019-03-15 三星电子(中国)研发中心 A kind of internet of things equipment certifiede-mail protocol method and apparatus
KR20180039102A (en) * 2015-08-25 2018-04-17 후아웨이 테크놀러지 컴퍼니 리미티드 Method of transmitting data packets, apparatuses, systems, and node devices
US20170070353A1 (en) * 2015-09-08 2017-03-09 Gemalto Inc. Method of managing credentials in a server and a client system
CN106603234A (en) * 2015-10-14 2017-04-26 阿里巴巴集团控股有限公司 Method, device and system for device identity authentication
US20180012196A1 (en) * 2016-07-07 2018-01-11 NextEv USA, Inc. Vehicle maintenance manager
RU2704268C1 (en) * 2018-05-18 2019-10-25 Общество с ограниченной ответственностью Фирма "Анкад" Method, system and device for cryptographic protection of communication channels of unmanned aerial systems
CN108989020B (en) * 2018-07-20 2021-04-13 山东大学 Unmanned aerial vehicle ad hoc network Sybil attack defense method and system

Also Published As

Publication number Publication date
CN107113172A (en) 2017-08-29
WO2017096596A1 (en) 2017-06-15
US10873460B2 (en) 2020-12-22
CN107113172B (en) 2019-03-29
US20180294964A1 (en) 2018-10-11

Similar Documents

Publication Publication Date Title
US20210144007A1 (en) Uav authentication method and system
US10833853B2 (en) Method and device for secure communication
CN110326252B (en) Secure provisioning and management of devices
US10581589B2 (en) Method for the authentication of a first electronic entity by a second electronic entity, and electronic entity implementing such a method
US20180295110A1 (en) Flight data exchanging, transmitting, and receiving method and system, memory, and aerial vehicle
EP3247087B1 (en) User-initiated migration of encryption keys
TWI636373B (en) Method and device for authorizing between devices
CN106850207B (en) Identity identifying method and system without CA
CN103136463A (en) System and method for temporary secure boot process of an electronic device
US11159329B2 (en) Collaborative operating system
CN111181723B (en) Method and device for offline security authentication between Internet of things devices
US20160352702A1 (en) System and Method for Resetting Passwords on Electronic Devices
US11516194B2 (en) Apparatus and method for in-vehicle network communication
KR102435030B1 (en) Secure Drone communication protocol
KR20170017455A (en) Mutual authentication method between mutual authentication devices based on session key and token, mutual authentication devices
CN116530117A (en) WiFi security authentication method and communication device
CN111291398A (en) Block chain-based authentication method and device, computer equipment and storage medium
CN112182551B (en) PLC equipment identity authentication system and PLC equipment identity authentication method
US20220209946A1 (en) Key revocation for edge devices
KR20200043855A (en) Method and apparatus for authenticating drone using dim
US11570008B2 (en) Pseudonym credential configuration method and apparatus
TWI559165B (en) Wireless authentication system and wireless authentication method
US11546176B2 (en) System and method for authentication and cryptographic ignition of remote devices
US20170222810A1 (en) User permission check system
US20240073684A1 (en) Electronic device for providing bidirectional key agreement protocol and operating method thereof

Legal Events

Date Code Title Description
AS Assignment

Owner name: SZ DJI TECHNOLOGY CO., LTD., CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:CHEN, YONGSEN;GONG, MING;CHEN, MING;AND OTHERS;SIGNING DATES FROM 20180608 TO 20180619;REEL/FRAME:054685/0122

STPP Information on status: patent application and granting procedure in general

Free format text: APPLICATION DISPATCHED FROM PREEXAM, NOT YET DOCKETED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STCB Information on status: application discontinuation

Free format text: EXPRESSLY ABANDONED -- DURING EXAMINATION