research-article

A provably secure and lightweight authentication scheme for Internet of Drones for smart city surveillance

Authors:

Mahdi Nikooghadam,

Haleh Amintoosi,

SK Hafizul Islam,

Mostafa Farhadi MoghadamAuthors Info & Claims

Volume 115, Issue C

https://doi.org/10.1016/j.sysarc.2020.101955

Published: 01 May 2021 Publication History

Abstract

Smart cities are made of different interconnected components that exchange data and facilitate the urban living for citizens. Unmanned Aerial Vehicles, known as drones, are components used in various civilian applications, such as agriculture, package delivery, and surveillance. To enhance drone’s flying safety and quality of service, a promising idea is to construct the Internet-of-Drones, where the drones are employed to collect the information, and citizens communicate with the drones of a particular flying zone via their mobile devices to obtain the data in real-time. However, due to the high sensitivity of the information, and the openness of communication media, privacy and security issues should be addressed. Specifically, an efficient and secure authentication scheme is needed to enable users and drones to authenticate each other and share a session key. Due to the drone’s limited resources and energy, the authentication scheme should be efficient regarding the computation overhead while providing high security. In this article, we devise a secure authentication scheme based on elliptic curve for drones to secure smart city surveillance. We demonstrate that our scheme is provably secure in the random oracle model, supporting the security requirements and resisting known attacks while incurring low computation and communication costs.

Graphical abstract

Display Omitted

Highlights

•

We devise an authentication scheme for IoD environments to provide a safe and smart-life for citizens in a smart city.

•

The proposed protocol is provably secure in the Random Oracle Model.

•

The security of the proposed protocol is validated formally through the Scyther tool.

•

The proposed protocol provides resistance against well-known potential security attacks.

•

The performance analysis showed that proposed protocol is more efficient than other competing protocols.

References

[1]

Statista, 2020, URL https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/Statistica (Accessed on September).

[2]

Nikooghadam M., Amintoosi H., Kumari S., A provably secure ecc-based roaming authentication scheme for global mobility networks, J. Inf. Secur. Appl. 54 (2020),. URL http://www.sciencedirect.com/science/article/pii/S2214212620307572.

[3]

Sharma V., Song F., You I., Atiquzzaman M., Energy efficient device discovery for reliable communication in 5g-based iot and bsns using unmanned aerial vehicles, J. Netw. Comput. Appl. 97 (2017) 79–95.

Digital Library

[4]

Chen Y.-J., Wang L.-C., Privacy protection for internet of drones: A network coding approach, IEEE Internet Things J. 6 (2) (2018) 1719–1730.

[5]

Aggarwal S., Kumar N., Path planning techniques for unmanned aerial vehicles: A review, solutions, and challenges, Comput. Commun. 149 (2020) 270–299.

Digital Library

[6]

Cuffari B., Using sensors in drones, 2020, https://www.azosensors.com/article.aspx?ArticleID=1149 (Accessed: 2020-08-26).

[7]

Ever Y.K., A secure authentication scheme framework for mobile-sinks used in the internet of drones applications, Comput. Commun. (2020).

[8]

Sa I., Hrabar S., Corke P., Outdoor flight testing of a pole inspection uav incorporating high-speed vision, in: Field and Service Robotics, Springer, 2015, pp. 107–121.

[9]

Tian Y., Yuan J., Song H., Efficient privacy-preserving authentication framework for edge-assisted internet of drones, J. Inf. Secur. Appl. 48 (2019).

[10]

Al-Turjman F., Ever Y.K., Ever E., Nguyen H.X., David D.B., Seamless key agreement framework for mobile-sink in iot based cloud-centric secured public safety sensor networks, IEEE Access 5 (2017) 24617–24631.

[11]

Ever Y.K., Secure-anonymous user authentication scheme for e-healthcare application using wireless medical sensor networks, IEEE Syst. J. 13 (1) (2018) 456–467.

[12]

S.-H. Seo, J. Won, E. Bertino, Y. Kang, D. Choi, A security framework for a drone delivery service, in: Proceedings of the 2nd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications for Civilian Use, 2016, pp. 29–34.

[13]

Farash M.S., Turkanović M., Kumari S., Hölbl M., An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment, Ad Hoc Netw. 36 (2016) 152–176.

Digital Library

[14]

Turkanović M., Brumen B., Hölbl M., A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the internet of things notion, Ad Hoc Netw. 20 (2014) 96–112.

[15]

Amin R., Islam S.H., Biswas G., Khan M.K., Leng L., Kumar N., Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks, Comput. Netw. 101 (2016) 42–62.

Digital Library

[16]

Seo S.-H., Won J., Bertino E., Pclsc-tkem: a pairing-free certificateless signcryption-tag key encapsulation mechanism for a privacy-preserving IoT., Trans. Data Priv. 9 (2) (2016) 101–130.

[17]

Jiang Q., Zeadally S., Ma J., He D., Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks, IEEE Access 5 (2017) 3376–3392.

[18]

Challa S., Wazid M., Das A.K., Kumar N., Reddy A.G., Yoon E.-J., Yoo K.-Y., Secure signature-based authenticated key establishment scheme for future IoT applications, IEEE Access 5 (2017) 3028–3043.

[19]

Tai W.-L., Chang Y.-F., Li W.-H., An IoT notion–based authentication and key agreement scheme ensuring user anonymity for heterogeneous ad hoc wireless sensor networks, J. Inf. Secur. Appl. 34 (2017) 133–141.

[20]

Cheon J.H., Han K., Hong S.-M., Kim H.J., Kim J., Kim S., Seo H., Shim H., Song Y., Toward a secure drone system: Flying with real-time homomorphic authenticated encryption, IEEE Access 6 (2018) 24325–24339.

[21]

Wang C., Zhu Y., Shi W., Chang V., Vijayakumar P., Liu B., Mao Y., Wang J., Fan Y., A dependable time series analytic framework for cyber-physical systems of iot-based smart grid, ACM Trans. Cyber-Phys. Syst. 3 (1) (2018) 1–18.

[22]

Zhang L., Zhao L., Yin S., Chi C.-H., Liu R., Zhang Y., A lightweight authentication scheme with privacy protection for smart grid communications, Future Gener. Comput. Syst. 100 (2019) 770–778.

[23]

Roy S., Chatterjee S., Das A.K., Chattopadhyay S., Kumari S., Jo M., Chaotic map-based anonymous user authentication scheme with user biometrics and fuzzy extractor for crowdsourcing internet of things, IEEE Internet Things J. 5 (4) (2017) 2884–2895.

[24]

Wazid M., Das A.K., Odelu V., Kumar N., Conti M., Jo M., Design of secure user authenticated key management protocol for generic iot networks, IEEE Internet Things J. 5 (1) (2017) 269–282.

[25]

Srinivas J., Das A.K., Kumar N., Rodrigues J.J., TCALAS: Temporal credential-based anonymous lightweight authentication scheme for internet of drones environment, IEEE Trans. Veh. Technol. 68 (7) (2019) 6903–6916.

[26]

Ali Z., Chaudhry S.A., Ramzan M.S., Al-Turjman F., Securing smart city surveillance: a lightweight authentication mechanism for unmanned vehicles, IEEE Access 8 (2020) 43711–43724.

[27]

Teng L., Jianfeng M., Pengbin F., Yue M., Xindi M., Jiawei Z., Gao C., Di L., Lightweight security authentication mechanism towards UAV networks, in: 2019 International Conference on Networking and Network Applications (NaNA), IEEE, 2019, pp. 379–384.

[28]

Bera B., Chattaraj D., Das A.K., Designing secure blockchain-based access control scheme in iot-enabled internet of drones deployment, Comput. Commun. 153 (2020) 229–249.

[29]

Cichella V., Choe R., Mehdi B.S., Xargay E., Hovakimyan N., Trujillo A.C., Kaminer I., Trajectory generation and collision avoidance for safe operation of cooperating uavs, in: AIAA Guidance, Navigation, and Control Conference, 2014, p. 0972.

[30]

Wazid M., Das A.K., Lee J.-H., Authentication protocols for the internet of drones: taxonomy, analysis and future directions, J. Ambient Intell. Humaniz. Comput. (2018) 1–10.

[31]

He D., Zhang Y., Wang D., Choo K.-K.R., Secure and efficient two-party signing protocol for the identity-based signature scheme in the ieee p1363 standard for public key cryptography, IEEE Trans. Dependable Secure Comput. 17 (5) (2020) 1124–1132.

[32]

Feng Q., He D., Liu Z., Wang D., Choo K.-K.R., Distributed signing protocol for ieee p1363-compliant identity-based signature scheme, IET Inf. Secur. 14 (4) (2020) 443–451.

[33]

Zhang Y., He D., Huang X., Wang D., Choo K.-K.R., Wang J., White-box implementation of the identity-based signature scheme in the ieee p1363 standard for public key cryptography, IEICE Trans. Inf. Syst. E103–D (2) (2020) 188–195.

[34]

Dolev D., Yao A., On the security of public key protocols, IEEE Trans. Inform. Theory 29 (2) (1983) 198–208.

Digital Library

[35]

Canetti R., Krawczyk H., Universally composable notions of key exchange and secure channels, in: International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2002, pp. 337–351.

[36]

Cremers C.J.F., Scyther: Semantics and verification of security protocols, Eindhoven university of Technology Eindhoven, Netherlands, 2006.

[37]

Zhang Y., He D., Li L., Chen B., A lightweight authentication and key agreement scheme for internet of drones, Comput. Commun. (2020).

[38]

Gharibi M., Boutaba R., Waslander S.L., Internet of drones, IEEE Access 4 (2016) 1148–1162.

[39]

Motlagh N.H., Taleb T., Arouk O., Low-altitude unmanned aerial vehicles-based internet of things services: Comprehensive survey and future perspectives, IEEE Internet Things J. 3 (6) (2016) 899–922.

[40]

Islam S.H., Design and analysis of an improved smartcard-based remote user password authentication scheme, Int. J. Commun. Syst. 29 (2016) 1708–1719.

[41]

Kocher P., Jaffe J., Jun B., Differential power analysis, in: Proceedings of Advances in Cryptology (Crypto’99), in: LNCS, 1999, pp. 388–397.

[42]

Messerges T., Dabbish E.A., Sloan R.H., Examining smart-card security under the threat of power analysis attacks, IEEE Trans. Comput. 51 (5) (2002) 541–552.

Digital Library

[43]

Joye M., Olivier F., Side-Channel Analysis: Encyclopedia of Cryptography and Security, Kluwer Academic Publishers, 2005, pp. 541–552.

[44]

Kompara M., Islam S.H., Hölbl M., A robust and efficient mutual authentication and key agreement scheme with untraceability for wbans, Comput. Netw. 148 (1) (2019) 196–213.

[45]

Shoup V., Sequences of games: A tool for taming complexity in security proofs, 2004, URL http://eprint.iacr.org/2004/332.

[46]

Cremers C.J., Lafourcade P., Nadeau P., Comparing state spaces in automatic security protocol analysis, in: Formal to Practical Security, Springer, 2009, pp. 70–94.

[47]

Nikooghadam M., Amintoosi H., Perfect forward secrecy via an ecc-based authentication scheme for sip in voip, J. Supercomput. 76 (4) (2020) 3086–3104.

[48]

Luo M., Luo Y., Wan Y., Wang Z., Secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the iot, Secur. Commun. Netw. 2018 (2018).

[49]

Porambage P., Schmitt C., Kumar P., Gurtov A., Ylianttila M., Two-phase authentication protocol for wireless sensor networks in distributed iot applications, in: 2014 IEEE Wireless Communications and Networking Conference (WCNC), Ieee, 2014, pp. 2728–2733.

[50]

Singh J., Gimekar A., Venkatesan S., An efficient lightweight authentication scheme for human-centered industrial internet of things, Int. J. Commun. Syst. (2019).

[51]

Won J., Seo S.-H., Bertino E., Certificateless cryptographic protocols for efficient drone-based smart city applications, IEEE Access 5 (2017) 3721–3749.

[52]

Malani S., Srinivas J., Das A.K., Srinathan K., Jo M., Certificate-based anonymous device access control scheme for iot environment, IEEE Internet Things J. 6 (6) (2019) 9762–9773.

[53]

Wu L., Wang J., Choo K.-K.R., He D., Secure key agreement and key protection for mobile device user authentication, IEEE Trans. Inf. Forensics Secur. 14 (2) (2018) 319–330.

[54]

Ravanbakhsh N., Mohammadi M., Nikooghadam M., Perfect forward secrecy in voip networks through design a lightweight and secure authenticated communication scheme, Multimedia Tools Appl. 78 (9) (2019) 11129–11153.

[55]

Xu L., Wu F., Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care, J. Med. Syst. 39 (2) (2015) 10.

[56]

Kumari S., Karuppiah M., Das A.K., Li X., Wu F., Gupta V., Design of a secure anonymity-preserving authentication scheme for session initiation protocol using elliptic curve cryptography, J. Ambient Intell. Humaniz. Comput. 9 (3) (2018) 643–653.

Cited By

Mekdad YAris AAcar AConti MLazzeretti RFergougui AUluagac S(2024)A comprehensive security and performance assessment of UAV authentication schemesSecurity and Privacy10.1002/spy2.3387:1Online publication date: 9-Jan-2024
Ma RCao JHe SZhang YNiu BLi H(2023)A UAV-Assisted UE Access Authentication Scheme for 5G/6G NetworkIEEE Transactions on Network and Service Management10.1109/TNSM.2023.334182921:2(2426-2444)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3341829
Aissaoui RDeneuville JGuerber CPirovano A(2023)A survey on cryptographic methods to secure communications for UAV traffic managementVehicular Communications10.1016/j.vehcom.2023.10066144:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.vehcom.2023.100661
Show More Cited By

Recommendations

Secure remote user authentication scheme using bilinear pairings
WISTP'07: Proceedings of the 1st IFIP TC6 /WG8.8 /WG11.2 international conference on Information security theory and practices: smart cards, mobile and ubiquitous computing systems

In 2006, Das et al. proposed a remote user authentication scheme using the properties of bilinear pairings. The current paper, however, demonstrates that Das et al.'s scheme is still vulnerable to an impersonation attack and an off-line password ...
Design of a secure smart card-based multi-server authentication scheme

Traditional two party client server authentication protocol may not provide a scalable solution for present network environments where personal and ubiquitous computing technologies are involved as it is now becoming multi-server based. To achieve ...
A new provably secure authentication and key agreement mechanism for SIP using certificateless public-key cryptography

The session initiation protocol (SIP) is considered as the dominant signaling protocol for calls over the Internet. However, SIP authentication typically uses HTTP digest authentication, which is vulnerable to many forms of known attacks. This paper ...

Comments

Information & Contributors

Information

Published In

cover image Journal of Systems Architecture: the EUROMICRO Journal

Journal of Systems Architecture: the EUROMICRO Journal Volume 115, Issue C

May 2021

267 pages

ISSN:1383-7621

Issue’s Table of Contents

Elsevier B.V.

Publisher

Elsevier North-Holland, Inc.

United States

Publication History

Published: 01 May 2021

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 10 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mekdad YAris AAcar AConti MLazzeretti RFergougui AUluagac S(2024)A comprehensive security and performance assessment of UAV authentication schemesSecurity and Privacy10.1002/spy2.3387:1Online publication date: 9-Jan-2024
Ma RCao JHe SZhang YNiu BLi H(2023)A UAV-Assisted UE Access Authentication Scheme for 5G/6G NetworkIEEE Transactions on Network and Service Management10.1109/TNSM.2023.334182921:2(2426-2444)Online publication date: 12-Dec-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3341829
Aissaoui RDeneuville JGuerber CPirovano A(2023)A survey on cryptographic methods to secure communications for UAV traffic managementVehicular Communications10.1016/j.vehcom.2023.10066144:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.vehcom.2023.100661
Wu FLi X(2023)Cloud‐assisted authentication scheme supporting dynamic pseudo‐identity for autonomous vehiclesTransactions on Emerging Telecommunications Technologies10.1002/ett.474534:5Online publication date: 5-May-2023
https://dl.acm.org/doi/10.1002/ett.4745
Shah TAlgarni FUllah IAbdullah ANoor FAsghar Khan M(2022)Cost-Efficient Privacy-Preserving Authentication and Key Management Scheme for Internet of Vehicle EcosystemComplexity10.1155/2022/84066492022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/8406649
Xia THe J(2022)An Identity Authentication Scheme Based on SM2 Algorithm in UAV Communication NetworkWireless Communications & Mobile Computing10.1155/2022/75377642022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/7537764
Zhang JYang MZhao CLiu C(2022)A New Type of Unmanned Aerial Vehicle Visualization Application Algorithm: Pesticides are Effectively Used When SprayingProceedings of the 4th World Symposium on Software Engineering10.1145/3568364.3568369(28-33)Online publication date: 28-Sep-2022
https://dl.acm.org/doi/10.1145/3568364.3568369

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents