Secure Autonomous UAVs Fleets by Using New Specific Embedded Secure Elements

Unmanned Aerial Vehicles (UAVs) fleets are becoming more apparent in both military and civilian applications. However security of these systems still remains unsatisfactory if a strong adversary model with a high attack potential (i.e. the adversary has capabilities and knowledge to capture a UAV, to perform side-channel or fault injection or other physical, software or combined attacks in order to gain access to some secret data like cryptographic keys, mission plan, etc.) is considered. The aim of this position paper is to draw security requirements for this kind of adversaries and to propose theoretical solutions based on an embedded Secure Element (SE) that could help to accommodate these requirements. Finally, our proposal on how to use these SEs to secure Autonomous UAVs fleets is presented.

[1]  Dakshi Agrawal,et al.  Multi-channel Attacks , 2003, CHES.

[2]  JeaHoon Park,et al.  Side-Channel Attacks against ARIA on Active RFID Device , 2007, 2007 International Conference on Convergence Information Technology (ICCIT 2007).

[3]  Erik Poll,et al.  Malicious Code on Java Card Smartcards: Attacks and Countermeasures , 2008, CARDIS.

[4]  Roberto Beraldi,et al.  A swarm of robots using RFID tags for synchronization and cooperation , 2009, Int. J. Intell. Comput. Cybern..

[5]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[6]  Keith Mayes,et al.  Remote Attestation Mechanism based on Physical Unclonable Functions , 2013 .

[7]  A. Godin,et al.  Secure cooperative ad hoc applications within UAV fleets position paper , 2009, MILCOM 2009 - 2009 IEEE Military Communications Conference.

[8]  Marc F. Witteman,et al.  Reverse Engineering Java Card Applets Using Power Analysis , 2007, WISTP.

[9]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[10]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[11]  Liaoyuan Zeng,et al.  A Bandwidth based Adaptive Fuzzy Logic Handoff in IEEE 802.16 and IEEE 802.11 Hybrid Networks , 2007 .

[12]  James A. Muir,et al.  Techniques of Side Channel Cryptanalysis , 2001 .

[13]  Christof Paar,et al.  Wireless security threats: Eavesdropping and detecting of active RFIDs and remote controls in the wild , 2011, SoftCOM 2011, 19th International Conference on Software, Telecommunications and Computer Networks.

[14]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[15]  Damien Sauveron,et al.  Some security problems raised by open multiapplication smart cards , 2005 .

[16]  Peter I. Corke,et al.  Toward trusted wireless sensor networks , 2010, TOSN.

[17]  Keith Mayes,et al.  Cross-Platform Application Sharing Mechanism , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[18]  Christof Paar,et al.  Black-Box Side-Channel Attacks Highlight the Importance of Countermeasures - An Analysis of the Xilinx Virtex-4 and Virtex-5 Bitstream Encryption Mechanism , 2012, CT-RSA.

[19]  Emin Anarim,et al.  HIMUTSIS: Hierarchical Multi-tier Adaptive Ad-Hoc Network Security Protocol Based on Signcryption Type Key Exchange Schemes , 2006, ISCIS.

[20]  Colin Percival CACHE MISSING FOR FUN AND PROFIT , 2005 .

[21]  Keith Mayes,et al.  Recovering from a Lost Digital Wallet , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[22]  Andrzej Bialas,et al.  Common Criteria Related Security Design Patterns—Validation on the Intelligent Sensor Example Designed for Mine Environment , 2010, Sensors.

[23]  Serge Chaumette,et al.  The Mobile Java Card Grid Project , 2006 .

[24]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[25]  C. D. Walter,et al.  Distinguishing Exponent Digits by Observing Modular Subtractions , 2001, CT-RSA.

[26]  Serge Chaumette,et al.  Wireless Sensor Nodes , 2014, Secure Smart Embedded Devices, Platforms and Applications.

[27]  Damien Sauveron,et al.  MANETs: An Exclusive Choice Between Use and Security? , 2008, Comput. Informatics.

[28]  Pierre Dusart,et al.  Differential Fault Analysis on A.E.S , 2003, ACNS.

[29]  Andrzej Bialas,et al.  Intelligent Sensors Security , 2010, Sensors.

[30]  Guillaume Barbu,et al.  New Countermeasures against Fault and Software Type Confusion Attacks on Java Cards , 2014, WISTP.

[31]  Hassan Aly,et al.  Attacking AES Using Bernstein's Attack on Modern Processors , 2013, AFRICACRYPT.

[32]  Eltayeb Salih Abuelyaman,et al.  Differential Fault Analysis , 2005, International Conference on Internet Computing.

[33]  Keith Mayes,et al.  A Paradigm Shift in Smart Card Ownership Model , 2010, 2010 International Conference on Computational Science and Its Applications.

[34]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[35]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[36]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[37]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[38]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[39]  Thomas S. Messerges,et al.  Using Second-Order Power Analysis to Attack DPA Resistant Software , 2000, CHES.

[40]  Serge Chaumette,et al.  SCUAL, swarm of communicating UAVs at LaBRI: An open UAVNet testbed , 2011, 2011 The 14th International Symposium on Wireless Personal Multimedia Communications (WPMC).

[41]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[42]  Elisabeth Oswald,et al.  Practical Template Attacks , 2004, WISA.

[43]  Christophe Giraud,et al.  A Survey on Fault Attacks , 2004, CARDIS.

[44]  Keith Mayes,et al.  Trusted Platform Module for Smart Cards , 2014, 2014 6th International Conference on New Technologies, Mobility and Security (NTMS).

[45]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[46]  Enar Reilent,et al.  RFID-based Communications for a Self-Organising Robot Swarm , 2008, 2008 Second IEEE International Conference on Self-Adaptive and Self-Organizing Systems.

[47]  Keith Mayes,et al.  Remote Attestation Mechanism for User Centric Smart Cards Using Pseudorandom Number Generators , 2013, ICICS.

[48]  Adrian N Phillips,et al.  A Secure Group Communication Architecture for a Swarm of Autonomous Unmanned Aerial Vehicles , 2012 .

[49]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[50]  Eric Vétillard,et al.  Combined Attacks and Countermeasures , 2010, CARDIS.

[51]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[52]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[53]  Haiyun Luo,et al.  Adaptive Security for Multi-layer Ad-hoc Networks , 2002 .

[54]  Raphael Spreitzer,et al.  Towards More Practical Time-Driven Cache Attacks , 2014, WISTP.

[55]  Keith Mayes,et al.  A Dynamic and Ubiquitous Smart Card Security Assurance and Validation Mechanism , 2010, SEC.

[56]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[57]  Haiyun Luo,et al.  Adaptive security for multilevel ad hoc networks , 2002, Wirel. Commun. Mob. Comput..