TCALAS: Temporal Credential-Based Anonymous Lightweight Authentication Scheme for Internet of Drones Environment

A user (external party) is interested in accessing the real-time data from some designated drones of a particular fly zone in the Internet of Drones (IoD) deployment. However, to provide this facility, the user needs to be authenticated by an accessed remote drone and vice-versa. After successful authentication both parties can establish a secret session key for the secure communication. To handle this important problem in IoD environment, we design a novel temporal credential based anonymous lightweight user authentication mechanism for IoD environment, called TCALAS. A detailed security analysis using formal security under the broadly applied real-or-random (ROR) model, formal security verification under the broadly used software verification tool, known as automated validation of internet security protocols and applications, and also informal security analysis reveal that TCALAS has the capability to resist various known attacks against passive/active adversary. In addition, a detailed comparative study has been conducted for TCALAS and other related schemes, and the study also reveals that TCALAS provides better security and functionality features, and lower costs in both computation and communication as compared to existing schemes.

[1]  Joseph A Marty Vulnerability Analysis of the MAVLink Protocol for Command and Control of Unmanned Aircraft , 2013 .

[2]  Ting-Yi Chang,et al.  Ephemeral-Secret-Leakage Secure ID-Based Three-Party Authenticated Key Agreement Protocol for Mobile Distributed Computing Environments , 2018, Symmetry.

[3]  Sanjay Jha,et al.  MTRA: Multi-Tier randomized remote attestation in IoT networks , 2019, Comput. Secur..

[4]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[5]  Athanasios V. Vasilakos,et al.  Design and Analysis of Secure Lightweight Remote User Authentication and Key Agreement Scheme in Internet of Drones Deployment , 2019, IEEE Internet of Things Journal.

[6]  Ashok Kumar Das,et al.  Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things , 2020, IEEE Transactions on Dependable and Secure Computing.

[7]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[8]  Ping Wang,et al.  Zipf’s Law in Passwords , 2017, IEEE Transactions on Information Forensics and Security.

[9]  Samiran Chattopadhyay,et al.  Chaotic Map-Based Anonymous User Authentication Scheme With User Biometrics and Fuzzy Extractor for Crowdsourcing Internet of Things , 2018, IEEE Internet of Things Journal.

[10]  Pascal Lafourcade,et al.  Comparing State Spaces in Automatic Security Protocol Analysis Cas , 2009 .

[11]  Ping Wang,et al.  Targeted Online Password Guessing: An Underestimated Threat , 2016, CCS.

[12]  Yi Zhang,et al.  Internet-of-Things Security and Vulnerabilities: Taxonomy, Challenges, and Practice , 2018, J. Hardw. Syst. Secur..

[13]  Joel J. P. C. Rodrigues,et al.  Cloud Centric Authentication for Wearable Healthcare Monitoring System , 2019, IEEE Transactions on Dependable and Secure Computing.

[14]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[15]  Ashok Kumar Das,et al.  Authentication protocols for the internet of drones: taxonomy, analysis and future directions , 2018, Journal of Ambient Intelligence and Humanized Computing.

[16]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[17]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[18]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[19]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[20]  Joel J. P. C. Rodrigues,et al.  2PBDC: privacy-preserving bigdata collection in cloud environment , 2018, The Journal of Supercomputing.

[21]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[22]  Raouf Boutaba,et al.  Internet of Drones , 2016, IEEE Access.

[23]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[24]  Willy Susilo,et al.  Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment , 2020, IEEE Transactions on Dependable and Secure Computing.

[25]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[26]  Sherali Zeadally,et al.  Taxonomy and analysis of security protocols for Internet of Things , 2018, Future Gener. Comput. Syst..

[27]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[28]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[29]  Davor Svetinovic,et al.  A taxonomy of security and privacy requirements for the Internet of Things (IoT) , 2014, 2014 IEEE International Conference on Industrial Engineering and Engineering Management.

[30]  Ya-Fen Chang,et al.  An IoT notion-based authentication and key agreement scheme ensuring user anonymity for heterogeneous ad hoc wireless sensor networks , 2017, J. Inf. Secur. Appl..

[31]  Elaine B. Barker,et al.  Recommendation for key management: , 2019 .

[32]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[33]  Mostafa Hassanalian,et al.  Classifications, applications, and design challenges of drones: A review , 2017 .

[34]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[35]  Yongdae Kim,et al.  GyrosFinger: Fingerprinting Drones for Location Tracking Based on the Outputs of MEMS Gyroscopes , 2018, ACM Trans. Priv. Secur..

[36]  Bruno Blanchet,et al.  Models and Proofs of Protocol Security: A Progress Report , 2009, CAV.

[37]  Linpei Li,et al.  Dynamic Speed Control of Unmanned Aerial Vehicles for Data Collection under Internet of Things , 2018, Sensors.