Information Security Theory and Practice

Fleets of UAVs will be deployed in near future in reliability and safety critical applications (e.g. for smart cities). To satisfy the stringent level of criticality, each UAV in the fleet must trust the other UAVs with which it communicates to get assurance of the trustworthiness in information received and to be sure not to disclose information to an unauthorized party. In addition, to be protected against an attacker willing to eavesdrop and/or modify the exchanged data, the communication channel needs to be secured, i.e. it has to provide confidentiality and integrity of exchanges. The work presented here is based on our previous research which concluded that it is required that each UAV includes a Secure Element (which we called ARFSSD standing for Active Radio Frequency Smart Secure Device) to withstand an adversary with a high attack potential. In this paper, we propose a secure and trusted channel protocol that satisfies the stated security and operational requirements for a UAV-to-UAV communication protocol. This protocol supports three main objectives: (1) it provides the assurance that all communicating entities can trust each other and can trust their internal (secure) software and hardware states; (2) it establishes a fair key exchange process between all communicating entities so as to provide a secure channel; (3) it is efficient for both the initial start-up of the network and when resuming a session after a cold and/or warm restart of a UAV. The proposed protocol is formally verified using CasperFDR and AVISPA.

[1]  Dechuan Chen,et al.  A home security Zigbee network for remote monitoring application , 2006 .

[2]  Fenye Bao,et al.  Dynamic trust management for internet of things applications , 2012, Self-IoT '12.

[3]  Kent E. Seamons,et al.  Logcrypt: Forward Security and Public Verification for Secure Audit Logs , 2005, IACR Cryptol. ePrint Arch..

[4]  Calton Pu,et al.  Reducing TCB complexity for security-sensitive applications: three case studies , 2006, EuroSys.

[5]  Shyamal Patel,et al.  A review of wearable sensors and systems with application in rehabilitation , 2012, Journal of NeuroEngineering and Rehabilitation.

[6]  Stefan Berger,et al.  vTPM: Virtualizing the Trusted Platform Module , 2006, USENIX Security Symposium.

[7]  Lynne Baillie,et al.  Sensor use and usefulness: Trade-offs for data-driven authentication on mobile devices , 2015, 2015 IEEE International Conference on Pervasive Computing and Communications (PerCom).

[8]  Latifur Khan,et al.  SGX-Log: Securing System Logs With SGX , 2017, AsiaCCS.

[9]  Gunnar Hartung,et al.  Attacks on Secure Logging Schemes , 2017, Financial Cryptography.

[10]  Hugo Krawczyk,et al.  HMAC-based Extract-and-Expand Key Derivation Function (HKDF) , 2010, RFC.

[11]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[12]  Pieter H. Hartel,et al.  Secure Audit Logging with Tamper-Resistant Hardware , 2003, SEC.

[13]  A Min Tjoa,et al.  Towards More Trustable Log Files for Digital Forensics by Means of “Trusted Computing” , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[14]  Paul England,et al.  Continuous Tamper-Proof Logging Using TPM 2.0 , 2014, TRUST.

[15]  Konstantinos Markantonakis,et al.  Towards trusted execution of multi-modal continuous authentication schemes , 2017, SAC.

[16]  Karen Kent,et al.  Guide to Computer Security Log Management , 2006 .

[17]  Gene Tsudik,et al.  A new approach to secure logging , 2008, TOS.

[18]  Mihir Bellare,et al.  Forward Integrity For Secure Audit Logs , 1997 .

[19]  Damien Sauveron,et al.  Secure and Trusted Execution: Past, Present, and Future - A Critical Review in the Context of the Internet of Things and Cyber-Physical Systems , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[20]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[21]  Jiangtao Li,et al.  Enhanced privacy ID from bilinear pairing for hardware authentication and attestation , 2011, Int. J. Inf. Priv. Secur. Integr..

[22]  Andreas Haeberlen,et al.  Cloud-Based Secure Logger for Medical Devices , 2016, 2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE).

[23]  Konstantinos Markantonakis,et al.  Establishing Mutually Trusted Channels for Remote Sensing Devices with Trusted Execution Environments , 2017, ARES.

[24]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[25]  Alex Mihailidis,et al.  A Survey on Ambient-Assisted Living Tools for Older Adults , 2013, IEEE Journal of Biomedical and Health Informatics.

[26]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..