A new provable hierarchical anonymous certificateless authentication protocol with aggregate verification in ADS-B systems

Abstract Automatic Dependent Surveillance-Broadcast (ADS-B) technology is a new solution for communication among aircraft and ground controller stations. In this new surveillance technology, critical messages (e.g., location of aircraft) are achieved by navigation satellites, and then an on-board equipment multicasts the unencrypted messages twice per second to the others. The previous ADS-B protocols suffer from weak authentication protocols with a few security vulnerabilities and privacy issues including key-escrow problem, user profiling, time consuming verification processes, and difficulties with certificate management. In this paper, we propose a new hierarchical authentication protocol used Certificateless Public Key Cryptography (CL-PKC) techniques to avoid using Public Key Infrastructure (PKI) certificate management and solve the key-escrow concern in Identity-based Public Key Cryptography (ID-PKC). Further, unlike many of certificateless schemes, our proposed scheme is secure against malicious-but-passive Key Generation Center (KGC). We prove that our scheme preserves conditional privacy, which means that distinct identities map to varied pseudonyms. The security and privacy features of our scheme are provably modeled under the widely-accepted random oracle model by computational Diffie-Hellman (CDH) assumption against adaptive chosen-message attack. Finally we show that the time needed to aggregate verification of 50 messages reduced by 84% and 48% compared to those of Yang et al.’s and He et al.’s schemes respectively.

[1]  Dieter Hogrefe,et al.  AEP-PPA: An anonymous, efficient and provably-secure privacy-preserving authentication protocol for mobile services in smart cities , 2019, J. Netw. Comput. Appl..

[2]  Panagiotis Papadimitratos,et al.  SECURING VEHICULAR COMMUNICATIONS , 2006, IEEE Wireless Communications.

[3]  Lei Zhang,et al.  A new certificateless aggregate signature scheme , 2009, Comput. Commun..

[4]  Lei Zhang,et al.  Efficient many-to-one authentication with certificateless aggregate signatures , 2010, Comput. Networks.

[5]  Gaspare Galati,et al.  ADS-B jamming mitigation: a solution based on a multichannel receiver , 2017, IEEE Aerospace and Electronic Systems Magazine.

[6]  Arun Kumar Sangaiah,et al.  Secure CLS and CL-AS schemes designed for VANETs , 2019, The Journal of Supercomputing.

[7]  Naima Kaabouch,et al.  Analysis of vulnerabilities, attacks, countermeasures and overall risk of the Automatic Dependent Surveillance-Broadcast (ADS-B) system , 2017, Int. J. Crit. Infrastructure Prot..

[8]  Hong Yuan,et al.  Cryptanalysis and improvement of certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks , 2016, IACR Cryptol. ePrint Arch..

[9]  H. T. Mouftah,et al.  Privacy preserving broadcast message authentication protocol for VANETs , 2013, J. Netw. Comput. Appl..

[10]  P. Vasudeva Reddy,et al.  Efficient Pairing-Free Identity-Based ADS-B Authentication Scheme With Batch Verification , 2019, IEEE Transactions on Aerospace and Electronic Systems.

[11]  Hovav Shacham,et al.  Aggregate and Verifiably Encrypted Signatures from Bilinear Maps , 2003, EUROCRYPT.

[12]  J. Johnson,et al.  Wide area multilateration and ADS-B proves resilient in Afghanistan , 2012, 2012 Integrated Communications, Navigation and Surveillance Conference.

[13]  Xian Wang,et al.  An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks , 2015, Inf. Sci..

[14]  Arun Kumar Sangaiah,et al.  A certificateless aggregate signature scheme for healthcare wireless sensor network , 2017, Sustain. Comput. Informatics Syst..

[15]  Kim-Kwang Raymond Choo,et al.  An efficient provably-secure certificateless signature scheme for Internet-of-Things deployment , 2018, Ad Hoc Networks.

[16]  Nedal Tahat,et al.  A New Digital Signature Scheme Based on Factoring and Discrete Logarithms , 2008 .

[17]  Pin-Han Ho,et al.  GSIS: A Secure and Privacy-Preserving Protocol for Vehicular Communications , 2007, IEEE Transactions on Vehicular Technology.

[18]  Luther Martin,et al.  Introduction to Identity-Based Encryption , 2008 .

[19]  Srdjan Capkun,et al.  Design and Implementation of a Terrorist Fraud Resilient Distance Bounding System , 2012, ESORICS.

[20]  A. Smith,et al.  Methods to Provide System-Wide ADS-B Back-Up, Validation and Security , 2006, 2006 ieee/aiaa 25TH Digital Avionics Systems Conference.

[21]  Robert H. Deng,et al.  Secure smart health with privacy-aware aggregate authentication and access control in Internet of Things , 2018, J. Netw. Comput. Appl..

[22]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[23]  Xiaotie Deng,et al.  Key Replacement Attack Against a Generic Construction of Certificateless Signature , 2006, ACISP.

[24]  Leopoldo Infante,et al.  A family of Secondary Surveillance Radars based on Conformal Antenna array geometries , 2017, 2017 IEEE Radar Conference (RadarConf).

[25]  Prosanta Gope,et al.  An efficient mutual authentication and key agreement scheme preserving strong anonymity of the mobile user in global mobility networks , 2016, J. Netw. Comput. Appl..

[26]  Chunhua Su,et al.  A Novel Certificateless Signature Scheme for Smart Objects in the Internet-of-Things , 2017, Sensors.

[27]  Emily Cook ADS-B, Friend or Foe: ADS-B Message Authentication for NextGen Aircraft , 2015, 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security, and 2015 IEEE 12th International Conference on Embedded Software and Systems.

[28]  Liming Zhou,et al.  Cryptanalysis and improvement of a certificateless aggregate signature scheme , 2015, Inf. Sci..

[29]  Ahmed Ahmim,et al.  Privacy-Preserving Schemes for Ad Hoc Social Networks: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[30]  Jianqing Li,et al.  Cooperative pseudonym change scheme based on the number of neighbors in VANETs , 2013, J. Netw. Comput. Appl..

[31]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[32]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[33]  Joonsang Baek,et al.  A New ADS-B Authentication Framework Based on Efficient Hierarchical Identity-Based Signature with Batch Verification , 2017, IEEE Transactions on Services Computing.

[34]  Naima Kaabouch,et al.  A preliminary effort toward investigating the impacts of ADS-B message injection attack , 2018, 2018 IEEE Aerospace Conference.

[35]  Shanshan Zhang,et al.  A new provably secure certificateless signature scheme for Internet of Things , 2020, Ad Hoc Networks.

[36]  Kyung-Ah Shim,et al.  Security models for certificateless signature schemes revisited , 2015, Inf. Sci..

[37]  Jianhua Chen,et al.  Insecurity of an efficient certificateless aggregate signature with constant pairing computations , 2014, Inf. Sci..

[38]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[39]  Maxim Raya,et al.  The security of vehicular ad hoc networks , 2005, SASN '05.

[40]  Kyung-Ah Shim,et al.  ${\cal CPAS}$: An Efficient Conditional Privacy-Preserving Authentication Scheme for Vehicular Sensor Networks , 2012, IEEE Transactions on Vehicular Technology.

[41]  Pin-Han Ho,et al.  ECPP: Efficient Conditional Privacy Preservation Protocol for Secure Vehicular Communications , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[42]  Kim-Kwang Raymond Choo,et al.  Efficient Hierarchical Identity-Based Signature With Batch Verification for Automatic Dependent Surveillance-Broadcast System , 2017, IEEE Transactions on Information Forensics and Security.

[43]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[44]  Ivan Martinovic,et al.  Security of ADS-B: State of the Art and Beyond , 2013, ArXiv.

[45]  Zhi Guan,et al.  An efficient certificateless aggregate signature with constant pairing computations , 2013, Inf. Sci..

[46]  Qiang Nong,et al.  Practical Secure Certificateless Cryptographic Protocol with Batch Verification for Intelligent Robot Authentication , 2017 .

[47]  Pil Joong Lee,et al.  Generic Construction of Certificateless Signature , 2004, ACISP.

[48]  Xiong Li,et al.  A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks , 2016, Secur. Commun. Networks.

[49]  Jian Shen,et al.  Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks , 2018, J. Netw. Comput. Appl..