BETA-UAV: Blockchain-based Efficient Authentication for Secure UAV Communication
Abstract
Unmanned aerial vehicles (UAV), an emerging architecture that embodies flying ad-hoc networks, face critical privacy and security challenges, mainly when engaged in data-sensitive missions. Therefore, message authentication is a crucial security feature in drone communications. This paper presents a Blockchain-based Efficient, and Trusted Authentication scheme for UAV communication, BETA-UAV, which exploits the inherent properties of blockchain technology concerning memorability and is immutable to record communication sessions via transactions using a smart contract. The smart contract in BETA-UAV allows participants to publish and call transactions from the blockchain network. Furthermore, transaction addresses are proof of freshness and trustworthiness for subsequent transmissions. Furthermore, we investigated their ability to resist active attacks, such as impersonation, replaying, and modification. In addition, we evaluate the gas costs associated with the functions of the smart contract by implementing a BETA-UAV on the Ethereum public blockchain. A comparison of the computation and communication overheads shows that the proposed approach can save significant costs over traditional techniques.
Index Terms:
Authentication, Blockchain, Pki-based authentication, Smart contract, UAVI Introduction
Unmanned aerial vehicle (UAV) technology enhances the dependability and trustworthiness of transportation systems, particularly in heterogeneous and nonstationary data traffic scenarios. However, heterogeneous data sharing raises significant security and privacy concerns, preventing future intelligent transportation systems (ITS) from integrating UAVs[1]. Moreover, connectivity has become increasingly crucial in multiple-UAV systems. Drone communication is challenging because of (i) high node mobility, (ii) fluid topology, (iii) the long distance between nodes that can result in intermittent links, and (iv) power constraints. Several features have contributed to the widespread use of UAV technology, such as coverage, exploratory possibilities, and intelligence-level rewards. Interest in UAVs is proliferating, and we can see that they are being deployed in many worldwide applications, such as aerial photography, agricultural production, and film and television production. Establishing secure communication channels permits reliable UAV operations. However, external communication links, that is, between UAVs and infrastructure, and intra-vehicle communication must be protected. In addition, UAVs must ensure that only authorized entities have access to their resources and that all their internal modules are authenticated to achieve device security[2]. As UAVs operate without human intervention, device-to-device authentication is essential. Before a UAV can access a ground control station (GCS), all modules must be authenticated. Blockchain technology can be used to create a distributed system in which entities can enter and verify blocks, thereby ensuring system integrity. However, because users can request data for flying drones directly from UAVs instead of servers, drones continue to lose or leak data during transmission. This situation determines the complexity of a scheme. Consequently, the transmitted data may be subjected to extensive computation, which raises the possibility of privacy leakage. Furthermore, revealing privileged information can result in transmission security breaches. Therefore, a lightweight Blockchain-based Efficient Authentication BETA-UAV scheme was proposed for secure UAV communication. The objective is to enable mutual authentication and freshness identification such that the UAV can establish secure communication channels. Proof-of-freshness or authentication protocols allow UAVs to integrate into these systems quickly and securely. In this study, we propose to accomplish the above-mentioned goals by conceiving new strategies by combining elliptic curve cryptography (ECC) and a trusted authentication scheme. We present a BETA-UAV blockchain-based efficient authentication for secure UAV communication that promises how the BETA-UAV can resist attacks. The objective is to enable mutual authentication and freshness identification so that the UAV network can establish secure communication channels. Proof-of-freshness or authentication protocols allow UAVs to integrate into these systems with minimal hassle and maximum security.
II Related Works
Recently, several studies have investigated the field of UAV system authentication. For example, this study provides an authentication framework for a UAV network using blockchain, 5G, and SHA-256. According to the authors, the proposed framework is secure against various IoD attacks and outperforms other schemes in terms of the communication overhead and computational costs. However, the computational costs of this study are still high because of the use of SHA-256, which is inappropriate for UAVs. Li et al. [3] proposed a lightweight communication mechanism that is supposed to be safer and faster than SM4 CTR. Lei et al. [4] illustrated a lightweight protocol for secure communication based on a physical unclonable function that employs a light mac function for encryption. Khalid et al. [5] presented a light authentication scheme based on a non-cloneable physical component, particularly for vehicle networks. This framework utilizes a low-power and low-computing-intensive symmetric-encryption method. Our concept is that if authentication can be excluded from the UAV, processing consumption will be reduced, thereby increasing flight duration and range. The authors of [8] highlighted an initial architecture for UAV ID-based authentication. RFID tags provide unique identifiers for UAV within a scheme. Temporary UAV identification that provides both IDs is used to generate cryptography keys to protect privacy during the authorization procedure. In short, some protocols proposed in recent years are vulnerable to attacks, such as inadequate security, encryption key predicting risk, privacy breaches, and server emulation. As a future development, secure communication between drones and GCS should be established. However, some of their solutions contain the issues discussed in [8]–[9]. The authors of [10] applied blockchain, 5G, and elliptic-curve technologies. ECC cryptography provides a framework for the authentication of drones. The authors claim that the proposed framework is secure against numerous IoD attacks and outperforms comparable strategies in terms of communication and computational costs. However, this approach is computationally expensive owing to ECC, which is incompatible with UAVs.
III The BETA-UAV Scheme
This section examines the layout of the BETA-UAV scheme depicted in Figure 1.
III-A Scheme modeling
III-A1 Trusted authority (TA)
The Trusted Authority is a trusted third party for key distribution. The provides the secret keys for Identity-based encryption schemes. The approved node responsible for monitoring other nodes’ behavior or cooperation pattern is known as a node which validates the identification of a UAV that intends to send messages or produces a new identity and verifies that another UAV possesses the specified identity.
III-A2 Smart Contract Deployer
The evidence also exists that smart contracts must establish a user account on the consortium blockchain. Therefore, to eliminate the trust barriers between domains, a threshold multi-signature smart contract is created. Let be the number of participants and the threshold. The number of elements contained in the above merkle tree is the combinatorial number . The space complexity of this tree, , is exponential on the threshold, and the complexity is .
III-A3 Ground Control Station (GCS)
GCS receives UAV data, processes it, and converts and transfers it to other communication protocols to link clients on the same network for decisive piloting and communication between a UAV and its network. In addition, this GCS usually allows for UAV autopilots and live video and data streaming. Ground stations for UAVs are essential to a new era of long-range aerial data collection. In recent years, reliable and secure communication has been scarce, The link between GCS and the UAV has been experienced, which is also a significant concern in our work.
III-B BETA-UAV: The proposed Blockchain-based Efficient Authentication scheme
BETA-UAV comprises three phases that can be described as follows.
-
1.
System initialization phase:
TA initializes the the system parameters as follows. TA initializes the elliptic curve such that , [11], and are 160-bits prime numbers with 80-bits security. Based on the generator , TA creates the cyclic group that includes the points of in addition to the point of the infinity . TA selects the system secret parameter , then calculates its associated public parameter . Secure hash function , e.g., SHA-256. TA deploys the smart contract through transaction and retrieves the ’s address . At last, the public parameters of the scheme are . -
2.
Registration phase:
For all the terminals in the network, TA is responsible for registering all GCSs and UAVs before being part of the network as follows. For each GCS , TA creates a long-term digital certificate by selecting , calculating , and signing it to generate , where is the expiration date. At last, . Similarly, for each unmanned aerial vehicle , TA creates its long-term digital certificate as . At last, TA loads and the certificate revocation list of revoked terminals onto all registered terminals as well as its issued digital certificate and secret key. -
3.
Signature generation and verification phase:
Considering in the communication range of , in this case, the authentication process is divided into authentication for the first and subsequent transmission slots as follows.
For the first transmission slot:
sends a communication request in the form of the tuple , where signed at timestamp and is the whole session time interval, e.g., [00:10:00]. in turn checks ’s freshness, verifies as , then triggers the Issue-(, , ) function in the smart contract using and retrieve . At last, stores . Similarly, sends a reply in the form of the tuple , where signed at timestamp. in turn checks ’s freshness, verifies as , then triggers the Issue-(, , ) function in the smart contract using and retrieve . At last, stores . For subsequent transmission slots: For each message , signs at timestamp to get and sends to . checks ’s freshness, verifies as , retrieves the related to the received , and acquires ’s information from the blockchain to check the session continuity by finding out if holds or not. If holds, will be accepted. Otherwise, it will be discarded.
IV Security Analysis
The GCS and drone had certificates for registration from the TA. Both parties exchange credentials and check the authenticity of the certificates as during the significant agreement process. Consequently, if the drone and ground station have valid certificates, they can authenticate each other.
IV-A Message authentication
sends a communication request in the form of a tuple , where is signed at timestamp and . The intended recipient and receiver UAV share a symmetric key to determine the authentication process.
IV-B Security protection against active attacks
An attacker A can quickly monitor and eavesdrop on communication messages on a public channel if every message refreshes every session like as , rendering it impractical for an attacker to extract all pertinent information.The BETA sends no parameters twice, so our protocol model resists tracking and eavesdrop**.
-
1.
Resilience to modification:
Resilience is a fundamental requirement for multi-UAV operation. Because these systems operate in a dynamic and open environment, they are susceptible to various interruptions. For each message , signs at timestamp to get and sends to . A multi-UAV system is robust if it can accomplish the original mission at an acceptable level of performance, despite diversion. -
2.
Resilience to replaying:
The UAV assigns public key and secret keys at each authentication. Information from the blockchain checks session continuity by determining whether holds. If this fits, is accepted. Otherwise, it was discarded directly. -
3.
Resilience to impersonation:
When an adversary attempts to impersonate an unauthorized drone (e.g., Alice) he is required to compute a valid signature for a coherent topic using Alice’s credentials. Nonetheless, it is difficult for a Ts opponent owing to the message authentication characteristic, namely the ’s freshness, to authenticate as , and then trigger the (, , ) function in the smart contract using and retrieve . Finally, stores . -
4.
Man-in-the-middle (MITM) Attack:
Per a schema, an adversary can capture and compromise all messages sent and received . The message exposure during the freshness identification process is ,. If attempts to reconstruct UAV certification, the contents of and must be modified. Moreover, for to reconstruct UAVs, and must be known; and are the required parameters for message regeneration.Hence, without requisite secret credentials, it is impractical for to reissue a valid message. Therefore, BETA-UAV is resistant to MITM attacks.
-
5.
Resilient to birthday collision:
Our proposal could encounter this property if the endorsed blockchain is susceptible to birthday collisions. For our design, we employed developed blockchain systems, such as Ethereum, that support smart contracts. This distributed ledger system uses secure hash functions such as SHA-256 [7]. Therefore, computing the block hash can eliminate the generation of two-birthday collision blocks.
V Implementations and Performance Analysis
Our BETA-UAV protocol demonstrates its prototype blockchain implementation in Ethereum test networks, its demonstrated efficiency in drone authentication, and a simulated UAV ad hoc network scenario. Performance is then considered in the context of the implementation outcomes.
V-A Implementations
First, we deployed our smart design contract on an online public Ethereum test network (Rinkeby Test Network). Rinkeby offers a comprehensive development environment ID for proficiently compiling and deploying solid smart contracts. This expedites the prototy** process for blockchain-enabled systems. Specifically, we employed the following Remix settings compiler (0.8.7. commit.228d28d7). Our gas cost analysis begins by compiling our Solidity Smart Contract Code, which is subsequently deployed in the configuration described above using Remix. The first is the gas price of Eth, which reflects the cost of maintaining an Ethereum blockchain [5]. we simulate cryptographic primitives in desktop and Raspberry PI environments with the configurations” Linux Ubuntu 18.04 LTS, Intel Core Processor 11th Gen Intel(R) Core(TM) i7-11850H @ 2.50GHz; we simulate cryptographic primitives in desktop and Raspberry Pi environments with the configurations” Linux Ubuntu 18.04 LTS, Intel Core CPU @ 3.60 GHz, 8 GB RAM” and” Raspberry PI 4B, Quad-core ARM Cortex-A72 @ 1.5 GHz, 16GB RAM”, respectively[12].
Parameter | Value | ||||
---|---|---|---|---|---|
Compiler | 0.8.7.commit.228d28d7 | ||||
Language | Solidity | ||||
EVM version | Compiler default | ||||
Deployment Environment | JavaScript Virtual Machine | ||||
Featured Plugins |
|
V-B Computation Cost Comparison
Compared to prior schemes by the authors [8]–[11], the BETA-UAV performance IoD was determined based on their computational and communication costs. For the experimental examination of various cryptographic primitives, we implement the widespread ”Multi-precision Integer and Rational Arithmetic Cryptographic Library (MIRACL).” Therefore, using the MIRACL library, we simulated and evaluated the execution times of cryptographic primitives [7]. This section determines the computational cost for the proposed scheme and the associated schemes. The simulation results are listed in Table 1, and the total computational costs of our scheme and other related schemes are listed in Table 2.
According to the results, the proposed scheme has higher computational efficiency than the other schemes. As shown in Table III, BETA-UAV requires a lower computational cost on the user side than related existing schemes [8]–[11]. GCS, stationed at the TA, is an essential component of the UAV environment. Consequently, it is preferable to reduce the computational cost of the central server. The computational cost at the CS side in the proposed BETA-UAV is [19.28] ms, whereas [8]-[11] require . and
Therefore, BETA-UAV has a lower computational cost than the schemes shown in Table 2. Even so, BETA-UAV has a lower computational cost than the alternative schemes. In contrast to the other schemes, the BETA-UAV has a lower computational cost 5 + is the computational cost of the drone (Dx) or sensor node in the proposed BETA-UAV, whereas [8]–[11] requires For the transaction hash: .
Notations | Primitives | PF-1 | PF-2 |
---|---|---|---|
Instance multiplication | |||
Instance point addition | |||
Hash Functions | |||
Ts | Timestamp | ||
SHA-256 |
V-C Estimate Gas Cost
Ethereum undergoes simple computations that coincide with a swarm of computers called nodes. An elite group of nodes is defined as the miners who work the hardest. Miners protect the network from intrusion and prioritize the computations. Therefore, the miners must pace a stream of requests. Without this, the network might become overloaded owing to heavy usage or spammers picking up what is done. First, miners rely on the gas price, and the gas limit of the last unit measures the work, but it has no monetary value; miners pay in tiny denominations of ETH called Gwei. In this study, we deployed a smart contract to a rinkeby test network. We then connected and deployed it to the meta mask. Once the transaction is confirmed and mined, we go to the blockchain explorer page to see the number of gas units used for this transaction. For the transaction hash: The Gas Price is shown in Fig. 2 as follows: .
Function | Estimated | Actual |
---|---|---|
Deployer | 0.0005499 ETH | 0.000555 ETH |
Issue UAV1 | 0.00023767 ETH | 0.000238 ETH |
In Fig .3 BETA-UAV system demonstrates the most feasible and efficient computational delay performance in this graph, with low baseline delay that scales gradually and predictably with number of nodes. This makes it the most promising system overall based on the results visualized.
V-D Communication Cost Comparison
We evaluated our scheme’s communication costs compared with the existing algorithms discussed above. The identity, hash function, random number, SHA-256, timestamp, and modular exponentiation are respectively bits, bits, bits, and bits. We procure the communication cost of the proposed scheme for each message as follows: bits, bits, bits, and bits by applying these notations. Therefore, the proposed scheme has a total communication cost of .
In this section, we compare the communication costs of the proposed protocol with those of the related schemes [8]–[11]. The outcome indicates that the proposed method has lower communication costs than existing solutions. The bar chart Fig. 4 compares the storage costs in bits for different works. The costs range from 1628 bits for our own data to 4696 bits for category S[9]. The legend shows the exact storage cost for each category. Overall, the graph illustrates the relative storage requirements for the data categories, with S[9] being the most expensive and our data being the most efficient. This comparison highlights the storage optimization achieved for our method.
VI Conclusion
In this study, we proposed a blockchain-based efficient authentication scheme called BETA for UAV communication, where BETA-UAV is divided into three phases: registration, authentication, and signature verification. The routing framework can endure major security attacks based on informal security analysis. Our study aims to address this security vulnerability by proposing a provable efficient authentication scheme that protects user privacy. Significant advantages are identified in the proposed scheme, such as lower computational and communication costs, small key size, and greater secrecy. In the future, we will extend this technical work to Ethereum cryptography and compare it with the encryption algorithms. Furthermore, we will implement the computational costs of the proposed work in a practical scenario.
References
- [1] M. Khan, I. Ullah, A. Alkhalifah, S. Rehman, J. Shah, M. Uddin, M. Alsharif, and F. Algarni, ” ”, IEEE Transactions On Industrial Informatics. vol.18, no. 5, pp. 3416-3425, May 2022.
- [2] M. Rodrigues, J. Amaro, F. Osório, and B. Kalinka, ”Authentication Methods for UAV Communication”, 2019 IEEE Symposium On Computers And Communications (ISCC). pp. 1210-1215, Jul. 2019.
- [3] Li, T., Zhang, J., Obaidat, M., Lin, C., Lin, Y., Shen, Y. & Ma, J. Energy-Efficient and Secure Communication Toward UAV Networks. IEEE Internet Of Things Journal. 9, 10061-10076 (2022)
- [4] Lei, Y., Zeng, L., Li, Y., Wang, M. & Qin, H. A Lightweight Authentication Protocol for UAV Networks Based on Security and Computational Resource Optimization. IEEE Access. 9 pp. 53769-53785 (2021)
- [5] Khalid, H., Hashim, S., Mumtazah Syed Ahamed, S., Hashim, F. & Chaudhary, M. Secure Real-time Data Access Using Two-Factor Authentication Scheme for the Internet of Drones. 2021 IEEE 19th Student Conference On Research And Development (SCOReD). pp. 168-173 (2021)
- [6] Tanveer, M., Alkhayyat, A., Naushad, A., Kumar, N., Alharbi, A., and others (2022). RUAM-IOD: A Robust User Authentication Mechanism for the Internet of Drones. IEEE Access, 10, 19836–19851.
- [7] Sutrala, A., Obaidat, M., Saha, S., Das, A., Alazab, M. & Park, Y. Authenticated Key Agreement Scheme With User Anonymity and Untraceability for 5G-Enabled Softwarized Industrial Cyber-Physical Systems. IEEE Transactions On Intelligent Transportation Systems. 23, 2316-2330 (2022)
- [8] Srinivas, J., Das, A., Wazid, M. & Vasilakos, A. Designing Secure User Authentication Protocol for Big Data Collection in IoT-Based Intelligent Transportation System. IEEE Internet Of Things Journal. 8, 7727-7744 (2021)
- [9] Wazid, M., Das, A., Kumar, N. & Alazab, M. Designing authenticated key management scheme in 6G-enabled network in a box deployed for industrial applications. IEEE Transactions On Industrial Informatics. 17, 7174-7184 (2020)
- [10] Bera, B., Saha, S., Das, A., Kumar, N., Lorenz, P. & Alazab, M. Blockchain-Envisioned Secure Data Delivery and Collection Scheme for 5G-Based IoT-Enabled Internet of Drones Environment. IEEE Transactions On Vehicular Technology. 69, 9097-9111 (2020)
- [11] Li, H., Han, D. & Tang, M. A Privacy-Preserving Storage Scheme for Logistics Data With Assistance of Blockchain. IEEE Internet Of Things Journal. 9, 4704-4720 (2022)
- [12] Kwon, D., Son, S., Park, Y., Kim, H., Park, Y., Lee, S. & Jeon, Y. Design of Secure Handover Authentication Scheme for Urban Air Mobility Environments. IEEE Access. 10 pp. 42529-42541 (2022)