Open AccessArticle

A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm

Tao Xia

Menglin Wang

^1,*,

Jun He

^1,*,

Gang Yang

Linna Fan

¹ and

Guoheng Wei

College of Information and Communication, National University of Defense Technology, Wuhan 430030, China

School of Information Security, Naval University of Engineering, Wuhan 430030, China

Authors to whom correspondence should be addressed.

Drones 2024, 8(8), 359; https://doi.org/10.3390/drones8080359

Submission received: 7 June 2024 / Revised: 27 July 2024 / Accepted: 28 July 2024 / Published: 30 July 2024 / Corrected: 9 January 2025

(This article belongs to the Special Issue Physical-Layer Security in Drone Communications)

Download

Browse Figures

Figure 1
UAV communication network model diagram. "> Figure 2
DTLS protocol flowchart. "> Figure 3
Research workflow illustrating the process from model design to experimental evaluation. "> Figure 4
The process of the LIGKYX identity authentication and key agreement scheme. "> Figure 5
Identity authentication key agreement flowchart. "> Figure 6
Flowchart of identity authentication key agreement stage between drones. "> Figure 7
Kyber.AKE scheme flowchart. "> Figure 8
The photograph of the UAV. "> Figure 9
Histogram of ground station time overhead comparison. "> Figure 10
Histogram of UAV time overhead comparison. "> Figure 11
Wireshark capture result screenshot. ">

Versions Notes

Abstract

Unmanned aerial vehicles (UAVs) play a critical role in various fields, including logistics, agriculture, and rescue operations. Effective identity authentication and key agreement schemes are vital for UAV networks to combat threats. Current schemes often employ algorithms like elliptic curve cryptography (ECC) and Rivest–Shamir–Adleman (RSA), which are vulnerable to quantum attacks. To address this issue, we propose LIGKYX, a novel scheme combining the quantum-resistant Kyber algorithm with the hash-based message authentication code (HMAC) for enhanced security and efficiency. This scheme enables the mutual authentication between UAVs and ground stations and supports secure session key establishment protocols. Additionally, it facilitates robust authentication and key agreement among UAVs through control stations, addressing the critical challenge of quantum-resistant security in UAV networks. The proposed LIGKYX scheme operates based on the Kyber algorithm and elliptic curve Diffie–Hellman (ECDH) key exchange protocol, employing the HMAC and pre-computation techniques. Furthermore, a formal verification tool validated the security of LIGKYX under the Dolev–Yao threat model. Comparative analyses on security properties, communication overhead, and computational overhead indicate that LIGKYX not only matches or exceeds existing schemes but also uniquely counters quantum attacks effectively, ensuring the security of UAV communication networks with a lower time overhead for authentication and communication.

Keywords:

authentication; HMAC; key agreement; Kyber; UAV

1. Introduction

With the rapid advancement in unmanned aerial vehicle technology, UAVs are now widely used in data transmission, wildfire monitoring [1], cellular service provision, parcel delivery, traffic monitoring, pesticide spraying, and various other applications [2]. The overall UAV market, including OEM and aftermarket, is projected to reach USD 48.5 billion by 2029, with a compound annual growth rate (CAGR) of 9.9% from 2024 to 2029 [3]. As of 2023, there are over 1.7 million drones registered in the United States alone [4], illustrating the vast scale of UAV operations. The increasing adoption of UAVs in commercial and defense sectors highlights their growing significance. However, despite their widespread use, security issues are often overlooked during the design phases of UAVs, making wireless communication methods vulnerable to eavesdropping, man-in-the-middle, and replay attacks.

Recent studies have documented numerous cyber-attacks on drone systems, which have been on the rise since 2007 [5]. For instance, the hacking of delivery drones and unauthorized surveillance incidents have underscored the urgency of addressing these vulnerabilities. As the range of applications expands, security issues within drone networks are becoming increasingly prominent. To combat these challenges, robust identity authentication and key agreement protocols are essential to counter the evolving threats [6].

The rapid development of UAV technology has made it an integral part of modern infrastructure, supporting various industries and government operations. The versatility and efficiency of UAVs have led to their deployment in critical sectors, such as agriculture, where they assist in precision farming and crop monitoring, and in disaster management, where they aid in search and rescue operations and real-time damage assessment. Furthermore, UAVs have become crucial in enhancing cellular networks by providing temporary communication links in remote or disaster-stricken areas.

Despite these advancements, the security of UAV communication networks remains a significant concern. UAVs rely heavily on wireless communication links, which are inherently vulnerable to various forms of cyber-attacks. Eavesdropping, where an attacker intercepts and listens to the communication between UAVs and ground control stations, can lead to the leakage of sensitive information. Man-in-the-middle attacks allow attackers to intercept and alter communications between two parties without their knowledge, potentially leading to the manipulation of UAV operations. Replay attacks involve the interception and retransmission of valid data, which can confuse UAV systems and disrupt their normal operations [7].

Considering the limited computational resources and storage capacity of UAVs [8], traditional identity authentication and key agreement protocols are difficult to apply directly to UAV systems. These traditional protocols often require substantial computational power and memory, which are not feasible in the lightweight and resource-constrained environment of UAVs. Therefore, various lightweight identity authentication and key agreement schemes [9] have been proposed to mitigate security problems under these constraints. However, most of these schemes rely on elliptic curve cryptography (ECC) [10], which, while efficient in classical computing environments, becomes ineffective against emerging quantum attacks.

Quantum computing poses a new and significant threat to cryptographic systems that are currently considered secure. Quantum computers, with their ability to solve complex mathematical problems exponentially faster than classical computers, can break widely used cryptographic algorithms such as RSA and ECC. This has led to the development of post-quantum cryptography (PQC), which aims to create cryptographic algorithms that are secure against quantum attacks [11].

In the realm of post-quantum cryptography, Kyber [12], a lattice-based encryption algorithm, has been selected by the National Institute of Standards and Technology (NIST) as a candidate for future cryptographic standards. This algorithm is notable for its resistance to quantum attacks, efficiency, and smaller key sizes. Utilizing Kyber for key exchange and identity authentication in UAV systems can significantly enhance security and practicality. Despite its robustness, the Kyber Authenticated Key Exchange (Kyber.AKE) [12] identity authentication and key agreement scheme, derived from the Kyber algorithm, incurs significant computational overhead, making it unsuitable for lightweight solutions required by UAVs.

In contrast, the hash-based message authentication code (HMAC) is a message authentication code that employs a hash function and has been effectively used in designing efficient authentication schemes [13,14]. HMAC can counteract the threat of quantum attacks by extending the key length. However, current methods focus primarily on either security robustness or computational efficiency, often failing to balance both. Ideal solutions should provide robust security against quantum attacks while maintaining a low computational overhead, particularly in resource-constrained environments like UAV networks. This gap underscores the need for a new approach that combines the strengths of both the Kyber and HMAC algorithms.

By integrating the Kyber algorithm with the HMAC algorithm, we can devise a lightweight network authentication and key agreement scheme specifically tailored for UAVs, offering robust resistance to quantum attack threats. The proposed scheme aims to leverage the efficiency and security of Kyber while utilizing the simplicity and low computational requirements of HMAC. This combination is expected to provide a balanced solution that ensures both high security and operational efficiency in UAV networks.

The primary research contributions of this paper are as follows:

Protocol Development: The proposed protocol facilitates communication between UAVs and ground stations and proposes a scheme for UAV-to-UAV authentication and key agreement facilitated by ground stations. It aims to achieve mutual authentication between communication parties while effectively resisting quantum attacks, ensuring the protocol’s lightweight nature and security. By integrating the Kyber, elliptic curve Diffie–Hellman (ECDH), and HMAC algorithms, some operational processes are completed in the preprocessing stage, thereby effectively countering quantum attacks, reducing the computational and communication overhead, and enhancing authentication efficiency.
Threat Model Design: This paper designs a threat model suitable for quantum attack threats, based on an improved Dolev–Yao [15] threat model, to ensure the security of the LIGKYX protocol. Using this threat model, the security of the LIGKYX protocol is verified with the formal verification tool ProVerif [16,17], demonstrating its robustness against quantum attack threats.
Performance Evaluation: Extensive experiments are conducted to evaluate the performance of the LIGKYX protocol from two perspectives. Firstly, the time overhead required for the LIGKYX authentication protocol is measured in an experimental environment involving UAV and ground station interactions. Secondly, Wireshark is used to assess the communication overhead of the LIGKYX protocol. The comparative experiments indicate that the LIGKYX protocol demonstrates superior performance in terms of both the time and communication overhead.
Comparative Analysis: A detailed comparative analysis of the communication and computational overhead and functional attributes indicates that the proposed LIGKYX protocol exhibits significant advantages over other existing related schemes. These advantages include enhanced security features against quantum attacks and superior performance in terms of the communication and computational overhead.

The remainder of this paper is organized as follows: Section 2 provides an overview of related work. Section 3 introduces the UAV communication network model and the threat model improved to consider quantum attacks. Section 4 details the implementation steps and computational methods of the authentication and key agreement scheme. In Section 5, the security of the scheme is evaluated using ProVerif. Section 6 assesses the performance of the proposed scheme and a comparative scheme in an experimental environment involving UAVs and ground stations. Finally, Section 7 concludes the paper with a summary of the results.

2. Literature Review

To ensure the security of UAVs’ wireless communications, extensive research has been conducted worldwide, outputting various lightweight identity authentication and key agreement schemes. The progress of related research is shown in Table 1. Ali et al. [18] proposed a lightweight authentication mechanism for UAVs in smart city environments using lightweight symmetric key primitives and temporary certificates. However, B.D. Deebak et al. [19] pointed out that Ali et al.’s scheme cannot withstand session key leakage attacks. Additionally, the security schemes presented in the literature such as [20,21] face similar issues, being susceptible to known session key attacks. To address these concerns, the adoption of the elliptic curve Diffie–Hellman (ECDH) protocol has emerged as the mainstream choice. ECDH is a highly secure key exchange protocol that remains resilient even in the face of known session key attacks. Yongho Ko et al. [22] proposed a secure communication protocol based on the ECDH protocol for safeguarding UAVs and ground control stations. However, the ECDH protocol based on ECC fails to effectively counter threats from quantum attacks. Furthermore, the identity authentication and key protocol mechanisms widely employed in UAV networks primarily rely on classical public-key cryptographic algorithms such as Rivest–Shamir–Adleman (RSA) [23] and ECC [10,24,25]. Although these algorithms are designed with high security level and can provide a certain extent of protection for UAV networks, they are still vulnerable in the perspective of mathematical principles such as the presence of quantum computers. Quantum computers have the unique ability to solve certain mathematical problems in polynomial time that classical computers cannot, such as factoring large integers and computing discrete logarithms. This capability is due to quantum algorithms like Shor’s algorithm. As a result, traditional encryption methods, which rely on the difficulty of these problems, become ineffective against quantum attacks. Quantum attacks exploit the computational power of quantum computers to break cryptographic schemes that are secure against classical attacks. Therefore, the emergence of quantum computing poses a significant threat to current cryptographic systems. Specifically, Shor’s algorithm [26], proposed by Peter Shor, Lov Grover’s Grover algorithm, and the quantum Fourier transform [26], a core component of Shor’s algorithm, pose significant threats. Shor’s algorithm, known for its ability to factor large integers, directly threatens public-key encryption systems based on the integer factorization problem, such as the widely used RSA encryption [23]. Grover’s algorithm [27] can significantly speed up the search process in unstructured databases, posing potential risks to hash-function-based encryption systems. The quantum Fourier transform accelerates the solution of the discrete logarithm problem, threatening encryption systems based on the discrete logarithm problem, such as ECC and the Diffie–Hellman key exchange [28].

Given the anticipated advances in quantum computing technology, traditional encryption algorithms will increasingly struggle to resist the new security threats posed by quantum computing. Currently, these risks are projected for the future as quantum computers are not yet widely available. Continuing to use traditional public-key cryptographic algorithms like RSA and ECC for identity authentication and key agreement in UAV swarms not only fails to provide effective security guarantees but might also become the weak link in the system due to their insufficient security in the quantum era. To address this future security challenge, the cryptographic community is actively researching post-quantum cryptography [29] with the goal of developing encryption algorithms capable of withstanding attacks from quantum computers.

Currently, lattice-based constructions [30,31] are considered the main candidates to replace traditional number theory problems, such as integer factorization and discrete logarithm problems. Lattice cryptography has garnered significant attention initially in theoretical circles due to its design being related to worst-case security proofs based on lattice problems. Specifically, Ajtai et al. [32] pioneered the development of lattice-based probabilistic public-key cryptographic schemes, harnessing the geometric properties of lattices to introduce novel security guarantees. Regev et al. [33,34] further contributed to the field by introducing an intermediate problem termed “Learning with Errors” (LWE), which, despite its simpler cryptographic structure, proved to be as challenging as some standard worst-case lattice problems. Applebaum et al. [35] conducted groundbreaking research demonstrating that the secret parameter in the LWE problem need not be uniformly random, thereby enhancing the versatility of LWE in real-world applications. Chris Peikert [31], in his seminal work in 2016, underscored the pivotal role of the LWE problem in fortifying cryptographic systems against quantum attacks. Lyubashevsky et al. [30] identified the inherent inefficiency associated with the quadratic overhead of LWE, leading to the proposal of the Ring-LWE assumption, which streamlines encryption system construction while preserving robust security guarantees. Bos et al. [36] showcased the practical viability of post-quantum key exchange protocols by developing a cryptographic suite grounded in the Ring-LWE problem for the Transport Layer Security (TLS) protocol. Despite the practical advantages offered by the Ring-LWE problem, concerns persist regarding its additional algebraic structure, prompting researchers to explore key encapsulation mechanisms (KEMs) [37] with chosen ciphertext attack (CCA) security across various ring structures. Bos et al. [12] responded to these concerns by devising a highly optimized KEM instance with CCA security, namely, Kyber. As a representative lattice-based public-key encryption algorithm, Kyber has earned recognition as one of the candidate algorithms for the NIST Post-Quantum Cryptography Standardization competition. Kyber’s lightweight and efficient characteristics [38] render it especially well-suited for resource-constrained environments, such as Internet of Things devices and unmanned aerial vehicle systems.

At present, researchers worldwide are actively promoting the application of the Kyber algorithm in lightweight identity authentication and key agreement mechanisms. Specifically, Kübra Seyhan et al. [39] proposed a scheme applying the Kyber algorithm to the construction of security protection mechanisms for mobile devices. This scheme improved the traditional password-authenticated key exchange (PAK) methods, significantly enhancing the security and performance of systems on mobile devices. Anwar Noureddine Bahache et al. [40] proposed a quantum-resistant authentication and key agreement framework based on the Kyber algorithm, providing strong security guarantees for information security in the future quantum computing environment. B. Mohinder Singh et al. [17] designed a digital security authentication protocol for personal health records based on the Kyber algorithm. This protocol uses the Kyber algorithm for public-key encryption in the initial stage, followed by the symmetric encryption algorithm (AES-GCM) to protect the integrity and confidentiality of the transmitted data.

Noticeably, many schemes often use the elliptic curve Diffie–Hellman (ECDH) algorithm for key agreement in the research on identity authentication and key agreement within UAV swarm networks. To construct a more secure and efficient authentication and key agreement mechanism, combining the ECDH algorithm with the Kyber algorithm can be considered. This hybrid algorithm not only provides dual encryption protection, combining the maturity of traditional cryptography with the advancement in quantum-resistant cryptography but also significantly enhances the system’s operational efficiency and security in resource-constrained environments. Overall, the Kyber algorithm holds an important position in the field of post-quantum cryptography, and its lightweight and high-efficiency characteristics make it an ideal choice for identity authentication and key agreement in resource-constrained environments. Combining ECDH and the Kyber algorithm can show significant advantages in ensuring the balance of security and performance in the communication within and between UAV swarms.

Table 1. Table of related works.

Category	Reference	Main Contribution	Limitations
Authentication and Key Agreement Schemes	[18]	Proposed a lightweight identity authentication mechanism using lightweight symmetric key primitives and temporary certificates for UAVs in smart city environments.	Cannot withstand session key leakage attacks.
	[19]	Identified vulnerabilities in Ali et al.’s scheme regarding session key leakage attacks.
	[20,21]	Proposed various security schemes.	Schemes are susceptible to known session key attacks.
Elliptic Curve Diffie–Hellman (ECDH) Protocol	[22]	Proposed a secure communication protocol based on the ECDH protocol for safeguarding UAVs and ground control stations.	Ineffective against quantum attacks.
Public-Key Cryptographic Algorithms	[23,24,25]	Described the use of classical public-key cryptographic algorithms (such as RSA and ECC) known for high security.	Vulnerable to quantum attacks due to the underlying mathematical principles.
Quantum Computing Threats	[26]	Introduced Shor’s algorithm, which can factor large integers, directly threatening public-key encryption systems based on integer factorization, like RSA.
	[27]	Introduced Grover’s algorithm, which significantly speeds up search processes in unstructured databases, posing threats to hash-function-based encryption systems.
	[28]	Accelerated solving the discrete logarithm problem, threatening encryption systems based on the discrete logarithm problem, such as ECC and Diffie–Hellman key exchange.
Post-Quantum Cryptography	[32]	Pioneered lattice-based probabilistic public-key cryptographic schemes, utilizing the geometric properties of lattices to introduce new security guarantees.
	[33,34]	Proposed the “Learning with Errors” (LWE) problem, which is as challenging as some standard worst-case lattice problems despite its simpler cryptographic structure.
	[35]	Demonstrated that the secret parameter in the LWE problem need not be uniformly random, enhancing the versatility of LWE in real-world applications.
	[31]	Emphasized the role of the LWE problem in strengthening cryptographic systems against quantum attacks.
	[30]	Proposed the Ring-LWE assumption, simplifying encryption system construction while maintaining robust security guarantees.
	[36]	Developed an encryption suite based on the Ring-LWE problem for the TLS protocol.
Kyber Algorithm Applications	[12,38]	Recognized as a candidate in the NIST Post-Quantum Cryptography Standardization competition, known for efficiency and suitability for resource-constrained environments.	The bidirectional authentication mechanism based on Kyber algorithm has high overhead.
	[39]	Proposed a scheme applying the Kyber algorithm to security mechanisms for mobile devices, improving traditional password-authenticated key exchange (PAK) methods.
	[40]	Proposed a quantum-resistant authentication and key agreement framework based on the Kyber algorithm.
	[17]	Designed a digital security authentication protocol for personal health records based on the Kyber algorithm.

3. Model of UAV Communication Networks and Threat Modeling

3.1. UAV Communication Network Model

The UAV network constitutes a wireless infrastructure tailored to accomplishing missions centered around UAV applications. This network exhibits the capability to autonomously self-organize or be supplemented by communication facilities such as ground control stations and satellites. The proposed authentication scheme (LIGKYX) in this paper primarily targets the UAV communication network model illustrated in Figure 1.

In this network paradigm, ground control stations establish wireless links with multiple UAVs to exercise control and oversight over these aerial platforms. Legitimate UAVs engage in identity authentication and secure session key agreement with the ground station through an authentication key agreement scheme. Subsequently, they employ the negotiated session key to facilitate secure encrypted communication based on symmetric encryption algorithms. Furthermore, upon establishing a secure communication channel with the control station, legitimate UAVs can engage in encrypted communication with other authorized UAVs through the intermediary of the control station.

3.2. Threat Model

In the study of classical wireless network threat models, Dolev and Yao [41] proposed a model that assumes attackers possess extremely powerful capabilities, making it particularly suitable for designing wireless networks with high security requirements. Due to its strengths, the Dolev–Yao model has been widely used in the design of wireless network security protocols and has become the standard threat model in this field. However, the Dolev–Yao model has notable limitations when addressing quantum attack threats. Specifically:

The model assumes that attackers cannot infer private keys based on known public keys, which is contradicted by the capability of quantum computing to effectively break traditional encryption algorithms such as RSA and ECC;
The model does not account for the computational advantages provided by quantum algorithms, which can significantly reduce the security of current cryptographic methods.

Given these limitations, it is crucial that we improve the model to address the characteristics of UAV networks and the threat of quantum attacks. As a result, we propose a UAV network threat model applicable to quantum attack threats. The specific assumptions of this improved model are outlined below:

The capabilities of the attacker are as follows:

The attacker can control the entire communication network, allowing them to intercept, eavesdrop on, and tamper with any messages transmitted through the network;
The attacker can impersonate any entity and send messages to other entities;
The attacker can derive the public key from a given private key and infer the private key from public keys of traditional algorithms such as RSA and ECC;
The attacker can intercept and modify messages, and even create new messages and inject them into the communication.

The ineptitudes of the attacker are as follows:

The attacker cannot guess random numbers selected from a sufficiently large space;
Without the correct key, the attacker cannot recover plaintext from a given ciphertext or generate the correct ciphertext from a given plaintext;
The attacker cannot derive the private key from a Kyber public key without knowing the parameters, nor can they generate legitimate message authentication codes for messages;
The attacker cannot access the offline stored keys of communication nodes.

Additionally, while quantum attacks degrade the security of cryptographic methods like hash functions and AES encryption (e.g., a 256-bit hash function offering only 128-bit security on a quantum computer), this primarily manifests as a reduction in security rather than a qualitative change in the attacker’s capabilities.

3.3. Communication Protocols

Due to the lack of a standardized authentication and key agreement protocol for UAV communication networks, we introduce the widely used Datagram Transport Layer Security (DTLS) protocol as an example. DTLS is extensively applied in the Internet of Things (IoT) to provide security services [42].

The specific steps of the DTLS protocol are illustrated in Figure 2.

As illustrated in Figure 2, the DTLS protocol involves several critical steps needed to establish a secure communication channel. The process begins with the client sending a “Client Hello” message, which is followed by the server’s “Hello Verify Request” to confirm the client’s identity. The client then retransmits the “Client Hello” message, including the cookie received from the server. Subsequently, the server responds with a “Server Hello” message, selecting the cipher suite for the session, and provides its certificate to authenticate itself. The server may also send a “Server Key Exchange” message if necessary, and requests a certificate from the client.

The client, in turn, sends its certificate (if requested), followed by a “Client Key Exchange” message to share the pre-master secret, which is used to generate the session keys. To verify the client’s identity, the “Certificate Verify” message is sent, which is a signature over the previous handshake messages. Both parties then exchange “Change Cipher Spec” messages to indicate that subsequent messages will be encrypted with the negotiated keys. The handshake is concluded with each party sending a “Finished” message, which includes a hash of all previous handshake messages to ensure their integrity.

While DTLS is extensively applied in the IoT for securing communications, its implementation is relatively complex and resource-intensive for lightweight UAV nodes, posing challenges in terms of computational overhead and energy consumption.

3.4. Security Requirements

The security requirements for UAV communication networks are paramount, given the critical nature of their missions and the sensitive data they handle. Effective authentication and key agreement mechanisms are essential in order to ensure the integrity and confidentiality of communications. The key security requirements include the following:

Resistance to Replay Attacks: UAV networks must employ mechanisms to detect and prevent replay attacks, where an attacker intercepts and retransmits a valid data transmission. This can be achieved by using unique session identifiers or timestamps to ensure that each communication instance is unique and cannot be reused maliciously.

Resistance to Impersonation Attacks: Authentication protocols must be robust enough to prevent attackers from masquerading as legitimate UAVs or control stations. This requires strong identity verification processes and cryptographic methods that ensure the authenticity of communicating parties.

Confidentiality of Communications: All data transmitted within the UAV network must be encrypted to protect against eavesdropping. This includes the use of advanced encryption algorithms that ensure data privacy even if intercepted.

Integrity of Data: Ensuring that the data have not been altered during transmission is crucial. This can be achieved through the use of message authentication codes (MACs) and digital signatures, which verify that the data received are exactly as sent.

Mutual Authentication: Both the UAVs and the ground control stations must authenticate each other to establish trust. Mutual authentication helps in confirming the identities of both parties before initiating secure communication.

Session Key Agreement: A secure key exchange mechanism is necessary in order to agree upon a session key used for encrypting the communication. This session key should be ephemeral and unique to each session to limit the impact of a potential key compromise.

Efficiency and Lightweight Design: The authentication and key agreement protocols must be efficient and lightweight, minimizing both the communication and computational overhead. This is especially important for lightweight UAV nodes with limited resources, which require algorithms that conserve energy and reduce processing time.

Post-Quantum Security: Given the emerging threats posed by quantum computing, it is essential that we adopt cryptographic algorithms that are resistant to quantum attacks. This includes using lattice-based cryptography and other quantum-resistant techniques to ensure long-term security.

By addressing these security requirements, UAV communication networks can achieve a high level of resilience against various cyber threats, ensuring secure and reliable operations in their critical applications.

4. Proposed Scheme

Figure 3 illustrates the research workflow, detailing the process from the design of the UAV communication model and threat model to the experimental evaluation of the proposed LIGKYX identity authentication and key agreement scheme. This comprehensive workflow highlights the key stages and methodologies applied throughout the research.

The LAPEC identity authentication and key agreement scheme consists of two phases: the initialization phase and the identity authentication and key agreement phase. Figure 4 illustrates the process of the LIGKYX identity authentication and key agreement scheme. The initialization phase involves the setup and exchange of necessary parameters between the ground control station and the legitimate UAV node. In the identity authentication and key agreement phase, the UAV interacts with the ground station to achieve mutual identity authentication and key agreement. If a UAV needs to communicate with another UAV, it can leverage the control station to complete the identity authentication and key agreement with the other UAV before proceeding with encrypted communication.

Based on the UAV communication model and the UAV network threat model under quantum attack threats, this paper designs the LIGKYX identity authentication and key agreement scheme, aiming to achieve the following security objectives:

Ensuring that authenticated legitimate ground stations and UAV nodes can mutually confirm each other’s identities: This scheme employs a bidirectional authentication mechanism, effectively preventing any unauthorized attacker from impersonating legitimate nodes for authentication.

Allow authenticated legitimate ground stations and UAV nodes to negotiate and generate the same shared key: The security of this key is ensured, with only legitimate nodes able to obtain it, thereby preventing attackers from accessing this critical information.

Generate unrelated session keys during each authentication process, effectively countering known session key attacks resulting from session key leakage.

The symbols and their meanings used in the identity authentication and key agreement scheme are provided in Appendix A.

4.1. Initialization

Both the UAV and ground station must complete an initialization phase before the UAV takes off. During this phase, both the UAV and ground station need to exchange and preprocess crucial parameters through a secure communication channel.

The UAV and ground control station need to share elliptic curve parameters, such as G, and relevant functions of the Kyber algorithm, specifically to select suitable secure elliptic curves and internal functions such as Kyber.Encaps().
The ground station $g s$ creates multiple private keys { $d_{g}$ , $d_{u}$ } and uids { $u i d_{g}$ , $u i d_{u}$ }, and it shares the private key $d_{u}$ , unique ID $u i d_{u}$ , and its own public key $P_{g}$ with the UAV. Then, $g s$ calculates $P_{g}$ according to Formula (1),

$P_{g} = d_{g} \cdot G$

(1)

generates $r_{u}$ according to Formula (2), calculates $R_{u}$ according to Formula (2),

$r_{g} = r a n d () R_{g} = r_{g} \cdot G$

(2)

generates $(p k, s k)$ according to Formula (3),

$k y b e r . k y g e n () = (p k, s k)$

(3)

and calculates $T m p k, c t 1, n o n c e, H m a c r$ according to Formula (4).

$T m p k = d_{g} \cdot P_{u} c t 1 = e n c (p k | | R_{g}, T m p k) n o n c e = u i d_{u} H m a c r = h m a c (c t 1 | | n o n c e, T m p k)$

(4)
After obtaining the parameters { $d_{u}$ , $P_{g}$ , $u i d_{u}$ , $u i d_{g}$ } distributed by the ground station, the UAV needs to acquire the parameters { $P_{u}$ , $r_{u}$ , $R_{u}$ } through preprocessing and store them. The UAV calculates $P_{u}$ according to Formula (5),

$P_{u} = d_{u} \cdot G$

(5)

generates $r_{u}$ according to Formula (6), and calculates $R_{u}$ according to Formula (6),

$r_{u} = r a n d () R_{u} = r_{u} \cdot G$

(6)

4.2. Identity Authentication Key Agreement Phase

A secure session key is procured through identity authentication and key agreement between an unmanned aerial vehicle (

u

) and its ground station (

g s

). Subsequently, this session key is utilized to establish a secure encrypted communication channel predicated on the Advanced Encryption Standard (AES) algorithm. Figure 5 depicts the phase of mutual authentication and key agreement between the UAV and the ground station.

The specific steps are as follows:

Step 1: The ground station (

g s

) sends the message

M e s 1

to UAV u to initiate an identity authentication key agreement request. The content of

M e s 1

is {

c t 1, n o n c e, H m a c r

Step 2: Upon receiving message

M e s 1

, the UAV u verifies and processes the data.

Step 2-1: The UAV

u

conducts a verification of the

n o n c e

based on the stored

u i d_{u}

, identifies the corresponding public key (

P_{g}

) associated with the

n o n c e

, and computes the temporary key (

T m p k

) utilizing Formula (7).

T m p k = d_{u} \cdot P_{g}

(7)

Step 2-2: The UAV u calculates

H m a c r v

using Formula (8) and compares

H m a c r v

and

H m a c r

to verify if they are the same. If they match, the verification is passed.

H m a c r v = h m a c (c t 1 | | n o n c e, T m p k)

(8)

Step 2-3: The UAV u decrypts

c t 1

using Equation (9) to obtain

p k

and

R_{u}

p k | | R_{g} = d e c (c t 1, T m p k)

(9)

Step 2-4: The UAV

u

uses function kyber.encaps() to obtain

c

and

K

according to Formula (10) and updates

u i d

(c, K) = k y b e r . e n c a p s (p k) n o n c e = u i d_{u} = u i d_{u} + 1

(10)

Step 2-5: The UAV u calculates

c t 2

using Equation (11).

c t 2 = e n c (c | | R_{u}, T m p k + R_{g})

(11)

Step 2-6: The UAV u calculates

H m a c g

using Equation (12).

H m a c g = h m a c (c t 2 | | n o n c e, T m p k + R_{g})

(12)

Step 3: UAV u sends the message

M e s 2

g s

. The content of

M e s 2

is {

c t 2, n o n c e, H m a c g

}

Step 4: UAV u calculates the session key after sending

M e s 2

, and the

g s

verifies the data and calculates the session key after receiving

M e s 2

Step 4-1: UAV u calculates the session key according to Equation (13). After the

g s

receives

M e s 2

, it checks the

n o n c e

. If it is the same as

u i d_{u}

+1, it passes the check.

F i n a l_k e y = H (K, (R_{g} \cdot r_{u}))

(13)

Step 4-2: The

g s

calculates

H m a c g v

according to Formula (14); if

H m a c g v

is the same as

H m a c g

, it passes the verification.

H m a c g v = h m a c (c t 2 | | n o n c e, T m p k + R_{g})

(14)

Step 4-3: The

g s

decrypts the ciphertext (

c t 2

) using the specific key (

T m p k + R_{u}

) to obtain

c

and

R_{g}

c | | R_{u} = d e c (c t 2, T m p k + R_{g})

(15)

Step 4-4: The

g s

calculates

k e y

according to Formula (16).

k e y = k y b e r . d e c a p s (s k, c)

(16)

Step 4-5: The

g s

calculates the session key according to Formula (17).

F i n a l k e y = H (k e y, (R_{u} \cdot r_{g}))

(17)

Upon the unmanned aerial vehicle (UAV) successfully concluding the identity authentication key agreement with the ground station, a secure encrypted communication channel is instantiated leveraging the Advanced Encryption Standard (AES) encryption algorithm. Subsequently, this framework facilitates the completion of the key agreement among two UAVs (

u 1, u 2

) via the intermediary role of the ground station. This procedure is delineated in Figure 6.

In Figure 6, a secure communication channel, previously established in Figure 2, serves as a conduit for transmitting information between the unmanned aerial vehicles (

u 1, u 2

) and the ground control station (

g s

). The UAV, denoted as

u 1

, initiates the process by generating parameters

r_{1}, R_{1}, s k_{1}

and

p k_{1}

in accordance with Formula (18).

r_{1} = r a n d () R_{1} = r_{1} \times G k y b e r . k y g e n () = (p k_{1}, s k_{1})

(18)

Subsequently, it transmits parameters {

p k_{1}, R_{1}, u i d_{1}, u i d_{2}

} to

g s

via the secure communication channel. Upon receipt of {

p k_{1}, R_{1}, u i d_{1}, u i d_{2}

g s

forwards parameters {

p k_{1}, R_{1}, u i d_{1}, u i d_{2}

} to a second UAV, referred to as

u 2

, based on a unique identifier (

u i d_{2}

). Upon receiving the parameters,

u 2

engages in a two-step computation process. Initially, it generates parameters

r_{2}

and

R_{2}

in accordance with Formula (19).

r_{2} = r a n d () R_{2} = r_{2} \cdot G

(19)

Following this, it employs public-key cryptography (denoted as

p k_{1}

) to generate parameters

c_{1}

and

K_{1}

, as dictated by Formula (20).

(c_{1}, K_{1}) = k y b e r . e n c a p s (p k_{1})

(20)

The subsequent step involves

u 2

packaging the parameters

{c_{1}, R_{2}, u i d_{2}, u i d_{1}}

and dispatching them to the

g s

. These parameters are then calculated according to Formula (21), culminating in the derivation of a session key, denoted as

s e k e y

s e k e y = H (K_{1}, (R_{1} \cdot r_{2}))

(21)

Upon receipt of

{c_{1}, R_{2}, u i d_{2}, u i d_{1}}

g s

forwards parameters

{c_{1}, R_{2}, u i d_{2}, u i d_{1}}

u 1

, based on a unique identifier (

u i d_{1}

Upon receipt,

u 1

undertakes a computation process, applying Formula (22) to derive a key (

k e y_{1}

k e y_{1} = k y b e r . d e c a p s (s k_{1}, c_{1})

(22)

and subsequently employing Formula (23) to ascertain the session key (

s e k e y

s e k e y = H (k e y_{1}, (R_{2} \cdot r_{1}))

(23)

The secure encrypted communication channel between

u 1

and

u 2

is constructed based on the AES encryption algorithm using

s e k e y

as the key.

5. Security Analysis

In this paper, ProVerif, a formal analysis tool, is used to evaluate the security of the LIGKYX protocol to ensure its reliability in identity authentication and key security. ProVerif has become a widely used tool for identity authentication and key agreement protocol security proof due to its advantages of automatic authentication, multilingual support, and high efficiency [17,43].

ProVerif is an advanced event-based formal verification tool designed to assess the correctness and security of communication protocols. This tool necessitates the initial identification of the protocol’s key nodes, followed by utilizing a specialized procedural calculus language to describe the protocol meticulously. This description encompasses various elements such as procedures, events, interactions, and constraints. Through an exhaustive analysis of all conceivable sequences of events within the protocol, ProVerif evaluates their adherence to specific security attributes, notably, authentication and confidentiality, as delineated in the formal specification. This process underscores the importance of defining the protocol’s key nodes as an initial step.

Since the authentication between drones occurs within the secure encrypted communication channel between the drones and the ground station, this paper primarily verifies the authentication security between the drones and the ground station. As shown in Table 2, the event ‘start_node_a’ indicates that the drone initiates the authentication process, while ‘end_node_a’ signifies that the ground station has authenticated the drone’s identity. Similarly, the event ‘start_node_b’ represents the ground station initiating the authentication process, and ‘end_node_b’ indicates that the drone has authenticated the ground station’s identity.

The ECDH algorithm constitutes a foundational component within the architectural design of the LIGKYX protocol. This protocol’s resilience against quantum computational attacks is substantiated through a methodical security verification process facilitated by the ProVerif tool. The elliptic curve point addition’s correlation function is meticulously declared within this verification framework. Moreover, the protocol’s susceptibility to quantum computational threats is rigorously assessed by incorporating descriptions of quantum attacks. A pivotal aspect of this evaluation is encapsulated in the code excerpt presented in Table 3, which reads: “reduc for all sk: Bignum; quantum_attack(ec_mul(sk, G)) = sk.” This line of code unequivocally demonstrates that a hypothetical adversary could exploit the ‘quantum_attack()’ function to ascertain the private key (sk) associated with a given public key, which is derived through the elliptic curve cryptography algorithm via the expression ‘ec_mul(sk, G)’.

Further reinforcing the protocol’s security assessment, the verification program integrates a specific query, termed ‘attacker(check_quantum_attack)’, designed to rigorously evaluate the efficacy of the ‘quantum_attack()’ function. In scenarios where the quantum attack mechanism is operational, the program conclusively outputs “Query not attacker(check_quantum_attack[]) is false”, thereby signaling a successful breach of security under quantum attack paradigms. This meticulous approach to evaluating the LIGKYX protocol’s defense mechanisms against quantum computational threats underscores the critical importance of incorporating quantum-resistant cryptographic techniques in safeguarding digital communication infrastructures against emerging computational capabilities.

Based on the definitions of the key node events in Table 3, this paper examines the protocol’s ability to authenticate between the drone and the ground station and the security of the negotiated keys, as shown in Table 4. The first query statement verifies whether the key negotiated between the drone and the control station ensures the security of encrypted information, i.e., whether the key is reliable. The second query statement checks if the attacker possesses the capability to perform quantum attacks. The third and fourth queries investigate whether the drone and the ground station can successfully authenticate each other every time they execute the security protocol (‘inj-event’ indicates that the two described events are one-to-one).

The security verification results are shown in Table 5. The first “Query” demonstrates that the shared key negotiated by the protocol designed in this paper is secure, meaning the attacker cannot obtain the shared key. The second “Query” indicates that the attacker has the capability to perform quantum attacks, rendering the keys derived from the ECC algorithm insecure. The third and fourth “Query” results indicate that a legitimate drone node can be authenticated by the ground station, meaning that the ground station can confirm the legitimacy of the drone upon the completion of the protocol. Similarly, a legitimate ground station node can be authenticated by the drone, meaning that the drone can confirm the legitimacy of the ground station upon the completion of the protocol.

6. Experimental and Comparative Analysis

6.1. Experiment

In this section, we conduct an experimental validation of the designed LIGKYX protocol to ensure that the session keys negotiated between the communicating parties can be used for encrypted communication. Additionally, we will run the DTLS protocol, which is widely used in the Internet of Things (IoT) [42] including UAV networks, and the Kyber.AKE [12] (the flowchart of the Kyber.AKE scheme is shown in Figure 7) identity authentication and key exchange scheme, which is based on the Kyber algorithm and effectively resists quantum attacks, in the same experimental environment. A comprehensive performance comparison of the three protocols will be conducted.

The experimental environment can be divided into two parts: the ground station and the UAV (the photograph of the UAV is shown in Figure 8). The configurations for each part of the environment are as follows:

Ground Station Configuration:
Operating System: Windows 11
Processor: Intel(R) Core (TM) i7-1360P CPU @ 2.2 GHz
Memory: 32 GB RAM
Tools: Wireshark version 3.2.7, Python 3
UAV Configuration:
Platform: Raspberry Pi 4B
Operating System: Ubuntu 20.04.3 LTS
Memory: 3.7 GB RAM
Processor: Cortex A-72 CPU @ 1.5 GHz
Tools: Python 3

In the experimental environment, the LIGKYX protocol (designed in this paper), the widely-used DTLS identity authentication and key agreement scheme for IoT, and the Kyber.AKE bidirectional identity authentication and key agreement scheme based on the Kyber algorithm were each executed five times. The time overhead for both the ground station and the UAV was measured and presented in bar charts.

The bar chart illustrating the time overhead for the ground station is shown in Figure 9. The figure indicates that the ground station time overhead for the LIGKYX protocol is consistently lower than that of the Kyber-AKE and DTLS protocols across multiple experimental rounds. Specifically, the average ground station time overhead for the LIGKYX protocol is 83.93 ms, which is approximately 60% lower than the Kyber-AKE protocol (254.78 ms) and about 30% lower than the DTLS protocol (134.61 ms). This demonstrates the efficiency of the LIGKYX protocol in reducing the time overhead for ground stations compared to the other protocols tested.

The bar chart illustrating the time overhead for the UAV is shown in Figure 10. From the figure, it can be observed that the UAV time overhead for the LIGKYX protocol designed in this paper is consistently lower than that of the Kyber-AKE and DTLS protocols across multiple experimental rounds. Specifically, calculations show that the average UAV time overhead for the LIGKYX protocol is 38.96 ms, which is approximately 70% lower than the Kyber-AKE protocol (160.55 ms) and the DTLS protocol (133.18 ms). This demonstrates the significant efficiency of the LIGKYX protocol in reducing the time overhead for UAVs compared to the other protocols tested.

Using the Wireshark version 3.2.7 software, packet captures were performed while running the LIGKYX, Kyber.AKE, and DTLS identity authentication and key agreement protocols locally (the capture results are shown in Figure 11). The actual communication overheads for the three protocols were measured and are presented in Table 6, with values of 1836 bytes, 3180 bytes, and 4020 bytes, respectively. Notably, the communication overhead for the LIGKYX protocol, proposed in this paper, is only 1836 bytes, which is significantly lower than the overheads of the other two protocols.

6.2. Comparative Analysis

In this section, based on the experimental results, we comprehensively compare the LIGKYX scheme with two lightweight identity authentication and key agreement schemes: Kyber algorithm’s bidirectional identity authentication and key agreement scheme Kyber.AKE [12], and the DTLS protocol widely used in IoT. The comparison covers performance metrics such as the computational overhead, the communication overhead, and the number of communications. Subsequently, we also compare the LIGKYX scheme with other UAV identity authentication and key agreement schemes in terms of security, functionality, and computational overhead.

The comparative analysis of three security schemes (LIGKYX, Kyber.AKE, and DTLS) in terms of time overhead, communication overhead, and resistance to quantum attacks is presented in Table 7. As shown in the table, the LIGKYX protocol, designed in this paper, outperforms both the Kyber.AKE and DTLS protocols in terms of time overhead, communication overhead, and the number of communications, thereby meeting the lightweight and high-efficiency requirements of UAV networks. Additionally, DTLS relies on traditional cryptographic algorithms such as ECC for key exchange and authentication. Quantum computers can effectively solve problems like integer factorization and discrete logarithms using Shor’s algorithm, thereby compromising these cryptographic algorithms. Consequently, in the presence of quantum computing capabilities, the security of DTLS would be compromised. In contrast, both the LIGKYX and Kyber.AKE protocols utilize the Kyber algorithm, which is capable of effectively resisting quantum attacks.

In recent years, researchers have proposed various identity authentication and key agreement schemes for UAV networks. Table 8 provides a comparative analysis of the proposed LIGKYX scheme with those by Ever et al. [6], ACPBS-IoT [44], and SP-D2GCS [22], focusing on their security and functionality.

Table 8 illustrates a comparative analysis of the security and functional characteristics of the LIGKYX scheme and other security protection schemes, including the resistance to quantum attacks, replay attacks, and bidirectional authentication. It is evident that the proposed LIGKYX scheme offers superior security features and a broader range of functionalities compared to other schemes. Notably, most of the other schemes are based on elliptic curve cryptography, which lacks effective measures against quantum attacks. Specifically, the ACPBS-IoT scheme involves directly transmitting digital certificates and other parameters over insecure wireless channels, potentially compromising the corresponding public and private keys under the threat of quantum attacks. Similarly, the SP-D2GCS scheme transmits UAV public keys, ground station public keys, and other parameters directly over wireless communication channels, making the corresponding private keys vulnerable to quantum attacks. Furthermore, the LAPEC scheme and Challa et al. scheme also involve the direct transmission of public keys derived from ECC algorithms over wireless channels, posing similar risks under quantum attacks. The LIGKYX scheme designed in this paper incorporates the ECDH protocol, which effectively resists known session key attacks.

The computational overhead of cryptographic algorithms involved in the identity authentication and key agreement schemes was measured in both UAV and ground station environments. Symmetric encryption was implemented using the Crypto library, elliptic curve point multiplication and addition were performed using the ecpy library, bilinear pairings were computed with the tate_bilinear_pairing library, ECDSA was handled by the ecdsa library, and Kyber-related algorithms were executed using the Kyber library. The results of these measurements are presented in Table 9 and Table 10.

The computational overhead for both the UAV and ground station endpoints of the LIGKYX scheme, Ever et al.’s scheme [6], ACPBS-IoT scheme [44], SP-D2GCS scheme [22], LAPEC scheme [10], Challa et al.’s scheme [45], and S-SAKA [46] is detailed in Table 11. This analysis focuses on computationally intensive processes such as bilinear pairings and elliptic curve point multiplications, excluding less demanding operations like hash computations due to their minimal overhead.

The analysis of the computational results presented in the table indicates that the proposed LIGKYX scheme has a significantly lower computational overhead on both the UAV and ground station endpoints compared to Ever et al.’s scheme, the ACPBS-IoT scheme, the LAPEC scheme, and the SP-D2GCS scheme. Although the computational overhead of the LIGKYX scheme is slightly higher than that of the LAPEC scheme, the LIGKYX scheme offers superior security features, including the resistance to quantum attacks, which the LAPEC scheme and other schemes lack. This reduction in computational overhead aligns well with the lightweight requirements of UAV networks.

7. Discussion and Conclusions

Deploying new approaches like the LIGKYX protocol in real-world scenarios can significantly enhance the security and efficiency of UAV operations across various sectors such as logistics, delivery services, and agriculture. These sectors require secure communication channels to protect sensitive data transmitted between UAVs and control centers, safeguarding valuable information from potential cyber threats. The LIGKYX protocol’s lightweight and secure design ensures robust protection against quantum attacks, which is crucial as traditional cryptographic methods like ECC and RSA become vulnerable with the advent of quantum computing.

The significance of the results presented in this paper lies in the demonstrated superiority of LIGKYX over existing schemes. The LIGKYX protocol integrates the quantum-resistant Kyber algorithm with HMAC for efficient message authentication, ensuring that UAV networks can maintain secure communications even under quantum attack scenarios. Compared to other protocols such as Kyber.AKE and DTLS, LIGKYX not only matches but exceeds in performance metrics like security properties, communication overhead, and computational overhead.

The comparative analyses conducted in this study reveal that the LIGKYX protocol has a communication overhead of 1836 bytes, which is significantly lower than the 3180 bytes for Kyber.AKE and 4020 bytes for DTLS, representing reductions of approximately 42% and 54%, respectively. This efficiency in communication is vital for UAV networks, where the bandwidth and energy efficiency are paramount. Moreover, the computational overhead for LIGKYX is also reduced, with an average of 38.96 ms for UAVs and 83.93 ms for ground stations, compared to much higher values for Kyber.AKE and DTLS, representing reductions of approximately 76% and 70% for UAVs, and 67% and 38% for ground stations, respectively. These reductions in overhead translate to faster and more efficient operations, which are critical in time-sensitive UAV applications. Additionally, comparative analyses with known UAV identity authentication and key agreement schemes show that the LIGKYX protocol has advantages in computational overhead, resistance to quantum attacks, and resistance to known session key attacks, fulfilling the lightweight requirements.

The security properties of LIGKYX are also superior. While traditional schemes like DTLS are vulnerable to quantum attacks due to their reliance on ECC, LIGKYX utilizes the Kyber algorithm, which is specifically designed to resist these threats. This ensures that UAV communication networks remain secure against both current and future quantum threats, providing a robust foundation for secure UAV operations.

In summary, this paper addressed the security challenges in UAV networks by focusing on identity authentication and key agreement protocols resilient to quantum attacks. The proposed LIGKYX protocol integrates the quantum-resistant Kyber algorithm with HMAC for efficient message authentication. We designed a lightweight and secure protocol specifically for UAV networks and conducted extensive security verification using the ProVerif tool along with performance evaluations through experimental setups involving both ground stations and UAVs. The results demonstrate that the LIGKYX protocol significantly reduces both the time and communication overhead compared to existing protocols like Kyber.AKE and DTLS.

However, the LIGKYX protocol has some limitations. The current implementation was tested in a controlled environment; thus, further testing in diverse real-world scenarios is necessary. Additionally, the computational requirements for the Kyber algorithm, though manageable, could be optimized further for extremely resource-constrained environments. Future research will focus on optimizing the LIGKYX protocol for broader applications in various IoT devices and extending its capabilities to support decentralized identity authentication mechanisms. Further studies will aim to integrate this protocol into larger, more complex UAV networks to assess its scalability and robustness in dynamic operational environments.

Author Contributions

Conceptualization, T.X. and J.H.; methodology, T.X. and M.W.; software, T.X. and J.H.; validation, T.X. and L.F.; formal analysis, T.X. and G.Y.; investigation, J.H.; resources, T.X. and J.H.; data curation, T.X. and G.W.; writing—original draft preparation, T.X.; writing—review and editing, M.W. and J.H.; funding acquisition, J.H. All authors have read and agreed to the published version of the manuscript.

Funding

This research was supported by the Hubei Natural Science Foundation under Grants 2024AFB532.

Data Availability Statement

In the spirit of open scientific inquiry, the statistical data supporting the findings of this study are available upon reasonable request.

Conflicts of Interest

The authors declare no conflicts of interest.

Appendix A. Parameters and Notations

Parameter	Notation
$g s$	Ground control station
$u$	Legitimate UAV node
$G$	Base point of elliptic curve
$s k$	Kyber private key
$p k$	Kyber public key
$d_{u}$	UAV elliptic curve private key
$P_{u}$	UAV elliptic curve public key
$d_{g}$	Ground station elliptic curve private key
$A \| \| B$	Combine data A and B into one data
$P_{g}$	Ground station elliptic curve public key
$u i d$	Identification code
$r_{g}$ $/ r_{u}$	An ephemeral private key that is generated by the ground control station/UAV, utilizing elliptic curve cryptography for enhanced security
$R_{g}$ $/ R_{u}$	An ephemeral public key that is generated by the ground control station/UAV, utilizing elliptic curve cryptography for enhanced security
$r a n d ()$	Random-number-generating function
$e n c (x, y)$	The encryption of plaintext $x$ using the Advanced Encryption Standard (AES) algorithm with $y$ as the cryptographic key
$d e c (x, y)$	The decryption of ciphertext $x$ utilizing the AES algorithm, where $y$ serves as the decryption key
$h m a c (x, y)$	Compute the hash authentication code for data $x$ using $y$ as the key
$H (x, y)$	The hash value derived from the concatenation of data elements $x$ and $y$ utilizing the SHA-256 hashing function.
$k y b e r . k e y g e n ()$	The key pair generation mechanism within the Kyber al-gorithm, designed to produce a pair of public and private keys, denoted as ( $p k_k b, s k_k b$ ).
$p k_{X}$ $/ s k_{X}$	Represents the public/private key obtained by user X based on Kyber algorithm ( $k y b e r . k e y g e n ()$ ).
$k y b e r . k e y g e n (p k_k b)$	The key encapsulation mechanism of the Kyber algo-rithm, representing a specialized cryptographic process. It generates an ephemeral key $k_k b$ for symmetric encryption based on the public key $p k_k b$ , and securely encapsulates this key to produce $c_k b$ .
$K_{X}$	Represents the ephemeral session key obtained by user X based on the Kyber key encapsulation mechanism.
$c_{X}$	Represents the ciphertext obtained by user X based on the Kyber key encapsulation mechanism.
$k y b e r . d e c a p s (s k_k b, c_k b)$	The key decapsulation mechanism of the Kyber algo-rithm, where $s k_k b$ denotes the private key, and $c_k b$ is the ciphertext generated previously by the key encapsulation function, containing the encrypted session key. The output of this function is the session key $k_k b$ .
$k e y_{X}$	Represents the session key decapsulated from the cipher-text $c_{X}$ of user X ( $k e y_{X} = K_{X}$ $; f i n . k e y$ represents the final session key obtained.).

References

Adil, M.; Abulkasim, H.; Farouk, A.; Song, H. R3ACWU: A Lightweight, Trustworthy Authentication Scheme for UAV-Assisted IoT Applications. IEEE Trans. Intell. Transp. Syst. 2024, 25, 6161–6172. [Google Scholar] [CrossRef]
Cheng, N.; Wu, S.; Wang, X.; Yin, Z.; Li, C.; Chen, W.; Chen, F. AI for UAV-Assisted IoT Applications: A Comprehensive Review. IEEE Internet Things J. 2023, 10, 14438–14461. [Google Scholar] [CrossRef]
UAV (Drone) Market Size, Share, Industry Report, Revenue Trends and Growth Drivers. Available online: https://www.marketsandmarkets.com/Market-Reports/unmanned-aerial-vehicles-uav-market-662.html (accessed on 4 July 2024).
Federal Aviation Administration. U.S. Department of Transportation Issues Two Much-Anticipated Drone Rules to Advance Safety and Innovation in the United States. Available online: https://www.faa.gov/newsroom/us-department-transportation-issues-two-much-anticipated-drone-rules-advance-safety-and (accessed on 10 July 2024).
Fotouhi, A.; Qiang, H.; Ding, M.; Hassan, M.; Giordano, L.G.; Garcia-Rodriguez, A.; Yuan, J. Survey on UAV Cellular Communications: Practical Aspects, Standardization Advancements, Regulation, and Security Challenges. IEEE Commun. Surv. Tutor. 2019, 21, 3417–3442. [Google Scholar] [CrossRef]
Kirsal Ever, Y. A Secure Authentication Scheme Framework for Mobile-Sinks Used in the Internet of Drones Applications. Comput. Commun. 2020, 155, 143–149. [Google Scholar] [CrossRef]
Omolara, A.E.; Alawida, M.; Abiodun, O.I. Drone Cybersecurity Issues, Solutions, Trend Insights and Future Perspectives: A Survey. Neural Comput. Applic 2023, 35, 23063–23101. [Google Scholar] [CrossRef]
Lin, N.; Bai, L.; Hawbani, A.; Guan, Y.; Mao, C.; Liu, Z.; Zhao, L. Deep-Reinforcement-Learning-Based Computation Offloading for Servicing Dynamic Demand in Multi-UAV-Assisted IoT Network. IEEE Internet Things J. 2024, 11, 17249–17263. [Google Scholar] [CrossRef]
Alladi, T.; Naren; Bansal, G.; Chamola, V.; Guizani, M. SecAuthUAV: A Novel Authentication Scheme for UAV-Ground Station and UAV-UAV Communication. IEEE Trans. Veh. Technol. 2020, 69, 15068–15077. [Google Scholar] [CrossRef]
Zhang, S.; Liu, Y.; Han, Z.; Yang, Z. A Lightweight Authentication Protocol for UAVs Based on ECC Scheme. Drones 2023, 7, 315. [Google Scholar] [CrossRef]
Mamatha, D.G.S.; Dimri, N.; Sinha, R. Post-Quantum Cryptography: Securing Digital Communication in the Quantum Era. arXiv 2024, arXiv:2403.11741. [Google Scholar]
Bos, J.; Ducas, L.; Kiltz, E.; Lepoint, T.; Lyubashevsky, V.; Schanck, J.M.; Schwabe, P.; Seiler, G.; Stehle, D. CRYSTALS—Kyber: A CCA-Secure Module-Lattice-Based KEM. In Proceedings of the 2018 IEEE European Symposium on Security and Privacy (EuroS&P), London, UK, 24–26 April 2018; pp. 353–367. [Google Scholar]
Jiang, S.; Zhu, X.; Wang, L. An Efficient Anonymous Batch Authentication Scheme Based on HMAC for VANETs. IEEE Trans. Intell. Transp. Syst. 2016, 17, 2193–2204. [Google Scholar] [CrossRef]
Zhu, X.; Jiang, S.; Wang, L.; Li, H. Efficient Privacy-Preserving Authentication for Vehicular Ad Hoc Networks. IEEE Trans. Veh. Technol. 2014, 63, 907–919. [Google Scholar] [CrossRef]
Bodei, C.; Degano, P.; Nielson, F.; Riis Nielson, H. Flow Logic for Dolev–Yao Secrecy in Cryptographic Processes. Future Gener. Comput. Syst. 2002, 18, 747–756. [Google Scholar] [CrossRef]
Edris, E.K.K.; Aiash, M.; Loo, J. Formal Verification of Authentication and Service Authorization Protocols in 5G-Enabled Device-to-Device Communications Using ProVerif. Electronics 2021, 10, 1608. [Google Scholar] [CrossRef]
Mohinder Singh, B.; Natarajan, J. A Novel Secure Authentication Protocol for eHealth Records in Cloud with a New Key Generation Method and Minimized Key Exchange. J. King Saud. Univ. Comput. Inf. Sci. 2023, 35, 101629. [Google Scholar] [CrossRef] [PubMed]
Ali, Z.; Chaudhry, S.A.; Ramzan, M.S.; Al-Turjman, F. Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles. IEEE Access 2020, 8, 43711–43724. [Google Scholar] [CrossRef]
Deebak, B.D.; Al-Turjman, F. A Smart Lightweight Privacy Preservation Scheme for IoT-Based UAV Communication Systems. Comput. Commun. 2020, 162, 102–117. [Google Scholar] [CrossRef]
Won, J.; Seo, S.-H.; Bertino, E. Certificateless Cryptographic Protocols for Efficient Drone-Based Smart City Applications. IEEE Access 2017, 5, 3721–3749. [Google Scholar] [CrossRef]
Chen, C.-L.; Deng, Y.-Y.; Weng, W.; Chen, C.-H.; Chiu, Y.-J.; Wu, C.-M. A Traceable and Privacy-Preserving Authentication for UAV Communication Control System. Electronics 2020, 9, 62. [Google Scholar] [CrossRef]
Ko, Y.; Kim, J.; Duguma, D.G.; Astillo, P.V.; You, I.; Pau, G. Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone. Sensors 2021, 21, 2057. [Google Scholar] [CrossRef] [PubMed]
Khalid, H.; Hashim, S.J.; Hashim, F.; Ahamed, S.M.S.; Chaudhary, M.A.; Altarturi, H.H.M.; Saadoon, M. HOOPOE: High Performance and Efficient Anonymous Handover Authentication Protocol for Flying Out of Zone UAVs. IEEE Trans. Veh. Technol. 2023, 72, 10906–10920. [Google Scholar] [CrossRef]
Michailidis, E.T.; Vouyioukas, D. A Review on Software-Based and Hardware-Based Authentication Mechanisms for the Internet of Drones. Drones 2022, 6, 41. [Google Scholar] [CrossRef]
Derhab, A.; Cheikhrouhou, O.; Allouch, A.; Koubaa, A.; Qureshi, B.; Ferrag, M.A.; Maglaras, L.; Khan, F.A. Internet of Drones Security: Taxonomies, Open Issues, and Future Directions. Veh. Commun. 2023, 39, 100552. [Google Scholar] [CrossRef]
Shor, P.W. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer. SIAM J. Comput. 1997, 26, 1484–1509. [Google Scholar] [CrossRef]
Grover, L.K. A Fast Quantum Mechanical Algorithm for Database Search. In Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing—STOC ’96, Philadelphia, PA, USA, 22–24 May 1996; ACM Press: Philadelphia, PA, USA, 1996; pp. 212–219. [Google Scholar]
Diffie, W.; Hellman, M. New Directions in Cryptography. IEEE Trans. Inform. Theory 1976, 22, 644–654. [Google Scholar] [CrossRef]
Joseph, D.; Misoczki, R.; Manzano, M.; Tricot, J.; Pinuaga, F.D.; Lacombe, O.; Leichenauer, S.; Hidary, J.; Venables, P.; Hansen, R. Transitioning Organizations to Post-Quantum Cryptography. Nature 2022, 605, 237–243. [Google Scholar] [CrossRef] [PubMed]
Lyubashevsky, V.; Peikert, C.; Regev, O. On Ideal Lattices and Learning with Errors over Rings. In Proceedings of the Advances in Cryptology—EUROCRYPT 2010, Santa Barbara, CA, USA, 15–19 August 2010; Gilbert, H., Ed.; Springer: Berlin, Heidelberg, 2010; pp. 1–23. [Google Scholar]
Peikert, C. A Decade of Lattice Cryptography. FNT Theor. Comput. Sci. 2016, 10, 283–424. [Google Scholar] [CrossRef]
Ajtai, M.; Dwork, C. A Public-Key Cryptosystem with Worst-Case/Average-Case Equivalence. In Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of computing, El Paso, TX, USA, 4–6 May 1997; Association for Computing Machinery: New York, NY, USA, 1997; pp. 284–293. [Google Scholar]
Regev, O. New Lattice-Based Cryptographic Constructions. J. ACM 2004, 51, 899–942. [Google Scholar] [CrossRef]
Regev, O. On Lattices, Learning with Errors, Random Linear Codes, and Cryptography. In Proceedings of the Thirty-Seventh Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, 22–24 May 2005; Association for Computing Machinery: New York, NY, USA, 2005; pp. 84–93. [Google Scholar]
Applebaum, B.; Cash, D.; Peikert, C.; Sahai, A. Fast Cryptographic Primitives and Circular-Secure Encryption Based on Hard Learning Problems. In Advances in Cryptology—CRYPTO 2009; Halevi, S., Ed.; Lecture Notes in Computer Science; Springer: Berlin, Heidelberg, 2009; Volume 5677, pp. 595–618. ISBN 978-3-642-03355-1. [Google Scholar]
Bos, J.W.; Costello, C.; Naehrig, M.; Stebila, D. Post-Quantum Key Exchange for the TLS Protocol from the Ring Learning with Errors Problem. In Proceedings of the 2015 IEEE Symposium on Security and Privacy, San Jose, CA, USA, 17–21 May 2015; pp. 553–570. [Google Scholar]
Bernstein, D.J.; Chuengsatiansup, C.; Lange, T.; Vredendaal, C. van NTRU Prime: Reducing Attack Surface at Low Cost. In Proceedings of the 24th International Conference, Ottawa, ON, Canada, 16–18 August 2017. [Google Scholar]
Ding, H.; Jiang, H.; Cai, J.; Wang, C.; Zou, J.; Xu, Q.-L. Research on Key Exchange Protocol Based on LWE. In Proceedings of the 2019 15th International Conference on Computational Intelligence and Security (CIS), Macau, China, 13–16 December 2019; IEEE: Macao, China, 2019; pp. 236–240. [Google Scholar]
Seyhan, K.; Akleylek, S.; Dursun, A.F. Password Authenticated Key Exchange-Based on Kyber for Mobile Devices. PeerJ Comput. Sci. 2024, 10, e1960. [Google Scholar] [CrossRef]
Bahache, A.N.; Chikouche, N.; Akleylek, S. Securing Cloud-Based Healthcare Applications with a Quantum-Resistant Authentication and Key Agreement Framework. Internet Things 2024, 101200. [Google Scholar] [CrossRef]
Dolev, D.; Yao, A. On the Security of Public Key Protocols. IEEE Trans. Inf. Theory 1983, 29, 198–208. [Google Scholar] [CrossRef]
Ma, Y.; Yan, L.; Huang, X.; Ma, M.; Li, D. DTLShps: SDN-Based DTLS Handshake Protocol Simplification for IoT. IEEE Internet Things J. 2020, 7, 3349–3362. [Google Scholar] [CrossRef]
Alizadeh, J.; Safkhani, M.; Allahdadi, A. ISAKA: Improved Secure Authentication and Key Agreement Protocol for WBAN. Wirel. Pers. Commun. 2022, 126, 2911–2935. [Google Scholar] [CrossRef]
Bera, B.; Das, A.K.; Garg, S.; Jalil Piran, M.; Hossain, M.S. Access Control Protocol for Battlefield Surveillance in Drone-Assisted IoT Environment. IEEE Internet Things J. 2022, 9, 2708–2721. [Google Scholar] [CrossRef]
Challa, S.; Wazid, M.; Das, A.K.; Kumar, N.; Goutham Reddy, A.; Yoon, E.-J.; Yoo, K.-Y. Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications. IEEE Access 2017, 5, 3028–3043. [Google Scholar] [CrossRef]
Al-Turjman, F.; Ever, Y.K.; Ever, E.; Nguyen, H.X.; David, D.B. Seamless Key Agreement Framework for Mobile-Sink in IoT Based Cloud-Centric Secured Public Safety Sensor Networks. IEEE Access 2017, 5, 24617–24631. [Google Scholar] [CrossRef]

Figure 1. UAV communication network model diagram.

Figure 2. DTLS protocol flowchart.

Figure 3. Research workflow illustrating the process from model design to experimental evaluation.

Figure 4. The process of the LIGKYX identity authentication and key agreement scheme.

Figure 5. Identity authentication key agreement flowchart.

Figure 6. Flowchart of identity authentication key agreement stage between drones.

Figure 7. Kyber.AKE scheme flowchart.

Figure 8. The photograph of the UAV.

Figure 9. Histogram of ground station time overhead comparison.

Figure 10. Histogram of UAV time overhead comparison.

Figure 11. Wireshark capture result screenshot.

Table 2. Key node event.

Key Node Event
event start_node_a(bitstring).
event end_node_a(bitstring).
event start_node_b(bitstring).
event end_node_b(bitstring).

Table 3. Quantum attack function statement.

Quantum Attack Function Statement
type Bignum.
type Point.
const G: Point [data].
fun ec_mul(Bignum, Point): Point.
reduc forall n:Bignum, P:Point; de_ec_mul(n, ec_mul(n, P)) = P.
equation forall x:Bignum, y:Bignum; ec_mul(y, ec_mul(x, G)) = ec_mul(x, ec_mul(y, G)).
reduc forall n:Bignum; quantum_attack(ec_mul(n, G)) = n.

Table 4. Safety objective description.

Safety Objective Description
(* Attacker cannot obtain secret key key_kb_key *)
query attacker(check_1).
(* Detect whether an attacker can use quantum attack functions *)
query attacker(check_quantum_attack).
(* Check if authentication can be completed *)
query id:bitstring,k:key; inj-event(end_node_a(bit)) ==>inj-event(start_node_a(bit)).
query id:bitstring,k:key; inj-event(end_node_b(bit)) ==>inj-event(start_node_b(bit)).

Table 5. Verification summary.

Verification Summary
Query not attacker(check_1[]) is true.
Query not attacker(check_quantum_attack[]) is false.
Query inj-event(end_node_a(bit[])) ==> inj-event(start_node_a(bit[])) is true.
Query inj-event(end_node_b(bit[])) ==> inj-event(start_node_b(bit[])) is true.

Table 6. Comparison of communication overhead for different protocols.

Scheme	Communication Overhead (Bytes)
LIGKYX	934 + 902 = 1836
Kyber.AKE	1606 + 1574 = 3180
DTLS	175 + 92 + 207 + 1774 + 1580 + 107 + 85 = 4020

Table 7. Comparison and analysis of lightweight schemes.

Scheme Name	LIGKYX	Kyber.AKE	DTLS
Average time overhead (UAV)	38.96	160.55	133.18
Average time overhead (GS)	83.93	254.78	134.61
Communication overheads	1836	3180	4020
Resistance to quantum attacks	Yes	Yes	No
Number of communications	2	2	7

Table 8. Comparison and analysis of identity authentication and key agreement schemes for UAV networks.

Scheme	Quantum Attacks	Mutual Authentication	Replay Attacks	Key Agreement	Known Session Key Attacks
LIGKYX	Yes	Yes	Yes	Yes	Yes
Ever et al. [6]	N/A	Yes	Yes	Yes	N/A
ACPBS-IoT [44]	No	Yes	Yes	Yes	Yes
SP-D2GCS [22]	No	Yes	Yes	Yes	Yes
Chin-Ling et al. [21]	N/A	Yes	N/A	Yes	No
LAPEC scheme [10]	No	Yes	Yes	Yes	Yes
Challa et al. scheme [45]	No	Yes	Yes	Yes	Yes
S-SAKA [46]	N/A	Yes	Yes	Yes	N/A

Table 9. Time cost of typical cryptographic operations (UAV).

Type of Calculation	Description	Time Cost (ms)
$T_{e c m u l}$	Elliptic curve point multiplication	12.851
$T_{e c a d d}$	Elliptic curve point addition	0.525
$T_{s y s}$	Symmetric encryption/decryption computation	0.577
$T_{h a s h}$	Message digest calculation (SHA256)	0.013
$T_{s i g n}$	Digital signature (ecdsa)	2.144
$T_{v e r i f}$	Digital signature verification (ecdsa)	8.008
$T_{b p}$	Bilinear pairing	2926.273
$T_{m p}$	Map to point	8.686
$T_{k y e n}$	Kyber.encaps()	32.554
$T_{k y d e}$	Kyber.decaps()	51.899

Table 10. Time cost of typical cryptographic operations (GS).

Type of Calculation	Description	Time Cost (ms)
$T_{e c m u l}$	Elliptic curve point multiplication	2.528
$T_{e c a d d}$	Elliptic curve point addition	0.096
$T_{s y s}$	Symmetric encryption/decryption computation	0.003
$T_{h a s h}$	Message digest Calculation	0.002
$T_{s i g n}$	Digital signature (ecdsa)	0.431
$T_{v e r i f}$	Digital signature verification (ecdsa)	1.534
$T_{b p}$	Bilinear pairing	617.354
$T_{m p}$	Map to point	0.176
$T_{k y e n}$	Kyber.encaps()	5.048
$T_{k y d e}$	Kyber.decaps()	8.353

Table 11. Comparison table of main calculation expenses of various schemes.

Scheme	Computational Overhead (UAV)	Computational Overhead (GS)
LIGKYX	$T_{e c a d d}$ + $T_{k y e n}$ + $T_{e c m u l}$ $\approx$ 12.851 + 32.554 + 0.525 $\approx$ 45.93 ms	$T_{e c a d d}$ + $T_{k y d e}$ $\approx$ 0.096 + 8.353 $\approx$ 8.449 ms
Ever et al. [6]	$2 T_{b p}$ $\approx$ 2 × 2926.273 $\approx$ 5852.546 ms	$2 T_{b p}$ + $4 T_{e c m u l}$ $\approx$ 2 × 617.354 + 4 × 2.528 $\approx$ 1244.820 ms
ACPBS-IoT [44]	$4 T_{e c m u l}$ + $T_{e c a d d}$ $\approx$ 4 × 12.851 + 0.525 $\approx$ 51.929 ms	$6 T_{e c m u l}$ + $2 T_{e c a d d}$ $\approx$ 6 × 2.528 + 2 × 0.096 $\approx$ 15.360 ms
SP-D2GCS [22]	$2 T_{s i g n}$ + $3 T_{v e r i f}$ + $2 T_{e c m u l}$ $\approx$ 2 × 2.144 + 3 × 8.008 + 2 × 12.851 $\approx$ 54.014 ms	$2 T_{s i g n}$ + $3 T_{v e r i f}$ + $2 T_{e c m u l}$ $\approx$ 2 × 0.431 + 3 × 1.534 + 2 × 2.528 $\approx$ 10.52 ms
LAPEC [10]	$3 T_{e c m u l}$ $\approx$ 3 × 12.851 $\approx$ 38.553	$3 T_{e c m u l}$ $\approx$ 3 × 2.528 $\approx$ 7.584
Challa et al. [45]	$4 T_{e c m u l}$ $\approx$ 4 × 12.851 $\approx$ 51.404 ms	$5 T_{e c m u l}$ $\approx$ 5 × 12.851 $\approx$ 64.255 ms
S-SAKA [6]	$2 T_{b p}$ $\approx$ 2 × 2926.273 $\approx$ 5852.546 ms	$1 T_{b p}$ + $3 T_{e c m u l}$ $\approx$ 617.354 + 4 × 2.528 $\approx$ 624.938 ms

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

Share and Cite

MDPI and ACS Style

Xia, T.; Wang, M.; He, J.; Yang, G.; Fan, L.; Wei, G. A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm. Drones 2024, 8, 359. https://doi.org/10.3390/drones8080359

AMA Style

Xia T, Wang M, He J, Yang G, Fan L, Wei G. A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm. Drones. 2024; 8(8):359. https://doi.org/10.3390/drones8080359

Chicago/Turabian Style

Xia, Tao, Menglin Wang, Jun He, Gang Yang, Linna Fan, and Guoheng Wei. 2024. "A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm" Drones 8, no. 8: 359. https://doi.org/10.3390/drones8080359

APA Style

Xia, T., Wang, M., He, J., Yang, G., Fan, L., & Wei, G. (2024). A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm. Drones, 8(8), 359. https://doi.org/10.3390/drones8080359

Article Menu