Advertisement

A Secure and Trusted Channel Protocol for UAVs Fleets

  • Raja Naeem Akram
  • Konstantinos Markantonakis
  • Keith Mayes
  • Pierre-François Bonnefoi
  • Amina Cherif
  • Damien Sauveron
  • Serge Chaumette
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10741)

Abstract

Fleets of UAVs will be deployed in near future in reliability and safety critical applications (e.g. for smart cities). To satisfy the stringent level of criticality, each UAV in the fleet must trust the other UAVs with which it communicates to get assurance of the trustworthiness in information received and to be sure not to disclose information to an unauthorized party. In addition, to be protected against an attacker willing to eavesdrop and/or modify the exchanged data, the communication channel needs to be secured, i.e. it has to provide confidentiality and integrity of exchanges. The work presented here is based on our previous research which concluded that it is required that each UAV includes a Secure Element (which we called ARFSSD standing for Active Radio Frequency Smart Secure Device) to withstand an adversary with a high attack potential. In this paper, we propose a secure and trusted channel protocol that satisfies the stated security and operational requirements for a UAV-to-UAV communication protocol. This protocol supports three main objectives: (1) it provides the assurance that all communicating entities can trust each other and can trust their internal (secure) software and hardware states; (2) it establishes a fair key exchange process between all communicating entities so as to provide a secure channel; (3) it is efficient for both the initial start-up of the network and when resuming a session after a cold and/or warm restart of a UAV. The proposed protocol is formally verified using CasperFDR and AVISPA.

Notes

Acknowledgments

The authors from XLIM acknowledge the support of:

– the SFD (Security of Fleets of Drones) project funded by Région Limousin;

– the TRUSTED (TRUSted TEstbed for Drones) project funded by the CNRS INS2I institute through the call 2016 PEPS (“Projet Exploratoire Premier Soutien”) SISC (“Sécurité Informatique et des Systèmes Cyberphysiques”);

– the SUITED (Suited secUrIty TEstbed for Drones), SUITED2 and UNITED (United NetworkIng TEstbed for Drones), UNITED2 projects funded by the MIRES (Mathématiques et leurs Interactions, Images et information numérique, Réseaux et Sécurité) CNRS research federation.

The authors from LaBRI acknowledge the support of:

– the TRUSTED (TRUSted TEstbed for Drones) project funded by the CNRS INS2I institute through the call 2016 PEPS (“Projet Exploratoire Premier Soutien”) SISC (“Sécurité Informatique et des Systèmes Cyberphysiques”);

– the SUITED-BX, SUITED2-BX and UNITED-BX, UNITED2-BX projects funded by LaBRI and its MUSe team.

References

  1. 1.
    Akram, R.N., Bonnefoi, P.F., Chaumette, S., Markantonakis, K., Sauveron, D.: Secure autonomous UAVs fleets by using new specific embedded secure elements. In: 2016 IEEE TrustCom/BigDataSE/ISPA, pp. 606–614, August 2016Google Scholar
  2. 2.
    Akram, R.N., Markantonakis, K., Mayes, K.: A paradigm shift in smart card ownership model. In: 2010 International Conference on Computational Science and Its Applications, pp. 191–200, March 2010Google Scholar
  3. 3.
    Akram, R.N., Markantonakis, K., Mayes, K.: Trusted platform module for smart cards. In: 2014 6th International Conference on New Technologies, Mobility and Security (NTMS), pp. 1–5, March 2014Google Scholar
  4. 4.
    Smart Cards; Smart Card Platform Requirements Stage 1 (Release 9), European Telecommunications Standards Institute (ETSI), France, Technical Specification ETSI TS 102 412 (V9.1.0), June 2009. http://www.etsi.org/deliver/etsi_ts/102400_102499/102412/09.01.00_60/ts_102412v090100p.pdf
  5. 5.
    Gasmi, Y., Sadeghi, A.-R., Stewin, P., Unger, M., Asokan, N.: Beyond secure channels. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, STC 2007, pp. 30–40. ACM, New York (2007)Google Scholar
  6. 6.
    Trusted Platform Module Main Specification, Trusted Computing Group, Technical report (2011)Google Scholar
  7. 7.
    Zhou, L., Zhang, Z.: Trusted channels with password-based authentication and TPM-based attestation. In: International Conference on Communications and Mobile Computing, vol. 1, pp. 223–227 (2010)Google Scholar
  8. 8.
    Armknecht, F., Gasmi, Y., Sadeghi, A.-R., Stewin, P., Unger, M., Ramunno, G., Vernizzi, D.: An efficient implementation of trusted channels based on OpenSSL. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, ser. STC 2008, pp. 41–50. ACM, New York (2008)Google Scholar
  9. 9.
    Akram, R.N., Markantonakis, K., Mayes, K.: A privacy preserving application acquisition protocol. In: Min, G., Marmol, F.G. (eds.) 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom 2012), Liverpool, United Kingdom. IEEE Computer Society, June 2012Google Scholar
  10. 10.
    Blazy, O., Bonnefoi, P.-F., Conchon, E., Sauveron, D., Akram, R.N., Markantonakis, K., Mayes, K., Chaumette, S.: An efficient protocol for UAS security. In: 2017 Integrated Communications Navigation and Surveillance (ICNS) (2017)Google Scholar
  11. 11.
    Steinmann, J.A., Babiceanu, R.F., Seker, R.: UAS security: encryption key negotiation for partitioned data. In: 2016 Integrated Communications Navigation and Surveillance (ICNS), pp. 1E4-1–1E4-7, April 2016Google Scholar
  12. 12.
    Pigatto, D.F., Gonçalves, L., Roberto, G.F., Rodrigues Filho, J.F., Floro da Silva, N.B., Pinto, A.R., Lucas Jaquie Castelo Branco, K.R.: The HAMSTER data communication architecture for unmanned aerial, ground and aquatic systems. J. Intell. Robot. Syst. 84(1), 705–723 (2016).  https://doi.org/10.1007/s10846-016-0356-xCrossRefGoogle Scholar
  13. 13.
    Maxa, J.A., Mahmoud, M.S.B., Larrieu, N.: Extended verification of secure UAANET routing protocol. In: 2016 IEEE/AIAA 35th Digital Avionics Systems Conference (DASC), pp. 1–16, September 2016Google Scholar
  14. 14.
    Won, J., Seo, S.-H., Bertino, E.: A secure communication protocol for drones and smart objects. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ser. ASIA CCS 2015, pp. 249–260. ACM, New York (2015).  https://doi.org/10.1145/2714576.2714616
  15. 15.
    Dierks, T., Rescorla, E.: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2, Technical report, August 2008Google Scholar
  16. 16.
    Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Crypt. 2(2), 107–125 (1992)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Aziz, A., Diffie, W.: Privacy and authentication for wireless local area networks. IEEE Pers. Commun. 1, 25–31 (1994)CrossRefGoogle Scholar
  18. 18.
    Horn, G., Preneel, B.: Authentication and payment in future mobile systems. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 277–293. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0055870CrossRefGoogle Scholar
  19. 19.
    Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Just fast keying: key agreement in a hostile internet. ACM Trans. Inf. Syst. Secur. 7, 242–273 (2004)CrossRefGoogle Scholar
  20. 20.
    Remote Application Management over HTTP, Card Specification v 2.2 - Amendment B. GlobalPlatform Specification, September 2006Google Scholar
  21. 21.
    Markantonakis, K., Mayes, K.: A secure channel protocol for multi-application smart cards based on public key cryptography. In: Chadwick, D., Preneel, B. (eds.) CMS 2004. ITIFIP, vol. 175, pp. 79–95. Springer, Boston, MA (2005).  https://doi.org/10.1007/0-387-24486-7_6CrossRefGoogle Scholar
  22. 22.
    Sirett, W.G., MacDonald, J.A., Mayes, K., Markantonakis, K.: Design, installation and execution of a security agent for mobile stations. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 1–15. Springer, Heidelberg (2006).  https://doi.org/10.1007/11733447_1CrossRefGoogle Scholar
  23. 23.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0024447CrossRefzbMATHGoogle Scholar
  24. 24.
    Mitchell, C., Ward, M., Wilson, P.: Key control in key agreement protocols. Electron. Lett. 34(10), 980–981 (1998)CrossRefGoogle Scholar
  25. 25.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC, Boca Raton (1996)CrossRefGoogle Scholar
  26. 26.
    Furlani, C.: FIPS 186–3: Digital Signature Standard (DSS). National Institute of Standards and Technology (NIST) Std., June 2009. http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
  27. 27.
    Akram, R.N., Markantonakis, K., Mayes, K.: A dynamic and ubiquitous smart card security assurance and validation mechanism. In: Rannenberg, K., Varadharajan, V., Weber, C. (eds.) SEC 2010. IAICT, vol. 330, pp. 161–172. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-15257-3_15CrossRefGoogle Scholar
  28. 28.
    Lowe, G.: Casper: a compiler for the analysis of security protocols. J. Comput. Secur. 6, 53–84 (1998)CrossRefGoogle Scholar
  29. 29.
    Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978)CrossRefGoogle Scholar
  30. 30.
    Ryan, P., Schneider, S.: The Modelling and Analysis of Security Protocols: The CSP Approach. Addison-Wesley Professional, Boston (2000)Google Scholar
  31. 31.
    Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005).  https://doi.org/10.1007/11513988_27CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2018

Authors and Affiliations

  • Raja Naeem Akram
    • 1
  • Konstantinos Markantonakis
    • 1
  • Keith Mayes
    • 1
  • Pierre-François Bonnefoi
    • 2
  • Amina Cherif
    • 2
    • 4
  • Damien Sauveron
    • 2
    • 3
  • Serge Chaumette
    • 3
  1. 1.Information Security Group Smart Card CentreRoyal Holloway, University of LondonEghamUK
  2. 2.XLIM (UMR CNRS 7252/Université de Limoges), MathISLimogesFrance
  3. 3.LaBRI (UMR CNRS 5800/Université de Bordeaux)TalenceFrance
  4. 4.LARI (Université Mouloud Mammeri de Tizi-Ouzou)Tizi-OuzouAlgeria

Personalised recommendations