Issue |
Security and Safety
Volume 3, 2024
Security and Privacy for Space-Air-Ground Integrated Networks
|
|
---|---|---|
Article Number | 2024004 | |
Number of page(s) | 15 | |
Section | Intelligent Transportation | |
DOI | https://doi.org/10.1051/sands/2024004 | |
Published online | 16 April 2024 |
Research Article
Privacy-preserving location authentication for low-altitude UAVs: A blockchain-based approach
1
College of Electronic and Information Engineering, Nanjing University of Aeronautics and Astronautics, Nanjing, 211106, China
2
Key Laboratory of Information Fusion Technology (Ministry of Education), School of Automation, Northwestern Polytechnical University, Xi’an, 710072, China
3
College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, 211106, China
* Corresponding author (email: wei_wang@nuaa.edu.cn)
Received:
13
September
2023
Revised:
7
December
2023
Accepted:
18
March
2024
Efficient and trusted regulation of unmanned aerial vehicles (UAVs) is an essential but challenging issue in the future era of the Internet of Low-altitude Intelligence, due to the difficulties in UAVs’ identity recognition and location matching, potential for falsified information reporting, etc. To address this challenging issue, in this paper, we propose a blockchain-based UAV location authentication scheme, which employs a distance bounding protocol to establish a location proof, ensuring the authenticity of UAV positions. To preserve the privacy of UAVs, anonymous certificates and zero-knowledge proof are used. The security of the proposed scheme is analyzed. Experiments demonstrate the efficiency and feasibility of the proposed scheme.
Key words: Blockchain / UAV / zero-knowledge proof / location proof
Citation: Pan H, Wang Y, Wang W, et al. Privacy-preserving location authentication for low-altitude UAVs: A blockchain-based approach. Security and Safety 2024; 3: 2024004. https://doi.org/10.1051/sands/2024004
© The Author(s) 2024. Published by EDP Sciences and China Science Publishing & Media Ltd.
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
1. Introduction
Unmanned aerial vehicles (UAVs) offer a variety of benefits, including flexibility, mobility, and extensibility. The mobility of UAVs empowers them to be deployed swiftly and efficiently in intricate terrains. As drone technology continues advancing, it finds increasing applications such as remote sensing, disaster rescue, and surveillance [1, 2].
Despite the immense potential of UAVs, a reliable technology that ensures safe communication and regulation of UAVs is still lacking [3]. Firstly, the current cloud-based regulatory frameworks, such as China’s UAV Cloud System and the United States’ Low Altitude Authorization and Notification Capability (LAANC), are inadequate for managing the upcoming surge in drone operations in low-altitude airspace. The inherent centralized structure of these systems complicates interoperability with other mechanisms, thereby posing significant challenges in fulfilling the diverse requirements of drones in terms of airspace access, communication, and network resources [4]. Furthermore, these centralized cloud services are susceptible to the risks associated with a single point of failure [5]. Secondly, traditional radar-based detection methods encounter significant obstacles in efficiently acquiring flight information from drones, especially within complex low-altitude environments. These challenges stem from the limitations of radar technology in detecting small, agile drones that operate at low altitudes, where environmental factors often impede accurate detection [6]. The position data of UAVs plays a crucial role in their flight and management. Furnishing location information of UAVs aids the government supervision, ensuring adherence to regulations. Sharing the location also enables other airborne devices to grasp airspace conditions, facilitating the development of flight path strategies. In summary, location information guarantees that drones operate within designated regions, preventing unauthorized usage, and significantly enhancing both airspace security and operational efficiency. Given the substantial cost of proactive monitoring for drones, some countries currently require drones to report their location information proactively [7]. However, the current solution heavily relies on third-party signals for self-positioning, creating an opportunity for malicious UAVs to easily alter and report falsified location information. Therefore, a secure and reliable position verification system emerges as a critical component to ensure the safety of UAV flights.
To address the aforementioned issues, this paper utilizes a cryptographic position verification, enabling location authentication through identity validation. To enhance the reliability and efficiency of position verification, blockchain technology is incorporated. The immutability inherent in blockchain ensures the audit-worthy integrity of position information [8].
In addition, the integration of blockchain significantly enhances the scalability of location authentication systems and their interoperability with other heterogeneous systems [9]. This enables any validated node to participate in the creation of location proofs (LPs) and earn corresponding rewards. Figure 1 illustrates the process of location authentication using blockchain technology. In particular, the witnesses assist the verifier in validating the drone’s location and generating proof. Upon uploading the proof, they can earn incentive rewards through collaborative efforts.
Figure 1. An illustration of UAV location proof |
The contributions of this paper can be summarized as follows:
-
(1)
We propose a semi-centralized UAV regulation architecture based on blockchain, where any authenticated peer can conduct location authentication for UAVs using the Distance Bounding Protocol (DB Protocol). The resulting location proof is transmitted to the Verifier through the blockchain. The decentralized and tamper-proof characteristics of blockchain ensure the efficiency and trustworthiness of the entire process.
-
(2)
We design an efficient and privacy-preserving location authentication mechanism. By leveraging the capabilities of short randomizable signatures and zero-knowledge proofs, UAVs can achieve anonymous authentication with just a few communication rounds. This approach ensures the protection of UAV privacy while maintaining the efficiency of the authentication process.
-
(3)
We conduct a detailed theoretical analysis of our authentication mechanism. Meanwhile, comparative experiments have demonstrated the superiority of the proposed scheme.
The remainder of this paper is organized as follows. Section 2 introduces the relevant work in this field. Section 3 presents the system architecture and security model. The key technologies used in this paper are introduced in Section 4. The authentication details are shown in Section 5. Security analysis is discussed in Section 6. In Section 7, simulation results are presented, and the performance is also discussed. Finally, conclusions are provided in Section 8.
2. Related work
Depending on the system architecture, location-proof systems are classified into two categories: centralized and distributed systems [10]. In a centralized solution, a trusted and fixed wireless infrastructure, often a WiFi access point, is employed to verify the proximity of mobile users and generate proof of their location. Saroiu and Wolman [11] proposed using communication infrastructure (cell tower or WiFi access point) to generate location proofs for devices. Each device would be identified with a public key to guarantee the device’s identity is unforgeable. Javali et al. [12] used channel state information (CSI) to verify the location information of mobile users and employed fuzzy vault for feature matching to complete location verification. Yi et al. [13] rely on WiFi and cellular networks to provide location proofs for privacy protection. The validator can verify the location without needing to know the exact coordinates of the user. Chen et al. [14] introduced a scheme to ensure the security of continuous position data, focusing on integrity and source verification. In their approach, the acceleration sensor is utilized to continuously capture acceleration data throughout the user’s movement, generating proof of position.
Conversely, distributed schemes involve the generation of location proof by nearby user devices. Gambs introduces PROPS [15], a privacy-preserving location-proof system that uses neighboring nodes as witnesses to generate location proofs. However, PROPS cannot resist P–W collusions. STAMP [16] proposed an entropy-based trust model to guard users from P–W collusion and utilizes commitment to offer fine-grained location privacy control for users. Davis et al. [17] proposed a location-proof scheme for privacy protection, wherein the user and the proving party sign their personal ID, geographical location, and other contextual information, generating a digest to serve as proof. However, this scheme fails to address the issue of collusion between the user and the witness. PASPORT [10] is another distributed location-proof generation system. In PASPORT the author introduced and modified TREAD [18], a lightweight DB protocol, to protect user privacy during the location-proof process.
In order to provide a higher level of system security, some location-proof schemes have introduced blockchain technology. In Amoretti’s scheme [19], the user collects proof of location from its neighbors through blockchain networks. Wu et al. [20] used zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) to design the zk-PoL protocol, where the user requests a location certificate from the nearby AP, and generates location proof as it needed. Certificate digest and service records are recorded on the chain to prevent users from abusing location proof. In addition, blockchain can be used to motivate other users to participate in the authentication process, Nosouhi et al. [21] achieves blockchain construction and motivation through a Bitcoin-like approach. Any device participating in location authentication or blockchain mining can receive incentives. Yu et al. [22] employs zk-SNARK to establish a blockchain-based location-proof system with privacy protection. However, the proposed method does not prevent collusion between the prover and witnesses.
In centralized schemes, the nodes responsible for generating location proofs are typically assumed to be trustworthy. However, the reliability of these nodes relies on the proper functioning of a substantial number of wireless access points. Compared to communication infrastructure-based solutions, a distributed scheme relies on nearby user equipment to generate location proof and has lower costs. However, a dishonest witness may collude with a distant malicious prover and issue a fake location proof for them, which is called Prover–Witness (P–W) collusion.
3. System model
In this section, we present the system composition of the proposed scheme, including various roles and system assumptions, as well as security models, to comprehensively demonstrate the advantages of the proposed architecture.
Figure 2. System model of UAV location verification system |
3.1. System architecture
As discussed earlier, distributed solutions may encounter P–W collusion, which is deemed unacceptable in regulatory scenarios. On the other hand, centralized solutions require collaboration with communication infrastructure and face interoperability issues with heterogeneous systems. To tackle this challenge, a semi-centralized system based on blockchain was introduced in Figure 2. In our scheme, a certification authority (CA) issues authentication certificates to UAVs. These certificates include trusted peer parameters and UAV identity information. With the certificate, the UAV can initiate location authentication with the perception peers. The generated location proof can be involved in the consensus process by perception peers to create blocks and obtain incentives. Verifiers can then use the on-chain position proof to confirm the UAV’s location. The specific descriptions of different roles are as follows:
-
(1)
UAV (unmanned aerial vehicle): UAVs are bound by regulatory constraints that mandate them to report their location. However, they also prioritize their privacy and security concerns. To balance these conflicting requirements, UAVs can employ cryptographic techniques and secure communication protocols to protect their location data.
-
(2)
CA (certificate authority): CA is responsible for issuing anonymous certificates to UAVs and managing trusted perception nodes. It is considered a trusted authority in this article.
-
(3)
TP (trusted peers): TP refers to perception nodes that communicate with UAVs to verify positions and generate position proof (LP). They can be any device licensed by CA. Typically, there are ground stations like access points (AP) or base stations (BS).
-
(4)
Verifier: The verifier may be a regulatory agency or a location-based service provider (LBSP) [23]. Therefore, it is necessary to obtain the true location information of the drone. The verifier can obtain the position proof generated by TP on the chain.
-
(5)
Blockchain: To solve the problem of centralized architecture, blockchain is introduced in our system to provide a secure channel for trusted data interaction. As a distributed and immutable ledger, blockchain integrates multiple stakeholders to achieve distributed authentication of UAVs.
3.2. Security model and design goals
Before introducing the details of our scheme, it is important to discuss the security model and our design goals.
CA is trustworthy and will carefully review the registration requests of UAVs and TPs to verify the legitimacy of their identities. Malicious UAVs may impersonate their legitimate identity or generate fake LPs to evade regulation. UAV users are rational. Therefore, they will not share their private keys with others. TP is semi-trustworthy and will not collude with UAVs to generate fake LP, as they have all been reviewed by CA. However, they are curious and will try to obtain the identity information of UAVs.
As mentioned above, all parties involved in the system have different requirements, especially how to solve the contradictions between data security, privacy, efficiency, and system scalability. Our design goals can be summarized as follows:
Security: (1) Without the knowledge of corresponding keys, an adversary cannot impersonate UAV or TP; (2) UAVs are unable to generate counterfeit proofs with any untrusted nodes, nor can they falsely claim the ownership of legitimate proofs from other UAVs [16].
Privacy: UAVs can hide their identity during the authentication and LP generation process. Adversaries are unable to extract any information from these aforementioned processes.
Availability and scalability: The system aims to draw a maximum number of perception nodes into participating in location authentication tasks, all while upholding security measures. Additionally, the system is designed to withstand DDoS and other attacks without encountering vulnerabilities associated with single points of failure.
4. Building blocks
4.1. Zero-knowledge proof
The zero-knowledge protocol [24] (ZKP) enables the prover to convince the verifier that a statement is true without exposing any information about the secret. A ZKP protocol can be written as [25]:
where are secrets, U ∈ 𝔾1 denotes a mathematical statement and are public parameters.
An interactive ZKP protocol can be transformed into a non-interactive ZKP protocol using the Fiat-Shamir heurisitcs [26]. This conversion helps to reduce communication rounds and overhead in the protocol.
4.2. RPS Signature
PS signature was proposed by Pointcheval and Sanders [27]. The PS signature scheme supports signing a set of messages or commitments, but the generated signature only contains a fixed number of elements. At the same time, it supports signature randomization and has advantages such as efficiency and privacy. PS signature is also redactable [28], given a set of message and corresponding PS signature σ, it is easy to derive a valid signature of the subset of ℳ. The RPS signature includes the following algorithms:
-
(1)
Keygen(1k, n): Set 1k as the security parameter and n as the number of keys, choose two random numbers as a pair of secret keys, the public keys are denoted as , the formulas are:
-
(2)
Sign(sk, ℳ): Given the message set ℳ and a rand number r ∈ ℤp, the signature σ = (σ1, σ2) can be computed as:
-
(3)
Derive(pk, σ, ℳ, ℐ): If the signature owner wants to derive the signature on ℐ(ℐ ⊂ ℳ). Choose two random number , and compute as:
So the derived signature can be denoted as
-
(4)
Verify(pk, σ, ℐ): On input the public key pk, message ℐ and the corresponding derived signature σ, verifier can validate as follows:
where . If the above equation holds, return 1; Otherwise return 0.
4.3. Distance bounding protocol
To ensure the authenticity of the drone’s location, the distance bounding protocol [29] is chosen for UAVs’ location authentication. The DB protocol calculates the distance based on the round trip time (RTT) between the challenge and the response. The prover, which is the UAV in this case, must efficiently compute and respond with its secret parameters along with the challenge sent by the verifier, which is called fast bit exchange.
To address the various security challenges, there are multiple variants of the DB Protocol [30–32]. One of the most significant challenges is the terrorist fraud (TF) attacks [33], dishonest provers, and malicious colluders collaborating to create false proofs to deceive verifiers. In response to this, we have selected TREAD [18] as our location-proof protocol. TREAD prevents TF attacks based on a reasonable assumption that if a malicious protect gives this information to his compliance, the compliance can then adapt and replay successfully the information received during a new session. And this is something that a rational witness cannot allow to happen.
5. Proposed privacy-preserving location authentication scheme
5.1. System initialization
In this phase, the CA defines the authentication policy and publishes the public parameters in the blockchain.
Specifically, CA selects a security parameter λ, and chooses a set of three cyclic groups 𝔾1, 𝔾2, and 𝔾3 of order p with a type III bilinear mapping that satisfies e : 𝔾1 × 𝔾2 → 𝔾T. Then, CA sets generators as . Then, CA randomly chooses as the system secret keys, and computes the public keys as equation (2). Finally, CA publishes parameters as follows:
Any legitimate communication facility can register with CA as a location authentication node, referred to as a trusted peer (TP) in this article. Take TPi as an example, CA assigns the corresponding RPS public key to TPi and adds it to the trusted peer set 𝒮N = {TPi},i = 1, …, n. In addition, TP also holds encryption keys (ski, pki), corresponding to the encryption algorithms Encpk(pt) and Decsk(ct).
5.2. Credential Issuance
The UAV u chooses a random number sku ∈ ℤp and computes:
Then, the UAV u sends its (πu, U) and identity information to CA.
After CA receives the information, it will verify the validity of U according to πu. If it passes the check, CA chooses a random number ru ∈ ℤp and computes:
The signature combined by CA into credential Credu = (σ1, σ2). CA will save the Credu and U at local. Besides, CA sends the list of TP and corresponding public keys to the UAV u.
After receiving the Credu, UAV u can verify the validity through the following formula:
Figure 3. Workflow of location authentication |
5.3. LP request
During the UAV flight, the verifier needs to obtain proof of the UAV’s position. The verifier generates a random number seed ∈ ℤp and applies a Hash chain to calculate:
where T is the maximum number of available times for this request. Verifier constructs tx and uploads it on chain:
Meanwhile, the Verifier will send seed to the u. If any TP completes the LP upload of the UAV, the Verifier can obtain relevant information by itself from the chain without the need for secondary interaction with the UAV.
5.4. Anonymous authentication
Figure 3 shows the workflow of location authentication during the UAV flight. The UAV u initiates anonymous location authentication to TPi, assuming this is the tth location authentication request from the UAV. The UAV u selects random numbers and calculates:
where . The derived signature denotes as . To prove that the belongs to itself, UAV u computes:
Specifically, UAV u randomly generates a ∈ ℤp and l bits random number α, β ← {0, 1}l, then calculates:
Finally, UAV lets πcred = (c, s), , and encrypts and sends it to TPi:
TPi uses DecskTPi(m) to decrypt the ciphertext and obtain m, and verifies by follow:
If the above equation holds, TPi computes :
Check if it satisfies the equation:
If all verifications pass, TPi performs location authentication for UAV.
5.5. LP generation and verify
TPi starts the fast bit exchange by generating a l bits random number γ ← {0, 1}l, signs for it, and sends it to the UAV:
UAV verifies the signature by VerifypkTPi(γ), and computes δ = β ⊕ γ, then notifies TPi of readiness. TPi sends random challenge bit bk at stage k(k = 1, …, l) and starts timing.
After receiving the challenge bit, UAV replies quickly as:
On getting the response rk, TPi records the receive time and computes the time difference, which denotes Δtk. After l rounds of interaction, TPi checks if the response bits satisfy:
TPi calculates the upper bound of the distance between both parties using the following formula:
where c is the speed of light and t0 is the calculation delay of the UAV.
It should be noted that, depending on actual requirements, two types of location proofs can be provided for drones: The first is the proof of existence, meaning that if the Δtk is short enough, it’s inferred that the drone is in proximity to the TPi. The second method involves numerical proof, wherein the actual distance dmax between the TPi and the drone is computed using the time Δtk spent on bit exchange. Additionally, the distances calculated from multiple witnesses at various positions can be leveraged to determine the precise location of the drone through localization algorithms [34].
Here, we use proof of existence to illustrate the proposed mechanism. If the calculated result is within the allowable range, TPi generates LP and sends it to UAV, where Loc is the actual location information of the TPi:
The UAV generates signature πLP = (cLP, sLP) for LP and sends it back to TPi:
TPi constructs txLP and uploads it on chain:
If the cre is legal and ht meets the:
The proof will be successfully recorded on the chain, and TPi receive corresponding rewords. After the txLP is uploaded to the chain, the verifier uses VerifypkTPi(Loc, TS) to verify the signature of TPi. Then, the verifier checks the πLP by
If it holds, Verifier computes:
Finally, Verifier computes if it satisfies:
If all the aforementioned checks are successfully passed, it indicates that the location proof of the UAV has been accepted by the verifier.
6. Security analysis
In this section, we analyze the security performance and other features of the proposed location authentication scheme.
Security: The authentication security of UAV is based on RPS Signature [28] and ZKP protocol. Without the system master key, an adversary cannot issue any fake certificates unless it can break the unforgeability of the RPS signature. In the authentication process, the UAV employs a knowledge signature to demonstrate its knowledge of the certificate. As a rational user, he never shares keys, which prevents an adversary from impersonating his identity. In addition, the UAV obtains the public key of TP from CA and uses ECC to initiate a location authentication request [35, 36]. Only TP holding the private key can decrypt it. Both the UAV and TP will sign on the LP to ensure that it will not be impersonated by others.
Privacy: The RPS Signature achieves unlinkability between signatures through the incorporation of two random elements. However, aiming to enhance efficiency, the proposed scheme utilizes hash chain technology. This permits others to correlate Location Proofs on the chain through the relation of hash chain parameters. Despite this, UAVs retain their anonymity as they claim the knowledge of certificates via non-interactive zero-knowledge proofs.
Availability and scalability: We ensure the scalability and availability of the entire system by introducing blockchain technology. The distributed architecture of blockchain guarantees the absence of single points of failure, and the malfunction of an individual blockchain node will not disrupt the overall system operation. The Certificate Authority is not singular within this system. UAVs possess the flexibility to select suitable CAs and perception nodes for authentication based on specific requirements. The blockchain records location proofs in an immutable manner, assuring regulatory effectiveness over drones. Furthermore, similar to the utilization of blockchain in Bitcoin and Ethereum [37, 38], verifiers can utilize digital currency as an incentive to encourage perception nodes to engage in the authentication process.
7. Performance evaluation
7.1. Theoretical analysis
The DB protocol has been extensively discussed in many papers [39–41], so the theoretical analysis stage mainly discusses the performance of the Credential issue, Anonymous authentication, and LP generation and verify.
Computation overhead
Communication overhead
Considering the marginal effects, we only consider the exponentiation operation and pairing operation costs of group elements. We represent the exponentiation operation and pairing operation on 𝔾1, 𝔾2, 𝔾T as Exp1, Exp2, ExpT, respectively, using Dec and Enc to represent elliptic curve encryption and decryption. Symbols |Zr|, |𝔾1|, |𝔾2| denotes the size of corresponding group elements. |H|, |l|, and |Sign| represent hash computation, distance bounding challenge, and elliptic curve signature size, respectively.
As shown in Table 1, although the computational cost of UAV in verifying certificate validity equation (11) and exporting sub-certificates (Eq. (14)) is related to the total number n, it can be observed that UAV only needs to be calculated once, the equation (14) can be transformed as , and each time the credential is presented, the UAV only needs to perform two additional exponentiation operations to obtain it.
Table 2 shows the communication costs of UAVs. In LP generation and verify, we consider the fast bit exchange of the DB protocol as the number of communication rounds per session.
Figure 4. The time cost of different authentication operations under different peer numbers |
Figure 5. Communication cost. (a) PBC: 160bit RSA: 1024bit. (b) PBC: 224bit RSA: 2048bit. (c) PBC: 256bit RSA: 3072bit |
7.2. Experimental analysis
We deployed the experiment based on a personal computer equipped with 11th Gen Intel (R) Core (TM) i7-11700F @ 2.50 GHz CPU and 16 GB of memory, all experiments were carried out on a VMware Workstation 15 Pro virtual machine with 4GB of memory, with the virtual machine version being Ubuntu 18.04 LTS. The RPS signature algorithm is implemented based on the GO PBC library, with GO version 1.18. Other encryption uses secp256r1 elliptic curve, SHA-256 hash function, and AES. Figure 4 shows the time cost of different numbers of trusted peers and different stages. The Credential Issue is performed by CA, the Credential Show includes the certificate export and Zero-knowledge proof generation of UAV, and the Credential Verify is completed by TP. From the data in Figure 4, it can be seen that the time cost of Credential Issuance is almost unaffected by the Peer Number. In fact, the time cost of Credential Issuance is only maintained at around 1.5 ms. Because Peer Number mainly affects the number of summation operations on the domain, this operation has a smaller demand for computational performance. The time cost of Credential Show increases rapidly with the increase of Peer Number, as the increase in Peer Number results in multiplication operations on the domain, but it only consumes 200 ms at 500 peers. Similarly, the time for Credential Verify is also fixed, maintained at around 60 ms.
Communication overhead is an important factor for drones. We analyzed and compared it with STAMP [16] and BCSLPV [21]. Figure 5 shows the communication overhead under different Key sizes. The compared articles used RSA encryption, and we correspondingly set elliptic curve parameters with the same security strength. Our scheme has communication costs of 1064 bytes, 1210 bytes, and 1283 bytes under different strength keys, respectively. It can be seen that the communication overhead of this scheme is much lower than that of STAMP and BCSLPV.
8. Conclusion
In this paper, we propose a blockchain-based UAV location authentication scheme. The utilization of blockchain technology provides scalability for the entire system. The distance bounding protocol was utilized to generate reliable location proofs of UAVs. Additionally, short randomizable signatures and zero-knowledge proof are introduced to preserve the privacy of UAVs. Security analysis and experiments have shown that our solution can provide efficient and safe position regulation for UAVs.
In future research, we aim to investigate identity authentication and data interaction between UAVs and heterogeneous devices, to maximize effectiveness of UAVs. By exploring these areas, we anticipate enhancing the capabilities of UAVs and enabling seamless communication and collaboration with various devices, ultimately improving their overall performance and efficiency.
Conflict of Interest
The authors declare that they have no conflict of interest.
Data Availability
We make data available on request by sending an email to the authors.
Authors’ Contributions
Conceptualization, Hengchang Pan, Wei Wang and Qihui Wu; Writing-Original Draft, Hengchang Pan and Yuanshuo Wang; Investigation: Yuanshuo Wang; Software, Hengchang Pan and Ping Cao; Formal Analysis, Yuanshuo Wang and Ping Cao; Writing-Review and Editing, Wei Wang and Fangwei Ye; Funding Acquisition: Wei Wang; Supervision: Qihui Wu. All authors have read and agreed to the published version of the manuscript.
Acknowledgments
We thank all anonymous reviewers for their helpful comments and suggestions.
Funding
This work was supported in part by the Jiangsu Provincial Key Research and Development Program under Grants BE2022068, the National Natural Science Foundation of China under Grant 62371231, 62001220, and the Young Elite Scientist Sponsorship Program, China Association for Science and Technology, YESS20200207.
References
- Shakhatreh H, Sawalmeh AH, Al-Fuqaha A, et al. Unmanned aerial vehicles (Uavs): A survey on civil applications and key research challenges. IEEE Access 2019; 7: 48572–48634. [CrossRef] [Google Scholar]
- Geraci G, Garcia-Rodriguez A, Azari MM, et al. What will the future of Uav cellular communications be? a flight from 5G to 6G. IEEE Commun Surv Tutor 2022; 24: 1304–1335. [CrossRef] [Google Scholar]
- Khan AS, Sattar MA, Nisar K, et al. A survey on 6G enabled light weight authentication protocol for UAVs, security, open research issues and future directions. Appl Sci 2022; 13: 277. [CrossRef] [Google Scholar]
- Wu Q, Wang W, Li Z, et al. Spectrumchain: A disruptive dynamic spectrum-sharing framework for 6G. Sci China Inf Sci 2023; 66: 130302. [CrossRef] [Google Scholar]
- Zhang Y, Xu C, Li H, et al. Protect: Efficient password-based threshold single-sign-on authentication for mobile users against perpetual leakage. IEEE Trans Mobile Comput 2020; 20: 2297–2312. [Google Scholar]
- Qiang P, Hao Z, Husheng W. Summary of development requirements of "low, slow and small" UAV countermeasure equipment and key technologies. Aero Weaponry 2022; 29: 43–52. [Google Scholar]
- Civil Aviation Administration of China. Regulations on the Operation of Light and Small Unmanned Aerial Vehicles, 2015. [Google Scholar]
- Zhang Y, Xu C, Lin X, et al. Blockchain-based public integrity verification for cloud storage against procrastinating auditors. IEEE Trans Cloud Comput 2019; 9: 923–937. [Google Scholar]
- Li Z, Wang W, Guo J, et al. Blockchain-empowered dynamic spectrum management for space-air-ground integrated network. Chin J Electron 2022; 31: 456–466. [CrossRef] [Google Scholar]
- Nosouhi MR, Sood K, Yu S, et al. Pasport: A secure and private location proof generation and verification framework. IEEE Trans Comput Soc Syst 2020; 7: 293–307. [CrossRef] [Google Scholar]
- Saroiu S and Wolman A. Enabling new mobile applications with location proofs. In: Proceedings of the 10th workshop on Mobile Computing Systems and Applications, 2009, 1–6. [Google Scholar]
- Javali C, Revadigar G, Rasmussen KB, et al. I am alice, i was in wonderland: Secure location proof generation and verification protocol. In: 2016 IEEE 41st Conference on Local Computer Networks (LCN), IEEE, 2016, 477–485. [Google Scholar]
- Li Y, Zhou L, Zhu H, et al. Privacy-preserving location proof for securing large-scale database-driven cognitive radio networks. IEEE Internet Things J 2015; 3: 563–571. [Google Scholar]
- Lyu C, Pande A, Wang X, et al. Clip: Continuous location integrity and provenance for mobile phones. In: 2015 IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems, IEEE, 2015, 172–180. [Google Scholar]
- Gambs S, Killijian MO, Roy M, et al. Props: A privacy-preserving location proof system. In: 2014 IEEE 33rd International Symposium on Reliable Distributed Systems, IEEE, 2014, 1–10. [Google Scholar]
- Wang X, Pande A, Zhu J, et al. Stamp: Enabling privacy-preserving location proofs for mobile users. IEEE/ACM Trans Netw 2016; 24: 3276–3289. [CrossRef] [Google Scholar]
- Davis B, Chen H and Franklin M. Privacy-preserving alibi systems. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012, 34–35. [Google Scholar]
- Avoine G, Bultel X, Gambs S, et al. A terrorist-fraud resistant and extractor-free anonymous distance-bounding protocol. In: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, 2017, 800–814. [Google Scholar]
- Amoretti M, Brambilla G, Medioli F, et al. Blockchain-based proof of location. In: 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), IEEE, 2018, 146–153. [Google Scholar]
- Wu W, Liu E, Gong X, et al. Blockchain based zero-knowledge proof of location in iot. In: ICC 2020-2020 IEEE International Conference on Communications (ICC), IEEE, 2020, 1–7. [Google Scholar]
- Nosouhi MR, Yu S, Zhou W, et al. Blockchain for secure location verification. J Parallel Distrib Comput 2020; 136: 40–51. [CrossRef] [Google Scholar]
- Yu R, Zhou B, Wang L, et al. Zero-knowledge location proof based on blockchain. J Electron Inf Technol 2020; 42: 2142–2149. [Google Scholar]
- Gupta R and Rao UP. An exploration to location based service and its privacy preserving techniques: A survey. Wireless Personal Commun 2017; 96: 1973–2007. [CrossRef] [Google Scholar]
- Goldwasser S, Micali S and Rackoff C. The knowledge complexity of interactive proof-systems. In: Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, 2019, 203–225. [Google Scholar]
- Camenisch J and Stadler M. Efficient group signature schemes for large groups. In: Annual International Cryptology Conference, Springer, 1997, 410–424. [Google Scholar]
- Fiat A and Shamir A. How to prove yourself: Practical solutions to identification and signature problems. In: Conference on the Theory and Application of Cryptographic Techniques, Springer, 1986, 186–194. [Google Scholar]
- Pointcheval D and Sanders O. Short randomizable signatures. In: Topics in Cryptology-CT-RSA 2016: The Cryptographers' Track at the RSA Conference 2016, San Francisco, CA, USA, February 29-March 4, 2016, Proceedings, Springer, 2016, 111–126. [Google Scholar]
- Sanders O. Efficient redactable signature and application to anonymous credentials. In: IACR International Conference on Public-Key Cryptography, Springer, 2020, 628–656. [Google Scholar]
- Brands S and Chaum D. Distance-bounding protocols. In: Workshop on the Theory and Application of Cryptographic Techniques, Springer, 1993, 344–359. [Google Scholar]
- Bussard L and Bagga W. Distance-bounding proof of knowledge to avoid real-time attacks. In: Security and Privacy in the Age of Ubiquitous Computing: IFIP TC11 20th International Information Security Conference May 30-June 1, 2005, Chiba, Japan 20, Springer, 2005, 223–238. [Google Scholar]
- Trujillo-Rasua R, Martin B and Avoine G. The poulidor distance-bounding protocol. In: Radio Frequency Identification: Security and Privacy Issues: 6th International Workshop, RFIDSec 2010, Istanbul, Turkey, June 8-9, 2010, Revised Selected Papers 6, Springer, 2010, 239–257. [Google Scholar]
- Boureanu I, Mitrokotsa A and Vaudenay S. Practical and provably secure distance-bounding. J Comput Secur 2015; 23: 229–257. [CrossRef] [Google Scholar]
- Desmedt Y. Major security problems with the "unforgeable"(feige)-fiat-shamir proofs of identity and how to overcome them. In: Proceedings of SECURICOM, 1988, Vol. 88, 15–17. [Google Scholar]
- Chiang JT, Haas JJ and Hu YC. Secure and precise location verification using distance bounding and simultaneous multilateration. In: Proceedings of the Second ACM Conference on Wireless Network Security, 2009, 181–192. [Google Scholar]
- Koblitz N. Elliptic curve cryptosystems. Math Comput 1987; 48: 203–209. [CrossRef] [Google Scholar]
- ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theor 1985; 31: 469–472. [CrossRef] [Google Scholar]
- Nakamoto S. Bitcoin: A peer-to-peer electronic cash system. Decentralized Business Review 2008. https://bitcoin.org/bitcoin.pdf. [Google Scholar]
- Wood G, et al. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 2014; 151: 1–32. [Google Scholar]
- Cremers C, Rasmussen KB, Schmidt B, et al. Distance hijacking attacks on distance bounding protocols. In: 2012 IEEE Symposium on Security and Privacy, IEEE, 2012, 113–127. [Google Scholar]
- Bay A, Boureanu I, Mitrokotsa A, et al. The bussard-bagga and other distance-bounding protocols under attacks. In: Information Security and Cryptology: 8th International Conference, Inscrypt 2012, Beijing, China, November 28-30, 2012, Revised Selected Papers 8, Springer, 2013, 371–391. [Google Scholar]
- Avoine G, Bingöl MA, Boureanu I, et al. Security of distance-bounding: A survey. ACM Comput Surv (CSUR) 2018; 51: 1–33. [Google Scholar]
Hengchang Pan received a B.S. degree in Electronic and Electrical Engineering on Civil Aviation from the Nanjing University of Aeronautics and Astronautics, Nanjing, China, in 2021, where he is currently pursuing an M.S. degree in Electronic Information. His research interests mainly focus on blockchain technologies and UAV regulation.
Yuanshuo Wang received a B.S. degree in automation from Qingdao University in 2021. He is currently a postgraduate student in Electronic Information at the School of Automation, Northwestern Polytechnical University, Xi’an, China. His research interests include passive localization, target tracking, and neural networks.
Wei Wang received a B.Eng. degree in information countermeasure technology and an M.Eng. degree in signal and information processing from Xidian University in 2011 and 2014, respectively, and a Ph.D. degree in electrical and electronic engineering from Nanyang Technological University, Singapore, in 2018. From September 2018 to August 2019, he was a Postdoctoral Fellow with the Department of Electrical and Computer Engineering, University of Waterloo, Canada. He is currently a Professor at the Nanjing University of Aeronautics and Astronautics. His research interests include wireless communications, space-air-ground integrated networks, wireless security, and blockchain.
Ping Cao received an M.S. degree from the University of Chinese Academy of Sciences, Beijing, China, in 2014. He is currently an Engineer at Nanjing University of Aeronautics and Astronautics, Nanjing, China. His research interests include blockchain and distributed systems.
Fangwei Ye received a B.Eng. degree in information engineering from Southeast University in 2013 and a Ph.D. degree from the Department of Information Engineering, at the Chinese University of Hong Kong, in 2018. From 2018 to 2020, he was a Postdoctoral Associate with the Department of Electrical and Computer Engineering, at Rutgers University. From 2021 to 2023, he was with the Broad Institute of MIT and Harvard. He is currently a Professor at the College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics. His research interests include information theory and its applications to privacy, security, and coding opportunities in learning.
Qihui Wu received a B.Sc. degree in communications engineering, and an M.Sc. and Ph.D. degree in communications and information systems from the Institute of Communications Engineering, China in 1994, 1997, and 2000, respectively. From 2003 to 2005, he was a postdoctoral research associate at Southeast University, China. From 2005 to 2007, he was an associate professor with the Institute of Communications Engineering, PLA University of Science and Technology, China, where he is currently a full professor. From March 2011 to September 2011, he was an advanced visiting scholar at Stevens Institute of Technology, USA. Since 2016, he has been with the Nanjing University of Aeronautics and Astronautics and appointed a distinguished professor. His research interests include wireless communications, statistical signal processing, and system design of software-defined radio, cognitive radio, and smart radio.
All Tables
All Figures
Figure 1. An illustration of UAV location proof |
|
In the text |
Figure 2. System model of UAV location verification system |
|
In the text |
Figure 3. Workflow of location authentication |
|
In the text |
Figure 4. The time cost of different authentication operations under different peer numbers |
|
In the text |
Figure 5. Communication cost. (a) PBC: 160bit RSA: 1024bit. (b) PBC: 224bit RSA: 2048bit. (c) PBC: 256bit RSA: 3072bit |
|
In the text |
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.