Professional Documents
Culture Documents
Authenticated Secure Quantum
Authenticated Secure Quantum
1 ABSTRACT The rapid advance of manufacturing Unmanned Aerial Vehicles (UAVs, aka drones) has led
2 to a rise in the use of their civilian and commercial applications. The access of these drones to controlled
3 airspace can be efficiently coordinated through particular layered network architecture, often referred to
4 as the Internet-of-Drones (IoD). The nature of IoD, which is deployed in an open-access environment,
5 brings significant safety and security concerns. Classical cryptosystems such as elliptic curve cryptography,
6 Rivest-Shamir-Adleman, and Diffie-Hellman are essential building blocks to secure communication in the
7 IoD. However, with the rapid development of quantum computing, it will be easy to break public-key
8 cryptosystems using efficient quantum algorithms like Shor’s algorithm. Thus, building quantum-safe
9 solutions to enhance IoD security has become imperative. Fortunately, quantum technologies can provide
10 unconditional security solutions to protect data and communications in the IoD environment. This paper
11 proposes a quantum-based scheme to prevent unauthorized drones from accessing a specific flight zone
12 and authenticates the identities and shared secret messages of involved entities. To do so, we used a quantum
13 channel to encode the private information based on a pre-shared key and a random key generated in a session.
14 The involved entities also perform mutual authentication and share a secret key. We also provide the security
15 proofs and analysis of the proposed scheme that indicates its resistance to well-known attacks.
19 Recently, the IoD has received a lot of attention from both tions. Ongoing developments in communication and wire- 26
20 research and industry thanks to the fact that the IoD can less networked systems make drones attractive systems to be 27
21 provide direct or indirect access to drones. In this scenario, the employed in a wide range of applications and services ranging 28
22 drones may only operate as mobile routers to forward infor- from military to civilian applications. Also, rapid technologi- 29
23 mation to distant nodes or be a part of the operations them- cal advancements in manufacturing high-quality and low-cost 30
24 selves, establishing autonomous swarms or mesh networks commercial drones have opened up a slew of new business 31
The associate editor coordinating the review of this manuscript and goods delivery, aerial photography and videography, live 33
approving it for publication was Rahim Rahmani . streaming, firefighting, disaster relief, crop spraying, crop 34
This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/
VOLUME 10, 2022 94963
H. Abulkasim et al.: Authenticated Secure Quantum-Based Communication Scheme in IoD Deployment
35 monitoring, etc. By 2025, the potential economic impact of and is significant for scenarios where the communicated data 91
36 integrated UAS is expected to reach $82 billion and generate is of high value to the attackers. 92
37 employment of up to 100,000 individuals, thanks to increased In 2020, Liu et al. [7] experimentally developed an air- 93
38 government initiatives to simplify the regulatory environ- borne mobile quantum communication network using a 94
39 ment [43], [44]. Aerial technology can provide services at a quantum-based drone. They used the quantum-based drones 95
40 lower cost and higher efficiency not easy to provide by tradi- as nodes capable of generating and measuring quantum bits 96
41 tional methods, making giants such as Amazon and Walmart (qubits); hence the drones can build a secure quantum chan- 97
42 praise it as the future of e-commerce. UAS involve critical nel among communicators. Liu et al.’s mobile quantum net- 98
43 strategic and financial information, making them vulnerable work could be used for multiple functions: 1) to interconnect 99
44 to attacks by unauthorized users that target communication, quantum satellites with quantum fiber ground networks; 2) to 100
45 transmitted data, or even physical elements. Without robust connect two quantum ground nodes or servers; 3) to con- 101
46 security and privacy communication systems, drones can be nect quantum drones with other quantum ground nodes or 102
47 used for illegal acts ranging from simple surveillance to seri- users and so on. Their work opens the door for a new era of 103
48 ous crimes like terrorist attacks and targeted assassinations. quantum-based drone development that could be used in real 104
49 In the beginning, researchers and engineers were focused on life. In this paper, we propose an authentication scheme based 105
50 the development of drone architecture and their functional on quantum cryptography for authenticating the involved 106
51 effectiveness without giving much attention to protecting the entities and securing the transmitted data in the IoD deploy- 107
52 integrity or confidentiality of drones’ communications and ment. The network model of the proposed scheme contains 108
53 data. Therefore, several recent papers have been published to various drones deployed in many zones that send their data to 109
54 address the problems of security and privacy based on classi- a ground station. We will prove the security of communica- 110
55 cal cryptography [1], [2], [3], [4], [23], [24], [25], [26], [27], tion between entities against related common attacks such as 111
56 [28], [29], [30], [31], [32], [33], [34], [35], [36], [37], [38]. impersonation attacks and man-in-the-middle attacks. 112
59 of security. In such works, public-key cryptosystems like Previous works have indicated that there are many challenges 114
60 elliptic curve cryptography, Rivest-Shamir-Adleman (RSA), threatening the expansion of the use of drones for civilian and 115
61 and Diffie-Hellman are essential building blocks to secure military purposes [8]. Among these threats and challenges are 116
62 communication. All these classical cryptosystems have one the authentication of drones and the other involved entities, 117
63 thing in common: they are all based on the difficulty of controlling and hacking of the drones, jamming of the broad- 118
64 solving some complex mathematical problems. To assure the cast communication, and others. Recently, several drone inci- 119
65 security of such cryptosystems, it must be shown that crack- dents have occurred due to a lack of drone authentication. For 120
66 ing them is as difficult as solving an intractable mathematical example, many heavy-traffic airports in different countries 121
67 problem without possessing a secret piece of information. were closed and incurred huge financial losses due to unau- 122
68 The security of such a cryptosystem is guaranteed by the thorized access from suspicious drones (a recent relevant sur- 123
69 hardness of adopted mathematical problems like the discrete vey on this topic can be found in [9]). Therefore, it is crucial 124
70 logarithm problem and the integer factorization problem. to achieve authentication between ground stations and drones 125
71 If an advanced cryptanalysis algorithm defeats the hardness, to check whether a drone is authorized to access a certain 126
72 such a cryptosystem is deemed compromised. In 1994, Shor zone or not. Also, in some special cases, authentication is 127
73 developed a quantum cryptanalysis algorithm that could find needed between a drone and another drone for sharing some 128
74 discrete logarithms and factor integers exponentially faster information as well as authenticating the sensitive transmitted 129
75 than classical algorithms [39]. Shor’s algorithm theoretically messages among participants. The importance of authenti- 130
76 enables quantum computers to crack the majority of public- cation and such incidents motivate the need to propose and 131
77 key cryptosystems currently in use. Quantum computers exist design secure authentication schemes for drones. As a result, 132
78 presently, but they need significant technical improvement to several schemes employed classical cryptosystems to ensure 133
79 be widely utilized. It is believed that a quantum computer with the security and privacy of communications in the IoD envi- 134
80 around 20 million quantum bits (qubits) is required to break ronment [24], [25], [26], [27], [28], [29], [30], [31], [32], [33], 135
81 an RSA-2048 algorithm [40]. Once scaled, quantum comput- [34], [35], [36], [37], [38]. However, Quantum computing 136
82 ers will catastrophically break most of our commonly used can efficiently break those classical cryptosystems that rely 137
83 standardized mechanisms for ensuring the integrity and con- on the complexity of these problems [39]. In 2016, NIST 138
84 fidentiality of the data [5], [6]. Fortunately, quantum cryptog- (National Institute of Standards and Technology) published a 139
85 raphy is able to provide unconditional security for the stored report on post-quantum cryptography, anticipating that a uni- 140
86 and communicated data (i.e., a protocol remains secure even versal quantum computer capable of breaking 2000-bit RSA 141
87 if an attacker has unlimited computing power or a powerful in a few hours will be available by 2030, making the exist- 142
88 quantum computer) [41], [42]. Therefore, securing the com- ing public-key infrastructure (PKI) insecure [45]. Therefore, 143
89 munication of drones based on quantum cryptography could quantum-safe schemes based on quantum cryptography or 144
90 resist the potential threat of a powerful quantum computer post-quantum cryptography to secure the IoD is imperative. 145
146 B. RELATED WORK based on classical cryptosystems, which are vulnerable to the 181
147 In 2018, Wazid et al. [10] provided a comparative study on massive power of a quantum computer or classical computing 182
148 some previous authentication protocols for the IoD in terms resources [5], [6]. As a response to those problems, quantum 183
149 of communication overheads and the features of functionality cryptography, as one of the most mature quantum computing 184
150 and security. They also introduced a generalized taxonomy of applications, has been adopted to provide unconditionally 185
151 the authentication protocols in the IoD environment. More- secure solutions in various communication systems that seek 186
152 over, the authors provided a list of practical challenges for optimal security of sensitive data and communication against 187
153 designing secure authenticated protocols in the IoD deploy- attackers [16]. In 2019, Liu et al. demonstrated a drone-based 188
154 ment. In 2019, Srinivas et al. [11] presented an authenticated mobile communication system for multi-node construction 189
155 lightweight method for users in the IoD environment with and real-time all-location coverage. The designed system has 190
156 temporal credentials. The authors employed the techniques of been proven robust against all-weather conditions and can be 191
157 hash function and fuzzy extractor. Also, they provided a com- scaled to multi-node structures. In 2021, Yu et al. designed 192
158 parative analysis of their proposed mechanisms with other an airborne quantum key distribution model that connects 193
159 existing schemes, demonstrated that their scheme is better in terrestrial networks with satellite networks to establish a real- 194
160 both security and functionality, and has lower computation time on-demand quantum network. These works focused on 195
161 and communication costs. In 2020, Alladi et al. [12] provided the ability to build quantum communication through drones 196
162 a lightweight authentication scheme to secure the communi- and its efficiency in the IoD deployment and did not con- 197
163 cation between drones and their ground stations based on the sider significant security features such as authentication, key 198
164 technique of Physical Unclonable Function. Pu and Li [31] sharing, and key management. Inspired by Liu et al. [7] and 199
165 presented a lightweight authentication scheme to provide other related works [17], [18], [19], this work introduces a 200
166 secure communications between ground stations and drones. robust and lightweight authentication scheme to secure the 201
167 The basic idea behind their scheme is that the ground station communication and data in the IoD deployment. 202
168 and drone employ the chaotic maps’ seed value to randomly
169 rearrange genuine messages according to the created chaotic C. RESEARCH CONTRIBUTIONS 203
170 sequence. Also, Pu et al. [22] proposed a lightweight mutual •We propose a mutual identity and message authentica- 204
171 authentication and key agreement scheme with protecting pri- tion scheme between the drones and the ground stations. 205
172 vacy for the IoD. A chaotic system and physical unclonable • A pre-shared secret key can be reused without informa- 206
173 function are used to provide mutual authentication and create tion leaks. 207
174 a session key between IoD system communication parties. • Sharing a secure random key among authenticated enti- 208
175 However, drones are vulnerable to device capturing and cer- ties for securing transmitted data. 209
176 tain types of attacks because of remote environments and • The proposed model is secure against well-known 210
177 limited resources. This raises the possibility of attackers steal- attacks. 211
178 ing drone data. In the same context, several authentication The remainder of the paper is organized as follows. 212
179 protocols have been presented [3], [4], [13], [14], [15]. How- In Section II, we introduce the model considered for the 213
180 ever, securing communication channels in such schemes are main result of this paper, provide a table of notation, then 214
FIGURE 2. Database server pre-shares Kd g with both the drone and the ground station and preloads the drone data into the drone before taking off. The
dashed line refers to a quantum channel.
215 describe our new protocol. Section III introduces system has the ability to intercept the communication channels 255
216 models. In Section IV, we prove the security of our protocol and can also forge or modify the exchanged message. 256
217 against an adversary attempting to become authenticated and • It is possible that an adversary has unlimited computing 257
218 access a secret session key. We then provide a description power and can use it to apply powerful computational 258
219 of other possible attacks that an adversary may attempt and attacks. However, the server and ground stations are 259
220 argue security against such attacks. considered secure entities in this work. Thus, the adver- 260
225 Fig. 1 depicts the network model for remote mutual authenti- In this paper, we consider the following model of drones, 265
226 cation. The airspace includes multiple fly zones, and each fly ground stations, and a central control room with a database 266
227 zone may contain several drones in order to monitor a certain server. The database server is able to communicate with each 267
228 environment according to the network concept. A deployed ground station and each pre-take off drone through secure 268
229 drone in a certain fly zone collects targeted data from the sur- private channels. Each ground station is also able to commu- 269
230 rounding environment and transmits it to a database server in nicate with the drones within a known fly zone but cannot 270
231 a control room through a ground station. The database server communicate with other ground stations. The drones are able 271
232 stores sensitive information related to all involved entities to communicate with other drones within and beyond their 272
233 and the airspace. It also stores the data collected by legit- current fly zone. 273
236 IoD system. Quantum technologies are used to provide secure AND GROUND STATIONS 275
237 wired/wireless connectivity in the IoD environment. Private Before a drone d takes off, the database server pre-shares 276
238 keys are pre-shared between the server and the involved enti- a secret Kdg with both a drone (d) and a ground station (g) 277
239 ties (i.e., drones and ground station) through a secure private through a secure private channel (see also Fig. 2). Addition- 278
240 channel. Generally, a drone in a specific fly zone and a ground ally, the database server preloads IDg and FPd into the d, 279
241 station must authenticate each other before establishing a and sends IDd and FPd to g through a secure private channel. 280
242 secure session key to secure their future communications. Throughout this work, we assume that quantum channels are 281
243 This work assumes that the server, drones, and ground sta- optimal, i.e., quantum channels are noiseless and lossless. 282
244 tion are equipped with quantum capabilities to generate and Also, we assume that all involved entities agree on the four 283
245 measure quantum photons. We also assume that quantum Bell states {|φ00 i , |φ01 i , |φ10 i , |φ11 i}, indicated in (1), and 284
246 channels are optimal, i.e., quantum channels are noiseless the four unitary operations {σ00 , σ01 , σ10 , σ11 }, indicated in 285
247 and lossless. Each drone has a GPS, inertial measurement (2), to represent the four two-bits classical information {00, 286
248 units, and inertial navigation system to determine its present 01, 10, 11}, respectively. 287
TABLE 1. List of notifications. bk1 represents the selected measurement bases based on k1 . 324
Similarly, d determines the initial basis for each qubit in the 325
from the quantum states {|0i , |1i , |+i = √1 (|0i + |1i), 336
2
or |−i = √1 (|0i−|1i}. Then, d randomly inserts these decoy- 337
2
qubits re , and S .
into the sequences S0 , S34 338
d
Step 6: Through a quantum channel, d sends the sequences 339
re and S to the ground station g.
S0 , S34 340
d
Step 7: Upon g receiving S0 , S34 re and S , the drone d 341
d
announces the positions of each decoy-qubits and its cor- 342
0 1 pute the error value. If the error rate is lower than a preset 345
293 σ01 = |0i h1| + |1i h0| = ,
1 0 value, d and g continue to the next process. Otherwise, they 346
1 0
must terminate the protocol. 347
294 σ10 = |0i h0| − |1i h1| = , Step 8: Upon confirming that the quantum channel 348
0 −1
between d and g is secure, d sends the hashing value of the 349
0 1
295 σ11 = |0i h1| − |1i h0| = . (2) random key rd , i.e., h(rd ), to g through a quantum channel. d 350
−1 0 and g also employs the decoy-qubits technique used in Step 5 351
296 The detailed steps of the proposed model are as follows: and Step 7 to ensure the security of transmitting h(rd ). 352
297 Step 1: The drone d prepares the sequence S0 = h(IDd ⊕ Step 9: The ground station g checks whether S0 = h(IDdj ⊕ 353
298 IDg ), where IDd and IDg represent the destination identity of IDg ) is identical with its corresponding data (i.e., S00 = 354
299 the drone d and the ground station g, respectively. h(IDd ⊕ IDg )0 ) or not. If S0 = S00 ; g partially authenticates 355
300 Step 2: The drone d randomly generates 3n Bell quan- the identity of d and continues to the next step. Otherwise, g 356
301 tum states selected from the agreed four Bell states in (2). revokes d’s request and ends the protocol. 357
302 Then, d divides the 3n Bell states into four sequences: Step 10: Upon confirming that S0 is valid, g uses the pre- 358
303 S1 = d1 , d2 , . . . , dn , S2 = dn+1 , dn+2 , . . . , d3n , S3 = shared key (k2 ) and the rules indicated in Step 4 to measure 359
304 g1 , g2 , . . . , gn , and S4 = gn+1 , gn+2 , . . . , g3n . Here, di and gi (S1 kS2 ) getting (S30 kS40 ) ; note, if g has the identical pre-shared 360
305 (i = 1, 2, . . . , 3n) represent the first and the second photons key (k2 ), (S10 k S20 ) is identical to (S1 k S2 ). Also, g uses the 361
306 of the ith Bell state, respectively. pre-shared key k1 and the rules indicated in Step 4 to measure 362
re = b (S 0 | S 0 ) getting (S 00 k S 00 ); note, if g has the identical
S34
307 Step 3: d creates an n − bit random number (rd ) and gets k1 3 4 3 4 363
308 (rd ⊕ md ) k (h(rd ) ⊕ h(md )) by using the XOR operation pre-shared key (k1 ), (S30 kS40 ) is identical to (S300 kS400 ). Based on 364
309 and then the one-way hash function. Using the four unitary (mg kh(mg )), g applies unitary operations selected from the set 365
310 operations {σ00 , σ01 , σ10 , σ11 }, d encodes rd and (rd ⊕ md ) k {σ00 , σ01 , σ10 , σ11 } to S400 getting a new evolved sequence S4000 . 366
311 (h(rd ) ⊕ h(md )) on S3 and S4 , respectively, obtaining S30 = Step 11: Using Bell measurement, g measures every corre- 367
312 er (S3 ) and S40 = e(rd ⊕md )k(h(rd )⊕h(md )) S4 , where e represents sponding pair (di and gi ) in (S30 k S40 ) and (S300 k S4000 ) getting the 368
313 the encoding process based on the four unitary operations. result rd0 kM ; note, rd is identical to rd0 if the quantum channels 369
314 For example, when n = 2, if rd = 00 d applies the unitary are secure and g has the matching pre-shared key (Kdg ). The 370
315 operation σ00 on S3 , and if (rd ⊕md )k(h(rd )⊕h(md )) = 0111, ground station g then computes (rd0 kh(rd0 ))⊕M ⊕(mg kh(mg )) 371
316 d applies the unitary operations σ01 and σ11 on S4 . getting a computation result representing m0d k h(md )0 . After 372
317 Step 4: d determines the initial basis for each qubit in the that, g performs two comparisons: 1) g computes h(m0d ) and 373
318 sequence S30 k S40 based on the pre-shared key k1 produc- checks whether h(m0d ) is identical to h(md )0 or not; 2) g com- 374
320 k1,i = 0 the drone d selects the Z − basis = {|0i , |1i} or not. If so, g knows with certainty that the message is 376
321 to transfer the corresponding qubit in the sequence S30 k S40 ; genuine and fully authenticates the identity of d. Otherwise, 377
322 otherwise, d selects the X − basis = {|+i , |−i} to trans- g and d end the protocol and restart the protocol from the 378
323 fer the corresponding qubit in the sequence S30 k S40 , where beginning. 379
380 Step 12: g sends M to d through a quantum channel and to be detected, the two parties would restart the session with 435
381 checks the security of transmission with d as in Steps 6 & 7. new random values to be generated. The only information E 436
382 Step 13: Upon confirming the secure transmission of M , g could obtain without the risk of being detected would be the 437
383 also sends h(rd ⊕ Kg ) to d through a quantum channel and announcement of the information of decoy photons, which 438
384 checks the security of transmission with d as in Steps 6 & 7. does not cause leakage of any private information used to 439
385 Step 14: d computes (rd ⊕h(rd ))⊕M ⊕(md ⊕h(md )) getting generate any of the messages in the protocol. Additionally, 440
386 the computation result m0g kh(mg )0 . Subsequently, d computes E is unable to intercept any messages sent between d and g 441
387 h(m0g ) and checks whether h(m0g ) is identical to h(mg )0 or not. without being detected with high probability. This prevents E 442
388 If so, d deduces the shared secret key Kg0 , where m0g = mg = from attempting to recover or inject information needed to be 443
389 IDg k Kg0 . Finally, d checks whether h(rd ⊕ Kg0 ) is identical authenticated and/or get the shared key. Thus, E must attempt 444
390 to h(rd0 ⊕ Kg ) or not. If so, d believes that Kg0 is genuine and to guess the information necessary to be authenticated and get 445
391 authenticates the identity of g. Otherwise, d and g end the the shared key. 446
392 protocol and restart the protocol from the beginning. In Step1, d uses the XOR function to encrypt the IDd and 447
393 IV. SECURITY ANALYSIS AND PROOFS based on a randomly generated key rd , the secret data md = 449
394 In this section of the paper, we perform our security anal- IDd kFPd , and the two shared sub-keys k1 and k2 , d creates the 450
396 security against an adversary attempting to be authenticated E needs to 1) successfully guess the generated 3n Bell states; 452
397 and acquire the shared secret key. Following that, we provide 2) get the transmitted sequences S¯0 , S¯34re , S¯ , and h(r¯ ) that
d d 453
re
are sent by d correctly (i.e., S0 , S34 , Sd , and h(rd )); 3) then
398 heuristic arguments for security against additional quantum- 454
399 based attacks. successfully pass the eavesdropping check process in Steps 7 455
400 A. THE PROVABLE SECURITY OF THE PROPOSED SCHEME 1) In Step1, d randomly generates 3n Bell states from the 457
401 Definition 1: In [20], Wootters-Zurek introduced the four states in (1). So, the probability (P1) of E correctly 458
402 no-cloning theorem, which proved that it is impossible to guessing the Bell states is as follows: 459
408 to correctly measure the transmitted qubits from one legit- of guessing the correct sequences for E is as follows: 463
411 droppers will be caught when they try to intercept them. Pr[k1 = k¯1 ]Pr[k2 = k¯2 ] 465
FIGURE 3. Steps of the proposed method. The dashed arrow represents a quantum channel.
482 B. FURTHER SECURITY DISCUSSIONS proposed protocol can prevent the information leakage issue. 491
484 may try to exploit to gain information or access to private Sd to the ground station through a quantum channel. These 493
485 information. sequences are encoded based on the Kdg = k1 kk2 , md , and rd . 494
486 1) INFORMATION LEAKAGE secret information will be caught with high probability. More- 496
487 Preventing information leakage is crucial for some quantum over, the decoy-photon protocol [46] that is used for detecting 497
488 authentication protocols that enable attackers to deduce the eavesdroppers in Step 7 just uses the inserted decoy-photons 498
489 secret message or extract useful information from the clas- to check the security of transmission and does not expose any 499
490 sical public channels. In this subsection, we show that the other photons used for encoding secret data. 500
520 probability 1 − ( 43 )l , where l is the number of decoy-qubits. In the Case of Impersonating the Drone (d): If the attacker 555
521 Hence, the probability is close to 1 when l is large enough tries to impersonate the drone (d) by sending forged 556
re and S to the ground station, they will
sequences S0a , S34a 557
522 (see also Fig. 4). da
be detected in Step 9 because the attacker does not know IDd 558
523 3) ENTANGLE-AND-MEASURE ATTACK and IDd that are required to produce h(IDd ⊕ IDg ). 559
524 An attacker (E) may steal partial information about secret In Case of Impersonating the Ground Station (g): If the 560
525 messages by using ancillary photons to entangle the qubits attacker tries to impersonate g, they will send to d an invalid 561
526 sent to the ground station and measuring the ancillary pho- data (i.e., M in Step 12 and h(rd0 ⊕ kg ) in Step 13) because the 562
527 tons. E may use a unitary operation UE to entangle a random attacker does not know the pre-shared key (Kdg ) that was used 563
528 qubit on the decoy-qubits and measure the random qubit in to reorder the transmitted sequences. Hence, the attacker can 564
529 the Z − basis or X − basis to steal the secret. In the follow- be detected in Step 14 when d checks whether: 1) h(mg )0 is 565
530 ing, E performs a unitary operation UE to entangle a qubit identical to h(m0g ) or not; 2) h(rd ⊕ Kg0 ) is identical to h(rd0 ⊕ 566
531 |Ei, on the decoy-qubits in the quantum states (|0i, |1i, |+i, Kg ) or not. 567
532 or |−i).
5) MODIFICATION ATTACK 568
533 UE |0i |Ei = a1 |0i |E00 i + a2 |1i |E01 i , In this attack, the attacker tries to modify the contents of 569
534 UE |1i |Ei = a3 |0i |E10 i + a4 |1i |E11 i , (7) the transmitted photons (in Step 2 or Step 6) to make the 570
544 When the operation of E introduces no error, UE must meet decoy-photon protocol as in Step 7. Thus, the attacker will be 584
547 a1 |E00 i − a2 |E01 i = −a3 |E10 i + a4 |E11 i . (9) A proposed scheme supports perfect forward secrecy when 587
an attacker cannot deduce the shared secret key using a com- 588
548 We can easily obtain a1 + a4 = 1 and a2 + a3 = 0, and promised pre-shared secret key of any node. In this work, 589
549 |E00 i = |E11 i. We have UE |0i |Ei = a1 |0i |E00 i , and the final shared secret message/key of the session (Kg ) is 590
550 UE |1i |Ei = a4 |1i |E11 i , which means that E introduces no shared between d and g using a random number rd , that is not 591
592 included in the pre-shared secret information Kdg , IDg , IDd [5] G. Alagic, J. Alperin-Sheriff, D. Apon, D. Cooper, Q. Dang, and J. Kelsey, 650
593 and FPd , or transmitted through the communication of the ‘‘Status report on the second round of the NIST post-quantum cryptogra- 651
phy standardization process,’’ U.S. Dept. Commerce, NIST, Gaithersburg, 652
594 protocol. As such, the attacker cannot gain any information MD, USA, Tech. Rep. 8309, 2020. 653
595 about rd from the pre-shared secret information. Thus, the [6] D. Bernstein and T. Lange, ‘‘Post-quantum cryptography,’’ Nature, 654
596 proposed scheme achieves the perfect forward secrecy. vol. 549, no. 7671, pp. 188–194, 2017. 655
[7] H.-Y. Liu, X.-H. Tian, C. Gu, P. Fan, X. Ni, R. Yang, J.-N. Zhang, M. Hu, 656
597 V. CONCLUSION J. Guo, X. Cao, X. Hu, G. Zhao, Y.-Q. Lu, Y.-X. Gong, Z. Xie, and 657
S.-N. Zhu, ‘‘Drone-based entanglement distribution towards mobile quan- 658
598 In this work, we focused on the problem of authenticating the
tum networks,’’ Nat. Sci. Rev., vol. 7, no. 5, pp. 921–928, May 2020. 659
599 identity and the secret messages of the involved entities in [8] M. Gharibi, R. Boutaba, and S. L. Waslander, ‘‘Internet of Drones,’’ IEEE 660
600 the IoD environment. To address this problem, we proposed Access, vol. 4, pp. 1148–1162, 2016. 661
601 a quantum-based authenticated communication scheme for [9] G. Lykou, D. Moustakas, and D. Gritzalis, ‘‘Defending airports from UAS: 662
A survey on cyber-attacks and counter-drone sensing technologies,’’ Sen- 663
602 drones in Internet-of-Drones Deployment. A database server sors, vol. 20, no. 12, p. 3537, Jun. 2020. 664
603 is used to pre-share private information with both the ground [10] M. Wazid, A. K. Das, and J.-H. Lee, ‘‘Authentication protocols for the 665
604 station and the legitimate drones through secure private chan- Internet of drones: Taxonomy, analysis and future directions,’’ J. Ambient 666
Intell. Humanized Comput., pp. 1–10, Aug. 2018, doi: 10.1007/s12652- 667
605 nels. The drone uses its private information and a randomly 018-1006-x. 668
606 generated key to encode some generated quantum states and [11] J. Srinivas, A. K. Das, N. Kumar, and J. J. Rodrigues, ‘‘TCALAS: Tem- 669
607 then sends them through a quantum channel to the ground poral credential-based anonymous lightweight authentication scheme for 670
Internet of Drones environment,’’ IEEE Trans. Veh. Technol., vol. 68, no. 7, 671
608 station. The randomly generated value by the drone is used to
pp. 6903–6916, Oct. 2019. 672
609 encode the transmitted secret which has not been transmitted [12] T. Alladi, N. Naren, G. Bansal, V. Chamola, and M. Guizani, ‘‘SecAu- 673
610 through any of the communication channels, which guaran- thUAV: A novel authentication scheme for UAV-base station scenario,’’ 674
611 tees the security of the secret messages. Both the drone and IEEE Trans. Veh. Technol., vol. 69, no. 12, pp. 15068–15077, Dec. 2020. 675
[13] Z. Ali, S. A. Chaudhry, M. S. Ramzan, and F. Al-Turjman, ‘‘Securing smart 676
612 ground station check the security of the transmission based on city surveillance: A lightweight authentication mechanism for unmanned 677
613 the principles of quantum physics; they then authenticate their vehicles,’’ IEEE Access, vol. 8, pp. 43711–43724, 2020. 678
614 identity and the transmitted secret messages. The security [14] G. Cho, J. Cho, S. Hyun, and H. Kim, ‘‘SENTINEL: A secure and effi- 679
cient authentication framework for unmanned aerial vehicles,’’ Appl. Sci., 680
615 proofs and analysis show that attackers can be detected with vol. 10, no. 9, p. 3149, Apr. 2020. 681
616 high probability. Through informal security discussions, the [15] T. Alladi, V. Chamola, and N. Kumar, ‘‘PARTH: A two-stage lightweight 682
617 proposed protocol is shown to be secure against well-known mutual authentication protocol for UAV surveillance networks,’’ Comput. 683
Commun., vol. 160, pp. 81–90, Jul. 2020. 684
618 attacks.
[16] K. Shannon, E. Towe, and O. K. Tonguz, ‘‘On the use of quantum entan- 685
622 each other and their surroundings without human intervention [18] H. Abulkasim, S. Hamad, K. El Bahnasy, and S. Z. Rida, ‘‘Authenticated 690
quantum secret sharing with quantum dialogue based on bell states,’’ Phys. 691
623 while leveraging data at the edge to provide business intelli- Scripta, vol. 91, no. 8, Aug. 2016, Art. no. 085101. 692
624 gence and insights. NXM ensures data privacy and integrity [19] H. Zhu, L. Wang, and Y. Zhang, ‘‘An efficient quantum identity authenti- 693
625 by using a novel blockchain-based architecture which enables cation key agreement protocol without entanglement,’’ Quantum Inf. Pro- 694
cess., vol. 19, no. 10, pp. 1–14, Oct. 2020. 695
626 rapid and regulatory-compliant data monetization. Toronto
[20] W. K. Wootters and W. H. Zurek, ‘‘A single quantum cannot be cloned,’’ 696
627 Metropolitan University is in the ‘‘Dish With One Spoon Nature, vol. 299, pp. 802–803, Oct. 1982. 697
628 Territory’’. The Dish With One Spoon is a treaty between the [21] T. Hwang, K. C. Lee, and C. M. Li, ‘‘Provably secure three-party authen- 698
629 Anishinaabe, Mississaugas, and Haudenosaunee that bound ticated quantum key distribution protocols,’’ IEEE Trans. Depend. Secure 699
Comput., vol. 4, no. 1, pp. 71–80, Jan. 2007. 700
630 them to share the territory and protect the land. Subsequent [22] C. Pu, A. Wall, K.-K.-R. Choo, I. Ahmed, and S. Lim, ‘‘A lightweight and 701
631 Indigenous Nations and peoples, Europeans and all newcom- privacy-preserving mutual authentication and key agreement protocol for 702
632 ers, have been invited into this treaty in the spirit of peace, Internet of Drones environment,’’ IEEE Internet Things J., vol. 9, no. 12, 703
pp. 9918–9933, Jun. 2022. 704
633 friendship and respect. Wilfrid Laurier University is located [23] D. Chattaraj, B. Bera, A. K. Das, S. Saha, P. Lorenz, and Y. Park, ‘‘Block- 705
634 on the traditional territory of the Neutral, Anishnawbe, and CLAP: Blockchain-assisted certificateless key agreement protocol for 706
635 Haudenosaunee peoples. The authors thank them for allowing Internet of vehicles in smart transportation,’’ IEEE Trans. Veh. Technol., 707
vol. 70, no. 8, pp. 8092–8107, Aug. 2021. 708
636 them to conduct research on their land.
[24] S. R. Chinthi-Reddy, S. Lim, G. S. Choi, J. Chae, and C. Pu, ‘‘DarkSky: 709
637 REFERENCES Privacy-preserving target tracking strategies using a flying drone,’’ Veh. 710
Commun., vol. 35, Jun. 2022, Art. no. 100459. 711
638 [1] C. Lin, D. He, N. Kumar, K.-K. R. Choo, A. Vinel, and X. Huang, ‘‘Security [25] S. Hussain, S. A. Chaudhry, O. A. Alomari, M. H. Alsharif, M. K. Khan, 712
639 and privacy for the Internet of Drones: Challenges and solutions,’’ IEEE and N. Kumar, ‘‘Amassing the security: An ECC-based authentica- 713
640 Commun. Mag., vol. 56, no. 1, pp. 64–69, Jan. 2018. tion scheme for Internet of Drones,’’ IEEE Syst. J., vol. 15, no. 3, 714
641 [2] P. Gope and B. Sikdar, ‘‘An efficient privacy-preserving authenticated key pp. 4431–4438, Sep. 2021. 715
642 agreement scheme for edge-assisted Internet of Drones,’’ IEEE Trans. Veh. [26] S. Hussain, K. Mahmood, M. K. Khan, C.-M. Chen, B. A. Alzahrani, 716
643 Technol., vol. 69, no. 11, pp. 13621–13630, Nov. 2020. and S. A. Chaudhry, ‘‘Designing secure and lightweight user access to 717
644 [3] Y. Zhang, D. He, L. Li, and B. Chen, ‘‘A lightweight authentication and key drone for smart city surveillance,’’ Comput. Standards Interface, vol. 80, 718
645 agreement scheme for Internet of Drones,’’ Comput. Commun., vol. 154, Mar. 2022, Art. no. 103566. 719
646 pp. 455–464, Oct. 2020. [27] H. N. S. S. Jagarlapudi, S. Lim, J. Chae, G. S. Choi, and C. Pu, 720
647 [4] Y. Tian, J. Yuan, and H. Song, ‘‘Efficient privacy-preserving authentica- ‘‘Drone helps privacy: Sky caching assisted k-anonymity in spatial 721
648 tion framework for edge-assisted Internet of Drones,’’ J. Inf. Secur. Appl., querying,’’ IEEE Syst. J., early access, May 19, 2022, doi: 10.1109/ 722
649 vol. 48, Oct. 2019, Art. no. 102354. JSYST.2022.3171211. 723
724 [28] S. U. Jan, I. A. Abbasi, and F. Algarni, ‘‘A key agreement scheme for BRIAN GONCALVES received the H.B.Sc. 797
725 IoD deployment civilian drone,’’ IEEE Access, vol. 9, pp. 149311–149321, and M.Sc. degrees from McMaster University, 798
726 2021. Hamilton, ON, Canada, in 2016 and 2018, respec- 799
727 [29] M. Masuduzzaman, A. Islam, K. Sadia, and S. Y. Shin, ‘‘UAV-based MEC- tively. He is currently pursuing the Ph.D. degree 800
728 assisted automated traffic management scheme using blockchain,’’ Future with Toronto Metropolitan University, Toronto, 801
729 Gener. Comput. Syst., vol. 134, pp. 256–270, Sep. 2022. ON. He is also a Research Assistant at the Cyber- 802
730 [30] C. Pu and L. Carpenter, ‘‘Psched: A priority-based service schedul- security Research Laboratory, Toronto Metropoli- 803
731 ing scheme for the Internet of Drones,’’ IEEE Syst. J., vol. 15, no. 3,
tan University. His current research interests 804
732 pp. 4230–4239, Sep. 2021.
include agile cryptography for the IoT devices, 805
733 [31] C. Pu and Y. Li, ‘‘Lightweight authentication protocol for unmanned aerial
734 vehicles using physical unclonable function and chaotic system,’’ in Proc. provably secure quantum-resistant public key 806
735 IEEE Int. Symp. Local Metrop. Area Netw. (LANMAN, Jul. 2020, pp. 1–6. cryptography, and blockchain security. 807
744 vehicles networks,’’ Egyptian Informat. J., vol. 23, no. 1, pp. 83–93, the M.Math. degree from the University of Water- 810
745 Mar. 2022. loo, in 2003, and the Ph.D. degree in combinatorics 811
746 [35] A. S. Rajasekaran, A. Maria, F. Al-Turjman, C. Altrjman, and L. Mostarda, and optimization from the University of Waterloo, 812
747 ‘‘Anonymous mutual and batch authentication with location privacy of in 2009. From 2009 to 2012, she was a Scien- 813
748 UAV in FANET,’’ Drones, vol. 6, no. 1, p. 14, Jan. 2022. tific Collaborator at the Security and Cryptography 814
749 [36] P. T. Selvi, T. S. Sri, M. N. Rao, B. S. S. V. R. Babu, K. V. Rao, and Laboratory, School of Computer and Communi- 815
750 A. Srikanth, ‘‘Toward efficient security-based authentication for the Inter- cation Sciences, Swiss Federal Institute of Tech- 816
751 net of Drones in defense wireless communication,’’ Soft Comput., vol. 26, nology Lausanne (EPFL). From 2012 to 2016, she 817
752 no. 10, pp. 4905–4913, May 2022. was a Senior Information Security Consultant in cryptography at the Cana- 818
753 [37] Y. Tan, J. Wang, J. Liu, and N. Kato, ‘‘Blockchain-assisted distributed dian Imperial Bank of Commerce. Since 2016, she has held a faculty position 819
754 and lightweight authentication service for industrial unmanned aerial at the Toronto Metropolitan University (formerly Ryerson University), where 820
755 vehicles,’’ IEEE Internet Things J., early access, Jan. 12, 2022, doi: she is currently a Canada Research Chair and an Associate Professor at the 821
756 10.1109/JIOT.2022.3142251.
Ted Rogers School of Information Technology Management. She is also the 822
757 [38] C. Pu, A. Wall, K.-K.-R. Choo, I. Ahmed, and S. Lim, ‘‘A lightweight and
758 privacy-preserving mutual authentication and key agreement protocol for
Founder and the Director of the Cybersecurity Research Laboratory. Her 823
759 Internet of Drones environment,’’ IEEE Internet Things J., vol. 9, no. 12, research interest includes development of novel cybersecurity designs based 824
760 pp. 9918–9933, Jun. 2022. on emerging technologies. She investigates challenges and opportunities 825
761 [39] P. W. Shor, ‘‘Algorithms for quantum computation: Discrete logarithms brought forward by these new technologies and how they change the threat 826
762 and factoring,’’ in Proc. 35th Annu. Symp. Found. Comput. Sci., Nov. 94, landscape of cybersecurity. 827
763 pp. 124–134. Dr. Mashatan is a Certified Service Oriented Architect (SOA) with Hons. 828
764 [40] F. Arute, K. Arya, R. Babbush, D. Bacon, J. C. Bardin, and R. Barends, She holds a Certified Information Systems Security Professional (CISSP) 829
765 ‘‘Quantum supremacy using a programmable superconducting processor,’’ Certification from the International Information Systems Security Certifica- 830
766 Nature, vol. 574, no. 7779, pp. 505–510, 2019. tion Consortium (ISC2) and Enterprise Architecture. 831
767 [41] C. H. Bennett and G. Brassard, ‘‘Quantum cryptography: Public key dis-
768 tribution and coin tossing,’’ 2020, arXiv:2003.06557.
769 [42] P. W. Shor and J. Preskill, ‘‘Simple proof of security of the BB84 quantum
770 key distribution protocol,’’ Phys. Rev. Lett., vol. 85, p. 441, Jul. 2000.
771 [43] (2020). Commercial Unmanned Aerial Vehicle (UAV) Market Anal-
772 ysis. [Online]. Available: https://www.businessinsider.com/commercial-
773 uav-market-analysis SHOHINI GHOSE received the B.S. degree in 832
774 [44] (May 2022). Federal Aviation Administration. [Online]. Available: physics and the B.A. degree in mathematics from 833
776 [45] L. Chen, ‘‘Report on post-quantum cryptography,’’ Nat. Inst. Standards and the M.S. and Ph.D. degrees in physics from 835
777 Technol., Gaithersburg, MD, USA, Tech. Rep. NISTIR 8105, 2016. the University of New Mexico, in 1999 and 2003, 836
778 [46] W.-Y. Hwang, ‘‘Quantum key distribution with high loss: Toward global respectively. 837
779 secure communication,’’ Phys. Rev. Lett., vol. 91, no. 5, Aug. 2003, From 2003 to 2005, she was a Postdoctoral 838
780 Art. no. 057901. Research Fellow at the University of Calgary. 839
781 HUSSEIN ABULKASIM (Member, IEEE) Since 2005, she has held a faculty position at Wil- 840
782 received the B.Sc., M.Sc., and Ph.D. degrees in frid Laurier University, Waterloo, Canada. She is 841
783 computer science from South Valley University, currently a Professor of physics and computer science, and the NSERC Chair 842
784 in 2004, 2012, and 2016, respectively. for Women in Science and Engineering. She is also the Director of the Laurier 843
785 From 2006 to 2011, he was a Web Devel- Centre for Women in Science. She is the author of two books, and more 844
786 oper with the Center for Information and Com- than 60 articles, and has given over 200 invited talks about her work. Her 845
787 munication Technology, South Valley University. research interest includes quantum information science. Her research team 846
788 From 2012 to 2014, he was with the College was the first to observe a connection between chaos theory and quantum 847
790 Jazan University. From 2019 to 2021, he worked Dr. Ghose is a TED Senior Fellow and a 2017 Inductee into the Royal 849
791 as a Postdoctoral Researcher with the Cybersecurity Research Laboratory, Society of Canada’s College of New Scholars, Artists and Scientists. She 850
792 Toronto Metropolitan University. He is currently working as an Assistant is a past President of the Canadian Association of Physicists and sits on 851
793 Professor of computer science with the Department of Mathematics and the Scientific Advisory Board of the UNESCO International Basic Sciences 852
794 Computer Science, New Valley University. His current research interests Program. She is the first Canadian member of the Working Group on Women 853
795 include quantum cryptography, cybersecurity, IoT security, and blockchain in Physics of the International Union of Pure and Applied Physics. 854