A Secure And Anonymous Scheme To Access Core Network Based On Multi-UAV Relay

With the continuous development of information technology,unmanned aerial vehicle(UAV)plays an important role in various fields.Because it has strong mobility and it’s easy to be deployment,UAV plays an important role in many scenes,such as fire rescue,aerial photography,high-altitude equipment maintenance,precision agriculture,and cargo transportation,etc.Due to the continuous optimization of cluster control algorithm,the application of multiUAV has also begun to be paid attention.Multi-UAV has higher reliability than single UAV when tasks are executed.In recent years,the combination of UAV and base station which can help ground users access the core network(CN)has become an emerging topic.Because UAV flies at high altitude,it can provide a wider range of signal coverage.In case of natural disaster,battlefield network or ground base station overload,users can connect to the core network with the help of multi-UAV relay.However,there are still many security problems in the scheme to access the core network based on multi-UAV relay.First of all,because user equipment(UE)can not communicate with the core network directly,but user equipment completes mutual authentication with the core network by UAV relay and establish a secure session channel,this process is very easy to be destroyed by attacker.Secondly,The communication resources of the core network are limited.The attacker may illegally use the core network and make the network cannot be used normally by legal user equipment.Thirdly,when there is multi-UAV relay in the scene,the attacker may disguise as a legitimate relay to destroy the UAV network.Fourthly,in the scenario of relay communication,the real identity information of the user is likely to be obtained by the attacker,resulting in the disclosure of the user’s identity information.Finally,when a node in the UAV relay network is hijacked,the attacker is likely to use the node to destroy the whole relay network.In view of the above problems,combined with the domestic and foreign research,this paper summarizes the security requirements based on multi-UAV relay access scenario.The following researches are carried out with cryptography technology:For the security problem of UAV relay accessing the core network,this scheme adopts the idea of identity based encryption and bilinear pairing to complete the mutual authentication between UAV relay and the core network.Only the authenticated UAV can access the core network,and the core network only receives the messages relayed by the authenticated UAV,so as to avoid the waste of core network resources.Aiming at the security problem of user equipment accessing the core network,this scheme adopts the idea of Diffie Hellman key negotiation,and realizes the authentication and key agreement between users and the core network by using random numbers and secure one-way hash function.Users communicate with the core network through the negotiated key to protect the confidentiality of messages.Finally,the signature algorithm is used to convey the user’s legitimacy to the UAV relay.To solve the problem of user identity privacy,users use anonymous way to initiate authentication to the core network.At the same time,in order to prevent anonymous from being analyzed by attacker,this scheme also supports anonymous replacement.Aiming at the problem of multi-UAV mutual authentication,this scheme adopts the bilinear pairing method,which can realize the mutual authentication between UAVs and ensure that only UAVs registered in the core network can join the relay network.Aiming at the problem of UAV identity management,this scheme uses the signature idea of BLS to sign the legal and illegal UAV list in the core network,and broadcast the list and signature to the UAV network,then store the list after verifying the signature.Finally,UAV relay can identify the illegal ones through the list.In order to verify the security of the scheme,BAN logic method is used to analyze the scheme,and Tamarin-prover is used to prove the security of the scheme.Finally,this scheme has been implemented and tested.Compared with the existing schemes,this scheme has significant advantages in computing overhead,communication overhead,storage overhead and security performance.