Batch Authentication Protocol For UAV Cluster Based On SM2 Algorithm

With the wide application of UAV,the security problems faced by UAV are becoming more and more complex.In order to prevent malicious UAVs from accessing the GCS to obtain its confidential information or transmitting false information to GCS,GCS needs to authenticate the UAV cluster.However,the demand for high real-time performance of UAV network is in contradiction with the linear growth of verification time with the number of UAVs in the cluster due to the use of traditional one by one authentication signature algorithm,so it is not suitable for this scenario.Although the batch authentication algorithm can effectively improve the verification efficiency of GCS to the UAV cluster,due to the instability of the UAV network,the authentication response packet of the UAV will be lost,and GCS may only verify part of the signatures in the UAV cluster.In the authentication process of UAV cluster,we need to consider the impact of all UAVs in the cluster on the cluster identity,that is,we need to consider the impact of authentication packets lost in the transmission process on the authentication results.The traditional batch authentication obviously can not meet this demand,so it needs to realize batch authentication by means of threshold signature.Because the threshold can meet the needs of the overall authentication of the cluster,and the keys held by all UAVs in the cluster come from the same master key.When GCS collects enough signatures,the signature can be reconstructed to form a signature generated by the master key,which can represent the whole UAV cluster.The release of SM2 Elliptic Curve Cryptography Public Key Algorithm has achieved a zero breakthrough in the standard field of Elliptic Curve Public Key Cryptography Algorithm in China.At the same time,it also lays a foundation for enhancing the security and controllability of China’s industry information system.It is also particularly important to apply SM2 elliptic curve cryptosystem public key algorithm to UAV network to realize the national confidentiality of UAV system.Aiming at the instability of UAV network and the characteristics of UAV cluster,this thesis adds the requirement of threshold verification when the ground station authenticates the cluster,and proposes SM2 batch authentication scheme based on double key(BADK-SM2)and SM2 batch authentication scheme based on homomorphic encryption(BAHE-SM2).BADK-SM2 scheme solves the problem of limited threshold value in the traditional SM2 threshold signature scheme,that is,n ≥ 2t + 1,but it also brings new problems.Since each UAV in the BADK-SM2 scheme holds two keys,the number of malicious UAVs in the cluster needs to be less than half of the threshold value.In the BAHE-SM2 scheme,additive homomorphic encryption is used to remove the restriction of n ≥ 2t+1.This means that the same problem as that of the BADK-SM2 scheme does not exist in this scheme,which only requires that the number of malicious UAVs does not exceed the threshold.At the same time,the threshold availability of SM2 batch authentication scheme in UAV network is also realized.The experimental data show that the BADK-SM2 scheme and BAHE-SM2 scheme proposed in this thesis improve the flexibility and security of the authentication scheme on the basis of limited performance loss.