International Conference on Information and Knowledge Technology

Home / پانزدهمین کنفرانس بین المللی فناوری اطلاعات و دانش

To Kill a Mockingbird: Cryptanalysis of an Authenticated Key Exchange Scheme for Drones

Authors :

Neda Toghraee¹ Hamid Mala²

1- University of Isfahan 2- University of Isfahan

Keywords :

Authentication،Internet of Drones،Key agreement،Perfect forward secrecy،Security

Abstract :

Drones have evolved into sophisticated autonomous systems with a multitude of applications, including military operations, environmental monitoring, traffic oversight, data transmission, package delivery, fire targeting, and film production. As the Internet of Drones (IoD) ecosystem expands, ensuring secure and real-time access for authorized users becomes increasingly vital. User and drone authentication is crucial for this reason. In response to these challenges, Srinivas et al. proposed a lightweight three-factor authentication protocol designed for the IoD. While the authors assert that their protocol is resilient against known cyber threats, our research identifies critical vulnerabilities that challenge this claim. Although this scheme has already been cryptanalyzed in previous studies, in this paper we propose two new attacks on this scheme. Firstly, we present a concrete attack against the perfect forward secrecy of this scheme, and then we show that it is vulnerable to unauthorized access attack by a valid user to an unauthorized area's information. These weaknesses highlight the pressing need for the development of more secure authentication mechanisms in the IoD environment. Moving forward, addressing these vulnerabilities will be essential for fostering trust and ensuring the safe integration of drones into various applications, ultimately contributing to the advancement of IoD technology.