Error-Detectable Batch Authentication Protocol Using Certificateless Aggregate Signatures in UAV Networks

As drone technology advances, Unmanned Aerial Vehicles (UAVs) increasingly serve as aerial relays in ground-air cooperative networks. However, their dynamic topology and resource constraints create significant security challenges during concurrent user equipment (UE) authentication. Traditional batch authentication mechanisms fail under invalid requests, causing systemic failures and inefficiency. To address this, we propose a novel certificateless aggregate signature (CLAS)-based protocol integrating group testing for rapid error detection.

1. Introduction

The proliferation of drone technology enables critical applications from disaster response to precision agriculture. In 5G-integrated Unmanned Aerial Vehicle networks, UAVs act as relays between ground UEs and infrastructure. Yet concurrent authentication requests overwhelm UAV resources, while malicious nodes trigger batch failures. Existing solutions exhibit three limitations:

Certificate management overhead in PKI-based systems
Key escrow risks in identity-based schemes
Poor fault tolerance during invalid request scenarios

Our protocol innovatively combines CLAS with group testing to enable efficient batch verification and precise error localization. Key contributions include:

Lightweight CLAS mechanism eliminating pairing operations
Adaptive group testing for invalid request identification
Formal security proofs under random oracle model

This approach optimizes performance for resource-constrained Unmanned Aerial Vehicle environments while maintaining robust security.

2. System and Threat Models

2.1 Network Architecture

The framework comprises four entities:

Entity	Role
User Equipment (UE)	Authentication initiator using pseudonyms
Unmanned Aerial Vehicle (UAV)	Batch authenticator and relay node
Control Center (CC)	Pseudonym issuance and identity tracing
Key Generation Center (KGC)	Partial private key distribution

2.2 Security Model

We consider two adversarial types:

Type I: Can replace public keys but cannot access KGC master key
Type II: Can compromise KGC but cannot replace public keys

Security is formalized through oracle queries and games:

$$ \text{Game}_1^{\text{Adv}_1}: \begin{cases}
\text{Setup: } \mathcal{C} \text{ generates } (s, P_{\text{pub}})\\
\text{Queries: } \mathcal{O}_{\text{Partial-Private}}, \mathcal{O}_{\text{Replace-PK}}\\
\text{Forgery: } \sigma^* \text{ for } (\text{PID}^*, m^*)
\end{cases} $$

$$ \text{Success if: } \text{Verify}(\sigma^*) = 1 \land \text{No prior signature query} $$

3. Protocol Design

3.1 Initialization Phase

KGC and CC establish parameters on elliptic curve $E: y^2 = x^3 + ax + b \mod p$:

$$ \begin{align*}
&\text{Select primes } p, q \\
&\text{Set base point } P \in E \\
&\text{KGC: } s \xleftarrow{\$} \mathbb{Z}_p^*, P_{\text{pub}} = s \cdot P \\
&\text{CC: } b \xleftarrow{\$} \mathbb{Z}_p^*, T_{\text{pub}} = b \cdot P \\
&\text{UAV key: } q_{\text{UAV}} \xleftarrow{\$} \mathbb{Z}_p^*, pk_{\text{UAV}} = q_{\text{UAV}} \cdot P
\end{align*} $$

3.2 Pseudonym and Key Generation

For UE registration:

$$ \begin{align*}
&\text{UE} \rightarrow \text{CC}: \{\text{PID}_{i,1}, \text{Key}_i\} \text{ where } \\
&\quad \text{PID}_{i,1} = t_i \cdot P, \\
&\quad \text{Key}_i = \text{RID}_i \oplus t_i \cdot T_{\text{pub}} \\
&\text{CC computes: } \text{PID}_{i,2} = H_1(\text{RID}_i \oplus b \cdot \Delta T_i, \text{PID}_{i,1}) \\
&\text{Pseudonym: } \text{PID}_i = \{\text{PID}_{i,1}, \text{PID}_{i,2}, \Delta T_i\}
\end{align*} $$

3.3 Batch Authentication

For $n$ UEs sending requests $\{\text{PID}_i, M_i, \sigma_i\}$:

$$ \begin{align*}
&\text{UAV aggregates: } \\
&S_{\text{agg}} = \sum_{i=1}^n S_i, \quad U_{\text{agg}} = \{U_1, \dots, U_n\} \\
&\text{Verification: } \\
&S_{\text{agg}} \cdot P \stackrel{?}{=} \sum_{i=1}^n \left( \text{Tpk}_{\text{UE}_i} + U_i + h_{i,3} \cdot Q_i + K_i \cdot P_{\text{pub}} \right)
\end{align*} $$

where $K_i = H_1(\text{PID}_i, R_i, P_{\text{pub}})$ and $h_{i,3} = H_3(\text{PID}_i, M_i, \text{vpk}_i, U_i, T_i)$.

3.4 Error Detection via Group Testing

When batch verification fails, construct $d$-disjunct matrix $M \in \{0,1\}^{2t \times n}$:

$$ \text{For each column } j: \begin{cases}
\text{Select } \frac{t}{d} \text{ random rows} \\
M_{i,j} = 1 \text{ for selected rows} \\
M_{i,j} = 0 \text{ otherwise}
\end{cases} $$

Detection complexity: $O(d^2 \log(n/d))$ with:

Method	Complexity	Constraints
Binary Search	$O(d \log n)$	No parallelization
d-disjunct Matrix	$O(d^2 \log n)$	Fixed $d$
Our Method	$O(d^2 \log(n/d))$	Adaptive to $n$

4. Security Analysis

4.1 Formal Proofs

Under ECDLP assumption, the protocol resists both adversarial types:

$$ \begin{align*}
&\text{Theorem 1: } \forall \text{ PPT Adv}_1, \Pr[\text{Win}_{\text{Game}_1}] \leq \epsilon_{\text{ECDLP}}\\
&\text{Theorem 2: } \forall \text{ PPT Adv}_2, \Pr[\text{Win}_{\text{Game}_2}] \leq \epsilon_{\text{ECDLP}}
\end{align*} $$

Tamarin verification confirms mutual authentication properties:

lemma UAV_auth_UE:
  "All UE UAV #i.
    Auth_UAV(UAV) & Auth_UE(UE) @ #i ==>
    (Ex #j. j < i & Request(UE) @ j)"

4.2 Security Properties

Mutual Authentication: Verified via signatures:
$$S_i \cdot P = \text{Tpk}_{\text{UE}_i} + U_i + h_{i,3} \cdot Q_i + K_i \cdot P_{\text{pub}}$$
Anonymity: Pseudonyms prevent identity leakage
Traceability: CC recovers RID via $H_1(\text{PID}_{i,2} \oplus b \cdot \Delta T_i)$
Replay Attack Resistance: Timestamp validation

5. Performance Evaluation

5.1 Computational Overhead

Comparison of cryptographic operations (ms):

Scheme	Single Sign	Single Verify	Batch Verify (n)
Yan et al.	2.69	8.99	4.06n + 1.80
Maurya et al.	4.93	8.53	8.53n + 1.80
Dwivedi et al.	3.64	12.59	3.66n + 9.00
Ours	0.88	5.42	3.63n + 1.77

Our CLAS implementation reduces signing cost by 67% versus best alternatives.

5.2 Communication Efficiency

Message size comparison (bytes):

Component	Yan et al.	Cui et al.	Ours
Pseudonym	64	64	60
Public Key	40	40	40
Signature	20	20	20
Metadata	304	304	288
Total	428	428	408

4% reduction through aggregated signature optimization.

5.3 Error Detection Efficiency

Group testing significantly outperforms alternatives:

$$ \text{Detection Complexity: } C(d,n) = \min_{t} \left\{ t : t \geq \frac{2d \log(n/d)}{\log(1/\delta)} \right\} $$

For $n=1000, d=5$:

Binary search: 50 verifications
d-disjunct matrix: 120 verifications
Our method: 35 verifications

6. Conclusion

This work presents a novel batch authentication protocol for Unmanned Aerial Vehicle networks that addresses critical limitations in existing approaches. By integrating certificateless aggregate signatures with adaptive group testing, we achieve:

68% faster signature generation than state-of-the-art
Precise invalid request identification with $O(d^2 \log(n/d))$ complexity
Formally provable security under ECDLP assumption

The protocol’s efficiency makes it particularly suitable for resource-constrained drone technology deployments requiring high-throughput authentication. Future work will explore integration with post-quantum cryptography for enhanced long-term security in evolving UAV ecosystems.