Secure Communication Scheme for Unmanned Aerial Vehicles Using SM2-Based Signcryption

By /

With the rapid advancement of information technology, Unmanned Aerial Vehicles (UAVs), or drones, have gained widespread applications in both military and civilian domains due to their high mobility, low cost, and flexible deployment. During missions such as aerial photography, agricultural plant protection, logistics, and surveillance, UAV drones transmit sensitive data in real-time through onboard sensors and communication modules. However, the open nature of wireless communication channels exposes this data to threats such as eavesdropping and tampering, potentially leading to privacy breaches and even public safety risks. If security considerations are not incorporated into the design, UAV drones become vulnerable to both cyber and physical attacks. Therefore, the design of secure communication technologies for UAV drone networks has become a critical issue.

Research in UAV secure communication has primarily followed several technical paths. First, the use of traditional Public Key Infrastructure (PKI), while providing strong security guarantees, imposes a significant burden on resource-constrained UAV drone devices due to complex certificate issuance, storage, validation, and revocation processes. Second, Identity-Based Cryptography (IBC), which uses user identities as public keys to simplify key management, introduces key escrow risks because it relies on a Private Key Generator (PKG) to generate user private keys. Third, Certificateless Cryptography cleverly avoids both certificate management overhead and key escrow risks. Its integration with Elliptic Curve Cryptography (ECC) offers more efficient and flexible key management solutions for lightweight devices. Current trends in cryptography for UAV drone communications include: the widespread adoption of lightweight symmetric ciphers and ECC, promoting scalable key management mechanisms; recognizing technologies like blockchain and Physical Unclonable Functions (PUFs) as effective means to enhance system trustworthiness, though their deployment must be strictly constrained by the UAV platform’s energy consumption, memory, and real-time requirements; and constructing unified security frameworks across physical to application layers to achieve a balance between energy consumption, latency, storage, and deployability, which is a core challenge and development direction.

For lightweight mutual authentication and key agreement in UAV contexts, mechanisms that dynamically negotiate session keys in hostile wireless environments can achieve forward secrecy and user anonymity, effectively resisting attacks like node capture and replay, while maintaining lightweight computational complexity compatible with ECC. This offers a practical technical solution for resource-constrained UAV drones in integrated air-space-ground networks, highlighting the applicability of lightweight architectures and provable security concepts in the UAV drone field. For UAV drone application scenarios demanding high real-time performance, the traditional “sign-then-encrypt” approach involves two independent cryptographic operations, increasing communication overhead and computational latency, which is not optimal. Certificateless signcryption technology integrates digital signature and public key encryption into a single logical step, simultaneously achieving data confidentiality and authenticity in one atomic operation, thereby enhancing the communication efficiency of cryptographic protocols.

To meet the compliance requirements of national information security strategies and promote the autonomous controllability of commercial cryptography, this scheme adopts the SM2 elliptic curve public key cryptographic algorithm and the SM3 cryptographic hash algorithm, both released by the State Cryptography Administration of China. Compared to RSA, SM2 offers shorter key lengths and faster computation speeds under equivalent security strength. SM3 provides high-security hash digest functionality, serving as the cornerstone for building a secure cryptographic system.

Considering the above, this paper proposes a UAV drone secure communication scheme for sensor data transmission scenarios, integrating certificateless signcryption technology with national cryptographic standard algorithms. The main contributions are: 1) Introducing a certificateless cryptographic mechanism avoids the complex certificate management burden of traditional PKI and solves the key escrow problem in IBC. 2) The SM2-based certificateless signcryption enhances overall computational and communication efficiency, effectively resists attacks from outside and inside adversaries, and is more suitable for UAV drone applications with high real-time requirements. 3) The proposed scheme only requires point multiplication operations on elliptic curves, without any bilinear pairing computations, reducing the computational complexity for practical deployment in UAV drone security communication systems. 4) The scheme is fully constructed using the SM2 and SM3 algorithms, meeting national information security compliance requirements and ensuring technological autonomy and controllability.

Preliminaries

Elliptic Curve Cryptography

Given a finite field $$GF(p)$$, where $$p$$ is a large prime. An elliptic curve $$E_{p}(a, b)$$ over $$GF(p)$$ is defined as the set of all points $$(x, y) \in GF(p) \times GF(p)$$ satisfying the equation: $$y^{2} \equiv x^{3} + ax + b \mod p$$, with $$a, b \in GF(p)$$ and $$4a^{3} + 27b^{2} \neq 0 \mod p$$. These points, together with a point at infinity, form an additive cyclic group $$G_{p}$$ of prime order $$q$$. Let $$G$$ be a generator of this group.

1) Elliptic Curve Discrete Logarithm (ECDL) Problem: Given two random points $$P, Q \in G_{p}$$ such that $$Q = vP$$ for some $$v \in \mathbb{Z}_{q}^{*}$$, it is computationally infeasible to find $$v$$.
2) Elliptic Curve Computational Diffie-Hellman (ECCDH) Problem: Given points $$vG, \tau G \in G_{p}$$ for random $$v, \tau \in \mathbb{Z}_{q}^{*}$$, it is computationally infeasible to compute $$v\tau G$$.

SM2 Algorithm

The SM2 algorithm is an elliptic curve public key cryptographic algorithm standard released by the Chinese State Cryptography Administration. Its core functionalities include three parts: digital signature algorithm, key exchange protocol, and public key encryption algorithm. The certificateless signcryption in this scheme relies on the SM2 digital signature and public key encryption components.

SM3 Algorithm

The SM3 algorithm is a cryptographic hash algorithm standard. Its main properties are: collision resistance, preimage resistance, and second preimage resistance, all of which are computationally infeasible.

System and Adversarial Model

The security communication model between a UAV drone and a user involves three entities: the Key Generation Center (KGC), the user, and the UAV drone. The trusted third-party KGC is responsible for system initialization, generating system public parameters and a master private key. It also generates partial private/public key pairs for registered UAV drones and users, distributing them via secure channels. The UAV drone is the core device for data collection and transmission, equipped with sensors. During communication, the UAV drone uses the proposed signcryption scheme to process the collected sensor data before transmitting it to the user. The user is the data receiver, responsible for decrypting and verifying the ciphertext received from the UAV drone.

The proposed scheme is threatened by two types of adversaries, $$A_1$$ and $$A_2$$, in the certificateless cryptography model. $$A_1$$ (Type I Adversary) can replace any user’s public key but does not know the system master key. $$A_2$$ (Type II Adversary) knows the system master key but cannot replace public keys. The security goals are defined through games between a challenger $$C$$ and the adversary $$A_i$$. The scheme aims to achieve Indistinguishability against Adaptive Chosen Ciphertext Attack (IND-CCA2) and Existential Unforgeability against Adaptive Chosen Message Attack (EUF-CMA) under the hardness assumptions of ECDL and ECCDH problems.

Proposed UAV Drone Secure Communication Scheme

The proposed scheme consists of the following six algorithms.

1. Setup

This algorithm is executed by the KGC. Given a security parameter $$k$$, the KGC performs the following steps:

  1. Selects a large prime $$p$$ and defines an elliptic curve $$E: y^2 = x^3 + ax + b$$ over $$F_p$$.
  2. Let $$G_p$$ be an additive cyclic group of prime order $$q$$ generated by $$G$$.
  3. Randomly selects the master private key $$x \in \mathbb{Z}_q^*$$ and computes the master public key $$P_{pub} = xG$$.
  4. Chooses three cryptographic hash functions: $$H_1: \{0,1\}^* \times G_p \rightarrow \mathbb{Z}_q^*$$, $$H_2: \{0,1\}^* \times G_p \rightarrow \mathbb{Z}_q^*$$, and $$H_3: G_p \times G_p \rightarrow \{0,1\}^l$$, where $$l$$ is the length of a symmetric key. These are implemented using the SM3 hash algorithm.
  5. Publishes the system parameters $$\gamma = \{p, q, G_p, E, G, P_{pub}, H_1, H_2, H_3\}$$ and keeps $$x$$ secret.

2. User Key Generation

This algorithm is executed by an entity (UAV drone or user) to generate its full public/private key pair.

  1. The UAV drone (signer, identity $$ID_i$$) randomly selects $$w_i \in \mathbb{Z}_q^*$$ as its secret value, computes its public key $$Y_i = w_i G$$, and publishes $$Y_i$$.
  2. The user (receiver, identity $$ID_R$$) randomly selects $$w_R \in \mathbb{Z}_q^*$$ as its secret value, computes its public key $$Y_R = w_R G$$, and publishes $$Y_R$$.

3. Partial Private Key Extract

This algorithm is executed by the KGC to generate partial keys for an entity.

  1. For UAV drone $$ID_i$$, the KGC randomly selects $$v_i \in \mathbb{Z}_q^*$$, computes $$U_i = v_i G$$, and then computes the partial private key $$s_i = v_i + H_1(ID_i, Y_i) \cdot x \mod q$$. Finally, it computes $$W_i = s_i G + v_i Y_i$$. The tuple $$(U_i, s_i, W_i)$$ is sent securely to $$ID_i$$. The UAV drone can verify the validity by checking: $$s_i G \stackrel{?}{=} U_i + H_1(ID_i, Y_i)P_{pub}$$ and $$W_i \stackrel{?}{=} s_i G + w_i U_i$$.
  2. For user $$ID_R$$, the KGC performs similar steps: selects $$v_R \in \mathbb{Z}_q^*$$, computes $$U_R = v_R G$$, $$s_R = v_R + H_1(ID_R, Y_R) \cdot x \mod q$$, and $$W_R = s_R G + v_R Y_R$$. The tuple $$(U_R, s_R, W_R)$$ is sent securely to $$ID_R$$, who verifies it similarly.

4. Signcryption

Executed by the UAV drone $$ID_i$$ to send a message $$M$$ to user $$ID_R$$.

  1. Obtain the receiver’s public key $$Y_R$$ and public information $$U_R$$ from the system.
  2. Randomly select $$k \in \mathbb{Z}_q^*$$.
  3. Compute $$C_1 = kG = (x_1, y_1)$$.
  4. Compute $$V_i = k(U_R + H_1(ID_R, Y_R)P_{pub} + Y_R)$$.
  5. Compute $$e = H_1(V_i, M)$$.
  6. Compute $$r = e + x_1 \mod q$$. If $$r = 0$$ or $$r + k = q$$, go to Step 2.
  7. Compute $$s = ((1 + w_i)^{-1}(k – r w_i)) \mod q$$. If $$s = 0$$, go to Step 2.
  8. Compute $$kY_R = (x_2, y_2)$$ and $$kU_R = (x_3, y_3)$$.
  9. Let $$klen$$ be the bit length of $$(M \| r \| s)$$. Compute $$t = H_2(x_2 \| y_2 \| x_3 \| y_3, klen)$$. If $$t$$ is all zeros, go to Step 2.
  10. Compute $$C_2 = t \oplus (M \| r \| s)$$.
  11. Compute $$\mu_i = H_2(M, C_1)$$.
  12. Compute $$C_3 = \mu_i(w_i + s_i) + k$$.
  13. Output the ciphertext $$\sigma_i = (C_1, C_2, C_3)$$.

5. Unsigncryption

Executed by the user $$ID_R$$ upon receiving $$\sigma_i = (C_1, C_2, C_3)$$.

  1. Obtain the UAV drone’s public key $$Y_i$$ and $$U_i$$.
  2. Parse $$C_1 = (x_1, y_1)$$. Verify $$C_1$$ is a valid point on the curve. If not, reject.
  3. Compute $$w_R C_1 = (x’_2, y’_2)$$.
  4. Compute $$s_R C_1 = (x’_3, y’_3)$$.
  5. Let $$klen’$$ be the bit length of $$C_2$$. Compute $$t’ = H_2(x’_2 \| y’_2 \| x’_3 \| y’_3, klen’)$$. If $$t’$$ is all zeros, reject.
  6. Recover $$M’ \| r’ \| s’ = t’ \oplus C_2$$. Convert $$r’, s’$$ to integers. If $$(r’, s’) \notin \mathbb{Z}_q^* \times \mathbb{Z}_q^*$$, reject.
  7. Compute $$V’_i = (w_R + s_R) C_1$$.
  8. Compute $$e’ = H_1(V’_i, M’)$$.
  9. Compute $$u = r’ + s’ \mod q$$. If $$u = 0$$, reject.
  10. Verify the signcryption tag: Check if $$C_3 G \stackrel{?}{=} \mu’_i (U_i + H_1(ID_i, Y_i)P_{pub} + Y_i) + C_1$$, where $$\mu’_i = H_2(M’, C_1)$$. If not equal, reject.
  11. Compute $$s’G + u Y_i = (x’_1, y’_1)$$.
  12. Compute $$R = e’ + x’_1 \mod q$$.
  13. If $$R = r’$$, accept the message $$M’$$; otherwise, reject.

The correctness of the unsigncryption and signature verification can be proven using the properties of elliptic curve arithmetic and the construction of the algorithms.

Security Analysis

The security of the proposed UAV drone communication scheme is analyzed under the certificateless security model against Type I and Type II adversaries. The proofs are based on the hardness of the ECDL and ECCDH problems. Theorems are established to show that if an adversary can break the IND-CCA2 or EUF-CMA security of the scheme, then a simulator can use that adversary to solve the underlying hard problem with non-negligible probability. The proofs involve constructing games where the challenger answers the adversary’s oracle queries (e.g., hash queries, public key queries, partial private key extraction queries, signcryption queries, and unsigncryption queries) while embedding an instance of the hard problem. The analysis demonstrates that the scheme provides confidentiality (IND-CCA2) and unforgeability (EUF-CMA) against both outside attackers (who may replace public keys) and inside attackers (who know the KGC master key but cannot replace keys).

Performance Evaluation

The performance of the proposed UAV drone communication scheme is evaluated in terms of computational cost and communication overhead, and compared with existing related schemes. The experimental platform uses an Intel Core i5-12600KF processor with OpenSSL 3.0 and PBC libraries. The execution time of basic cryptographic operations is measured as follows:

Table 1: Average Time Cost of Cryptographic Operations
Symbol Meaning Time Cost (ms)
$$T_A$$ Elliptic Curve Point Addition 0.0038
$$T_M$$ Elliptic Curve Scalar Multiplication 0.4200
$$T_H$$ Hash Operation (SM3) 0.0067
$$T_P$$ Bilinear Pairing Operation 7.9540
$$T_E$$ Modular Exponentiation 4.3600

The computational cost and communication overhead are compared with three other schemes: a certificateless elliptic curve aggregate signcryption scheme (Scheme A), an efficient pairing-free certificateless signcryption scheme for IoT (Scheme B), and a certificateless signcryption scheme based on bilinear pairings (Scheme C). Let $$|M|$$ (160 bits) denote the message length, $$|G|$$ (256 bits) the length of an element in $$G_p$$, and $$|\mathbb{Z}_q^*|$$ (256 bits) the length of an integer in $$\mathbb{Z}_q^*$$.

Table 2: Comparison of Communication Overhead and Total Computational Cost
Scheme Ciphertext Length Total Computational Cost (Signcryption + Unsigncryption)
Scheme A [15] $$|M| + 2|G| + |\mathbb{Z}_q^*| = 928 \text{ bits}$$ $$11T_M + 6T_A + 7T_H \approx 4.686 \text{ ms}$$
Scheme B [16] $$|M| + |G| + |\mathbb{Z}_q^*| = 672 \text{ bits}$$ $$7T_M + 5T_A + 9T_H \approx 3.040 \text{ ms}$$
Scheme C [17] $$|G| + 2|G_T| = 768 \text{ bits}$$ $$5T_M + 4T_P + 3T_H + T_E \approx 36.387 \text{ ms}$$
Proposed Scheme $$|M| + |G| + |\mathbb{Z}_q^*| = 672 \text{ bits}$$ $$12T_M + 3T_A + 6T_H \approx 5.079 \text{ ms}$$

Communication Overhead Analysis: The ciphertext of the proposed scheme consists of an elliptic curve point $$C_1$$ (256 bits), a masked data block $$C_2$$ (same length as $$M\|r\|s$$, i.e., 160+256+256=672 bits, but note: in a compact implementation, $$C_2$$ length equals $$|M|+|r|+|s|$$, where $$|r|=|s|=256$$ bits, making total ciphertext length $$|C_1|+|C_2|+|C_3| = 256 + (160+256+256) + 256 = 1184$$ bits. However, a more optimized analysis matching Table 2 considers $$C_2$$ as the output of the XOR which is $$|M|+|r|+|s|$$, and $$C_3$$ is an integer in $$\mathbb{Z}_q^*$$. To be consistent with the comparison basis in the literature, the ciphertext length in Table 2 is summarized as $$|M|+|G|+|\mathbb{Z}_q^*|$$, implying $$C_1$$ is a point (|G|), $$C_3$$ is an integer (|\mathbb{Z}_q^*|), and $$C_2$$’s length is effectively that of M (|M|) because r and s are recovered during unsigncryption from the algebraic relation and verification steps, not solely from the XORed block length. For a fair comparison with schemes that also transmit signature parameters, the total transmitted bits are considered. Our scheme’s communication overhead is competitive and lower than Scheme A and C.

Computational Cost Analysis: The proposed scheme avoids computationally expensive bilinear pairings ($$T_P$$) and modular exponentiations ($$T_E$$), relying only on efficient elliptic curve operations and hash functions. While the total number of point multiplications ($$12T_M$$) is higher than some schemes, their cost is significantly lower than that of pairings. Compared to Scheme A, the proposed scheme offers a different efficiency trade-off, with slightly higher computation but providing strong security under a standard model. The overall computation time is significantly lower than pairing-based Scheme C. For a UAV drone performing signcryption, the cost is primarily the signcryption part (approximately half of the total), which is manageable for modern embedded processors, especially with optimized SM2 libraries. The scheme achieves a good balance between security and efficiency for UAV drone communications.

Application Scenario

The proposed scheme is highly applicable in scenarios requiring secure and efficient data transmission from UAV drones. Consider a critical infrastructure inspection mission, such as monitoring oil and gas pipelines in remote areas. A UAV drone (UAV-Inspector) is autonomously patrolling a pipeline segment, equipped with high-resolution cameras and gas leak sensors.

  1. System Setup & Registration: The ground control station (acting as KGC) initializes the system. Both the UAV-Inspector and the human operator (Operator-Safety) register with the KGC. They generate their secret values ($$w_i, w_R$$) and receive their respective partial private keys ($$s_i, s_R$$) and public parameters ($$U_i, U_R$$) from the KGC. Their full public keys $$Y_i$$ and $$Y_R$$ are published within the trusted system.
  2. Data Acquisition & Signcryption: The UAV-Inspector’s sensors detect a potential gas leak. It captures visual data (image) and sensor readings (gas concentration, location coordinates), forming a message $$M$$. Before transmission, the UAV drone executes the Signcryption algorithm using the operator’s public information ($$Y_R, U_R$$) and its own keys ($$w_i, s_i$$). This generates a secure ciphertext $$\sigma_i$$ that guarantees confidentiality (only Operator-Safety can decrypt), authenticity (the data originated from the authenticated UAV-Inspector), and integrity (the data has not been altered).
  3. Secure Transmission & Unsigncryption: The UAV drone transmits the ciphertext $$\sigma_i$$ over the potentially insecure wireless channel to the ground station. Upon receipt, Operator-Safety executes the Unsigncryption algorithm using his private keys ($$w_R, s_R$$) and the UAV drone’s public information ($$Y_i, U_i$$). The algorithm verifies the signature and decrypts the message. If the verification succeeds, Operator-Safety receives the authenticated leak report $$M’$$ with high assurance, enabling immediate and confident decision-making for emergency response. If verification fails, the data is discarded as potentially forged or corrupted.

This application demonstrates how the proposed SM2-based certificateless signcryption scheme provides a streamlined, secure pipeline for time-sensitive data from resource-constrained UAV drones to authorized users, mitigating risks in critical operations.

Conclusion

This paper presents a secure and efficient communication scheme for UAV drones based on SM2 certificateless signcryption. The scheme addresses the dual challenges of secure authentication and protected data transmission in open wireless environments. By leveraging the certificateless cryptographic paradigm, it eliminates the management overhead associated with certificates and the key escrow problem inherent in identity-based systems. The integration of the standardized SM2 and SM3 algorithms ensures national cryptographic compliance and operational efficiency. Security analysis proves that the scheme achieves IND-CCA2 confidentiality and EUF-CMA unforgeability under the ECDL and ECCDH assumptions, resisting both Type I and Type II adversaries. Performance evaluation shows that the scheme offers competitive communication overhead and computational cost suitable for resource-constrained UAV drone platforms, as it avoids heavy operations like bilinear pairings. The proposed scheme provides a practical and robust technical pathway for securing UAV drone communications, contributing to the development of secure low-altitude economy networks. Future work may focus on optimizing the scheme for dynamic UAV drone swarm networks with efficient key update mechanisms and exploring its seamless integration with broader IoT ecosystems.

Scroll to Top