Table of Contents
To enable enhanced accountability of Drones and Unmanned Aerial Vehicles (UAVs) operations, the US-based Federal Avionics Administration (FAA) recently published a new dedicated regulation, namely RemoteID, requiring all UAV operators to broadcast messages reporting their identity and location.
The enforcement of such a rule, mandatory by 2022, generated significant concerns on UAV operators, primarily because of privacy issues derived by the indiscriminate broadcast of the plain-text identity of the UAVs on the wireless channel.
First solutions to guarantee UAVs anonymity in the RemoteID settings are starting to appear in the literature (see Tedeschi et.al), but they fall short in guaranteeing the possibility to Critical Infrastructure (CI) operators to autonomously authenticate RemoteID messages. As a result, the FAA is heavily involved, not only in the deanonymization process but also in the authentication of received packets. Overall, such heavy involvement slows-down the chances of deployments of such solutions.
In this project, we plan to advance the state of the art by providing solutions for anonymous and verifiable remote identification of commercial drones and UAVs. To this aim, we plan to apply anonymous verifiable group signatures in the context of UAVs. Such cryptographic schemes allow members of a group to generate anonymous messages, whose authenticity can be verified by the receiving entities through the cryptographic verification of the association between the transmitting entity and the group. At the same time, such schemes allow the identification of the specific transmitter by a Trusted Party, when illegitimate activities are detected.
Our implementation, whose source code has been released as open-source, leverages popular libraries and tools, such as MAVSDK, and PBC Crypto Library, supported by the large variety of commercial UAVs that owns a GNU/Linux based mission computer. These features contribute to enhancing the impact of ARID2, demonstrating its deployability to improving the quality of the provided security services in real-world UAV systems.
Hardware Requirements
- A programmable drone with a GNU/Linux embedded operating system
- GPS Module (drone---on-board)
- MAVLink Telemetry Module (drone---on-board)
- Drone Controller compatible with the MAVLink telemetry protocol (optional)
- HackRF (or another SDR) to spoof GPS Signal Indoor - a TXCO is a plus
- AWUS036ACH - USB Type-C dual-band AC1200 WiFi adapter (1 for the Generic Receiver, 1 for the Transmitter, 1 for the Authority)
Software Requirements
- A laptop with a distro GNU/Linux (e.g. Ubuntu)
- Wireshark
- VSC
- g++
- MAVSDK C++ Library
- PBC Cryptography Library
- libtins
- gps-sdr-sim
To compile from source for ARID, you should use the following syntax (example for sign.c
):
g++ -std=c++17 -L/usr/lib -I/usr/local/include/mavsdk !(setup|join|verify|open).cpp ./sha1/*.cpp ./base58/*.cpp -o sign -l pbc -l gmp -ltins -lmavsdk -lmavsdk_telemetry
Further, in order to run the code, please verify that you wireless network card interface is in monitor mode and supports the packet injection.
sudo ./sign [WIFI_INTERFACE_IN_MONITOR_MODE] < param/a.param
Please follow the instructions provided in the wireshark dissector folder.
The security properties of ARID 2
have been verified formally and experimentally by using the open-source tool ProVerif 2.04pl1, demonstrating enhanced security protection with respect to state-of-the-art approaches.
In order to test the security properties, download the file arid2.pv and run: ./proverif arid2.pv | grep "RESULT"
.
- Presentation
- Porting the code on Raspberry Pi 4
- Custom IEEE 802.11 PDU
- ARID2 Wireshark Dissector
- SHA 1 bugfix
- FCS dirty bytes
- ProVerif Formal Verification
- Cryptography Energy Consumption Test
- Radio Timings/Energy Consumption Test
See the open issues for a full list of proposed features (and known issues).
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/arid2
) - Commit your Changes (
git commit -m 'Add some Amazing Feature'
) - Push to the Branch (
git push origin feature/arid2
) - Open a Pull Request
Distributed under the Apache 2 License. See LICENSE for more information.
Pietro Tedeschi - pietro dot tedeschi at tii dot ae
Any actions and or activities related to the material contained within this github repository is solely your responsibility. The misuse of the information in this repository can result in criminal charges brought against the persons in question. The author(s) will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this repository to break the law.