Abstract:Due to the open underwater channels and untransparent network deployment environments, underwater acoustic networks (UANs) are more vulnerable to hostile environments. Security research is also being conducted in cryptography, including authentication based on asymmetric algorithms and key distribution based on symmetric algorithms. In recent years, the advancement of quantum computing has made anti-quantum attacks an important issue in the field of security. Algorithms such as lattice and SPHINCS+ have become a research topic of interest in the field of security. However, within the past five years, few papers have discussed security algorithms for UANs to resist quantum attacks, especially through classical algorithms. Some existing classical asymmetric and symmetric algorithms are considered to have no prospects. From the perspective of easy deployment in engineering and anti-quantum attacks, our research focuses on a comprehensive lightweight security framework for data protection, authentication, and malicious node detection through the Elliptic Curve and Hash algorithms. Our mechanism is suitable for ad hoc scenarios with limited underwater resources. Meanwhile, we have designed a multi-party bit commitment to build a security framework for the system. A management scheme is designed by combining self-certifying with the threshold sharing algorithm. All schemes are designed based on certificate-less and ad hoc features. The proposed scheme ensures that the confidentiality, integrity, and authentication of the system are well considered. Moreover, the scheme is proven to be of unconditional security and immune to channel eavesdropping. The resource and delay issues are also taken into consideration. The simulations considered multiple variables like number of nodes, attackers, and message length to calculate proper values that can increase the efficiency of this scheme. The results in terms of delay, delivery ratio, and consumption demonstrate the suitability of the proposal in terms of security, especially for malicious node detection. Meanwhile, the computational cost has also been controlled at the millisecond level.
What problem does this paper attempt to address?
The problem that this paper attempts to solve is to implement a lightweight security scheme in Underwater Acoustic Networks (UANs) to deal with quantum attacks and the deficiencies of traditional security algorithms in resource - constrained environments. Specifically, the paper focuses on the following aspects:
1. **Defining the application scenario**: Clearly point out the application scenarios of underwater acoustic networks, especially in the open underwater environment, where node resources are limited and the network deployment environment is opaque. Therefore, it is necessary to design a lightweight security scheme suitable for this environment.
2. **Anti - quantum attack ability**: In recent years, the development of quantum computing has made anti - quantum attack a key issue in the security field. The paper proposes a lightweight security framework that combines Elliptic Curve Cryptography (ECC) and hash algorithms, aiming to resist quantum attacks.
3. **Engineering practicality**: Consider the engineering deployment problems in practical applications, such as the selection of node types, the difficulty of applying hardware chips or devices, etc. The scheme proposed in the paper is not only theoretically complete but also feasible in practical applications.
4. **Malicious node detection**: Design a threshold - based secret sharing mechanism to detect and prevent malicious node attacks and ensure that malicious nodes do not mix into the ad - hoc network during underwater communication.
### Main contributions
1. **Certificateless authentication scheme**: Propose a node authentication scheme based on self - authentication to ensure the reliability of network nodes. Generate node IDs through dynamic encryption puzzles and chameleon hashes to effectively prevent malicious attacks.
2. **Malicious node detection**: Introduce a threshold - based malicious node detection scheme to achieve attack prevention during underwater routing and ensure that malicious nodes do not mix into the ad - hoc underwater acoustic network.
3. **Lightweight data collection**: Design a bit - commitment key framework to provide comprehensive data protection. Ensure the data protection of underwater acoustic networks through a one - time distribution scheme of point - to - point keys.
4. **Anti - quantum attack verification**: All algorithms are proven to be able to resist quantum attacks. Experimental simulations test the performance of each cryptographic algorithm and verify the rationality and low computational cost of the scheme.
### System model
The system model proposed in the paper mainly consists of the following parts:
- **Shore - based data center**: Responsible for scheduling and calculating the data collected from sensor nodes, and is also the generation center of algorithm parameters.
- **Relay command ship**: Responsible for pre - processing data and forwarding it to the shore - based data center.
- **Buoy**: As a surface receiving node, assist in data transmission.
- **Underwater acoustic network node**: Responsible for underwater data communication, such as mobile monitoring, ocean exploration, military activities, etc.
### Opponent model
The paper considers the following malicious opponent models:
1. **Passive camouflage and eavesdropping**: Opponents can camouflage as legitimate nodes for eavesdropping and are difficult to be detected by underwater acoustic network nodes. Therefore, the confidentiality of underwater communication needs to be considered.
2. **Tamper - resistance of shore - based data centers and command ships**: These nodes are considered tamper - resistant and will not leak private data. The algorithm can run in a trusted environment and resist various attacks.
3. **Semi - tamper - resistant nodes**: Even if captured, the nodes will not leak pre - loaded private data, but cannot prevent opponents from impersonating them. Therefore, strict malicious node detection and authentication mechanisms are required.
4. **Hardware protection**: Assume that the node hardware is equipped with a physical self - destruction protection system, and no other opponents except the research team can view the hardware content.
### Lightweight security protocol
The security protocol of the paper is mainly divided into the following parts:
1. **Self - authentication authentication scheme**: Based on elliptic curves and hash algorithms, ensure the identity authentication of nodes.
2. **Threshold - based malicious node detection scheme**: Through the secret sharing mechanism, detect and prevent malicious node attacks.
3. **Bit - commitment encryption scheme**: Provide data protection to ensure the confidentiality and integrity of data.
Through these measures, the paper aims to provide a lightweight, efficient and anti - quantum - attack security scheme for underwater acoustic networks.