Correction: Xia et al. A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm. Drones 2024, 8, 359

Authorship Correction

There was an error in the authorship of the original publication [1], and the correct authorship is as follows:

Tao Xia ¹, Menglin Wang ^1,*, Jun He ^1,*, Gang Yang ¹, Linna Fan ¹ and Guoheng Wei ²

Text Correction

In the original publication [1], corrections have been made to formula numbers and the description of “ground station” in Section 4.1. Initialization, as follows:

Both the UAV and ground station must complete an initialization phase before the UAV takes off. During this phase, both the UAV and ground station need to exchange and preprocess crucial parameters through a secure communication channel.

• The UAV and ground control station need to share elliptic curve parameters, such as $G$, and relevant functions of the Kyber algorithm, specifically to select suitable secure elliptic curves and internal functions such as Kyber.Encaps().
• The ground station $gs$ creates multiple private keys {$d_g$,$d_u$} and $uid$s {$ui{d}_g$,$ui{d}_u$}, and it shares the private key $d_u$, unique ID $ui{d}_u$, and its own public key $P_g$ with the UAV. Then, $gs$ calculates $P_g$ according to Formula (1),
  generates $r_u$ according to Formula (2), calculates $R_u$ according to Formula (2),
  generates $(pk,sk)$ according to Formula (3),
  and calculates $Tmpk,ct1,nonce,Hmacr$ according to Formula (4).
• After obtaining the parameters {$d_u$,$P_g$,$ui{d}_u$,$ui{d}_g$} distributed by the ground station, the UAV needs to acquire the parameters {$P_u$,$r_u$,$R_u$} through preprocessing and store them. The UAV calculates $P_u$ according to Formula (5),
  generates $r_u$ according to Formula (6), and calculates $R_u$ according to Formula (6),

The UAV u and $Hmacgv$ were incorrectly written in Section 4.2. Identity Authentication Key Agreement Phase, and were revised as follows:

Step 1: The ground station ($gs$) sends the message $Mes1$ to UAV $u$ to initiate an identity authentication key agreement request.

Step 2: Upon receiving message $Mes1$, the UAV $u$ verifies and processes the data.

Step 2-2: The UAV $u$ calculates $Hmacrv$ using Formula (8) and compares $Hmacrv$ and $Hmacr$ to verify if they are the same. If they match, the verification is passed.

Step 2-3: The UAV $u$ decrypts $ct1$ using Equation (9) to obtain $pk$ and $Ru$.

Step 2-5: The UAV $u$ calculates $ct2$ using Equation (11).

Step 2-6: The UAV $u$ calculates $Hmacg$ using Equation (12).

Step 3: UAV $u$ sends the message $Mes2$ to $gs$. The content of $Mes2$ is $\{ct2,nonce,Hmacg\}$

Step 4: UAV $u$ calculates the session key after sending $Mes2$, and the $gs$ verifies the data and calculates the session key after receiving $Mes2$.

Step 4-1: UAV $u$ calculates the session key according to Equation (13). After the $gs$ receives $Mes2$, it checks the $nonce$. If it is the same as $ui{d}_u+1$, it passes the check.

Step 4-2: The $gs$ calculates $Hmacgv$ according to Formula (14); if $Hmacgv$ is the same as $Hmacg$, it passes the verification.

There was a redundant bracket in Section 4.2. Identity Authentication Key Agreement Phase, which was changed as follows:

Upon receipt of $\{c_1,R_2,ui{d}_2,ui{d}_1$}, $gs$ forwards parameters {$c_1,R_2,ui{d}_2,ui{d}_1\}$ to $u1$ based on a unique identifier ($ui{d}_1$).

There was a redundant reference to Appendix A in Section 5. Security Analysis. The following sentence has been deleted:

Specific programming details are documented in Appendix A of this academic document.

There was the incorrect citation in the table contents in Section 5. Security Analysis, paragraph 7:

The security verification results are shown in Table 5. The first “Query” demonstrates that the shared key negotiated by the protocol designed in this paper is secure, meaning the attacker cannot obtain the shared key. The second “Query” indicates that the attacker has the capability to perform quantum attacks, rendering the keys derived from the ECC algorithm insecure. The third and fourth “Query” results indicate that a legitimate drone node can be authenticated by the ground station, meaning that the ground station can confirm the legitimacy of the drone upon the completion of the protocol. Similarly, a legitimate ground station node can be authenticated by the drone, meaning that the drone can confirm the legitimacy of the ground station upon the completion of the protocol.

In Section 6.1. Experiment, the processor model in the “Ground Station Configuration” part was incorrectly listed as “i7-360P CPU @ 2.2 GHz”. This has been corrected to “i7-1360P CPU @ 2.2 GHz”.

Error in Figure

In the original publication [1], there was a mistake in Figure 5 as published. The corrected Figure 5 appears below.

Figure 5. Identity authentication key agreement flowchart.

Figure 5. Identity authentication key agreement flowchart.

The authors state that the scientific conclusions are unaffected. This correction was approved by the Academic Editor. The original publication has also been updated.