ANAFI USA protects the data stored on the drone or sent through the networks and protects the drone against malicious software modification attempts.
Integrity of the software and protection of the drone
ANAFI USA’s software is digitally signed, which ensures that each update comes from Parrot and has not been modified.
The access to ANAFI USA’s operating system is protected. The drone has no local nor remote access to its embedded system.
Network connections security
The network links between the drone and its controller are authenticated and cyphered with a WPA2 protection (802.11i standard). WPA2 is based on an AES CCMP encryption, including a 128 bits encryption key. AES CCMP includes a CBC-MAC mechanism which ensures the authentication and the integrity of the network’s links.
A unique encryption key is generated for each drone/controller couple. In addition, users can define their own key.
802.11 protected management frames is activated to prevent disassociation attacks, which could cause denial of service.
SD card encryption
Full disk encryption of the SD card protects the confidentiality of data stored on the drone, even if it is captured by an adverse party.
Once the encryption is activated, the videos and photos are stored in a LUKS2 volume encrypted with AES-XTS and a 512 bits key. The use of a unique identifier for each container enables the management of a fleet of SD cards which can be used on several drones.
Once the SD card is encrypted, it can never be accessed without the encryption key. The passphrase is carried by FreeFlight 6 USA and is never stored permanently on the drone, which protects from forensics analysis.
By default, ANAFI USA, the controller and FreeFlight 6 USA don’t share data to Parrot or any third party. Users can decide whether or not to activate the sharing of their flight logs to store it online, facilitate the support of his drones and help Parrot product and services improvement. To share his data anonymously or to link them to his Parrot account, the user must activate the sharing of his data, that is deactivated by default.