Securing Cross-Domain Internet of Drones: An RFF-PUF Allied Authenticated Key Exchange Protocol With Over-the-Air Enrollment
Abstract
The Internet of Drones (IoD) is an emerging and crucial paradigm enabling advanced applications that require seamless, secure communication across heterogeneous and untrusted domains. In such environments, access control and the transmission of sensitive data pose significant security challenges for IoD systems, necessitating the design of lightweight mutual authentication and key exchange protocols. Existing solutions are often hampered by high computation overhead, reliance on third parties, the requirement for secret storage in resource-constrained drones, and the need for a strictly controlled enrollment environment. These limitations make them impractical for dynamic cross-domain deployment. To address these limitations, we propose a lightweight mutual authentication mechanism that integrates Radio Frequency Fingerprint (RFF) and Physical Unclonable Function (PUF) technologies for secure drone-to-drone (D2D) and drone-to-ground station server (D2G) communication. RFF-based device identification is used to achieve over-the-air (OTA) enrollment, while the PUF serves as the root of trust for establishing mutual authentication among communication parties. Additionally, the on-the-fly key generation capability of the PUF is co-designed with One-Time-Pad (OTP) encryption to realize ephemeral keying and eliminate the need for storing secrets within drones. Both informal security analysis and ProVerif-based formal security verification comprehensively demonstrate the resilience of our protocol against common security attacks. The proposed protocol also outperforms existing IoD authentication schemes in terms of security features, as well as computation, communication, and storage overhead.
Summary
The paper addresses the security challenges in the Internet of Drones (IoD), specifically focusing on lightweight mutual authentication and key exchange protocols for cross-domain deployments. The authors identify limitations in existing solutions, such as high computational overhead, reliance on third parties, insecure secret storage on drones, and inflexible enrollment procedures. To overcome these challenges, they propose a novel authenticated key exchange protocol that integrates Radio Frequency Fingerprint (RFF) identification and Physical Unclonable Function (PUF) technologies. The methodology involves a two-phase approach: Over-the-Air (OTA) enrollment using RFF for initial device identification and secure provisioning, followed by a Mutual Authentication and Key Exchange (MAKE) phase leveraging PUFs for direct authentication and key generation between drones or between a drone and a ground station. The PUF is co-designed with One-Time-Pad (OTP) encryption to achieve ephemeral keying and eliminate the need for storing secrets within drones. The protocol's security is rigorously analyzed through both informal security analysis and formal verification using ProVerif. The key findings demonstrate the resilience of the proposed protocol against common security attacks, including replay, Man-in-the-Middle (MITM), and impersonation attacks. The proposed protocol also outperforms existing IoD authentication schemes in terms of security features and reduces computation, communication, and storage overhead. This research matters to the field as it provides a practical and lightweight solution for secure and seamless cross-domain operation of drones, addressing a critical need in emerging IoD applications.
Key Insights
- •Novel dual root-of-trust framework leveraging RFFI for OTA enrollment and PUFs for subsequent MAKE, eliminating the need for pre-shared secrets and trusted enrollment environments.
- •The protocol eliminates secret storage on drones by using PUFs for on-the-fly key generation and OTP encryption, enhancing security against physical attacks.
- •The RFFI component enables robust device identification and rogue device detection, achieving up to 0.99 AUC in open-set scenarios, enhancing security against impersonation and unauthorized access. The paper cites [31] as the source for the 0.99 AUC.
- •Perfect forward secrecy (PFS) is achieved through dynamic updates of PUF-based long-term keys during protocol execution, ensuring that past communications remain secure even if long-term secrets are compromised in the future.
- •The MAKE protocol achieves mutual authentication and key exchange with only two message exchanges, reducing communication overhead and improving efficiency compared to existing protocols.
- •The protocol is formally verified using ProVerif, providing a high level of assurance regarding its security properties.
- •A key limitation is the reliance on a secure channel for initial registration with the CS, although this is a common assumption in many security protocols.
Practical Implications
- •The protocol enables secure and seamless cross-domain operation of drones, facilitating applications like emergency response, logistics, and infrastructure inspection where drones may transition between different administrative or security domains.
- •Drone manufacturers, system integrators, and operators can benefit from this research by implementing the proposed protocol to enhance the security and reliability of their IoD deployments.
- •The OTA enrollment mechanism simplifies drone deployment and management, allowing for rapid and repeated re-enrollment in dynamic environments without requiring physical access or a secure environment.
- •The lightweight design of the protocol makes it suitable for resource-constrained drones, enabling secure communication without significantly impacting battery life or performance.
- •Future research directions include exploring the integration of the protocol with other security mechanisms, such as blockchain, to further enhance trust and accountability in IoD systems.