Securing Cross-Domain Internet of Drones: An RFF-PUF Allied Authenticated Key Exchange Protocol With Over-the-Air Enrollment
Xuanyu Chen, Yue Zheng, Junqing Zhang, Guanxiong Shen, Chip-Hong Chang
TL;DR
This paper addresses securing cross-domain Internet of Drones (IoD) by introducing a dual-root-of-trust protocol that combines Radio Frequency Fingerprint Identification (RFFI) for over-the-air enrollment with Physical Unclonable Functions (PUF) for mutual authentication. The protocol enables direct, lightweight MAKE for both drone-to-drone (D2D) and drone-to-ground station server (D2G) communications without storing secrets on drones, using OTP-encrypted keys derived from PUF responses to achieve Perfect Forward Secrecy (PFS). Security is validated via informal analysis and ProVerif formal verification under the Dolev–Yao model, showing resilience to replay, MITM, impersonation, cloning, and DoS. Performance comparisons indicate lower computational overhead, reduced communication, and no onboard secret storage relative to existing IoD schemes, making cross-domain, dynamic drone deployments practically feasible and scalable.
Abstract
The Internet of Drones (IoD) is an emerging and crucial paradigm enabling advanced applications that require seamless, secure communication across heterogeneous and untrusted domains. In such environments, access control and the transmission of sensitive data pose significant security challenges for IoD systems, necessitating the design of lightweight mutual authentication and key exchange protocols. Existing solutions are often hampered by high computation overhead, reliance on third parties, the requirement for secret storage in resource-constrained drones, and the need for a strictly controlled enrollment environment. These limitations make them impractical for dynamic cross-domain deployment. To address these limitations, we propose a lightweight mutual authentication mechanism that integrates Radio Frequency Fingerprint (RFF) and Physical Unclonable Function (PUF) technologies for secure drone-to-drone (D2D) and drone-to-ground station server (D2G) communication. RFF-based device identification is used to achieve over-the-air (OTA) enrollment, while the PUF serves as the root of trust for establishing mutual authentication among communication parties. Additionally, the on-the-fly key generation capability of the PUF is co-designed with One-Time-Pad (OTP) encryption to realize ephemeral keying and eliminate the need for storing secrets within drones. Both informal security analysis and ProVerif-based formal security verification comprehensively demonstrate the resilience of our protocol against common security attacks. The proposed protocol also outperforms existing IoD authentication schemes in terms of security features, as well as computation, communication, and storage overhead.
