A Lightweight and Privacy-Preserving Mutual Authentication and Key Agreement Protocol for Internet of Drones Environment

Cong Pu, Andrew Wall, Kim Kwang Raymond Choo, Imtiaz Ahmed, Sunho Lim

Research output: Contribution to journalArticlepeer-review


With accelerated advances in various technologies, drones, better known as unmanned aerial vehicles (UAVs), are increasingly commonplace and consequently have a more pronounced impact on society. For example, Internet of Drones (IoD), a new communication paradigm offering fundamental navigation assistance and access to information, has widespread applications ranging from agricultural drones in farming to surveillance drones in the COVID-19 pandemic. The increasingly prominent role of IoD in our society also reinforces the importance of securing such systems against various data privacy and security threats. Operationally, it can be challenging to adopt conventional off-the-shelf security products in an IoD system due to the underpinning characteristics of drones (e.g., dynamic and open communication channel). Therefore, in this paper we propose a lightweight and privacy-preserving mutual authentication and key agreement protocol, hereafter referred to as PMAP. The latter uses physical unclonable function (PUF) and chaotic system to support mutual authentication and establish a secure session key between communication entities in the IoD system. To be specific, PMAP consists of two schemes, namely: PMAPD2Z (that mutually authenticates drone and Zone Service Provider (ZSP) and establishes secure session keys) and PMAPD2D (that mutually authenticates drones and establishes secure session keys). In addition, PMAP supports conditional privacy-preserving so that the genuine identity of drones can only be revealed by trusted ZSPs. We evaluate the security of PMAP using AVISPA, as well as provide formal and informal security analysis to show the resilience of PMAP against various security attacks. We also evaluate the performance of PMAP through extensive experiments and compare its performance with existing AKA and IBE-Lite schemes, whose findings show that PMAP achieves better performance in terms of computation cost, energy consumption, and communication overhead.

Original languageEnglish
JournalIEEE Internet of Things Journal
StateAccepted/In press - 2022


  • Authentication
  • Authentication and Key Agreement
  • Chaotic System.
  • Chaotic communication
  • Costs
  • Drone
  • Drones
  • Internet of Drones
  • Internet of Things
  • Physical Unclonable Function
  • Protocols
  • Security


Dive into the research topics of 'A Lightweight and Privacy-Preserving Mutual Authentication and Key Agreement Protocol for Internet of Drones Environment'. Together they form a unique fingerprint.

Cite this