TY - JOUR
T1 - Lightweight and Security-Enhanced Key Agreement Protocol Using PUF for IoD Environments
AU - Lee, Sangjun
AU - Son, Seunghwan
AU - Park, Youngho
N1 - Publisher Copyright:
© 2025 by the authors.
PY - 2025/7
Y1 - 2025/7
N2 - With the increasing demand for drones in diverse tasks, the Internet of Drones (IoD) has recently emerged as a significant technology in academia and industry. The IoD environment enables various services, such as traffic and environmental monitoring, disaster situation management, and military operations. However, IoD communication is vulnerable to security threats due to the exchange of sensitive information over insecure public channels. Moreover, public key-based cryptographic schemes are impractical for communication with resource-constrained drones due to their limited computational capability and resource capacity. Therefore, a secure and lightweight key agreement scheme must be developed while considering the characteristics of the IoD environment. In 2024, Alzahrani proposed a secure key agreement protocol for securing the IoD environment. However, Alzahrani’s protocol suffers from high computational overhead due to its reliance on elliptic curve cryptography and is vulnerable to drone and mobile user impersonation attacks and session key disclosure attacks by eavesdropping on public-channel messages. Therefore, this work proposes a lightweight and security-enhanced key agreement scheme for the IoD environment to address the limitations of Alzahrani’s protocol. The proposed protocol employs a physical unclonable function and simple cryptographic operations (XOR and hash functions) to achieve high security and efficiency. This work demonstrates the security of the proposed protocol using informal security analysis. This work also conducted formal security analysis using the Real-or-Random (RoR) model, Burrows–Abadi–Needham (BAN) logic, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation to verify the proposed protocol’s session key security, mutual authentication ability, and resistance to replay and MITM attacks, respectively. Furthermore, this work demonstrates that the proposed protocol offers better performance and security by comparing the computational and communication costs and security features with those of relevant protocols.
AB - With the increasing demand for drones in diverse tasks, the Internet of Drones (IoD) has recently emerged as a significant technology in academia and industry. The IoD environment enables various services, such as traffic and environmental monitoring, disaster situation management, and military operations. However, IoD communication is vulnerable to security threats due to the exchange of sensitive information over insecure public channels. Moreover, public key-based cryptographic schemes are impractical for communication with resource-constrained drones due to their limited computational capability and resource capacity. Therefore, a secure and lightweight key agreement scheme must be developed while considering the characteristics of the IoD environment. In 2024, Alzahrani proposed a secure key agreement protocol for securing the IoD environment. However, Alzahrani’s protocol suffers from high computational overhead due to its reliance on elliptic curve cryptography and is vulnerable to drone and mobile user impersonation attacks and session key disclosure attacks by eavesdropping on public-channel messages. Therefore, this work proposes a lightweight and security-enhanced key agreement scheme for the IoD environment to address the limitations of Alzahrani’s protocol. The proposed protocol employs a physical unclonable function and simple cryptographic operations (XOR and hash functions) to achieve high security and efficiency. This work demonstrates the security of the proposed protocol using informal security analysis. This work also conducted formal security analysis using the Real-or-Random (RoR) model, Burrows–Abadi–Needham (BAN) logic, and Automated Verification of Internet Security Protocols and Applications (AVISPA) simulation to verify the proposed protocol’s session key security, mutual authentication ability, and resistance to replay and MITM attacks, respectively. Furthermore, this work demonstrates that the proposed protocol offers better performance and security by comparing the computational and communication costs and security features with those of relevant protocols.
KW - Internet of Drones (IoD)
KW - key agreement
KW - physical unclonable function (PUF)
KW - security
UR - https://www.scopus.com/pages/publications/105010306681
U2 - 10.3390/math13132062
DO - 10.3390/math13132062
M3 - Article
AN - SCOPUS:105010306681
SN - 2227-7390
VL - 13
JO - Mathematics
JF - Mathematics
IS - 13
M1 - 2062
ER -