Security and Privacy - 2023 - Mekdad - A Comprehensive Security and Performance Assessment of UAV Authentication Schemes

Received: 28 March 2023 Accepted: 24 July 2023
DOI: 10.1002/spy2.338
S U R V E Y PA P E R
A comprehensive security and performance assessment of

UAV authentication schemes
Yassine Mekdad1 Ahmet Aris1 Abbas Acar1 Mauro Conti2

Riccardo Lazzeretti3 Abdeslam El Fergougui4 Selcuk Uluagac1
1
Cyber-Physical Systems Security Lab,
Department of Electrical and Computer Abstract
Engineering, Florida International In the past few years, unmanned aerial vehicles (UAVs) have significantly
University, Miami, Florida, USA
gained attention and popularity from industry, government, and academia.
2
Department of Mathematics, University
With their rapid development and deployment into the civilian airspace, UAVs
of Padua, Padua, Italy
3
Department of Computer, Control, and
play an important role in different applications, including goods delivery,
Management Engineering “Antonio search-and-rescue, and traffic monitoring. Therefore, providing secure commu-
Ruberti”, Sapienza University of Rome, nication through authentication models for UAVs is necessary for a successful
Rome, Italy
4
and reliable flight mission. To satisfy such requirements, numerous authentica-
Laboratory of Computer Networks and
Systems, Moulay Ismail University of tion mechanisms have been proposed in the literature. However, the literature
Meknes, Meknes, Morocco lacks a comprehensive study evaluating the security and performance of these
solutions. In this article, we analyze the security and performance of 27 recent
Correspondence
Yassine Mekdad, Cyber-Physical Systems UAV authentication works by considering ten different key metrics. First, in
Security Lab, Department of Electrical the performance analysis, we show that the majority of UAV authentication
and Computer Engineering, Florida
International University, Miami, 33174,
schemes are lightweight in their communication cost. However, the storage
FL, USA. overhead or the energy consumption is not reported by many authentication
Email: ymekdad@fiu.edu studies. Then, we reveal in the security analysis the widely employed formal
Funding information models (i.e., abstract description of an authentication protocol through a math-
EU-NGEU, Grant/Award Number: ematical model), while most of the studies lack coverage of many attacks that
PE00000014; National Science
can target UAV systems. Afterwards, we highlight the challenges that need to be
Foundation, Grant/Award Numbers:
NSF-CAREER-CNS-1453647, addressed in order to design and implement secure and reliable UAV authentica-
NSF-1663051, NSF-1718-116; Sapienza tion schemes. Finally, we summarize the lessons learned on the authentication
Università di Roma, Grant/Award
strategies for UAVs to motivate promising direction for further research.
Number: RM120172B4CC529E
KEYWORDS
authentication, cybersecurity, drones, UAVs, unmanned aerial vehicles
1 I N T RO DU CT ION
In the past decade, autonomous drones have attracted noteworthy interest.1 Civilian and military applications that include
transportation, consumer goods, intelligent surveillance, and target acquisition play an important role in improving cit-
izens’ quality of life.2,3 The rapid development and deployment of commercial unmanned aerial vehicles (UAVs) across
multiple industries (e.g., military, infrastructure, agriculture, chemicals) create the need to consider its security, privacy,
and safety implications. One of these considerations is how to prove the legitimacy and authenticity of a flying UAV before
Security Privacy. 2024;7:e338. wileyonlinelibrary.com/journal/spy2 © 2023 John Wiley & Sons, Ltd. 1 of 24
https://doi.org/10.1002/spy2.338
24756725, 2024, 1, Downloaded from https://onlinelibrary.wiley.com/doi/10.1002/spy2.338 by UNIVERSIDADE ESTADUAL PAULISTA, Wiley Online Library on [07/03/2024]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
2 of 24 MEKDAD et al.
exchanging sensitive data. To that end, ensuring these properties for UAVs during the flight mission is one of the essential
key requirements in UAV security. Moreover, it is fundamental to authenticate UAVs before establishing their communi-
cation with the ground control station (GCS) and allow only authenticated UAVs to exchange control and telemetry data
with the GCS. A recent study demonstrates that UAVs are prone to various cyber attacks at different levels: sensor-level,
hardware-level, software-level, and communication-level.4 In this context, authentication provides a means to secure
communication and prevents adversaries from such cyber attacks. Even though it is critical, checking the authenticity of
each UAV during the flight mission is a challenging task due to the diversity of commercial UAVs in terms of commu-
nication protocols and application scenarios. It is also noteworthy that providing onboard security solutions for UAVs is
challenging because of their limited resources in terms of CPU, memory, and battery.5,6
The performance and resilience of UAV authentication protocols against various cyber attacks are of great concern as
thousands of UAVs are deployed in the wild. The fundamental security properties that need to be achieved when designing
an authentication scheme include confidentiality, integrity, availability, and non-repudiation. However, these proper-
ties should also consider performance requirements for UAV-oriented applications (e.g., mobility, energy consumption).
While UAV authentication protocols enable secure communication, they raise security and performance challenges that
need to be addressed. In the existing literature, several UAV authentication protocols are applied in diverse applications
in computing and communication technologies (e.g., computer networks, Internet of Things, Industry 4.0).7-26 Neverthe-
less, to the best of our knowledge, no comprehensive study has contrasted UAV authentication protocols to each other in
terms of security and performance.
In this article, we provide a comprehensive study of the state-of-the-art UAV authentication schemes, covering the
analysis from two dimensions: performance and security. From a performance perspective, we identify six key metrics to
assess the performance of UAV authentication schemes. These metrics consist of the communication cost, the computa-
tion cost, the storage overhead, the energy consumption, the experimental method, and the network topology. Whereas
the security assessment considers four metrics, namely, the formal security analysis, the informal security analysis, the
cryptographic features, and the authentication factor. By synthesizing the current knowledge of UAV authentication
schemes from these two dimensions, we provide an in-depth analysis of the similarities and differences of the selected
studies for each metric. This important and previously ignored systematization of authentication schemes provides valu-
able insights into the performance and security of these schemes in UAV networks, which can eventually serve as a useful
resource for researchers and practitioners in the field.
Scope. The scope of our study includes 27 authentication schemes proposed in the last 4 years (2019–2022). We outline
these studies and their targeted environment in Table 1. In this article, we focus on the problem of UAV authentication
and provide a tabular comparison of existing papers using ten multiple metrics that are useful indicators for security and
performance. Moreover, we show how UAV authentication schemes are designed and implemented across different target
environments (e.g., smart city environment, cellular networks, software-defined networks). In particular, we indicate
that designing a UAV authentication scheme highly depends on the target environment. Then, we summarize key ideas
proposed in previous works, drawing the challenges and lessons learned, which an expert may benefit from extending
the current state-of-the-art.
Summary of findings. The summary of our findings are as follows:
• We found that most UAV authentication schemes are quite lightweight in terms of their communication cost. Thus,
enabling them to fit their messages into the frames of various wireless communication technologies.
• Computation cost is the most widely reported performance metric among the selected studies where the execution
time varies between 2 and 20 ms.
• Many authentication studies do not consider the storage overhead of their schemes, which can negatively affect the
performance of resource-constrained UAVs such as micro aerial vehicles.
• Most of the authentication works in the literature do not evaluate the energy consumption of their schemes which can
negatively affect the lifetime of the UAV network, especially the network of micro aerial vehicles.
• Several UAV authentication studies provide a formal or informal security analysis of their schemes. While random
oracle model (ROM) and Dolev Yao model are the most widely employed formal models, for informal security analysis,
the studies lack coverage of many attacks that can target UAV systems.
Contributions. The main contributions of our work are summarized as follows:

MEKDAD et al. 3 of 24
T A B L E 1 The analyzed UAV authentication studies.

Work Year Target environment
Yu et al.27 2022 Smart city environment

Lounis et al.28 2022 Internet of Drones environment
Pu et al.29 2022 Internet of Drones environment
Tian et al.30 2022 Multi-domain environment
Zhang et al.31 2022 Smart UAV networks environment
Tan et al.32 2022 Industrial Internet of Things environment
Tanveer et al.33 2022 Internet of Drones environment
Yahuza et al.26 2021 Internet of Drones environment
12
Asghar Khan et al. 2021 5G wireless networking infrastructure
Lei et al.17 2021 Internet of Drones environment
Jan et al.13 2021 Internet of Drones environment
Gope et al.24 2021 RFID-enabled UAV applications
21
Mall et al. 2021 Unattended environments (e.g., forest, battlefield)
18
Nikooghadam et al. 2021 Smart city surveillance environment
16
Hussain et al. 2021 Internet of Drones environment
7
Chen et al. 2020 3.5G (14 Mbps)
Alladi et al.8 2020 SDN-backed multi UAV networks environment
Pu et al.14 2020 UAV network
Kirsal Ever et al.19 2020 Wireless sensor networks
15
Cho et al. 2020 Internet of Drones environment
9
Ali et al. 2020 Smart city surveillance environment
22
Khanh et al. 2020 Dynamic environment for a swarm of UAVs
25
Alladi et al. 2020 Internet of Drones environment
Srinivas et al.10 2019 Internet of Drones environment
Wazid et al.11 2019 Internet of Drones environment
Tian et al.20 2019 Mobile edge computing environment
Rodrigues et al.23 2019 Wireless sensor networks
• We evaluate the security and performance of 27 different authentication works for UAVs during the last 4 years
(2019–2022).
• We select ten key metrics to evaluate existing authentication protocols. These metrics include the formal security anal-
ysis, the informal security analysis, the cryptographic features, the authentication factor, the communication cost, the
computation cost, the storage overhead, the energy consumption, the experimental method, and the network topology.
• By analyzing a large spectrum of UAV authentication studies, we identify several security and performance challenges
that should be addressed while developing authentication schemes for UAV-oriented applications.
• We discuss the lessons learned on the security and performance of UAV authentication schemes.
Organization. The rest of this article is organized as follows. In Section 2, we provide background information on
UAV communications, their existing authentication methods, and different authentication factors for UAVs with their
particular characteristics. Then, we present our proposed methodology in Section 3. Afterward, in Sections 4 and 5, we
evaluate the performance and security of existing authentication protocols, respectively. Section 6 discusses the challenges
that need to be addressed in order to design and implement secure and reliable UAV authentication schemes. In Section 7,
we give the lessons learned on the authentication strategies for UAVs. Finally, Section 8 concludes the article.
2 UAV AU T H E N T ICAT ION
The popularity and wide use of commercial UAVs in several applications trigger the need to enable the authenticity
and legitimacy of UAVs taking part in the flight mission. In this section, we provide background information on UAV
communications and the existing authentication approaches.
2.1 UAV communication
UAVs are complex aerial vehicles that combine the sensors, the hardware, the software, and the radio communica-
tion module.34 In real-world applications, the GCS can communicate with a large number of UAVs (e.g., search and
rescue—SAR, aerial surveillance) and operate in a group known as swarm of drones. This type of communication, known
as GCS-2-UAV communication, represents the typical type of communication in mission-driven civilian applications.35 It
is a wireless-based communication that exchanges control and telemetry data between the GCS and a set of UAVs during
the flight mission. We note that different UAV communication protocols can handle data transmission (e.g., MAVLink,36
UranusLink37 ). Unlike mobile ad hoc or vehicular ad hoc networks, UAV networks are aerial and characterized by high
mobility and low node density.38 Considering the swarm of UAVs as a flying ad hoc network that combines a large num-
ber of UAVs,39 it is crucial to protect such networks from different cyber attacks (e.g., spoofing attack, man-in-the-middle
attack). In what follows, we present different UAV authentication methods enabling secure GCS-2-UAV communication.
2.2 UAV authentication methods
As illustrated in Figure 1, we need to ensure that only authenticated UAVs are allowed to establish secure GCS-2-UAV
communication. In such scenarios, the adoption of UAV authentication mechanisms prevents malicious adversaries from
compromising the flight mission. Accordingly, several studies on UAV authentication protocols have been proposed in
the literature.7-26 Effective authentication schemes for UAVs rely on cryptographic primitives to guarantee confidentiality,
integrity, and availability. To efficiently understand such models and their differences in terms of security and perfor-
mance, we provide a classification of UAV authentication factors used to establish secure UAV-2-GCS communication.
In what follows, we present different authentication methods for UAVs with their particular characteristics.
• Certificate-based authentication: It consists of using a digital certificate to authenticate UAVs over public communica-
tion channels. In particular, it relies on a trusted authority center that provides valid digital certificates for legitimate
UAVs participating in the flight mission. Applicable environments include the Internet of Drones environment7 and
UAV-enabled Intelligent Transportation Systems environments.12 Note that certificate-based authentication models
use elliptic curve cryptography, Diffie–Hellman key exchange, signature mechanisms, and hash functions to guarantee
FIGURE 1 Representation of malicious and benign GCS-2-UAV communication.

the integrity and confidentiality of the flight mission. One example of a certificate-based authentication method
considers the use of hyperelliptic curve cryptography techniques, digital signature, and hash function to present a
privacy-preserving authentication scheme.12 In this case, the session keys and pseudonym identity are used to ensure
identity anonymity and privacy.
• Challenge-response authentication: In this type of authentication, the UAV is challenged by the GCS and must pro-
vide a valid response. Recent works consider the use of physical unclonable functions (PUF) to authenticate UAVs
using a challenge-response authentication mechanism.8,21,25 These approaches leverage the identity of UAVs through
PUFs to provide a unique response and achieve mutual authentication. In Reference 40, the authors proposed a
challenge-response authentication scheme based on a trust assessment model. The authentication scheme is applica-
ble for a swarm of UAVs that are considered as trusted agents. These agents share a common secret key with a trust
value. In another work,25 the authors presented a PUF-based authentication for remote hovering devices; the proposed
approach achieves mutual authentication for the tri-layered software-defined UAV networks.
• User authentication: This method consists of authenticating users to the deployed UAVs to benefit from real-time
services (e.g., environmental data, traffic status). An example of lightweight user authentication with a key agree-
ment scheme for UAVs has been proposed by Wazid et al.11 The proposed approach uses one-way cryptographic hash
functions and bitwise XOR operations.
• Signature-based authentication: It is an authentication mechanism mainly used with digital certificates where a given
UAV verifies the digital signature of the GCS before establishing secure communication. This type of authentication
uses modular exponentiation and the discrete logarithm during the authentication process. In a mobile edge com-
puting (MEC) environment, Tian et al.20 proposed a lightweight signature-based authentication scheme with digital
certificates that implements fast modular arithmetic operations during the authentication process.
• Identity-based authentication: It consists of verifying the legitimate identity of the UAV participating in the flight mis-
sion and preventing impersonation and masquerade attacks. In Reference 17, the authors developed a lightweight
identity security authentication protocol for UAVs. The proposed model optimizes the authentication process and
guarantees forward and backward security.
• Anonymous authentication: This method of authentication satisfies the anonymity property for the UAVs. It consists
of authenticating legitimate UAVs without revealing their identity. Gope et al.24 proposed a lightweight anonymous
authentication scheme for RFID-enabled UAV applications.
• Credential-based authentication: This type of authentication requires the UAVs to provide credentials, which can
be defined as UAV-related information for the authentication. Generally, credential-based authentication includes a
trusted third party during the authentication process. In the Internet of Drones environment, Srinivas et al.10 sug-
gested a temporal credential-based anonymous lightweight authentication scheme for UAVs, where a legitimate user
can access real-time data of UAVs using his credentials.
• Hash-based authentication: It consists of authenticating UAVs by involving the use of cryptographic hash functions.
Moreover, hash-based authentication guarantees integrity and authentication simultaneously. In Reference 13, the
authors implemented a hash-based message authentication protocol for UAVs. The proposed approach is lightweight
and guarantees forward secrecy.
• Asymmetric cryptosystem authentication: Other authentication schemes that rely solely on cryptographic primitives
can fit this category. In particular, authentication frameworks that implement various elliptic curve mechanisms,
Diffie-Hellman key exchange protocol, and hash functions. For example, in Reference 18, the authors proposed a
secure authentication scheme based on elliptic curve cryptography for UAVs to secure smart city surveillance. Another
work proposed a secure and efficient authentication framework for UAVs that use elliptic curve digital signature
algorithm.
3 P RO P O S E D METH O D O LO GY
In this section, we provide the practical motivations for assessing the security and performance of UAV authentica-
tion schemes. Then, we present our methodology to jointly assess the security and performance of UAV authentication
schemes. In Figure 2, we define ten performance and security metrics to assess UAV authentication models.
Security Metrics Performance Metrics
Communication Cost Energy Consumption

Formal Security Analysis Cryptographic Features
Computation Cost Experimental Method
Informal Security Analysis Authentication Factor

Storage Overhead Network Topology
FIGURE 2 Considered security and performance metrics for UAV authentication schemes.
3.1 Motivations
The recent advancement in UAV technology, particularly in military and civilian applications, has demonstrated that
authentication is a common requirement for a secure and safe flight mission. In this context, a significant amount of
interesting authentication schemes have been proposed in order to prevent malicious actors from jeopardizing UAV oper-
ations. However, these schemes could potentially raise security-performance tradeoffs, given the resource-constrained
property of UAVs. Therefore, it is challenging to deploy authentication mechanisms in real-world applications. This chal-
lenge makes the practical deployment of UAV authentication schemes a unique problem that needs to be addressed. To
that end, there is limited knowledge about the practicality of deploying existing UAV authentication schemes. Impor-
tantly, no previous work has jointly assessed the security and performance of UAV authentication schemes toward their
deployment in real-world scenarios. In this study, we are motivated to present a comprehensive security and performance
assessment of UAV authentication schemes that can be used to extend the current body of knowledge.
3.2 Performance metrics
For the performance metrics, we define six key indicators: (i) communication cost, (ii) computation cost, (iii) storage over-
head, (iv) energy consumption, (v) experimental method, and (vi) network topology. We selected these indicators based on
the results provided in most of the covered studies. Even though some metrics, such as energy consumption, are provided
by only a few of the studies,11,14,26 these metrics are commonly used metrics in UAV authentication studies.
• Communication cost: Also known as data transfer overhead, it represents the number of bytes an authentication scheme
needs to exchange over the GCS-2-UAV communication channel. Such data enables the authenticity of UAVs during a
flight mission.
• Computation cost: It consists of the amount of time required by a processor to perform computations during the authen-
tication process. Since UAVs are resource-constrained devices with limited processing functionality, it is important to
consider reducing the computation costs while designing the authentication model.
• Storage overhead: It corresponds to the size of memory space used during the UAV authentication process. The storage
overhead is an important metric that measures authentication protocols’ performance. An authentication technique
with a low storage overhead can enable larger storage space for the onboard UAV software.
• Energy consumption: This metric illustrates the amount of energy consumed by the UAVs during the authentication
process. It is worth mentioning that several characteristics influence the energy consumption of UAVs (e.g., speed,
weather, payload). However, energy efficiency for an authentication mechanism can be crucial for small UAVs such as
micro aerial vehicles with low-energy capacity.
• Experimental method: In this metric, we identify the experimental settings under which the proposed UAV authenti-
cation scheme is evaluated (e.g., hardware, simulation).
• Network topology: This metric considers the UAV network architecture proposed by the authentication scheme and its
corresponding characteristics (e.g., throughput, end-to-end delay, networking environment).
3.3 Security metrics
The security metrics aim to measure the robustness of a given UAV authentication model against different theoretical
and practical attacks. Here, we consider four security metrics: (i) formal security analysis, (ii) informal security analysis,
(iii) cryptographic features, and (iv) authentication factor.
• Formal security analysis: Also known as provable security analysis. It is an abstract description of an authentication pro-
tocol through a mathematical model (e.g., Dolev-Yao adversarial model, random oracle model-ROM). Such description
consists of formally proving the security properties of a system model (e.g., authentication, integrity, secrecy).
• Informal security analysis: Given a UAV authentication model, the informal security analysis evaluates its security
features under the assumption considered in the threat model. Thus, it demonstrates informally its resilience against
known cyber attacks (e.g., spoofing attack, replay attack, impersonation attack, insider attack). Here, we choose fifteen
different attacks that are covered in most of the selected studies, and which we believe are more practical than others
in real use-case scenarios.
• Cryptographic features: This metric identifies the cryptographic algorithms used by the proposed UAV authentication
scheme (e.g., hash functions, fuzzy extractors, password-based-key-derivation functions).
• Authentication factor: It consists of specifying the factor utilized by the proposed UAV authentication scheme (e.g.,
password authentication, biometric authentication, digital certificates).
4 PERFORMANCE A NA LYSIS
Although robust UAV authentication mechanisms can achieve an important level of security, they might have a high
overhead on the performance of the flight mission in real-world applications. In this section, we review the performance
of UAV authentication protocols based on six key metrics given in Section 3.2.
4.1 Communication cost
To evaluate the communication cost among different UAV authentication models, we report the total length of mes-
sages that have been transmitted from the beginning to the end of the authentication process through the GCS-2-UAV
communication channel. We outline the communication cost of several UAV authentication models in Table 2. The com-
munication cost includes the message length, the proposed target environment, and the transmission time. As shown in
Table 2, most of the studies consider the Internet of Drones environment. In contrast, other studies adopt different net-
working infrastructures, such as wireless sensor networks (WSN) and MEC environments. Moreover, the message length
of all of the studies varies between 336 and 5536 bits, and only a few studies provide the transmission time,7,12,21 which
indeed depends on the environment and communication channel. We also notice that the most lightweight authentica-
tion protocol is proposed by Mall et al.,21 where the authors developed a lightweight challenge-response authentication
protocol based on PUFs. In contrast, the work proposed by Tian et al.20 is the most heavyweight authentication protocol
with a message length of at least 4176 bits.
4.2 Storage overhead and computation cost
Given that UAVs are resource-constrained devices with limited storage, we consider the storage cost of UAV authenti-
cation protocols to assess their suitability for UAV-oriented applications. We also review the execution time during the
authentication process to determine if a UAV authentication model can likely produce an overrun on the processor. In
Table 3, we report and compare the storage overhead and computation cost required for different UAV authentication
T A B L E 2 Communication cost for UAV authentication schemes.

Message Transmission
Work Target environment length time
Yu et al.27 Smart city environment 2048 bits N/A

Lounis et al.28 Internet of Drones environment 1744 bits 178 ms
Pu et al.29 Internet of Drones environment 3576 bits N/A
Tian et al.30 Multi-domain environment 3020 bits N/A
Zhang et al.31 Smart UAV networks environment 2688 bits N/A
32
Tan et al. Industrial Internet of Things environment 448 bits N/A
33
Tanveer et al. Internet of Drones environment 2240 bits N/A
26
Yahuza et al. Internet of Drones environment 1760 bits N/A
12
Asghar Khan et al. 5G wireless networking infrastructure 336 bits 0.48 ms
Lei et al.17 Internet of Drones environment 1568 bits N/A
Jan et al.13 Internet of Drones environment 3720 bits N/A
Gope et al.24 RFID-enabled UAV applications N/A N/A
Mall et al.21 Unattended environment (e.g., forest, battlefield) 160 bits 2.16 ms
18
Nikooghadam et al. Smart city surveillance 2336 bits N/A
16
Hussain et al. Internet of Drones environment 2208 bits N/A
7
Chen et al. 3.5G (14 Mbps) 5536 bits 3.5G (0.395 ms)
4G (100 Mbps) 4G (0.055 ms)
Pu et al.14 UAV network 1952 bits N/A
Alladi et al.25 Internet of Drones environment 1600 bits N/A
Kirsal Ever et al.19 Wireless sensor networks 1104 bits N/A
Cho et al.15 Internet of Drones environment 576 bits N/A
Ali et al.9 Smart city surveillance environment 1696 bits N/A
22 ∗
Khanh et al. Dynamic environment for a swarm of UAVs 4168 bits 3TTrans
Alladi et al.8 SDN-backed multi UAV networks N/A N/A
10
Srinivas et al. Internet of Drones environment 1536 bits N/A
11
Wazid et al. Internet of Drones environment 1696 bits N/A
Tian et al.20 Mobile edge computing environment 4176 bits + |Cert∗∗ | + |SIG∗∗∗ | N/A
Rodrigues et al.23 Wireless sensor networks N/A N/A
∗
Abbreviations: Cert∗∗ , the size of the certificate; SIG∗∗∗ , the size of the signed message; TTrans , the time for message transmission in the communication
between UAVs.
models and provide the following notation Tx to describe the computation cost, such that x is the time required for a
Pol (polynomial), Mul (multiplication), H (hashing), Cmp (comparison), Con (concatenation), E (encryption), D (decryp-
tion), S (signature), Sv (signature verification), Cv (certificate verification), Xor (XOR), P (PUF), Bp (bilinear pairing),
FE (fuzzy Extractor), G (generate random numbers), Tr (update the trust table), HCSM (hyperelliptic curve scalar mul-
tiplication), EccMul (ECC multiplication), EccAdd (ECC addition) operations respectively. We note that for session key
establishment, Wazid et al.11 use a symmetric bivariate polynomial  function over a finite field (Galois field) GP(p), such
that p is a prime number and m is the degree of . According to the reported results, we remark that few works provide
numerical results on the storage overhead. We also found that more than 50% of the studies do not report the storage
overhead of their authentication protocols. Additionally, the challenge-response authentication is the most lightweight
approach in terms of storage overhead, which perfectly matches the most lightweight authentication mechanism in terms
of communication cost.21 We also observe that the storage overhead of some studies cannot be numerically determined
T A B L E 3 Storage overhead and computation cost for UAV authentication schemes.

Storage Computation
Work overheads Authentication method Formal computation cost cost
Yu et al.27 N/A Challenge-response authentication TFE + 8TH 5.32 ms

Lounis et al.28 320 bits Extended challenge-response authentication N/A 340 ms
Pu et al.29 N/A Challenge-response authentication N/A N/A
30
Tian et al. * Challenge-response authentication 5TH + TP + TG + TFE 1.276 ms
31
Zhang et al. N/A Challenge-response authentication 18TH + 4TE 0.0676 ms
32
Tan et al. 23.31 bits Asymmetric cryptosystem authentication 2TEccMul + TEccAdd + 2TH + TMul 23.308 ms
33
Tanveer et al. 1948 bits Asymmetric cryptosystem authentication 6TH + 2TE + 2TEccMul 8.55 ms
Yahuza et al.26 N/A Asymmetric cryptosystem authentication 6TH + 6TEccMul + 10TEccAdd 13.66 ms
Asghar Khan et al.12 N/A Certificate-based authentication 4THCSM 1.920 ms
Lei et al.17 N/A Lightweight identity-based authentication 8TH + TMul 2.062 ms
13
Jan et al. 1120 bits Hash-based authentication 1TMul + 7TH TG + 8TXor + 2TD 8.647 ms
24
Gope et al. N/A Lightweight anonymous authentication 5TH + 2TP + TG + TFE 14.580 ms
21
Mall et al. N/A Challenge-response authentication 13TH + 2TP + 1TE 20.930 ms
18
Nikooghadam et al. N/A Asymmetric cryptosystem authentication 2TEccMul + 5TH 27.090 ms
Hussain et al.16 N/A Asymmetric cryptosystem authentication 6TH 20.432 ms
Chen et al.7 N/A Certificate-based authentication 5TMul + 4TH + 3TCmp + 4TE + 3TS N/A
Pu et al.14 320 bits Challenge-response authentication N/A 0.6249 ms
Alladi et al.25 352 bits Challenge-response authentication 8TXor + 2TG + 3TH + 2TP + 11TCon 0.031 ms
19
Kirsal Ever et al. N/A Asymmetric cryptosystem authentication 17TH + 6TBp + 4TEccMul 0.002 ms
15
Cho et al. 2720 bits Asymmetric cryptosystem authentication N/A 35.07 ms
9
Ali et al. 640 bits Credential-based authentication 7TH 2.295 ms
Khanh et al.22 ** Challenge-response authentication 2TTr + 4TH + 16TXor + 2TG 35 ms
Alladi et al.8 N/A Challenge-response authentication N/A 0.900 ms
Srinivas et al.10 352 bits Credential-based authentication 7TH 26.700 ms
Wazid et al.11 *** Lightweight user authentication 7TH + 2TCmp + 4TXor 2.240 ms
20
Tian et al. 2368 bits Signature-based authentication TCv + TSv 7.840 ms
23
Rodrigues et al. N/A Multi-factor authentication 17TH + 6TEccMul 2.190 ms
Note: * 160 + 64n, ** Size of the secret key and the trust table, *** 480 + (m + 1) log2 (p) bits.
because they rely on the value of other parameters. For example, the work proposed by Khanh et al.22 is a trust-based
model that relies on a trust table that contains a list of trusted UAVs with their corresponding trust value. Accordingly,
the storage overhead depends on the size of the secret key and the trust table. Another example is the authentica-
tion technique proposed by Wazid et al.,11 where the storage overhead value depends on the degree m of the bivariate
polynomial .
Regarding the execution time, we derive that using elliptic curve cryptography significantly reduces the computation
cost compared to other cryptographic primitives. For example, in Reference 23, the computation cost is 2.190 ms, whereas
in Reference 16, the computation cost is 20.432 ms. In contrast, the work of Yahuza et al.26 has a computation cost of 13.66
ms, knowing that the considered approach is based on elliptic curve cryptography. This difference could be explained by
the number of multiplication and addition operations the elliptic curve function uses. Moreover, we remark that authen-
tication models that have the same formal expression, such as References 9 and 10, differ in terms of computation cost. We
also note that the computation cost changes based on the selected hardware where the proposed authentication protocol
is executed.
4.3 Energy consumption and experimental method
Energy consumption is one of the key factors affecting the performance of UAVs and might present a bottleneck for UAV
manufacturers. Since UAVs are resource-constrained devices, it is crucial to consider the energy consumption of authen-
tication models for their potential applicability in real-world scenarios. To that end, we investigate the existing power
consumption of UAV authentication models by reporting the amount of energy consumed during the authentication
process. In Table 4, we list the energy consumption (represented by Joules) for different UAV authentication schemes
and their respective experimental methods. From the depicted results in Table 4, we observe that very few works pro-
vide the energy consumption of the authentication protocols.11,14,41 Additionally, we found that more than 50% of the
UAV authentication protocols are experimented using simulation tools (e.g., NS2, OMNeT ++). However, simulation
tools cannot perfectly describe the power consumption of UAV authentication protocols when deployed in a real-world
environment.
T A B L E 4 Energy consumption for UAV authentication schemes.

Energy
Work consumption Experimental method
27
Yu et al. N/A Hardware (Raspberry Pi 4)
Lounis et al.28 N/A Hardware (Arduino Uno R3)
Pu et al.29 0.008 J Latte Panda development board (Intel Cherry Trail Z8350 Quad Core CPU 1.92
GHz, and 4GB RAM)
Tian et al.30 N/A Hardware (Raspberry Pi 3B)
31
Zhang et al. N/A Simulation (PBC-0.5.14 cryptographic library)
Tan et al.32 N/A Simulation (JPBC (Java Pairing-Based Cryptography) version 2.0.0)
33
Tanveer et al. N/A Hardware (Raspberry Pi 3B)
Yahuza et al.26 3.020 J Simulation (Python 3.7 programming language)
Asghar Khan et al.12 N/A Simulation (Multi-precision Integer and Rational Arithmetic Library)
17
Lei et al. N/A Simulation
Jan et al.13 N/A Hardware (Samsung Galaxy S5 of Quad-core 2.45G processor, 2GB of RAM)
24
Gope et al. N/A Hardware (Integrated circuit: Xilinx XC5VLX30, and SRAM PUF)
Mall et al.21 N/A Simulation
Nikooghadam et al.18 N/A Hardware (Samsung Galaxy S5, Quad-core 2.45G processor, 2GB of RAM)
Hussain et al.16 N/A Hardware (Xiaomi Redmi Note 8, with 4 GB RAM and Octa-core Max 2.01 GHz
processor)
Chen et al.7 N/A Theoretical
Pu et al.14 0.174 × 10 −3
J Simulation (OMNeT++)
25
Alladi et al. N/A Hardware (Raspberry Pi 3B)
Cho et al.15 N/A Simulation
Ali et al.9 N/A Simulation (GMP based PBC library)
Khanh et al.22 N/A Simulation (Anylogic platform and Java programming source)
8
Alladi et al. N/A Hardware (NodeMCU v1.0 with 128kB of RAM and 4MB of flash storage)
Srinivas et al.10 N/A Simulation
Wazid et al.11 0.112 × 10−3 J Simulation (NS2 v2.35)
Tian et al.20 N/A Simulation (Multi-precision Integer and Rational Arithmetic Library)
23
Rodrigues et al. N/A Simulation (Microsoft Visual C++ 2017, crypto++ library)
4.4 Network topology
The performance of UAV authentication models can change according to the considered UAV network topology (e.g., sin-
gle UAV, multiple UAVs).35 To that end, it is essential to assess if a UAV authentication scheme can still work efficiently
in a different UAV network topology. According to the selected UAV authentication protocols, we found that the major-
ity of existing works did not evaluate the scenarios where the network topology changes, and consequently might impact
the performance of the proposed protocol, such as introducing delays during the authentication. Considering the selected
UAV authentication protocols, we found that the majority of the existing works did not evaluate the network perfor-
mance in terms of scalability and throughput for their proposed authentication strategy.7,13,14 Although assumptions have
been made regarding the easy communication and data transmission, the authors did not provide the characteristics and
details on the network performance under which the proposed authentication framework is reliable (e.g., throughput,
end-to-end delay, packet loss rate).9,10,15 In other networking environments that leverage UAV authentication mecha-
nisms such as SDN (software defined networking), WSN, and 5G wireless networking infrastructure,8,12,19 the authors
slightly highlighted the performance of the authentication models in terms of latency and reliability. For instance, in
Reference 12, the authors suggested a 5G wireless networking infrastructure for intelligent transportation system envi-
ronments. The proposed networking infrastructure enables communication among different entities: the UAVs, the GCS,
and the roadside unit. Although the 5G networking infrastructure might support a large number of UAVs, the authors did
not evaluate the network performance in terms of latency and reliability regarding the proposed authentication scheme.
On the other hand, it is worth mentioning that few works considered evaluating the network performance along with
the proposed authentication model.11,17,20,21 In particular, Wazid et al.11 considered several UAVs in different areas and
evaluated the network performance using the packet loss rate, the throughput, and the end-to-end delay. The experimen-
tal results demonstrated better performance compared to other authentication protocols.42,43 Additionally, the network
model carried out by Tian et al.20 suggested a MEC network that supports a large amount of UAVs and considered the
estimated arrival time of the packets for efficient network operation and service delivery.
5 S EC U RIT Y ANALY SIS
In this section, we perform a security assessment of the existing UAV authentication schemes by considering two key
metrics: the formal security analysis and the informal security analysis.
5.1 Formal security analysis
Given a UAV authentication scheme, its security properties are proven through formal security verification techniques
such as the Dolev-Yao model and ROM. These techniques play an essential role in designing a UAV authentication model.
In Table 5, we present the existing formal models for different UAV authentication schemes, the considered features, and
their proven security properties. According to the reported results, we remark that few works did not consider the formal
security analysis of their authentication schemes.14,19,20,22 Moreover, we found that the most frequently used models are
the ROM and the Dolev-Yao models. The ROM model is a cryptographic-based game theory model that combines both
cryptographic algorithms and game theory leveraging an efficient formal proof of the authentication protocols. On the
other hand, the simplicity of the Dolev-Yao model makes it widely used among researchers to analyze the security of sev-
eral protocols. The less frequently used models are the model-checking technique and the automated validation model.
We mention that we found several automated software used in the selected papers to formally verify the security of UAV
authentication protocols, such as Scyther and Proverif tools. These tools provide an expressive formal language to prove
the security properties of authentication models (e.g., session key secrecy, mutual authentication, message freshness).
We also observe that secrecy is the most proven property among the authentication protocols, according to the reported
results.
5.2 Informal security analysis
The informal security analysis includes a set of security attacks that should be infeasible for a UAV authentication model
under adversarial assumptions. For the selected UAV authentication schemes, we identified 15 common attacks and
T A B L E 5 Formal security analysis of UAV authentication schemes.
12 of 24
Work Formal model Considered features Proved security properties
Yu et al.27 Real-Or-Random (ROR) model -Cryptographic game theory -Secure against man-in-the-middle attack
(AVISPA tool) -Secure against replay attack
-Mutual authentication
-Perfect forward secrecy
28
Lounis et al. Dolev-Yao model -Verification of the cryptographic protocol -Mutual authentication
(TAMARIN tool) -Secrecy of the session key
-Message freshness
Pu et al.29 Burrows–Abadi–Needham (BAN) logic -Verfication of the cryptographic protocol -Secure against replay attack
(AVISPA tool) -Secure against man-in-the-middle attack
-Mutual authentication
-Secure session key agreement
30
Tian et al. GNY logic (extension of the BAN logic) -Logical postulates and inference rules -Mutual authentication
-Security of the session key
31
Zhang et al. ROR model (AVISPA tool) -Verification of the parties -Semantic security of session key
Tan et al.32 BAN logic (AVISPA tool) -Verification of the cryptographic protocol -Message secrecy
Tanveer et al.33 Random oracle model (ROM) (Scyther tool) -Cryptographic game theory -Message freshness
-Semantic security
Yahuza et al.26 Canetti-Krawczyk (CK) model (Proverif) -Cryptographic primitives -Verification of authenticity and secrecy
-Unbounded parallel sessions
Asghar Khan et al.12 Real-Or-Random (ROR) oracle model -Cryptographic game theory -Semantic security for the secret key
Lei et al.17 Dolev-Yao model (ProVerif tool) -Identity verification -Mutual authentication
-Parallel sessions generation -Forward and backward security
Jan et al.13 ROM model (Proverif) -Identity verification -Message secrecy
-Integrity and authorization
Gope et al.24 Ouafi and Phan’s security model44 -Tracing capabilities -Message freshness
-Untraceability and session completion
21
Mall et al. Model checking technique (Scyther tool) -Checking communication security -Non-injective synchronization property
-Checking authentication security -Non-injective agreement property
MEKDAD et al.
MEKDAD et al.
T A B L E 5 (Continued)
Work Formal model Considered features Proved security properties
18 45
Nikooghadam et al. -Dolev–Yao model -Cryptographic game theory -Verification of the authentication scheme
46
-Canetti and Krawczyk model
Hussain et al.16 Random oracle model (ROM) -Identity verification -Mutual authentication
-Semantic security
Chen et al.7 Burrows–Abadi–Needham (BAN) logic -Verification of the parties -Mutual authentication
-Verification of the message freshness -Secure session key agreement
25
Alladi et al. Mao and Boyd logic -Nonce-verification -Good-secrecy
-Intuitive and good-key inference rules
15
Cho et al. Dolev-Yao model (ProVerif) -Verification of the cryptographic protocol -Secrecy of the session key
Ali et al.9 Random oracle model (ROM) -Cryptographic game theory -Correctness of the model
-Session key secrecy
Alladi et al.8 Mao and Boyd logic -Inference rules47 -Forward and backward secrecy
Srinivas et al.10 Real-Or-Random (ROR) model (AVISPA) -Cryptographic game theory -Security of the session key
Wazid et al.11 Automated validation (AVISPA tool) -On-the-fly model checker -Secure against replay attack
-Constraint-logic-based attack searcher -Secure against man-in-the-middle attack
Rodrigues et al.23 Burrows–Abadi–Needham (BAN) logic -Message freshness verification -Security of the identity
-Message-meaning verification -Secure session key agreement
-Nonce verification
13 of 24
checked if the proposed authentication protocols considered such attacks. In Table 6, we outline the results for the selected
attacks. The outcomes from the informal security analysis reveal that no UAV authentication scheme is resilient to all the
considered cyber attacks. According to the results, the average number of attacks considered by the studies is five attacks
per study, representing 33.33% of the attacks. Moreover, we remark that the most covered attack is the replay attack, with
16 studies out of 27, and the least covered one is the session information attack, with only two studies out of 27. Among the
chosen UAV authentication protocols, the work proposed by Jan et al.13 is the work that is resilient to the highest amount
of the selected attack (nine attacks), while the work proposed by Chen et al.7 prevents only two attacks. Therefore, we
note that any of the 27 UAV authentication protocols are weak against at least 60% of the attacks mentioned in Table 6.
5.3 Authentication factor and cryptographic features
In Table 7, we illustrate the entities participating in the authentication process, the authentication type, the authenti-
cation factor, and the corresponding cryptographic features for each study. According to the covered studies, it can be
clearly shown that several entities participate in the authentication process. Their number depends on the UAV applica-
tion scenario (e.g., Internet of Drones, smart city surveillance, WSN) that is considered in every study; thereby, entities
participating in the authentication process vary for each study. In what follows, we describe the complete list of entities
that participate in the authentication process in these studies as follows:
• UAVs: Consist of authenticated drones participating in the flight mission.

• GCS: It is a ground-based computer processing unit that enables remote control of UAVs, mainly responsible for
communication with the flying UAVs, the users, and likely other devices such as sensors and mobile devices.
• Trusted authority center: It represents a fully trusted center that provides legitimate certificates for different devices
and users participating in the flight mission.
• MEC device: In the Internet of Drones environment, MEC devices act as a gateway between UAVs and cloud computing
servers. These devices can collect and transfer data from UAVs to cloud computing servers. Thus, enabling the user’s
real-time monitoring of such data.
• Roadside unit: In the Intelligent Transportation Systems (ITS) environments, the roadside unit is a transceiver that can
be mounted on the road and sends real-time data to the UAVs.
• Onboard unit: In the context of ITS, the onboard unit is an embedded device on vehicles that collect data and send
them to the roadside unit.
• Sensors: Consist of devices that collect different kinds of data (e.g., temperature, pressure, humidity) and send these
data to the UAVs.
• Users: They are the persons who are authenticated and allowed to participate in the UAV flight mission.
• Mobile device: It is a device that provides a means of authentication for the users, such as biometric authentication.
• Access point: It is a non-resource-constrained device that performs complex operations during the UAV flight mission.
We found that some works consider only two entities during the authentication (UAVs and GCS).14,23,24 In con-
trast, other works include more entities such as the trusted authority center and the sensors.17,20,26 Note that the
end-to-end authentication feature authenticates the entities participating in the flight mission to prevent potential
man-in-the-middle attacks. Here, we distinguish two kinds of end-to-end authentication: (i) Device-to-Device authen-
tication, and (ii) User-to-Device authentication. The Device-to-Device authentication consists of establishing a secure
communication session between different devices (e.g., trusted authority center, mobile device, UAVs). In other words,
all the communicating devices taking part in the flight mission should be authenticated between each other. On the
other hand, the User-to-Device authentication authenticates the users and their corresponding communicating devices.
We note that some studies provide a standalone Device-to-Device authentication,12,25,41 while other studies consider
both kinds of end-to-end authentication.9,13,21 These work include at least three entities: the users, the GCS, and the
UAVs. However, no particular work considers solely a User-to-Device authentication. Additionally, the selected studies
use various authentication factors (e.g., PUF-based authentication,17 RFID authentication,24 password authentication18 )
and different cryptographic features. These authentication factors rely on cryptographic primitives to guarantee con-
fidentiality, integrity, and availability. In certificate-based authentication, the operator authenticates UAVs over public
T A B L E 6 Informal security analysis for UAV authentication schemes.
MEKDAD et al.
Work A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15
Yu et al.27 ✗ ✗ ✓ ✓ ✓ ✓ ✗ ✓ ✗ ✓ ✗ ✓ ✗ ✓ ✗
Lounis et al.28 ✓ ✗ ✓ ✗ ✗ ✗ ✓ ✓ ✗ ✓ ✗ ✗ ✓ ✗ ✗
Pu et al.29 ✗ ✗ ✓ ✗ ✗ ✓ ✓ ✗ ✗ ✓ ✓ ✓ ✗ ✗ ✗
Zhang et al.31 ✗ ✗ ✓ ✓ ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✓ ✗ ✓ ✗
Tanveer et al.33 ✗ ✓ ✓ ✗ ✗ ✓ ✓ ✓ ✗ ✓ ✗ ✗ ✓ ✓ ✗
Yahuza et al.26 ✗ ✓ ✗ ✗ ✓ ✓ ✓ ✗ ✓ ✓ ✗ ✓ ✗ ✗ ✗
Asghar Khan et al.12 ✗ ✗ ✗ ✗ ✓ ✓ ✓ ✗ ✗ ✓ ✗ ✗ ✓ ✗ ✗
Lei et al.17 ✓ ✓ ✗ ✗ ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✓ ✗
Jan et al.13 ✓ ✓ ✓ ✗ ✓ ✗ ✓ ✗ ✗ ✓ ✓ ✗ ✓ ✓ ✗
Gope et al.24 ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✓ ✗ ✗ ✗ ✓ ✗
Mall et al.21 ✗ ✗ ✓ ✗ ✓ ✓ ✗ ✓ ✗ ✗ ✗ ✓ ✗ ✗ ✗
18
Nikooghadam et al. ✗ ✗ ✓ ✗ ✓ ✓ ✓ ✗ ✓ ✓ ✗ ✓ ✗ ✗ ✗
16
Hussain et al. ✗ ✓ ✓ ✗ ✓ ✓ ✓ ✓ ✗ ✓ ✗ ✓ ✗ ✗ ✗
7
Chen et al. ✓ ✗ ✗ ✗ ✗ ✗ ✗ ✗ ✗ ✗ ✓ ✗ ✗ ✗ ✗
14
Pu et al. ✗ ✗ ✗ ✗ ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✗ ✓
Alladi et al.25 ✗ ✗ ✗ ✗ ✗ ✗ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✗ ✓
Kirsal Ever et al.19 ✗ ✗ ✓ ✗ ✗ ✓ ✗ ✓ ✗ ✓ ✓ ✗ ✗ ✗ ✗
Cho et al.15 ✗ ✗ ✗ ✗ ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✓ ✗ ✗ ✗
9
Ali et al. ✗ ✗ ✓ ✓ ✗ ✓ ✓ ✓ ✗ ✓ ✗ ✗ ✓ ✓ ✗
22
Khanh et al. ✗ ✓ ✗ ✗ ✓ ✗ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✗ ✗
8
Alladi et al. ✗ ✗ ✗ ✓ ✗ ✓ ✓ ✗ ✗ ✓ ✗ ✓ ✗ ✗ ✓
10
Srinivas et al. ✗ ✗ ✓ ✓ ✗ ✓ ✓ ✓ ✗ ✓ ✗ ✗ ✓ ✓ ✗
Wazid et al.11 ✗ ✓ ✓ ✗ ✓ ✓ ✗ ✓ ✗ ✗ ✓ ✗ ✗ ✗ ✗
Rodrigues et al.23 ✗ ✗ ✗ ✗ ✓ ✓ ✓ ✓ ✗ ✓ ✗ ✗ ✗ ✗ ✗
Note: ✓: Verified Security property. ✗: Non-verified security property. A1: Bruteforce attack. A2: Denial of Service attack. A3: Remote Drone capture attack. A4: Identity attack. A5: Insider attack. A6: Impersonation
attack. A7: Man-in-the-Middle attack. A8: Password guessing attack. A9: Session information attack. A10: Replay attack. A11: Spoofing attack. A12: Session key disclosure attack. A13: Secret key attack. A14:
Traceability attack. A15: Drone tampering attack.
15 of 24
T A B L E 7 Authentication factor and cryptographic features of UAV authentication schemes.
16 of 24
Work Entities Authentication type Authentication factor Cryptographic features

27
Yu et al. -Users -User-to-Device -PUF-based authentication -Fuzzy extractor
-Ground control station -Device-to-Device
-UAVs
Lounis et al.28 -UAVs -Device-to-Device -PUF-based authentication -The extended challenge-response pairs (eCRPs)
Pu et al.29 -UAVs -Device-to-Device -PUF-based authentication -Secure one-way hash function
-Zone service provider (ZSP) -Session key agreement protocol
30
Tian et al. -UAVs -Device-to-Device -PUF-based authentication -Challenge-response pair mechanism
-Ground control station -Hash functions
-Control server -Fuzzy extractor
Zhang et al.31 -UAVs -Device-to-Device -PUF-based authentication -Challenge-response pair mechanisms
-Ground control station -Session key agreement protocol
Tan et al.32 -UAVs -Device-to-Device -Pre-shared key authentication -Session key agreement protocol
-Ground control station -Password authentication -Hash functions
-Elliptic curve cryptography
Tanveer et al.33 -Users -User-to-Device -Password authentication -Elliptic curve cryptography
-UAVs -Device-to-Device -Biometric authentication -Fuzzy extractor
-Drone service provider
Yahuza et al.26 -Trusted authority center -Device-to-Device -Pre-shared key authentication -Elliptic curve cryptography
-Mobile edge computing device -Session key agreement protocol
-UAVs -Hash functions
-Ground control station
Asghar Khan et al.12 -UAVs -Device-to-Device -Digital certificates -Hyperelliptic curve cryptography
-Onboard unit -Hash functions
-Roadside unit -Certificates and signature mechanisms
Lei et al.17 -Ground control station -Device-to-Device -PUF-based authentication -Authentication based on the Chinese residual theorem
-Access point -Session key agreement protocol
-Sensors
MEKDAD et al.
13
Jan et al. -UAVs -User-to-Device -Pre-shared key authentication -Hash functions
MEKDAD et al.
-Ground control station -Device-to-Device -Password-based-key-derivation Function

-Trusted authority center -Certificates and signature mechanisms
-Users
Gope et al.24 -UAVs -Device-to-Device -RFID authentication -Challenge-response pair mechanism using PUFs
-Ground control station -Cryptographic fuzzy extractor and hash functions
-Session key agreement protocol
Mall et al.21 -Sensors -User-to-Device -PUF-based authentication -Challenge-response pair mechanism using PUFs
-UAVs -Device-to-Device -Session key agreement protocol
-Users
Nikooghadam et al.18 -Users -User-to-Device -Password authentication -Elliptic curve cryptography
-UAVs -Device-to-Device -Hash functions
16
Hussain et al. -Users -User-to-Device -Password authentication -Elliptic curve cryptography
-UAVs -Device-to-Device -Biometric authentication -Hash functions
Chen et al.7 -UAVs -User-to-Device -Digital certificates -Elliptic Curve Cryptography
-Ground control station -Device-to-Device -Hash functions
-Users -Certificates and signature mechanisms
-Trusted authority center -Session key agreement protocol
Pu et al.14 -Ground control station -Device-to-Device -PUF-based authentication -Challenge-response pair mechanism using PUFs
Alladi et al.25 -UAVs -Device-to-Device -PUF-based authentication -Challenge-response pair mechanism using PUFs
Kirsal Ever et al.19 -UAVs -Device-to-Device -Password authentication -Elliptic-curve cryptography
-Ground control station -Hash functions, certificates and signature mechanisms
-Cluster Heads -Session keys exchange through bilinear Diffie-Hellman
17 of 24
18 of 24
Cho et al.15 -UAVs -User-to-Device -Digital certificates -Hash functions

-Ground control station -Device-to-Device -Password authentication -Password-based-key-derivation Function
-Trusted Authority Center -Certificates and signature mechanisms
-Users -Session key agreement protocol
9
Ali et al. -Users -User-to-Device -Password authentication -Hash functions
-Mobile Device -Device-to-Device -Biometric authentication -Session key agreement protocol
-UAVs -Fuzzy biometric generator and reproduction functions
Khanh et al.22 -UAVs -Device-to-Device -User authentication -Authentication using a trust model
-Ground control station -Hash and bitwise XOR functions
8
Alladi et al. -UAVs -Device-to-Device -PUF-based authentication -Challenge-response pair mechanism using PUFs
Srinivas et al.10 -Users -User-to-Device -Password authentication -Cryptographic one-way hash function
-Mobile Device -Device-to-Device -Biometric authentication -Session key agreement protocol
-UAVs -Fuzzy biometric generator and reproduction functions
Wazid et al.11 -Users -User-to-Device -Password authentication -Hash and bitwise XOR functions.
-UAVs -Device-to-Device -Biometric authentication -Session key agreement protocol.
-Ground control station -User-biometric verification.
Tian et al.20 -Trusted Authority Center -Device-to-Device -Digital certificates -Certificates and signature mechanisms
-Mobile Edge Computing Device -Hash functions
-UAVs
Rodrigues et al.23 -UAVs -Device-to-Device -User authentication -Elliptic curve cryptography
-Ground control station -Password authentication -Hash and bitwise XOR functions
MEKDAD et al.
communication channels such as the Internet of Drones environment7 and UAV-enabled Intelligent Transportation
Systems environment.12 The certificate-based authentication relies on a trusted authority center that provides valid digital
certificates for legitimate UAVs participating in the flight mission. We note that certificate-based authentication models
involve signature mechanisms and hash functions in their cryptographic features to guarantee integrity and confiden-
tiality. In addition, certificate-based authentication utilizes session keys to guarantee availability and prevent Denial of
Service (DoS) attacks. For example, in a MEC environment, Tian et al.20 proposed a lightweight signature-based authenti-
cation scheme with digital certificates. The PUF-based authentication relies on using the physically unclonable functions
(PUFs) for authentication.48 It incorporates a challenge-response pair mechanism, where the GCS challenges the UAVs
and must provide a valid response. Recent works consider PUF-based authentication to leverage the identity of UAVs and
enable the uniqueness of the response.8,21,25 This approach achieves mutual authentication using a session key agreement
protocol and hash functions. The RFID authentication factor satisfies the anonymity property for the UAVs. It consists of
authenticating legitimate UAVs without revealing their identity. Gope et al.24 proposed a lightweight anonymous authen-
tication scheme for RFID-enabled UAV applications. The proposed approach utilizes cryptographic fuzzy extractors and
hash functions. Other studies rely on password authentication that requires UAVs to provide credentials. These credentials
define UAV-related information for authentication. Generally, this type of authentication factor is based on the elliptic
curve cryptography, given its lightweight and includes a trusted third party during the authentication process. In the Inter-
net of Drones environment, Srinivas et al.10 suggested a temporal credential-based anonymous lightweight authentication
scheme for UAVs, where a legitimate user can access real-time data of UAVs using his credentials. For the studies that
consider a User-to-Device authentication,9,16 the authors implemented a biometric and password authentication factor
that consists of verifying the legitimate identity of the users and UAVs participating in the flight mission, thus prevent-
ing impersonation and masquerade attacks. An example of such authentication factor with a key agreement scheme for
UAVs has been proposed by Wazid et al.11 The proposed approach uses hash functions and bitwise XOR operations.
6 CHALLENGES
According to the covered studies, we found that some recent works have adopted new lightweight authentication schemes
for UAVs.21,25,32 However, our performance analysis demonstrates that lightweight authentication approaches (e.g., ellip-
tic curve cryptography) might also suffer from high computation and communication costs. In fact, given the limited
capabilities of UAVs in both software and hardware, the adoption of lightweight cryptography for UAV authentication
might lead to excessive energy consumption. Moreover, it is challenging to assess the performance of authentication
schemes that are implemented over different platforms (e.g., hardware, simulation). Therefore, in order to obtain accu-
rate performance indicators, we remark that there is a need to implement authentication schemes in a common platform
using the same libraries. This could be explained due to the lack of a standardized UAVs testbed and the diversity of the
targeted environment. Note also that the standalone performance metrics are unlikely to provide an understanding on the
security of the UAV authentication scheme. For instance, two UAV authentication models might have a similar perfor-
mance level. However, their resilience against particular cyberattacks is different. Furthermore, it would be challenging
to provide deeper analysis and comparison between the covered authentication schemes due to the absence of numeri-
cal values regarding some performance metrics (e.g., energy consumption, storage overhead). In this case, an additional
implementation for each authentication scheme should be considered under the same conditions. Although the security
metrics are useful for assessing the robustness of UAV authentication schemes against various cyber attacks, they need
to concretely infer the performance of the authentication scheme in real-world scenarios. For instance, two UAV authen-
tication schemes might have the same security level. However, their communication or computation cost is significantly
different. In this case, a security-performance analysis should be considered to evaluate the authentication scheme.
7 LESSONS LEARNED
After conducting a comprehensive analysis of several UAV authentication mechanisms, in this section, we discuss the
lessons learned on the security and performance of UAV authentication protocols.
Communication cost. The number of bits exchanged by the selected UAV authentication schemes can vary between
a few hundred bits to just above five kilobytes, thus showing that the UAV authentication schemes are quite lightweight
in terms of communication costs. These results confirm that the majority of the UAV authentication schemes can easily
fit their messages into the frames of many wireless communication technologies. In addition, most UAV authentication
studies are suitable for Internet of Drones environments, consequently making strong authentication techniques neces-
sary. The communication overhead of authentication protocols is a key factor, especially when dealing with power-limited
devices; the number of messages exchanged between authentication parties should be kept as low as possible. In the
same context, the size of the messages should be as small as possible due to the restricted bandwidth of the wireless
communication protocols used.
Computation cost. Computation cost is the most widely reported performance metric among the selected studies,
where the execution times of the proposed authentication schemes vary between 2 and 20 ms. Since execution times
depend on the hardware, it is not fair to compare the computation costs of the proposed schemes based only on the
reported results. For this reason, we use formal expressions of execution times to compare the computation costs of the
authentication schemes. However, it is not always straightforward for comparison as some works can rely on custom
components (e.g., trust table in Reference 22) in the authentication scheme that can affect the computation cost. Never-
theless, our analysis shows that several studies rely on elliptic curve cryptography to reduce their computation costs. Low
computation costs should be considered while designing IoT authentication schemes, especially for power-constrained
and processing-limited IoT environments. This emphasizes the need to adopt lightweight cryptographic algorithms and
protocols while designing authentication solutions.
Storage overhead. Considering the storage resources used, we found that only a few studies reported their overheads.
Similar to the case in computation cost, the storage overhead of some studies cannot be numerically determined because
they rely on the value of other parameters. For example, the work proposed by Khanh et al.22 is a trust-based model
that relies on a trust table that contains a list of trusted UAVs with their corresponding trust value. Accordingly, the
storage overhead depends on the size of both the secret key and the trust table. We believe that storage overhead is an
important performance metric that future UAV authentication schemes should consider. Reducing the storage footprint
of an authentication scheme can play a crucial role for resource-constrained UAVs such as micro aerial vehicles.
Energy consumption. Although UAVs are generally considered resource-constrained devices, most of the authen-
tication studies in the literature did not analyze the energy overhead of their schemes. The energy overhead of a UAV
authentication scheme depends on the computation, communication, and storage overhead. We believe that the energy
consumption of a UAV authentication scheme can be imperative for small UAVs such as micro aerial vehicles. For this
reason, future UAV authentication schemes need to take this performance metric into account.
Network topology. During our investigation of different UAV authentication schemes, we found that most of the
approaches partially consider the network topology and evaluate the end-to-end delay, scalability, as well as throughput.
To that end, UAV authentication schemes should be scalable in the sense that it should manage a large number of nodes
as well as have the ability to add new nodes without any further setup or configuration.
Informal security analysis. The UAV authentication works in the literature consider several attacks in their infor-
mal security analysis. While no study promises to be robust against all of the attacks considered in this article, several
UAV authentication protocols are prone to at least 60% of the attacks. Moreover, the session information attack is the least
covered attack in the selected studies. We believe that future UAV authentication works need to consider as many attacks
as possible, including nearby attacks and remote attacks over the internet.
Formal security analysis. Several formal verification techniques are used to prove the security properties of UAV
authentication protocols. However, from the outcomes of our study, we found that the ROM and the Dolev Yao model are
the most frequently used models. This could be explained due to their simplicity. Formal security analysis is one of the
most important aspects that future UAV authentication works need to accommodate.
8 CO N C LU S I O N
With the integration of UAV-oriented applications into smart cities, developing secure, and robust authentication schemes
remains an ongoing research challenge. Although promising authentication mechanisms for UAVs were proposed in the
past few years, a comprehensive security and performance analysis should be considered to measure the efficiency and
robustness of existing authentication schemes. In our work, we analyzed the security and performance of 27 different
authentication protocols for UAVs by considering ten key metrics: the informal security analysis, the formal security
analysis, the communication cost, the computation cost, the storage overhead, and the energy consumption. Throughout
this article, we learned about UAV authentication strategies that require both security and performance. Our findings
showed that the majority of the UAV authentication schemes are quite lightweight in terms of their communication costs.
In addition, the computation cost is the most widely reported performance metric among the UAV authentication studies.
However, many UAV authentication studies do not consider the storage overhead or their scheme’s energy consumption,
which can negatively affect the performance of resource-constrained UAVs such as micro aerial vehicles. Finally, several
UAV authentication studies provide a formal or informal security analysis of their schemes. While ROM and Dolev Yao
model are the most widely employed formal models, for informal security analysis, the studies lack coverage of many
attacks that can target UAV systems.
ACKNOWLEDGMENTS
This work is partially supported by the US National Science Foundation (Awards: NSF-CAREER-CNS-1453647,
NSF-1663051, NSF-1718-116), partially supported by La Sapienza University of Rome within the Bando Ricerca 2020,
Protocol n. RM120172B4CC529E, and partially supported by the EU-NGEU, Protocol n. PE00000014. The views are those
of the authors only.
CONFLICT OF INTEREST STATEMENT

The authors declare that there are no conflicts of interest.
ORCID
Yassine Mekdad https://orcid.org/0000-0003-3860-8057
Abbas Acar https://orcid.org/0000-0002-4891-160X
REFERENCES
1. Elmokadem T, Savkin AV. Towards fully autonomous UAVs: a survey. Sensors. 2021;21(18):6223.
2. Mishra KN, Chakraborty C. A novel approach toward enhancing the quality of life in smart cities using clouds and IoT-based
technologies. In: Farsi M, Daneshkhah A, Hosseinian-Far A, Jahankhani H, eds. Digital Twin Technologies and Smart Cities. Springer;
2020:19-35.
3. Hassija V, Chamola V, Agrawal A, et al. Fast, reliable, and secure drone communication: a comprehensive survey. IEEE Commun Surv
Tutor. 2021;23(4):2802-2832.
4. Mekdad Y, Aris A, Babun L, et al. A survey on security and privacy issues of UAVs. Comput Netw. 2023;224:109626.
5. Mozaffari M, Saad W, Bennis M, Nam YH, Debbah M. A tutorial on UAVs for wireless networks: applications, challenges, and open
problems. IEEE Commun Surv Tutor. 2019;21(3):2334-2360.
6. Ozmen MO, Yavuz AA. Dronecrypt—an efficient cryptographic framework for small aerial drones. 2018 IEEE Military Communications
Conference. IEEE; 2018:1-6.
7. Chen CL, Deng YY, Weng W, Chen CH, Chiu YJ, Wu CM. A traceable and privacy-preserving authentication for UAV communication
control system. Electronics. 2020;9(1):62.
8. Alladi T, Naren, Bansal G, Chamola V, Guizani M. SecAuthUAV: a novel authentication scheme for UAV-ground station and UAV-UAV
communication. IEEE Trans Veh Technol. 2020;69(12):15068-15077.
9. Ali Z, Chaudhry SA, Ramzan MS, Al-Turjman F. Securing smart city surveillance: a lightweight authentication mechanism for unmanned
vehicles. IEEE Access. 2020;8:43711-43724.
10. Srinivas J, Das AK, Kumar N, Rodrigues JJ. TCALAS: temporal credential-based anonymous lightweight authentication scheme for
internet of drones environment. IEEE Trans Veh Technol. 2019;68(7):6903-6916.
11. Wazid M, Das AK, Kumar N, Vasilakos AV, Rodrigues JJ. Design and analysis of secure lightweight remote user authentication and key
agreement scheme in internet of drones deployment. IEEE Internet Things J. 2018;6(2):3572-3584.
12. Khan MA, Ullah I, Alkhalifah A, et al. A provable and privacy-preserving authentication scheme for UAV-enabled intelligent transporta-
tion systems. IEEE Trans Industr Inform. 2021;18(5):3416-3425.
13. Jan SU, Qayum F, Khan HU. Design and analysis of lightweight authentication protocol for securing IoD. IEEE Access.
2021;9:69287-69306.
14. Pu C, Li Y. Lightweight authentication protocol for unmanned aerial vehicles using physical unclonable function and chaotic system.
2020 IEEE International Symposium on Local and Metropolitan Area Networks. IEEE; 2020:1-6.
15. Cho G, Cho J, Hyun S, Kim H. SENTINEL: a secure and efficient authentication framework for unmanned aerial vehicles. Appl Sci.
2020;10(9):3149.
16. Hussain S, Chaudhry SA, Alomari OA, Alsharif MH, Khan MK, Kumar N. Amassing the security: an ECC-based authentication scheme
for internet of drones. IEEE Syst J. 2021;15(3):4431-4438.
17. Lei Y, Zeng L, Li YX, Wang MX, Qin H. A lightweight authentication protocol for UAV networks based on security and computational
resource optimization. IEEE Access. 2021;9:53769-53785.
18. Nikooghadam M, Amintoosi H, Islam SH, Moghadam MF. A provably secure and lightweight authentication scheme for internet of drones
for smart city surveillance. J Syst Archit. 2021;115:101955.
19. Ever YK. A secure authentication scheme framework for mobile-sinks used in the internet of drones applications. Comput Commun.
2020;155:143-149.
20. Tian Y, Yuan J, Song H. Efficient privacy-preserving authentication framework for edge-assisted internet of drones. J Inf Secur Appl.
2019;48:102354.
21. Mall P, Amin R, Obaidat MS, Hsiao KF. CoMSeC++: PUF-based secured light-weight mutual authentication protocol for drone-enabled
WSN. Comput Netw. 2021;199:108476.
22. Khanh TD, Komarov I, Don LD, Iureva R, Chuprov S. TRA: effective authentication mechanism for swarms of unmanned aerial vehicles.
2020 IEEE Symposium Series on Computational Intelligence. IEEE; 2020:1852-1858.
23. Rodrigues M, Amaro J, Osório FS, Kalinka B. Authentication methods for UAV communication. 2019 IEEE Symposium on Computers and
Communications. IEEE; 2019:1210-1215.
24. Gope P, Millwood O, Saxena N. A provably secure authentication scheme for RFID-enabled UAV applications. Comput Commun.
2021;166:19-25.
25. Alladi T, Chamola V, Naren, Kumar N. PARTH: a two-stage lightweight mutual authentication protocol for UAV surveillance networks.
Comput Commun. 2020;160:81-90.
26. Yahuza M, Idris MYI, Wahab AWA, Nandy T, Ahmedy IB, Ramli R. An edge assisted secure lightweight authentication technique for safe
communication on the internet of drones network. IEEE Access. 2021;9:31420-31440.
27. Yu S, Das AK, Park Y, Lorenz P. SLAP-IoD: secure and lightweight authentication protocol using physical unclonable functions for internet
of drones in smart city environments. IEEE Trans Veh Technol. 2022;71(10):10374-10388.
28. Lounis K, Ding SH, Zulkernine M. D2D-MAP: a drone to drone authentication protocol using physical unclonable functions. IEEE Trans
Veh Technol. 2022;72:5079-5093.
29. Pu C, Wall A, Choo KKR, Ahmed I, Lim S. A lightweight and privacy-preserving mutual authentication and key agreement protocol for
internet of drones environment. IEEE Internet Things J. 2022;9(12):9918-9933.
30. Tian C, Jiang Q, Li T, Zhang J, Xi N, Ma J. Reliable PUF-based mutual authentication protocol for UAVs towards multi-domain
environment. Comput Netw. 2022;218:109421.
31. Zhang L, Xu J, Obaidat MS, Li X, Vijayakumar P. A PUF-based lightweight authentication and key agreement protocol for smart UAV
networks. IET Commun. 2022;16(10):1142-1159.
32. Tan Y, Wang J, Liu J, Kato N. Blockchain-assisted distributed and lightweight authentication service for industrial unmanned aerial
vehicles. IEEE Internet Things J. 2022;9(18):16928-16940.
33. Tanveer M, Alkhayyat A, Naushad A, Khan AU, Kumar N, Alharbi AG. RUAM-IoD: a robust user authentication mechanism for the
internet of drones. IEEE Access. 2022;10:19836-19851.
34. Wang H, Zhao H, Zhang J, Ma D, Li J, Wei J. Survey on unmanned aerial vehicle networks: a cyber physical system perspective. IEEE
Commun Surv Tutor. 2019;22(2):1027-1070.
35. Sharma A, Vanjani P, Paliwal N, et al. Communication and networking technologies for UAVs: a survey. J Netw Comput Appl.
2020;168:102739.
36. Koubaa A, Allouch A, Alajlan M, Javed Y, Belghith A, Khalgui M. Micro air vehicle link (MAVlink) in a nutshell: a survey. IEEE Access.
2019;7:87658-87680.
37. Kriz V, Gabrlik P. Uranuslink-communication protocol for UAV with small overhead and encryption ability. IFAC-Pap. 2015;48(4):
474-479.
38. Bekmezci I, Sahingoz OK, Temel Ş. Flying ad-hoc networks (FANETs): a survey. Ad Hoc Netw. 2013;11(3):1254-1270.
39. Noor F, Khan MA, Al-Zahrani A, Ullah I, Al-Dhlan KA. A review on communications perspective of flying ad-hoc networks: key enabling
wireless technologies, applications, challenges and open research topics. Drones. 2020;4(4):65.
40. Khan NA, Jhanjhi NZ, Brohi SN, Nayyar A. Emerging Use of UAV’s: Secure Communication Protocol Issues and Challenges. Elsevier;
2020:37-55.
41. Yahuza M, Idris MYI, Ahmedy IB, et al. Internet of drones security and privacy issues: taxonomy and open challenges. IEEE Access.
2021;9:57243-57270.
42. Turkanovic M, Brumen B, Holbl M. A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor
networks, based on the internet of things notion. Ad Hoc Netw. 2014;20:96-112.
43. Challa S, Wazid M, Das AK, et al. Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access.
2017;5:3028-3043.
44. Ouafi K, Phan RCW. Traceable privacy of recent provably-secure RFID protocols. In: Bellovin SM, Gennaro R, Keromytis A, Yung M, eds.
Applied Cryptography and Network Security. Springer; 2008:479-489.
45. Dolev D, Yao A. On the security of public key protocols. IEEE Trans Inf Theory. 1983;29(2):198-208.
46. Canetti R, Krawczyk H. Universally composable notions of key exchange and secure channels. In: Knudsen LR, ed. Advances in
Cryptology—EUROCRYPT 2002. Springer; 2002:337-351.
47. Mao W, Boyd C. Towards formal analysis of security protocols. Proceedings Computer Security Foundations Workshop VI. IEEE;
1993:147-158.
48. Dey K, Kule M, Rahaman H. PUF based hardware security: a review. 2021 International Symposium on Devices, Circuits and Systems. IEEE;
2021:1-6.
AU THOR BIOGRAPHIES
Yassine Mekdad received his Ph.D. degree from Moulay Ismail University of Meknes, Morocco,
in 2022 and his Master’s degree in Cryptography and Information Security from Mohammed V
University of Rabat, Morocco, in 2016. He has been awarded with a fellowship by Fondazione
Ing. Aldo Gini and holds a guest researcher position with the SPRITZ research group at the Uni-
versity of Padua, Italy. He has also been awarded a Fulbright fellowship. Currently, he works as
a cybersecurity researcher at the Cyber-Physical Systems Security Lab (CSL) at Florida Interna-
tional University, Miami, FL, USA. His research interest principally covers security problems in
cyber-physical systems (CPS). In particular, the security and privacy topics in the Internet of Things (IoT), Industrial
Internet-of-Things (IIoT), and Cyber-physical systems (CPS). Furthermore, he works on the security of critical infras-
tructure networks (e.g., SCADA systems, smart-grid). He is also working on research problems at the intersection of
the cybersecurity and networking fields with an emphasis on their practical and applied aspects. He is a member of
the ACM, IEEE Cybersecurity Community, and IEEE Young Professionals.
Ahmet Aris Visiting Research Assistant Professor in the Department of Electrical and Computer
Engineering at Florida International University. He is conducting research in Cyber-Physical Sys-
tems Security Lab (CSL) at Florida International University under the supervision of Dr Selcuk
Uluagac. He earned both Ph.D. and MSc. in Computer Engineering from the Graduate School of
Science, Engineering and Technology at Istanbul Technical University, Turkey. He also worked
as a Research and Teaching Assistant at the Faculty of Computer and Informatics Engineering
for 3.5 years and worked at Medianova CDN R&D Center for 1 year (August 2018–September
2019) as an R&D Analyst. In addition, he conducted research in the Networked Embedded Systems (NES) Group at
Computer Systems Lab at the Swedish Institute of Computer Science (SICS) for 3 months as a visiting researcher in
2017. His research interests include but are not limited to IoT Security, Network Security, Web Security, Adversarial
Machine Learning, and Malware.
Abbas Acar is a Postdoctoral Associate at the Cyber-Physical Systems Security Lab (CSL) at
Florida International University, USA. He received his M.Sc. and Ph.D. degrees from Florida
International University, and his B.Sc. in Electrical and Electronics Engineering from Middle East
Technical University, Turkey. His research interests include privacy-aware technologies, alterna-
tive authentication methods, and security/privacy issues related to the Internet of Things (IoT).
More information can be found at https://web.eng.fiu.edu/aacar/.
Mauro Conti Full Professor at the University of Padua, Italy. He is also affiliated with TU Delft
and University of Washington, Seattle. He obtained his Ph.D. from Sapienza University of Rome,
Italy, in 2009. After his Ph.D., he was a Post-Doc Researcher at Vrije Universiteit Amsterdam, The
Netherlands In 2011 he joined as Assistant Professor at the University of Padua, where he became
Associate Professor in 2015 and Full Professor in 2018. He has been Visiting Researcher at GMU,
UCLA, UCI, TU Darmstadt, UF, and FIU. He has been awarded with a Marie Curie Fellowship
(2012) by the European Commission, and with a Fellowship by the German DAAD (2013). His
research is also funded by companies, including Cisco, Intel, and Huawei. His main research interest is in the area
of Security and Privacy. In this area, he published more than 350 papers in the topmost international peer-reviewed
journals and conferences. He is Area Editor-in-Chief for IEEE Communications Surveys & Tutorials, and Associate
Editor for several journals, including IEEE Communications Surveys & Tutorials, IEEE Transactions on Dependable
and Secure Computing, IEEE Transactions on Information Forensics and Security, and IEEE Transactions on Network
and Service Management. He was Program Chair for TRUST 2015, ICISS 2016, WiSec 2017, ACNS 2020, and General
Chair for SecureComm 2012, SACMAT 2013, CANS 2021, and ACNS 2022. He is a Senior Member of the IEEE and
ACM. He is a member of the Blockchain Expert Panel of the Italian Government. He is a Fellow of the Young Academy
of Europe.
Riccardo Lazzeretti received the Computer Science Engineering degree (cum laude) and the
Ph.D. degree from the University of Siena, Italy, in 2007 and 2012, respectively. From Novem-
ber 2009 to May 2010, he was with Philips Lab, Eindhoven, The Netherlands From 2012 to 2015,
he continued his research with the University of Siena, and from 2016 to March 2017 with the
University of Padua, Italy. Since 2017, he has been an Assistant Professor with the Department
of Computer, Control, and Management Engineering, Sapienza University of Rome, Italy. His
research activity mainly focuses on security and privacy. He is an elected member of IEEE Infor-
mation Forensics and Security Technical Committee, and an Associate Editor of the Journal of Information Security
and Applications (Elsevier).
Abdeslam El Fergougui received the Ph.D. degree in Computer Science from Mohammed V
University in Rabat Morocco. He is currently a professor in the department of Computer science,
Faculty of sciences Meknes, Moulay Ismail University. His current research interests include
Network, Sensor Network, cryptography, security. Furthermore, he assured several advanced
training workshops in its field of action. He also assured several training courses in several Moroc-
can and international universities. He has managed several national and international projects.
He is an active member of AUF (University Agency of Francophonie) where he provides training
at the international level. As a researcher, he is a member of the reading committee of several journals and conferences
in his field.
Selcuk Uluagac is an Eminent Scholar Chaired Professor and the director of Cyber-Physical Sys-
tems Security Lab in the School of Computing and Information Sciences at Florida International
University (FIU), Miami, Florida, USA. Before FIU, he was a Senior Research Engineer at Geor-
gia Institute of Technology and at Symantec. He holds a M.S. and Ph.D. from Georgia Tech and an
M.S. from Carnegie Mellon University. He is expert on security and privacy topics with hundreds
of scientific/creative works in practical and applied aspects of these areas. He received US NSF
CAREER Award (2015), US Air Force Office of Sponsored Research’s Summer Faculty Fellow-
ship (2015), and University of Padova’s (Italy) Summer Faculty Fellowship (2016). His research in cybersecurity has
been funded by numerous government agencies and industry. He has served on the program committees of top-tier
security conferences such as ACM CCS, IEEE Security & Privacy (“Oakland”), NDSS, Usenix Security, inter alia. He
was the General Chair of ACM Conference on Security and Privacy in Wireless and Mobile Networks (ACM WiSec)
in 2019. Currently, he serves on the editorial boards of IEEE Transactions on Information Forensics and Security as
Deputy Editor-in-Chief, and IEEE Transactions on Mobile Computing and Elsevier Computer Networks Journal as
associate editor. More information can be obtained from http://nweb.eng.fiu.edu/selcuk/.
How to cite this article: Mekdad Y, Aris A, Acar A, et al. A comprehensive security and performance
assessment of UAV authentication schemes. Security and Privacy. 2024;7(1):e338. doi: 10.1002/spy2.338

Security and Privacy - 2023 - Mekdad - A Comprehensive Security and Performance Assessment of UAV Authentication Schemes

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security and Privacy - 2023 - Mekdad - A Comprehensive Security and Performance Assessment of UAV Authentication Schemes

Uploaded by

Copyright:

Available Formats

Received: 28 March 2023 Accepted: 24 July 2023

A comprehensive security and performance assessment of

Yassine Mekdad1 Ahmet Aris1 Abbas Acar1 Mauro Conti2

Contributions. The main contributions of our work are summarized as follows:

T A B L E 1 The analyzed UAV authentication studies.

Yu et al.27 2022 Smart city environment

2 UAV AU T H E N T ICAT ION

2.1 UAV communication

2.2 UAV authentication methods

FIGURE 1 Representation of malicious and benign GCS-2-UAV communication.

Security Metrics Performance Metrics

Communication Cost Energy Consumption

Computation Cost Experimental Method

Informal Security Analysis Authentication Factor

3.2 Performance metrics

3.3 Security metrics

4.1 Communication cost

4.2 Storage overhead and computation cost

T A B L E 2 Communication cost for UAV authentication schemes.

Yu et al.27 Smart city environment 2048 bits N/A

T A B L E 3 Storage overhead and computation cost for UAV authentication schemes.

Yu et al.27 N/A Challenge-response authentication TFE + 8TH 5.32 ms

4.3 Energy consumption and experimental method

T A B L E 4 Energy consumption for UAV authentication schemes.

4.4 Network topology

5 S EC U RIT Y ANALY SIS

5.1 Formal security analysis

5.2 Informal security analysis

Work Formal model Considered features Proved security properties

5.3 Authentication factor and cryptographic features

• UAVs: Consist of authenticated drones participating in the flight mission.

Work A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 A11 A12 A13 A14 A15

Work Entities Authentication type Authentication factor Cryptographic features

-Ground control station -Device-to-Device -Password-based-key-derivation Function

Cho et al.15 -UAVs -User-to-Device -Digital certificates -Hash functions

CONFLICT OF INTEREST STATEMENT

You might also like