BAKAS-UAV: A Secure Blockchain-Assisted Authentication and Key Agreement Scheme for Unmanned Aerial Vehicles Networks

Unmanned aerial vehicles (UAVs, also known as Drones) have been widely employed in military defense and civilian service. However, as UAVs communicate over insecure open wireless channels, the security challenges and privacy concerns are becoming increasingly prominent. Moreover, some existing schemes to achieve authentication and key agreement (AKA) among UAVs are spliced with the assistance of two UAV-2-GCS mechanisms, which are not flexible enough to be applied in the Internet of Drones (IoD) scenarios. This article proposes a blockchain-assisted AKA scheme for UAVs networks (BAKAS-UAV) referred to as BAKAS-UAV, which addresses security and privacy concerns and overcomes high computational and communication costs in the IoD. A blockchain-based network model is presented in which the ground station acts as an edge node and manages the blockchain, which assists AKA. Based on the network model, both types of AKA mechanisms, UAV-2-GCS and UAV-2-UAV, are proposed, respectively. In particular, the ground control station (GCS) does not participate in the AKA of UAV-2-UAV process; only upon the process is completed the two UAVs synchronize the updated information with GCS. We also implement a smart contract as the authentication service, and the experimental implementation demonstrates the availability of our scheme in IoD. Physical unclonable functions (PUFs) is introduced on the UAVs side to defend against physical capture attacks and also to implement AKA mechanisms. The semantic security is proved formally based on the real-or-random (ROR) model, and the informal analysis shows that the scheme satisfies the demanded security requirements. The scheme's performance is evaluated by simulating the UAVs and GCS settings with Raspberry Pi 4B and MacOS platforms, respectively, with implementation of several cryptographic primitives. The experimental results show that BAKAS-UAV achieves high efficiency.