In recent years, the rapid advancement of drone technology has revolutionized various sectors, including logistics, environmental monitoring, and low-altitude transportation. Unmanned Aerial Vehicles (UAVs), or drones, offer unparalleled flexibility and rapid deployment capabilities, enabling complex collaborative tasks when integrated with ground infrastructure. However, traditional cloud-centric architectures face significant challenges due to latency issues, as data transmission to remote servers introduces delays that hinder real-time applications. To address this, cloud-edge collaborative networks have emerged, where computational tasks are offloaded from the cloud Network Control Center (NCC) to edge-based Ground Stations (GS), reducing latency and enhancing efficiency. Despite these benefits, the limited coverage of GS nodes necessitates frequent handovers for mobile UAVs, making efficient and secure handover authentication a critical requirement. Existing authentication protocols often suffer from inefficiencies and lack physical security attributes, leaving UAV networks vulnerable to attacks such as physical capture and machine learning (ML) assaults. In this paper, we propose a novel handover authentication protocol leveraging Physical Unclonable Functions (PUF) to achieve lightweight and secure authentication in cloud-edge collaborative UAV networks. Our approach incorporates an anonymous response segmentation method and a dynamic challenge-response pair (CRP) synchronization mechanism based on the Chinese Remainder Theorem (CRT), enhancing resistance against ML attacks while improving efficiency and stability. Through comprehensive security analysis and performance evaluations, we demonstrate that our protocol outperforms existing methods by reducing computational overhead at GS by over 9.1% and overall communication costs by over 13.8%, all while providing robust security properties essential for modern drone technology.
The integration of Unmanned Aerial Vehicle systems into cloud-edge architectures presents unique challenges, particularly in maintaining seamless communication during handovers. As UAVs move across different GS coverage areas, the authentication process must be both efficient and secure to prevent disruptions and attacks. Traditional cryptographic primitives often fall short in addressing physical security threats, such as device capture, which can compromise entire networks. Moreover, the resource-constrained nature of UAVs demands lightweight solutions that minimize computational and communication overhead. Our work focuses on addressing these gaps by utilizing PUF, a hardware-based security primitive that generates unique, unpredictable responses based on physical characteristics. This not only enhances resistance against physical attacks but also reduces reliance on complex cryptographic operations. Additionally, we introduce a CRT-based mechanism for synchronizing dynamic CRPs across multiple GS nodes, enabling pre-negotiation of non-real-time data and improving handover efficiency. By leveraging these innovations, our protocol ensures reliable authentication while adapting to the dynamic demands of drone technology in cloud-edge environments.
In the following sections, we delve into the details of our proposed protocol, starting with an overview of related work and the limitations of existing approaches. We then present our system model and threat assumptions, followed by a step-by-step description of the authentication phases. Security analysis using both formal and informal methods validates the robustness of our protocol, while performance evaluations highlight its advantages in terms of computational and communication overhead. Throughout this paper, we emphasize the importance of drone technology and Unmanned Aerial Vehicle systems in modern applications, underscoring the need for efficient and secure authentication mechanisms to support their widespread adoption.
Related Work
The development of secure handover authentication protocols for UAV networks has been a focal point in recent research, driven by the growing reliance on drone technology for critical applications. Existing protocols can be broadly categorized into those based on traditional cryptographic primitives and those incorporating PUF for enhanced physical security. However, many of these approaches exhibit limitations in efficiency, security, or scalability when applied to cloud-edge collaborative environments.
Traditional cryptographic schemes, such as those employing elliptic curve cryptography or symmetric encryption, often prioritize basic authentication needs but overlook physical security. For instance, some protocols use elliptic curve operations to achieve authentication between UAVs and GS, but they involve multiple communication rounds, increasing latency and overhead. Others rely on AES-RSA hybrid encryption, which introduces significant computational costs due to the use of RSA algorithms. While lightweight symmetric-based protocols have been proposed for 5G heterogeneous networks, they depend heavily on key secrecy and involve redundant interactions, reducing overall efficiency. A common issue among these methods is the lack of resilience against physical capture attacks, where an adversary can compromise UAV or GS nodes to extract stored credentials. This vulnerability is particularly concerning in open environments where Unmanned Aerial Vehicle systems operate, as devices are often exposed to physical tampering.
To address physical security concerns, PUF-based authentication protocols have gained attention. PUF leverages the inherent uniqueness of hardware components to generate device-specific responses, making it difficult for attackers to clone or predict credentials. Early PUF schemes relied on pre-storing large sets of CRPs at GS, leading to high storage overhead and vulnerability to ML attacks, where adversaries collect sufficient CRP samples to model the PUF behavior. Subsequent improvements introduced dynamic CRP update mechanisms, where only a single or few initial CRPs are stored, and others are generated on-the-fly. This reduces storage costs but often fails in multi-GS scenarios due to synchronization issues. For example, some protocols use blockchain to manage CRPs, but the low throughput of consensus mechanisms can hinder real-time authentication. Moreover, many PUF-based approaches lack anonymity and unlinkability, allowing attackers to correlate transactions and compromise user privacy.
In multi-GS environments, the lack of synchronization mechanisms exacerbates these problems, as CRP updates may not propagate consistently across nodes, leading to authentication failures during handovers. Recent efforts have explored the use of CRT to address synchronization in mobile IoT networks, such as in satellite-terrestrial integrated systems. However, these schemes often involve plaintext transmission of handover keys or lack physical security, making them susceptible to key leakage and physical attacks. Additionally, defense mechanisms against ML attacks, such as information hiding or segmentation strategies, have been proposed. These include using geometric threshold secret sharing or multi-level CRP generation to obscure original responses, but they often assume secure initial communication or incur high communication overhead, limiting their applicability in resource-constrained UAV networks.
Our protocol builds upon these insights by combining PUF with CRT-based synchronization and anonymous response segmentation. This not only enhances physical security but also ensures efficient handovers across multiple GS nodes, addressing the gaps in existing approaches. The following sections detail our contributions in the context of advancing drone technology and Unmanned Aerial Vehicle security.
System Model and Threat Assumptions
In our cloud-edge collaborative UAV network, the system comprises three main entities: the Network Control Center (NCC), Ground Stations (GS), and Unmanned Aerial Vehicles (UAVs). The NCC, deployed in the cloud, is a trusted entity with substantial computational and storage resources. It oversees network management, parameter generation, and registration of UAVs and GS. The GS, serving as edge nodes, have moderate capabilities and provide real-time authentication services to UAVs within their coverage. However, GS are semi-trusted and vulnerable to physical capture due to their deployment in open areas. UAVs, as resource-constrained devices, have limited processing power and storage, requiring lightweight authentication mechanisms. They communicate with GS for initial and handover authentication, relying on PUF for hardware-based security.
The handover authentication process is divided into two phases: pre-handover and handover authentication. The pre-handover phase handles non-real-time data negotiation, triggered when signal parameters (e.g., strength) fall below a pre-handover threshold. UAVs send trajectory and task information to the NCC via the current GS, and the NCC predicts future UAV positions to select potential target GS. Using CRT, the NCC computes dynamic CRP fragments for synchronization. The handover phase involves real-time authentication between the UAV and target GS, where they exchange authenticated messages and establish a session key for secure communication.
We adopt the Dolev-Yao threat model, assuming that attackers can eavesdrop, intercept, modify, or delete messages over public channels. The NCC is fully trusted and inaccessible to attackers, but UAVs and GS are susceptible to physical capture. Attackers cannot alter hardware but may extract stored data. Additionally, attackers may launch ML attacks by collecting CRP data from multiple nodes. Our protocol aims to mitigate these threats through PUF-based security and anonymous mechanisms, ensuring robust authentication for Unmanned Aerial Vehicle operations in dynamic environments.
Proposed Authentication Protocol
Our protocol consists of five phases: system initialization, registration, initial authentication, pre-handover authentication, and handover authentication. Below, we describe each phase in detail, emphasizing the use of PUF and CRT to enhance security and efficiency in drone technology applications.
System Initialization
In this phase, the NCC selects system parameters, including a generator $P$ of a prime order $q$ elliptic curve, a one-way hash function $H(\cdot)$, a large prime $p$, its identity $ID_{ncc}$, and a master key $K_s$. The NCC computes a pre-shared key $k = H(ID_{ncc} \| K_s)$ and publishes public parameters $\{ID_{ncc}, P, H(\cdot), p\}$. This setup ensures a foundational security layer for subsequent operations involving Unmanned Aerial Vehicles and GS.
Registration Phase
During registration, GS and UAVs are enrolled into the network. For GS registration, the NCC generates a unique identity $ID_{g_i}$ and a large prime $pr_{g_i}$ for each GS, sending $\{ID_{g_i}, pr_{g_i}, k\}$ via a secure channel. The GS computes its public key $PU_{g_i} = pr_{g_i} P$ and uses a PUF challenge $C_{g_i}$ to derive the response $R_{g_i} = f_{PUF}(C_{g_i})$. The private key is then hidden as $PR_{g_i} = pr_{g_i} \oplus R_{g_i}$, stored locally with $C_{g_i}$.
For UAV registration, the NCC sends an initial challenge $C^1_{u_i}$ and identity $ID_{u_i}$ to the UAV. The UAV computes the PUF response $R^1_{u_i} = f_{PUF}(C^1_{u_i})$ and a pseudonym $PID_{u_i}$ based on a secret value $Q_{u_i}$. If biometrics are supported, a fuzzy extractor generates $\sigma_{u_i}$ and helper value $\tau_{u_i}$; otherwise, a password-based approach is used. The NCC then employs an anonymous response segmentation method, generating random $n_0$ and computing response fragments $R^1_{u_i,1}$ and $R^1_{u_i,2}$ using additive congruence:
$$R^1_{u_i,1} = R^1_{u_i} \oplus n_0, \quad R^1_{u_i,2} = n_0$$
The NCC also computes a temporary identity $TID_{u_i} = H(ID_{u_i} \| k)$ and distributes $\{R^1_{u_i,1}\}$ to the UAV and $\{TID_{u_i}, C^1_{u_i}, R^1_{u_i,2}\}$ to all GS in the domain. This segmentation ensures that original CRPs are never stored explicitly, enhancing resistance against ML attacks in Unmanned Aerial Vehicle systems.
Initial Authentication
When a UAV enters a GS coverage area, it performs initial authentication. The UAV recovers a secret value $\sigma^*_{u_i}$ using its pseudonym $PID_{u_i}$ and input (e.g., biometrics or password), then computes $Q^*_{u_i}$ and verifies $H(Q^*_{u_i}) = \omega_{u_i}$. If valid, it reveals $ID_{u_i} = PID_{u_i} \oplus Q^*_{u_i}$, generates random $v_{u_i}$ and timestamp $t_1$, and computes messages $M_1$ and $M_2$:
$$M_1 = E_{PU_{g_i}}(ID_{u_i} \| R^1_{u_i,1} \| v_{u_i}), \quad M_2 = H(ID_{u_i} \| R^1_{u_i,1} \| v_{u_i} \| t_1)$$
The UAV sends $\{M_1, M_2, V_{u_i}, t_1\}$ to the GS, where $V_{u_i} = v_{u_i} P$. The GS verifies $t_1$, recovers its private key $pr_{g_i}$ using PUF, and decrypts $M_1$ to obtain $ID^*_{u_i}$ and $R^{1*}_{u_i,1}$. It checks $M^*_2 = M_2$ and, if valid, generates random $n_1$ and $t_2$, computes $TID_{u_i}$, and retrieves $\{C^1_{u_i}, R^1_{u_i,2}\}$ from its database. The GS reconstructs the secret parameter $K_{u_i} = R^{1*}_{u_i,1} \oplus R^1_{u_i,2}$ and computes messages $M_3$ and $M_4$:
$$M_3 = E_{K_{u_i}}(n_1 \| C^1_{u_i}), \quad M_4 = H(K_{u_i} \| n_1 \| t_2)$$
After sending $\{M_3, M_4, C^1_{u_i}, t_2\}$, the UAV verifies $t_2$, computes $R^1_{u_i} = f_{PUF}(C^1_{u_i})$, and derives $K^*_{u_i} = R^1_{u_i} \oplus n_0$. It then recovers $n^*_1$ and checks $M^*_4 = M_4$. Upon success, the UAV updates the challenge to $C^2_{u_i}$, generates randoms $n_2, n_3, t_3$, and computes new response $R^2_{u_i} = f_{PUF}(C^2_{u_i})$ and fragments $R^2_{u_i,1} = R^2_{u_i} \oplus n_2$, $R^2_{u_i,2} = n_2$. Messages $M_5, M_6, M_7$ are computed, and the session key $SK_{u_i-g_i} = H(ID_{u_i} \| K^*_{u_i} \| n_3)$ is established. The GS similarly verifies and computes $SK_{g_i-u_i}$, completing initial authentication. This process highlights the efficiency of our approach in leveraging PUF for secure Unmanned Aerial Vehicle interactions.
Pre-Handover Authentication
In this phase, non-real-time data is negotiated to prepare for handovers. The UAV sends a pre-handover request to the current GS, encrypted with the session key, containing $\{ID_{u_i}, R^2_{u_i,1}, \text{info}\}$, where info includes trajectory and task details. The GS forwards $\{ID_{u_i}, R^2_{u_i,1}, \text{info}, TID_{u_i}, C^2_{u_i}, R^2_{u_i,2}\}$ to the NCC using the pre-shared key $k$. The NCC decrypts the message, predicts UAV positions, and selects $m$ target GS based on coverage and load. Using CRT, the NCC computes a synchronization parameter $S_{u_i}$ for the UAV and target GS. Specifically, for each target GS with prime $pr_{g_j}$, the NCC solves the system of congruences:
$$S_{u_i} \equiv ID_{g_j} \pmod{pr_{g_j}}, \quad S_{u_i} \equiv ID_{u_i} \pmod{pr_{g_j}}, \quad S_{u_i} \equiv R^2_{u_i,1} \pmod{pr_{g_j}}$$
for all $j$ in the target set. The NCC sends $\{TID_{u_i}, C^2_{u_i}, R^2_{u_i,2}\}$ to the target GS and $\{S_{u_i}\}$ to the UAV via the GS. This CRT-based batch synchronization ensures that dynamic CRP fragments are pre-distributed, facilitating efficient real-time handovers in drone technology networks.
Handover Authentication
When a UAV triggers a handover, it sends $S_{u_i}$ to the target GS. The GS uses its private key $pr_{g_j}$ (recovered via PUF) to decrypt $S_{u_i}$ and obtain $\{ID^*_{g_j}, ID^*_{u_i}, R^{2*}_{u_i,1}\}$. It verifies $ID^*_{g_j} = ID_{g_j}$ to prevent DoS attacks, then generates random $n_4$ and $t_4$, computes $TID^*_{u_i}$, and retrieves $\{C^2_{u_i}, R^2_{u_i,2}\}$. The GS reconstructs $K_{u_i} = R^{2*}_{u_i,1} \oplus R^2_{u_i,2}$ and computes messages $M_8$ and $M_9$:
$$M_8 = E_{K_{u_i}}(n_4 \| C^2_{u_i}), \quad M_9 = H(K_{u_i} \| n_4 \| t_4)$$
After sending $\{M_8, M_9, C^2_{u_i}, t_4\}$, the UAV verifies $t_4$, computes $R^2_{u_i} = f_{PUF}(C^2_{u_i})$, and derives $K^*_{u_i} = R^2_{u_i} \oplus n_2$. It recovers $n^*_4$ and checks $M^*_9 = M_9$. If valid, the UAV updates to $C^3_{u_i}$, generates $n_5, n_6, t_5$, and computes new fragments $R^3_{u_i,1} = R^3_{u_i} \oplus n_5$, $R^3_{u_i,2} = n_5$, where $R^3_{u_i} = f_{PUF}(C^3_{u_i})$. Messages $M_{10}, M_{11}, M_{12}$ are computed, and the session key $SK_{u_i-g_j} = H(ID_{u_i} \| K^*_{u_i} \| n_6)$ is established. The GS verifies $M^*_{12} = M_{12}$ to complete authentication. This phase demonstrates how our protocol achieves efficient handovers while maintaining security through PUF and CRT, critical for advancing Unmanned Aerial Vehicle capabilities.
Security Analysis
We conducted both informal and formal security analyses to evaluate the robustness of our protocol against various attacks. The results confirm that our approach provides comprehensive security properties essential for drone technology environments.
Informal Security Analysis
Our protocol ensures mutual authentication, as both UAV and GS verify each other’s identities through challenge-response mechanisms and hash-based checks. Anonymity and unlinkability are achieved through layered identity hiding, where real identities are replaced with pseudonyms and encrypted identifiers, preventing attackers from correlating transactions. Perfect forward secrecy is maintained because session keys incorporate ephemeral random values, ensuring that compromise of long-term secrets does not affect past or future sessions. Against impersonation attacks, adversaries cannot forge messages without access to PUF-protected secrets, such as $K_{u_i}$ or private keys. Middle-person attacks are thwarted as attackers cannot synthesize valid encrypted messages without the correct PUF responses. Replay attacks are mitigated through timestamp and random number checks, while DoS attacks are reduced by early verification of identities in handover requests. Physical capture attacks on UAVs or GS are ineffective due to PUF’s unclonability, as tampering alters response values. Ephemeral secret leakage attacks are resisted because session keys depend on both long-term and short-term secrets. Malicious UAV revocation is enabled through identity revelation during decryption, allowing the NCC to deregister compromised devices. Finally, ML attacks are defended by anonymous response segmentation, which prevents attackers from collecting sufficient CRP samples to model PUF behavior. These properties collectively enhance the security of Unmanned Aerial Vehicle networks in cloud-edge collaborations.
Formal Security Analysis
We used the Real-or-Random (ROR) model to formally prove the semantic security of our protocol. Let $Adv^S_A$ denote the advantage of an adversary $A$ in breaking the protocol $S$, and let $q_H$, $q_P$, and $q_S$ represent the number of hash, PUF, and send queries, respectively. The lengths of hash and PUF outputs are $l_H$ and $l_P$, and $l$ is the session key length. We define a series of games $Game_i$ for $i = 0, 1, 2, 3, 4$, where $Suc_i$ is the event that $A$ succeeds in $Game_i$.
In $Game_0$, $A$ initiates an attack, and $Adv^S_A = |2PR(Suc_0) – 1|$. In $Game_1$, $A$ eavesdrops on messages but cannot compute the session key without solving hash or PUF collisions, so $PR(Suc_0) = PR(Suc_1)$. In $Game_2$, $A$ attempts hash collisions, and by the birthday paradox, $|PR(Suc_2) – PR(Suc_1)| \leq \frac{q_H^2}{2^{l_H+1}}$. In $Game_3$, $A$ uses corrupt queries to access stored data, but PUF uniqueness ensures $|PR(Suc_3) – PR(Suc_2)| \leq \frac{q_P^2}{2^{l_P+1}}$. In $Game_4$, $A$ sends forged messages to guess the session key, yielding $|PR(Suc_4) – PR(Suc_3)| \leq \frac{q_S}{2^l}$. Since $PR(Suc_4) = \frac{1}{2}$, we derive:
$$Adv^S_A \leq \frac{q_H^2}{2^{l_H}} + \frac{q_P^2}{2^{l_P}} + \frac{q_S}{2^{l-1}}$$
This shows that $Adv^S_A$ is negligible, proving the semantic security of our protocol for Unmanned Aerial Vehicle applications.
Performance Evaluation
We evaluated the performance of our protocol in terms of security properties, computational overhead, and communication costs, comparing it with recent protocols from the literature. Our results demonstrate significant improvements, making it suitable for resource-constrained drone technology systems.
Security Properties Comparison
Table 1 summarizes the security attributes of our protocol against existing schemes. Our approach satisfies all 12 properties, including resistance to physical capture and ML attacks, which are critical for Unmanned Aerial Vehicle security.
| Security Property | Protocol A | Protocol B | Our Protocol |
|---|---|---|---|
| Mutual Authentication | Yes | Yes | Yes |
| Anonymity | No | Yes | Yes |
| Perfect Forward Secrecy | Yes | No | Yes |
| Resistance to Physical Capture | No | No | Yes |
| ML Attack Resistance | No | No | Yes |
Computational Overhead
We measured computational overhead by considering operations such as elliptic curve multiplication ($T_m$), hash ($T_h$), key derivation function ($T_k$), and symmetric encryption ($T_s$). Based on experiments with Raspberry Pi 5 (UAV) and Intel Core Ultra 9 (GS), we obtained average times: $T_m \approx 0.54$ ms (UAV) and $0.34$ ms (GS), $T_h \approx 0.0012$ ms (UAV) and $0.0010$ ms (GS), $T_k \approx 0.0125$ ms (UAV) and $0.0047$ ms (GS), $T_s \approx 0.0180$ ms (UAV) and $0.0010$ ms (GS). Table 2 compares the computational overhead of our protocol with others, showing that our approach reduces GS overhead by over 9.1% and maintains low UAV overhead, essential for efficient Unmanned Aerial Vehicle operations.
| Protocol | UAV Overhead | GS Overhead |
|---|---|---|
| Protocol A | 1.0884 | 0.6930 |
| Protocol B | 0.0732 | 0.0110 |
| Our Protocol | 0.0072 | 0.0070 |
Communication Overhead
Communication overhead is assessed based on message sizes and counts. We define element sizes: ECC point (320 bits), hash (256 bits), identity (64 bits), random number (256 bits), PUF challenge/response (64 bits), and timestamp (32 bits). Table 3 shows that our protocol achieves the lowest communication overhead, reducing total costs by over 13.8% compared to the next best protocol. This is attributed to the pre-handover phase minimizing real-time data exchange and the use of lightweight operations.
| Protocol | Message Count | Total Overhead (bits) |
|---|---|---|
| Protocol A | 4 | 2912 |
| Protocol B | 6 | 2560 |
| Our Protocol | 3 | 1600 |
Additionally, we evaluated ML attack resistance by testing with 10,036 sets of 64-bit responses from parallel Arbiter PUF. Figure 1 illustrates that while original CRPs achieve high prediction accuracy under various Hamming distance thresholds, our anonymous segmentation method maintains low accuracy even with 10,000 samples, confirming its effectiveness in protecting Unmanned Aerial Vehicle networks.
Conclusion
In this paper, we presented an efficient handover authentication protocol for cloud-edge collaborative UAV networks, addressing the limitations of existing approaches in terms of security and performance. By leveraging PUF and CRT, our protocol achieves lightweight authentication with enhanced physical security and resistance to ML attacks. The anonymous response segmentation method ensures that CRPs are never stored explicitly, while the CRT-based synchronization mechanism enables efficient handovers across multiple GS nodes. Security analysis proves the protocol’s robustness against various threats, and performance evaluations demonstrate significant reductions in computational and communication overhead. As drone technology continues to evolve, our work provides a foundational step toward secure and scalable Unmanned Aerial Vehicle systems, enabling reliable operations in dynamic environments. Future work will focus on extending the protocol to large-scale networks and integrating additional optimization techniques for real-world deployments.