PASKE-IoD: Privacy-Protecting Authenticated Key Establishment for Internet of Drones

Unmanned aerial vehicles/drones are considered an essential ingredient of traffic motoring systems in smart cities. Interconnected drones, also called the Internet of Drones (IoD), gather critical data from the environmental area of interest and transmit the data to a server located at the control room for further processing. This transmission occurs via wireless communication channels, which are exposed to various security risks. Besides this, an External User (EU) occasionally demands access to real-time information stored at a specific drone rather than retrieving data from the server, which requires an efficient Authenticated Session Key Establishment (ASKE) approach to ensure a reliable communication in IoD environment. In this article, we present a Privacy-Protecting ASKE scheme for IoD (PASKE-IoD). PASKE-IoD utilizes Authenticated Encryption (AE) primitive “ASCON,” and hash function “ASCON-hash,” to accomplish the ASKE phase. PASKE-IoD checks the EU’s authenticity before allowing him to access the IoD environment resources. Moreover, PASKE-IoD enables EUs and drones to communicate securely after establishing a session key. Meticulous informal security analysis and security verification are carried out using Scyther to demonstrate that PASKE-IoD is immune to numerous covert security attacks. In addition, Burrows-Abadi-Needham logic is utilized to corroborate the logical exactitude of PASKE-IoD. A comparative analysis is presented to illustrate that PASKE-IoD is efficient and renders more security features than the eminent ASKE scheme.