Hardware Implementation-Based Lightweight Privacy- Preserving Authentication Scheme For Internet Of Drones Using Physically Unclonable Function

Authors

• Razan Alsulieman, School of Computing Sciences and Computer EngineeringFollow
• Eduardo Hernandez Escobar, School of Computing Sciences and Computer EngineeringFollow
• Richard Swilley, School of Computing Sciences and Computer Engineering
• Ahmed Sherif, School of Computing Sciences and Computer Engineering
• Kasem Khalil, School of Engineering
• Mohamed Elsersy, HCT-Al Ain Campuses
• Rabab Abdelfattah, School of Computing Sciences and Computer Engineering

Document Type

Article

Publication Date

4-1-2026

School

Computing Sciences and Computer Engineering

Abstract

The Internet of Drones (IoD) has emerged as a critical extension of the Internet of Things, enabling unmanned aerial vehicles to support diverse applications, including precision agriculture, logistics, disaster monitoring, and security surveillance. Despite its rapid growth, securing IoD communications remains a significant challenge due to the open wireless environment, high drone mobility, and strict computational and energy constraints. Existing authentication mechanisms either rely on computationally expensive cryptographic operations or remain validated only at the protocol or simulation level, leaving a critical gap in practical, hardware-validated solutions suitable for resource-constrained drone platforms. This gap motivates the need for a lightweight, privacy-preserving authentication scheme that is both theoretically sound and experimentally deployable on real hardware. To address this, we propose a Physically Unclonable Functions (PUF)-assisted lightweight authentication scheme for IoD environments that binds cryptographic keys to each drone’s intrinsic hardware characteristics via PUFs. The scheme employs dynamically generated pseudo-identities to conceal permanent drone identities and prevent tracking, while authentication and key agreement are achieved using efficient symmetric cryptographic primitives, including SHA-256 for key derivation and updates, AES-256 for secure communication, and lightweight XOR operations to minimize overhead. Forward secrecy is ensured through rolling key updates, and periodic renewal of PUF challenges enhances resistance to replay and modeling attacks. To validate practicality, both software-based and hardware-based implementations were developed and evaluated. The software evaluation demonstrates a low communication overhead of 708.5 bytes and an average computation time of 18.87 ms. The hardware implementation on a Nexys A7-100T FPGA operates at 100 MHz with only 12.49% LUT utilization and low dynamic power consumption of approximately 182.5 mW. These results confirm that the proposed framework achieves an effective balance between security, privacy, and efficiency. The significance of this work lies in providing a fully hardware-validated, PUF-based authentication framework specifically tailored to the real-world constraints of IoD environments, offering a practical foundation for securing next-generation drone networks.

Publication Title

Sensors

Volume

26

Issue

7

Recommended Citation

Alsulieman, R., Escobar, E., Swilley, R., Sherif, A., Khalil, K., Elsersy, M., Abdelfattah, R. (2026). Hardware Implementation-Based Lightweight Privacy- Preserving Authentication Scheme For Internet Of Drones Using Physically Unclonable Function. Sensors, 26(7).
Available at: https://aquila.usm.edu/fac_pubs/21998