Journal of Reliable and Secure Computing Home About Editors Current Issue
  1. Home
  2. Journals
  3. Journal of Reliable and Secure Computing
  4. Volume 1, Issue 1
PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks
Research Article | Published: 19 December 2025
Journal of Reliable and Secure Computing Volume 1, Issue 1, 2025: 25-40
Volume 1, Issue 1, Journal of Reliable and Secure Computing
Volume 1, Issue 1, 2025
Submit Manuscript Edit a Special Issue
Article QR Code
Article QR Code
Scan the QR code for reading
Popular articles
Case Studies on Integrating Artificial Intelligence in Finance to Transform Decision Making and Risk Management for Enhanced Financial Outcomes Reservoir Science: A Multi-Coupling Communication Platform to Promote Energy Transformation, Climate Change and Environmental Protection Reinforcement Learning for Prompt Optimization in Language Models: A Comprehensive Survey of Methods, Representations, and Evaluation Challenges From CO$_2$ Sequestration to Hydrogen Storage: Further Utilization of Depleted Gas Reservoirs AI and the Future of Education: Advancing Personalized Learning and Intelligent Tutoring Systems Effects of Crosslinking Agents and Reservoir Conditions on the Propagation of Fractures in Coal Reservoirs During Hydraulic Fracturing The Influence of Geological Factors and Transmission Fluids on the Exploitation of Reservoir Geothermal Resources: Factor Discussion and Mechanism Analysis YOLOv8-Lite: A Lightweight Object Detection Model for Real-time Autonomous Driving Systems Plant Disease Detection Using Deep Learning Techniques Current Status and Development Prospects of Carbon Capture, Utilization, and Storage (CCUS) in China: Technical, Policy, and Market Perspectives
Journal of Reliable and Secure Computing, Volume 1, Issue 1, 2025: 25-40

Open Access | Research Article | 19 December 2025
PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks
by
Maoxin Tang Maoxin Tang 1
Haonan Li Haonan Li 2 *
1 School of Computer Science, Nanjing University of Information Science and Technology, Nanjing 210044, China
2 Faculty of Computer Science and Information Technology, Universiti Malaya, Kuala Lumpur 50603, Malaysia
* Corresponding Author: Haonan Li, [email protected]
DOI: 10.62762/JRSC.2025.869145
ARK: ark:/57805/jrsc.2025.869145
Received: 03 October 2025, Accepted: 27 November 2025, Published: 19 December 2025  
   PDF  (5.57 MB)
Article Metrics Cite This Article
Abstract
The Internet of Things (IoT) is a technological ecosystem that interconnects physical devices via the Internet to enable data exchange and coordinated operations, among which the Internet of Drones (IoD) represents a specialized application integrating drone technology with IoT for remote control and data transmission. With the adoption of fifth-generation (5G) mobile communication networks in IoD environments, drones can transmit high-quality data and respond to user requests with reduced latency. In recent years, various authentication schemes using temporary credentials have been proposed to allow users and drones to establish session keys with the assistance of a control server; however, many existing schemes remain vulnerable to drone capture attacks and known session-specific temporary information attacks. To address these security challenges, this paper proposes an enhanced authentication and key agreement scheme for IoD over 5G networks that incorporates physically unclonable functions (PUFs) to strengthen drone data security. The security of the proposed scheme is validated through informal security analysis, the ROR model, and the AVISPA tool. Furthermore, comparative security and performance evaluations demonstrate that the proposed scheme achieves adequate security while maintaining competitive performance relative to existing schemes.
Graphical Abstract
PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks
Keywords
IoD
5G networks
mutual authentication
key agreement
PUF
Data Availability Statement
Data will be made available on request.
Funding
This work was supported without any funding.
Conflicts of Interest
The authors declare no conflicts of interest.
Ethical Approval and Consent to Participate
Not applicable.
References
  1. Lee, T. F., Lou, D. C., & Chang, C. H. (2023). Enhancing lightweight authenticated key agreement with privacy protection using dynamic identities for Internet of Drones. Internet of Things, 23, 100877.
    [CrossRef]   [Google Scholar]
  2. Pu, C., Wall, A., Choo, K. K. R., Ahmed, I., & Lim, S. (2022). A lightweight and privacy-preserving mutual authentication and key agreement protocol for Internet of Drones environment. IEEE Internet of Things Journal, 9(12), 9918-9933.
    [CrossRef]   [Google Scholar]
  3. Javaid, N., Sher, A., Nasir, H., & Guizani, N. (2018). Intelligence in IoT-based 5G networks: Opportunities and challenges. IEEE Communications Magazine, 56(10), 94–100.
    [CrossRef]   [Google Scholar]
  4. Ying, B., & Nayak, A. (2019). Lightweight remote user authentication protocol for multi-server 5G networks using self-certified public key cryptography. Journal of network and computer applications, 131, 66–74.
    [CrossRef]   [Google Scholar]
  5. Irshad, A., Chaudhry, S. A., Ghani, A., & Bilal, M. (2021). A secure blockchain-oriented data delivery and collection scheme for 5G-enabled IoD environment. Computer Networks, 195, 108219.
    [CrossRef]   [Google Scholar]
  6. Wu, T., Guo, X., Chen, Y., Kumari, S., & Chen, C. (2021). Amassing the security: An enhanced authentication protocol for drone communications over 5G networks. Drones, 6(1), 10.
    [CrossRef]   [Google Scholar]
  7. Feng, C., Liu, B., Guo, Z., Yu, K., Qin, Z., & Choo, K.-K. R. (2021). Blockchain-based cross-domain authentication for intelligent 5G-enabled internet of drones. IEEE Internet of Things Journal, 9(8), 6224–6238.
    [CrossRef]   [Google Scholar]
  8. Ren, X., Cao, J., Ma, R., Luo, Y., Guan, J., Zhang, Y., & Li, H. (2023). A Novel Access and Handover Authentication Scheme in UAV-Aided Satellite-Terrestrial Integration Networks Enabling 5G. IEEE Transactions on Network and Service Management, 20(3), 3880-3899.
    [CrossRef]   [Google Scholar]
  9. Messerges, T. S., Dabbish, E. A., & Sloan, R. H. (2002). Examining smart-card security under the threat of power analysis attacks. IEEE transactions on computers, 51(5), 541–552.
    [CrossRef]   [Google Scholar]
  10. Liu, S., & Chen, C.-M. (2022). Comments on "a secure and lightweight drones-access protocol for smart city surveillance". IEEE Transactions on Intelligent Transportation Systems, 23(12), 25054–25058.
    [CrossRef]   [Google Scholar]
  11. Ever, Y. K. (2020). A secure authentication scheme framework for mobile-sinks used in the internet of drones applications. Computer Communications, 155, 143–149.
    [CrossRef]   [Google Scholar]
  12. Wazid, M., Das, A. K., Kumar, N., Vasilakos, A. V., & Rodrigues, J. J. P. C. (2018). Design and analysis of secure lightweight remote user authentication and key agreement scheme in internet of drones deployment. IEEE Internet of Things Journal, 6(2), 3572–3584.
    [CrossRef]   [Google Scholar]
  13. Hussain, S., Mahmood, K., Khan, M. K., Chen, C.-M., Alzahrani, B. A., & Chaudhry, S. A. (2022). Designing secure and lightweight user access to drone for smart city surveillance. Computer Standards & Interfaces, 80, 103566.
    [CrossRef]   [Google Scholar]
  14. Jan, S. U., Abbasi, I. A., & Algarni, F. (2022). A Mutual Authentication and Cross Verification Protocol for Securing Internet-of-Drones (IoD). Computers, Materials and Continua, 72(3), 5845-5869.
    [CrossRef]   [Google Scholar]
  15. Yu, S., Das, A. K., Park, Y., & Lorenz, P. (2022). SLAP-IoD: Secure and lightweight authentication protocol using physical unclonable functions for internet of drones in smart city environments. IEEE Transactions on Vehicular Technology, 71(10), 10374–10388.
    [CrossRef]   [Google Scholar]
  16. Alladi, T., Bansal, G., Chamola, V., & Guizani, M. (2020). SecAuthUAV: A novel authentication scheme for UAV-ground station and UAV-UAV communication. IEEE Transactions on Vehicular Technology, 69(12), 15068–15077.
    [CrossRef]   [Google Scholar]
  17. Bera, B., Vangala, A., Das, A. K., Lorenz, P., & Khan, M. K. (2022). Private blockchain-envisioned drones-assisted authentication scheme in IoT-enabled agricultural environment. Computer Standards & Interfaces, 80, 103567.
    [CrossRef]   [Google Scholar]
  18. Kumar, A., Yadav, A. S., Gill, S. S., Pervaiz, H., Ni, Q., & Buyya, R. (2022). A secure drone-to-drone communication and software defined drone network-enabled traffic monitoring system. Simulation Modelling Practice and Theory, 120, 102621.
    [CrossRef]   [Google Scholar]
  19. Srinivas, J., Das, A. K., Kumar, N., & Rodrigues, J. J. P. C. (2019). TCALAS: Temporal credential-based anonymous lightweight authentication scheme for Internet of drones environment. IEEE Transactions on Vehicular Technology, 68(7), 6903–6916.
    [CrossRef]   [Google Scholar]
  20. Bera, B., Saha, S., Das, A. K., Kumar, N., Lorenz, P., & Alazab, M. (2020). Blockchain-envisioned secure data delivery and collection scheme for 5g-based iot-enabled internet of drones environment. IEEE Transactions on Vehicular Technology, 69(8), 9097–9111.
    [CrossRef]   [Google Scholar]
  21. Zhang, Y., He, D., Li, L., & Chen, B. (2020). A lightweight authentication and key agreement scheme for Internet of Drones. Computer Communications, 154, 455–464.
    [CrossRef]   [Google Scholar]
  22. Akram, M. W., Bashir, A. K., Shamshad, S., Saleem, M. A., AlZubi, A. A., Chaudhry, S. A., Alzahrani, B. A., & Zikria, Y. B. (2021). A secure and lightweight drones-access protocol for smart city surveillance. IEEE Transactions on Intelligent Transportation Systems, 23(10), 19634–19643.
    [CrossRef]   [Google Scholar]
  23. Park, Y., Ryu, D., Kwon, D., & Park, Y. (2023). Provably secure mutual authentication and key agreement scheme using PUF in internet of drones deployments. Sensors, 23(4), 2034.
    [CrossRef]   [Google Scholar]
  24. Akram, M. A., Ahmad, H., Mian, A. N., Jurcut, A. D., & Kumari, S. (2023). Blockchain-based privacy-preserving authentication protocol for UAV networks. Computer Networks, 224, 109638.
    [CrossRef]   [Google Scholar]
  25. Mishra, A. K., Wazid, M., Singh, D. P., Das, A. K., Singh, J., & Vasilakos, A. V. (2023). Secure Blockchain-Enabled Authentication Key Management Framework with Big Data Analytics for Drones in Networks Beyond 5G Applications. Drones, 7(8), 508.
    [CrossRef]   [Google Scholar]
  26. Gope, P., & Sikdar, B. (2020). An efficient privacy-preserving authenticated key agreement scheme for edge-assisted internet of drones. IEEE Transactions on Vehicular Technology, 69(11), 13621–13630.
    [CrossRef]   [Google Scholar]
  27. Nair, A. S., & Thampi, S. M. (2022). PUFloc: PUF and location based hierarchical mutual authentication protocol for surveillance drone networks. In International Conference on Ubiquitous Security (pp. 66–89). Springer.
    [CrossRef]   [Google Scholar]
  28. Alkatheiri, M. S., Saleem, S., Alqarni, M. A., Aseeri, A. O., Chauhdary, S. H., & Zhuang, Y. (2022). A lightweight authentication scheme for a network of unmanned aerial vehicles (UAVs) by using physical unclonable functions. Electronics, 11(18), 2921.
    [CrossRef]   [Google Scholar]
  29. Karmakar, R., Kaddoum, G., & Akhrif, O. (2023). A PUF and fuzzy extractor-based UAV-ground station and UAV-UAV authentication mechanism with intelligent adaptation of secure sessions. IEEE Transactions on Mobile Computing, 23(5), 3858-3875.
    [CrossRef]   [Google Scholar]
  30. Abdalla, M., Fouque, P. A., & Pointcheval, D. (2005, January). Password-based authenticated key exchange in the three-party setting. In International workshop on public key cryptography (pp. 65-84). Berlin, Heidelberg: Springer Berlin Heidelberg.
    [CrossRef]   [Google Scholar]
  31. Wang, D., Cheng, H., Wang, P., Huang, X., & Jian, G. (2017). Zipf's law in passwords. IEEE Transactions on Information Forensics and Security, 12(11), 2776–2791.
    [CrossRef]   [Google Scholar]
  32. Ge, M., Kumari, S., & Chen, C. M. (2022). AuthPFS: A method to verify perfect forward secrecy in authentication protocols. J. Netw. Intell, 7(3), 734-750.
    [Google Scholar]
  33. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuéllar, J., ... & Vigneron, L. (2005, July). The AVISPA tool for the automated validation of internet security protocols and applications. In International conference on computer aided verification (pp. 281-285). Berlin, Heidelberg: Springer Berlin Heidelberg.
    [CrossRef]   [Google Scholar]
  34. Liang, Y., Luo, E., & Liu, Y. (2023). Physically Secure and Conditional-Privacy Authenticated Key Agreement for VANETs. IEEE Transactions on Vehicular Technology, 72(6), 7914-7925.
    [CrossRef]   [Google Scholar]
  35. Zhu, L., & Wang, D. (2024). Robust Multi-Factor Authentication for WSNs With Dynamic Password Recovery. IEEE Transactions on Information Forensics and Security, 19, 8398-8413.
    [CrossRef]   [Google Scholar]
  36. De Caro, A., & Iovino, V. (2011). jPBC: Java pairing based cryptography. In 2011 IEEE Symposium on Computers and Communications (ISCC) (pp. 850-855). IEEE.
    [CrossRef]   [Google Scholar]
Cite This Article
APA Style
Tang, M., & Li, H. (2025). PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks. Journal of Reliable and Secure Computing, 1(1), 25–40. https://doi.org/10.62762/JRSC.2025.869145
Export Citation
RIS Format
Compatible with EndNote, Zotero, Mendeley, and other reference managers
RIS format data for reference managers
TY  - JOUR
AU  - Tang, Maoxin
AU  - Li, Haonan
PY  - 2025
DA  - 2025/12/19
TI  - PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks
JO  - Journal of Reliable and Secure Computing
T2  - Journal of Reliable and Secure Computing
JF  - Journal of Reliable and Secure Computing
VL  - 1
IS  - 1
SP  - 25
EP  - 40
DO  - 10.62762/JRSC.2025.869145
UR  - https://www.icck.org/article/abs/JRSC.2025.869145
KW  - IoD
KW  - 5G networks
KW  - mutual authentication
KW  - key agreement
KW  - PUF
AB  - The Internet of Things (IoT) is a technological ecosystem that interconnects physical devices via the Internet to enable data exchange and coordinated operations, among which the Internet of Drones (IoD) represents a specialized application integrating drone technology with IoT for remote control and data transmission. With the adoption of fifth-generation (5G) mobile communication networks in IoD environments, drones can transmit high-quality data and respond to user requests with reduced latency. In recent years, various authentication schemes using temporary credentials have been proposed to allow users and drones to establish session keys with the assistance of a control server; however, many existing schemes remain vulnerable to drone capture attacks and known session-specific temporary information attacks. To address these security challenges, this paper proposes an enhanced authentication and key agreement scheme for IoD over 5G networks that incorporates physically unclonable functions (PUFs) to strengthen drone data security. The security of the proposed scheme is validated through informal security analysis, the ROR model, and the AVISPA tool. Furthermore, comparative security and performance evaluations demonstrate that the proposed scheme achieves adequate security while maintaining competitive performance relative to existing schemes.
SN  - 3070-6424
PB  - Institute of Central Computation and Knowledge
LA  - English
ER  -
BibTeX Format
Compatible with LaTeX, BibTeX, and other reference managers
BibTeX format data for LaTeX and reference managers
@article{Tang2025PUFAKAIoD,
  author = {Maoxin Tang and Haonan Li},
  title = {PUF-AKA-IoD: A Provably Secure PUF-Based Authentication and Key Agreement Protocol for IoD over 5G Networks},
  journal = {Journal of Reliable and Secure Computing},
  year = {2025},
  volume = {1},
  number = {1},
  pages = {25-40},
  doi = {10.62762/JRSC.2025.869145},
  url = {https://www.icck.org/article/abs/JRSC.2025.869145},
  abstract = {The Internet of Things (IoT) is a technological ecosystem that interconnects physical devices via the Internet to enable data exchange and coordinated operations, among which the Internet of Drones (IoD) represents a specialized application integrating drone technology with IoT for remote control and data transmission. With the adoption of fifth-generation (5G) mobile communication networks in IoD environments, drones can transmit high-quality data and respond to user requests with reduced latency. In recent years, various authentication schemes using temporary credentials have been proposed to allow users and drones to establish session keys with the assistance of a control server; however, many existing schemes remain vulnerable to drone capture attacks and known session-specific temporary information attacks. To address these security challenges, this paper proposes an enhanced authentication and key agreement scheme for IoD over 5G networks that incorporates physically unclonable functions (PUFs) to strengthen drone data security. The security of the proposed scheme is validated through informal security analysis, the ROR model, and the AVISPA tool. Furthermore, comparative security and performance evaluations demonstrate that the proposed scheme achieves adequate security while maintaining competitive performance relative to existing schemes.},
  keywords = {IoD, 5G networks, mutual authentication, key agreement, PUF},
  issn = {3070-6424},
  publisher = {Institute of Central Computation and Knowledge}
}
Article Metrics
Citations:

Google Scholar
0

Crossref

0

Scopus

0

Web of Science

0
Article Access Statistics:
Views: 337
PDF Downloads: 108
Publisher's Note
ICCK stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and Permissions
CC BY Copyright © 2025 by the Author(s). Published by Institute of Central Computation and Knowledge. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made.
Journal of Reliable and Secure Computing

Journal of Reliable and Secure Computing

ISSN: 3070-6424 (Online)

Email: [email protected]

Portico

Portico

All published articles are preserved here permanently:
https://www.portico.org/publishers/icck/