Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
The Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-07-01
|
| Series: | Mathematics |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2227-7390/13/13/2177 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849319814998261760 |
|---|---|
| author | Hyunseok Kim Seunghyun Park |
| author_facet | Hyunseok Kim Seunghyun Park |
| author_sort | Hyunseok Kim |
| collection | DOAJ |
| description | The Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes Bio-2FA-IoD, a novel biometric-enhanced two-factor authentication protocol designed for secure IoD operations. Drawing on established 2FA principles and fuzzy extractor technology, Bio-2FA-IoD achieves strong mutual authentication between an operator (via an operator device), a drone (as a relay), and a ground control station (GCS), supported by a trusted authority. We detail the protocol’s registration and authentication phases, emphasizing reliable biometric key generation. A formal security analysis using BAN logic demonstrates secure belief establishment and key agreement, while a proof sketch under the Bellare–Pointcheval–Rogaway (BPR) model confirms its security against active adversaries in Authenticated Key Exchange (AKE) contexts. Furthermore, a comprehensive performance evaluation conducted using the Contiki OS and Cooja simulator illustrates Bio-2FA-IoD’s superior efficiency in computational and communication costs, alongside very low latency, high packet delivery rate, and minimal energy consumption. This positions it as a highly viable and lightweight solution for resource-constrained IoD environments. Additionally, this paper conceptually explores potential extensions to Bio-2FA-IoD, including the integration of Diffie–Hellman for enhanced perfect forward secrecy and a Sybil-free pseudonym management scheme for improved user anonymity and unlinkability. |
| format | Article |
| id | doaj-art-ee994c8dfe2343cfa9c4c7d062dab7d2 |
| institution | Kabale University |
| issn | 2227-7390 |
| language | English |
| publishDate | 2025-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Mathematics |
| spelling | doaj-art-ee994c8dfe2343cfa9c4c7d062dab7d22025-08-20T03:50:17ZengMDPI AGMathematics2227-73902025-07-011313217710.3390/math13132177Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones OperationsHyunseok Kim0Seunghyun Park1Department of Information and Security, ICT Polytech Institute of Korea, 16-26 Sunamro, Gwangjusi 12792, Republic of KoreaDivision of Computer Engineering, Hansung University, Seoul 02876, Republic of KoreaThe Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes Bio-2FA-IoD, a novel biometric-enhanced two-factor authentication protocol designed for secure IoD operations. Drawing on established 2FA principles and fuzzy extractor technology, Bio-2FA-IoD achieves strong mutual authentication between an operator (via an operator device), a drone (as a relay), and a ground control station (GCS), supported by a trusted authority. We detail the protocol’s registration and authentication phases, emphasizing reliable biometric key generation. A formal security analysis using BAN logic demonstrates secure belief establishment and key agreement, while a proof sketch under the Bellare–Pointcheval–Rogaway (BPR) model confirms its security against active adversaries in Authenticated Key Exchange (AKE) contexts. Furthermore, a comprehensive performance evaluation conducted using the Contiki OS and Cooja simulator illustrates Bio-2FA-IoD’s superior efficiency in computational and communication costs, alongside very low latency, high packet delivery rate, and minimal energy consumption. This positions it as a highly viable and lightweight solution for resource-constrained IoD environments. Additionally, this paper conceptually explores potential extensions to Bio-2FA-IoD, including the integration of Diffie–Hellman for enhanced perfect forward secrecy and a Sybil-free pseudonym management scheme for improved user anonymity and unlinkability.https://www.mdpi.com/2227-7390/13/13/2177Internet of Drones (IoD)UAV securitybiometric authenticationtwo-factor authentication (2FA)fuzzy extractorBAN logic |
| spellingShingle | Hyunseok Kim Seunghyun Park Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations Mathematics Internet of Drones (IoD) UAV security biometric authentication two-factor authentication (2FA) fuzzy extractor BAN logic |
| title | Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations |
| title_full | Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations |
| title_fullStr | Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations |
| title_full_unstemmed | Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations |
| title_short | Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations |
| title_sort | bio 2fa iod a biometric enhanced two factor authentication protocol for secure internet of drones operations |
| topic | Internet of Drones (IoD) UAV security biometric authentication two-factor authentication (2FA) fuzzy extractor BAN logic |
| url | https://www.mdpi.com/2227-7390/13/13/2177 |
| work_keys_str_mv | AT hyunseokkim bio2faiodabiometricenhancedtwofactorauthenticationprotocolforsecureinternetofdronesoperations AT seunghyunpark bio2faiodabiometricenhancedtwofactorauthenticationprotocolforsecureinternetofdronesoperations |