Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations

The Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes...

Full description

Saved in:
Bibliographic Details
Main Authors: Hyunseok Kim, Seunghyun Park
Format: Article
Language:English
Published: MDPI AG 2025-07-01
Series:Mathematics
Subjects:
Online Access:https://www.mdpi.com/2227-7390/13/13/2177
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1849319814998261760
author Hyunseok Kim
Seunghyun Park
author_facet Hyunseok Kim
Seunghyun Park
author_sort Hyunseok Kim
collection DOAJ
description The Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes Bio-2FA-IoD, a novel biometric-enhanced two-factor authentication protocol designed for secure IoD operations. Drawing on established 2FA principles and fuzzy extractor technology, Bio-2FA-IoD achieves strong mutual authentication between an operator (via an operator device), a drone (as a relay), and a ground control station (GCS), supported by a trusted authority. We detail the protocol’s registration and authentication phases, emphasizing reliable biometric key generation. A formal security analysis using BAN logic demonstrates secure belief establishment and key agreement, while a proof sketch under the Bellare–Pointcheval–Rogaway (BPR) model confirms its security against active adversaries in Authenticated Key Exchange (AKE) contexts. Furthermore, a comprehensive performance evaluation conducted using the Contiki OS and Cooja simulator illustrates Bio-2FA-IoD’s superior efficiency in computational and communication costs, alongside very low latency, high packet delivery rate, and minimal energy consumption. This positions it as a highly viable and lightweight solution for resource-constrained IoD environments. Additionally, this paper conceptually explores potential extensions to Bio-2FA-IoD, including the integration of Diffie–Hellman for enhanced perfect forward secrecy and a Sybil-free pseudonym management scheme for improved user anonymity and unlinkability.
format Article
id doaj-art-ee994c8dfe2343cfa9c4c7d062dab7d2
institution Kabale University
issn 2227-7390
language English
publishDate 2025-07-01
publisher MDPI AG
record_format Article
series Mathematics
spelling doaj-art-ee994c8dfe2343cfa9c4c7d062dab7d22025-08-20T03:50:17ZengMDPI AGMathematics2227-73902025-07-011313217710.3390/math13132177Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones OperationsHyunseok Kim0Seunghyun Park1Department of Information and Security, ICT Polytech Institute of Korea, 16-26 Sunamro, Gwangjusi 12792, Republic of KoreaDivision of Computer Engineering, Hansung University, Seoul 02876, Republic of KoreaThe Internet of Drones (IoD) is rapidly expanding into sensitive applications, necessitating robust and efficient authentication. Traditional methods struggle against prevalent attacks, especially considering the unique vulnerabilities of the IoD, such as drone physical capture. This paper proposes Bio-2FA-IoD, a novel biometric-enhanced two-factor authentication protocol designed for secure IoD operations. Drawing on established 2FA principles and fuzzy extractor technology, Bio-2FA-IoD achieves strong mutual authentication between an operator (via an operator device), a drone (as a relay), and a ground control station (GCS), supported by a trusted authority. We detail the protocol’s registration and authentication phases, emphasizing reliable biometric key generation. A formal security analysis using BAN logic demonstrates secure belief establishment and key agreement, while a proof sketch under the Bellare–Pointcheval–Rogaway (BPR) model confirms its security against active adversaries in Authenticated Key Exchange (AKE) contexts. Furthermore, a comprehensive performance evaluation conducted using the Contiki OS and Cooja simulator illustrates Bio-2FA-IoD’s superior efficiency in computational and communication costs, alongside very low latency, high packet delivery rate, and minimal energy consumption. This positions it as a highly viable and lightweight solution for resource-constrained IoD environments. Additionally, this paper conceptually explores potential extensions to Bio-2FA-IoD, including the integration of Diffie–Hellman for enhanced perfect forward secrecy and a Sybil-free pseudonym management scheme for improved user anonymity and unlinkability.https://www.mdpi.com/2227-7390/13/13/2177Internet of Drones (IoD)UAV securitybiometric authenticationtwo-factor authentication (2FA)fuzzy extractorBAN logic
spellingShingle Hyunseok Kim
Seunghyun Park
Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
Mathematics
Internet of Drones (IoD)
UAV security
biometric authentication
two-factor authentication (2FA)
fuzzy extractor
BAN logic
title Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
title_full Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
title_fullStr Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
title_full_unstemmed Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
title_short Bio-2FA-IoD: A Biometric-Enhanced Two-Factor Authentication Protocol for Secure Internet of Drones Operations
title_sort bio 2fa iod a biometric enhanced two factor authentication protocol for secure internet of drones operations
topic Internet of Drones (IoD)
UAV security
biometric authentication
two-factor authentication (2FA)
fuzzy extractor
BAN logic
url https://www.mdpi.com/2227-7390/13/13/2177
work_keys_str_mv AT hyunseokkim bio2faiodabiometricenhancedtwofactorauthenticationprotocolforsecureinternetofdronesoperations
AT seunghyunpark bio2faiodabiometricenhancedtwofactorauthenticationprotocolforsecureinternetofdronesoperations