Journal of Systems Architecture 160 (2025) 103365 Contents lists available at ScienceDirect Journal of Systems Architecture journal homepage: www.elsevier.com/locate/sysarc Designing secure blockchain-based authentication and key management mechanism for Internet of Drones applications Mohammad Wazid a , Saksham Mittal a,b , Ashok Kumar Das c,d ,∗, SK Hafizul Islam e ,∗∗, Mohammed J.F. Alenazi f , Athanasios V. Vasilakos g a Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun 248 002, India b Department of Computer Science and Engineering, Graphic Era Hill University, Dehradun 248 002, India c Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India d Department of Computer Science and Engineering, College of Informatics, Korea University, 145 Anam-ro, Seongbuk-gu, Seoul 02841, South Korea e Department of Computer Science and Engineering, Indian Institute of Information Technology Kalyani, West Bengal 741 235, India f Department of Computer Engineering, College of Computer and Information Sciences (CCIS), King Saud University, Riyadh 11451, Saudi Arabia g Center for AI Research (CAIR), University of Agder (UiA), 4879 Grimstad, Norway ARTICLE INFO ABSTRACT Keywords: Due to advancement in Information and Communications Technology (ICT) and Internet of Things (IoT), the Internet of Drones Internet of Drones (IoD) can be employed in numerous applications, facilitating the daily lives of diverse users, Blockchain including civilians and others. Wireless communication nature leads to an IoD environment to be vulnerable Authentication to various potential attack risks, such as data breaches, man-in-the-middle, impersonation, replay, and data Key agreement leaking attacks. As a result, the security of the IoD environment becomes crucial. To safeguard the data and Session key Security devices (such as IoT-enabled drones and servers) integral to IoD networks, a security solution is essential. It is imperative to implement targeted security measures, such as intrusion detection, access control, and authentication, in order to establish a security scheme that is both reliable and efficient. In this article, we mainly focus on developing a secure authentication and key management scheme that leverages blockchain technology. Most existing authentication techniques proposed in IoT and IoD environments are either inefficient in communication and computation, or they are insecure against various attacks. To mitigate these issues, this study proposes a secure blockchain-based authentication and key management scheme for IoD applications (in short BAKMM-IoD). The blockchain is applied here as a secure data storage purpose. After performing a detailed security analysis and formal security verification with the widely-recognized Scyther tool, the proposed BAKMM-IoD has exhibited resilience against different potential attacks. BAKMM-IoD also surpasses other contemporary existing schemes in terms of security and functionality features, including computational costs, and communication costs. Moreover, the blockchain simulation shows that the influence of the proposed BAKMM-IoD on critical performance metrics in real-world scenarios. 1. Introduction This is a consequence of the accelerated pace at which technology is advancing. Drones are employed in various sectors, including en- Drones refer to unmanned aerial vehicles (UAVs) capable of au- vironmental monitoring, search and rescue operations during natural tonomous flight without the physical presence of a pilot or aviator. The disasters, and the oversight of ecologically sensitive regions, including term ‘‘unmanned aerial vehicles’’ (UAVs) specifically denotes drones. agricultural lands and forest fires [1]. The Internet of Drones (IoD) is a Drones are commonly battery-operated devices. In addition, their in- novel framework founded on the principles of the Internet of Things formation processing and storage capabilities are finite. The creation (IoT). Drones serve as replacements for physical objects inside this of energy-efficient and economical micro-controller designs has accel- framework. erated the progress of drone-based monitoring and control systems. ∗ Corresponding author at: Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India. ∗∗ Corresponding author. E-mail addresses: wazidkec2005@gmail.com (M. Wazid), mittalsaksham07@gmail.com (S. Mittal), iitkgp.akdas@gmail.com, ashok.das@iiit.ac.in (A.K. Das), hafi786@gmail.com, hafi786@iiitkalyani.ac.in (SKH Islam), mjalenazi@ksu.edu.sa (M.J.F. Alenazi), thanos.vasilakos@uia.no (A.V. Vasilakos). https://doi.org/10.1016/j.sysarc.2025.103365 Received 13 November 2024; Received in revised form 12 January 2025; Accepted 6 February 2025 Available online 15 February 2025 1383-7621/© 2025 Elsevier B.V. All rights are reserved, including those for text and data mining, AI training, and similar technologies. M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 IoT has enhanced communication and interaction among drones, en- 1.3. Research contributions abling remote control in scenarios where direct optical transmission is impractical. An additional element of the IoD is the onboard controller, The following list outlines the research contributions made in this which employs artificial intelligence to make robust decisions [2– article. 4]. IoD has various applications as discussed earlier. Cybersecurity concerns confronting the IoD. Some of them are as follows. Instances of • A secure blockchain-based authentication and key management data theft occur when adversaries illicitly intercept conversations and mechanism is proposed for IoD applications (in short, we call it pilfer data, including control and command signals that are utilized as BAKMM-IoD). to guide the drone [5]. Further, by exploiting vulnerabilities in drone • The proposed BAKMM-IoD has demonstrated to be secured against software, adversaries can remotely seize control of drones and hijack a wide range of potential threats after an extensive security them for their own objectives. Moreover, the faking of GPS signals analysis and formal verification utilizing the widely recognized by drones is facilitated by malicious software, therefore enabling their Scyther tool. use for harmful purposes. Apart from that unauthorized access to the • The BAKMM-IoD has been shown to surpass other similar contem- IoD systems can also be possible. An antagonistic user, such as an porary methods for functionality, security, computational over- attacker or hacker, can intercept the IoD network, enabling them to heads, and communication overheads. bypass it and execute man-in-the-middle (MiTM) attacks. Intercepting • A functional illustration of the proposed BAKMM-IoD is sub- the collected drone data is also feasible [5,6]. sequently shown to demonstrate its applicability to real-world settings. 1.1. Potential ethical concerns belong to IoD communication 2. Literature review Here, we discuss the key ethical concerns that belong to the IoD communication. It includes data sovereignty problems, because drones Authentication is one of the very important security services that operate across different borders may be from different countries or can be applied in various networking domains [13–19]. states of a country, which potentially violates local laws (for exam- The safe authentication mechanism utilizing blockchain technology ple, the laws on data storage and its processing). Another potential was proposed by Yazdinejad et al. [20]. Drones were designed to challenge is ‘‘General Data Protection Regulation (GDPR)’’. It is the execute the planned deployment of the strategy in smart cities. At every European Union (EU) law that regulates how organizations handle stage of the process, this approach guaranteed the least amount of personal data [7]. It complies with the risk of unauthorized personal delays. A zone-based architecture was devised for a drone network, and data collection and excessive data processing [8]. IoD communication a decentralized consensus mechanism tailored for remote drone use in also faces concerns of data privacy, surveillance and accountability. smart cities was deployed. To address these issues and challenges, some of the strategies, such Bera et al. [21] introduced ACSUD-IoD, an innovative access control as data localization, privacy-by-design, use of strong encryption and system designed to identify and thwart unwanted unmanned aerial global regulatory standards, are necessarily needed [9]. vehicles (UAVs) within the IoD. The storing of transactional data within a private blockchain framework was enabled by the integration of 1.2. Research motivation a blockchain-based solution with ACSUD-IoD. This encompassed the While IoD fulfills various functions, enhancing the daily lives of a delivery of secure, standardized data from an UAV to the ground wide range of users and citizens, its communication framework is also station server. Consequently, the transactional data on the blockchain vulnerable to numerous risks, including data leakage, impersonation, is verifiable. A formal security verification was performed utilizing the replay, drone physical capture, stolen verifier attack, credentials/secret ‘‘Automated Validation of Internet Security Protocols and Applications keys/session keys leakage, Ephemeral Secret Leakage (ESL), malware (AVISPA) tool’’, alongside a comprehensive security evaluation. It il- injection and cross-site scripting attacks. The security of the IoD be- lustrated that their method was adequately protected against several comes vital, as it safeguards against numerous threats, including data possible threats. breaches, privacy infringements, and other security issues [10]. Pre- Feng et al. [22] proposed a ‘‘cross-domain authentication protocol ventive security measures can be adopted to alleviate these risks. grounded in blockchain technology’’. This system was designed to use Drones lacking robust cybersecurity protections are susceptible to nu- 5G technology for diverse IoD applications. The aforementioned limits merous risks. Therefore, to safeguard information and devices (includ- were duly acknowledged during the formulation of this plan with ing drones and servers) within IoD networks, a security mechanism the aim of transcending them. Their methodology was based on a is essential. Establishing a resilient security architecture requires the varied collection of signatures, all produced via threshold sharing. As deployment of particular security measures, such as authentication, a result, they successfully established a productive identity federation intrusion detection, and access control [11,12]. Moreover, the adoption for collaborative domains. of blockchain technology can bolster security against various potential Cho et al. [23] developed an authentication mechanism for un- threats and attacks [3]. manned aerial vehicles (UAVs) to reduce security threats linked to The security of blockchain technology stems from its decentral- unauthorized drones utilizing the IoD concept. Although their method- ized architecture and the application of encryption. Blockchains are ology reduced communication and computational requirements, yet decentralized networks that utilize a consensus (agreement) mecha- their architecture was vulnerable to the ‘‘Ephemeral Secret Leakage nism. Consequently, any effort to alter data can be identified by other (ESL) attack under the CK-adversary model’’. The method insufficiently nodes within the network. Blockchains employ cryptographic methods, protected the anonymity and untraceability of the participants. Another including public-key cryptography (i.e., ‘‘Elliptic Curve Cryptography element that contributed to this issue was the absence of blockchain (ECC)’’), to secure data and enable the generation of digital signatures. technology in their proposed strategy. This method protects data from unauthorized access and ensures its Gupta et al. [24] presented a GaRuDa system, which might po- confidentiality and integrity. Each data block in the chain is inher- tentially denoted as the drone-based delivery system that operated ently connected to the preceding and subsequent blocks to create an on the blockchain technology. The integration of this system into the immutable record of transactions. It is worth noticing that a block operations of Healthcare 5.0 applications was feasible. The IoT and is immutable and cannot be modified once it has been integrated blockchain technology were utilized in their approach to enable the into the chain [3]. In this article, we propose a secure blockchain- swift and accurate distribution of medical supplies, which could be based authentication and key management scheme that is applicable continuously monitored and recorded by many stakeholders. This was in various IoD-based real-life applications. achieved by using a 5G-enabled Internet environment. 2 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 A pair of unique communication strategies for UAV environments recognized as less secure compared to more robust alternatives like the were developed by Rodrigues et al. [25]. Their scheme facilitated the Secure Hash Algorithm (SHA-256). Consequently, the overall strength establishment of a direct exchange of messages between two drones. of their scheme is compromised. Moreover, their approach does not The presented scheme was derived from the existing scheme proposed incorporate support for blockchain implementation. in [26]. Nevertheless, the main contractual arrangement has been Research gaps and novelty: Blockchain technology offers powerful altered within the framework of this strategy. In accordance with solutions to strengthen the security of the IoD environment. By enabling the CK-adversary concept, their scheme was not impervious to the the creation of unique digital identities for individual drones, which possibility of an ESL attack. Moreover, their scheme lack support for are securely stored and managed on the blockchain, it helps mitigate the blockchain technology. the risk of impersonation attacks [37]. In addition, the data coming Ever [27] proposed an authentication system for IoT applications securely from the drones to the ground station server is used for that used Elliptic Curve Cryptography (ECC). UAVs were considered to the transactions and later, the blocks formed from the authentic and be mobile extensions of wireless sensor networks, operating within a hi- genuine data from the drones are stored in the blockchain network erarchical framework, according to their design. This particular design maintained by the cloud servers. Storing data on semi-trusted cloud enabled the effective implementation of one-time user authentication servers raises serious concerns about data poisoning attacks, which for mobile sinks (UAVs), cluster chiefs, and sensor nodes. In contrast, can significantly impact businesses and organizations by corrupting big their system was vulnerable to ‘‘ESL attack under the CK-adversary data analytics, leading to financial losses and reputational damage [38]. model’’. Moreover, their scheme did not ensure the maintenance and Research shows notable improvements in accuracy, recall, precision, safeguarding of anonymity and untraceability. Another limitation of and F1-score when data is free from poisoning attacks and is directly their scheme was absence of blockchain technology and it required sourced from the blockchain. In this context, authentication among more communication and computational costs. drones and other entities in the IoD environment becomes critical to Singh et al. [28] examined the evolution and potential applications ensure that genuine data is stored on the blockchain. of the Internet of Drones. The advanced development of this technology The literature review highlights that most existing authentication has generated several apprehensions, among which the degree of secu- techniques for IoT and IoD environments are either inefficient in terms rity offered by autonomous robots has always been a prominent issue. of communication and computation or vulnerable to various attacks. Hence, they emphasized the most urgent security vulnerabilities and This underscores the need for a reliable and secure authenticated key suggested that the most efficient approach to address these challenges agreement protocol to facilitate secure data aggregation at ground would be to adopt state-of-the-art blockchain technology. station servers in the IoD environment, with blockchain technology Xiong et al. [29] introduced a secure collaborative computing sys- providing enhanced secure storage. Therefore, the objective of this tem that implemented blockchain technology. They initially created a work is to develop a novel and secure blockchain-based authentica- lightweight blockchain framework that was specifically designed for tion and key management mechanism for IoD applications that is not ‘‘Unmanned Aerial Vehicle (UAV) Ad-Hoc Networks (UANET)’’. Fur- only resistant to various attacks but also efficient in communication ther, they introduced an improved ‘‘Practical Byzantine Fault Tolerance and computational costs, making it suitable for real-world practical (PBFT)’’ consensus algorithm that was based on trust assessment. applications. Wang et al. [30] introduced a mutual authentication method that was both simple and effective, and it exclusively relied on one-way hash 3. System models algorithms and bitwise XOR operations. Additionally, the issue of a cen- tralized trusted authority (TA) was mitigated by blockchain technology. The system models which are related to the BAKMM-IoD are ex- The Real-or-Random model-based formal security analysis was em- plained below. Moreover, the details of the network model and the ployed. Further, an informal security proof was provided to prove the threat model are given below. security of their proposed authentication mechanism. Further, Wang et al. [31] introduced, ‘‘BSIF: Blockchain-Based Secure, Interactive, 3.1. Network model and Fair Mobile Crowdsensing’’ system. It was blockchain-based and was distinguished by its security, interactivity, and impartiality. These Fig. 1 illustrates the proposed BAKMM-IoD’s network model. This attributes were achieved through the integration of smart contracts scenario involves several users, cloud servers, ground station servers, and mobile devices. Yu et al. [32] presented a ‘‘Cross-domain Indus- and several drones. The significant versatility of this architecture al- trial IoT Based on Consortium Blockchain mechanism (CBDS) for the lows its application across various industries, including smart farming, security of Industrial Internet of Things (IIoT). Further, they intro- industrial automation and control, intelligent transportation systems duced consortium blockchain specifically to establish trust across IIoT (ITS), and healthcare, among others. The drones are connected to the domains. ground station servers, which are in turn connected to the cloud servers Srinivas et al. [33] developed an innovative authentication tech- through communication channels. The ground station servers can con- nique that was anonymous, lightweight, and relied on temporal cre- sistently store the necessary data. Drones do not encounter excessive dentials for Internet of Things (IoT)-based platforms. It was denoted workloads as a substantial portion of computationally expensive tasks as 𝑇 𝐶 𝐴𝐿𝐴𝑆. To enhance 𝑇 𝐶 𝐴𝐿𝐴𝑆, Ali et al. [34] developed an are managed by the ground station servers. The data gathered by the improved version of 𝑇 𝐶 𝐴𝐿𝐴𝑆, referred to as 𝑖𝑇 𝐶 𝐴𝐿𝐴𝑆 for the secure drones is relayed to ground station servers for further analysis and communication of IoD. use. The partial blocks generated by the ground station servers from Mishra et al. [35] represented a framework for managing authenti- the received data are subsequently transmitted to the corresponding cation and session keys using blockchain technology. This framework cloud-based servers. supported the integration of big data analytics capabilities for drones Upon receiving partial data blocks, the cloud servers utilize them that operate on networks beyond 5G applications. Through a compre- to reconstruct the complete block. The aforementioned blocks may hensive security examination and scyther tool-based formal security ultimately be incorporated into the blockchain, contingent upon the verification, they have proven their scheme secured against the wide successful completion of the consensus procedure. The peer-to-peer range of attacks. cloud server network (P2PCS) is responsible for maintaining the func- In 2024, Algarni and Jan [36] proposed a robust yet lightweight tionality of the blockchain. Due to the implementation of advanced security mechanism utilizing a fuzzy extractor and the MD5 (Message technologies and substantial resources, the P2PCS network’s cloud Digest 5) algorithm to authenticate all IoD participants and ensure servers have exceptional processing, communication, and storage ca- secure communication. However, the MD5 hash algorithm is widely pabilities. The prevailing opinion is that cloud servers are semi-trusted 3 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 1. Network model of the BAKMM-IoD. network entities. Cyberattacks may compromise the communication and then secure protocols need to use strong encryption and authentic- occurring between drones, cloud servers, and ground station servers. ity mechanisms to ensure confidentiality and integrity. Replay attacks The integrity of these communications may be jeopardized by the must be prevented by the use of current timestamp values, and mutual potential adversary . To guarantee system security, it is imperative authentication should be done using digital signatures or certificates to employ security measures such as authentication and key man- which helps in establishing credibility between entities. In the case agement under the present conditions. Insufficient implementation of of the CK-adversary model, mitigation focuses primarily on ephemeral this security feature may render the devices and servers suscepti- key exchanges to derive session keys even if the short-term secrets are ble to hackers. Potential hazards encompass ‘‘malware injection at- compromised, since it extends the DY-model assumptions and supports tacks, unauthorized data access, data replay attacks, man-in-the-middle forward secrecy and session independence. Both models call for formal (MiTM) attacks, impersonation attacks, and unauthorized session key validation of the protocols with the automated validation tools, like estimation attacks’’. Scyther, to ensure that security properties are met. Following these strategies, cryptographic protocols will survive in environments against 3.2. Threat model the DY and CK adversaries.  may also physically capture a certain number of drones and The proposed BAKMM-IoD is constructed based on the following extract data from their memory using an advanced power analysis threat models and assumptions. method [41]. The collected information can be used to launch as- sociated attacks and formulate additional malevolent acts, including • The Dolev–Yao (DY) threat model, which is widely acknowledged impersonation efforts. The use of disguised session keys and creden- as the prevailing de-facto standard [39]. DY model states that two tials, together with privileged insider attacks, may be implemented unprotected entities can communicate with each other across an in these attacks. Cloud servers are regarded as semi-trusted entities open network, such as the Internet. Entities at endpoints that are within the network because of their role in maintaining and storing often deemed untrustworthy comprise drones and ground station system data. The registration authority (RA) of the control room, tasked servers. Communications transferred across an unsecured network with the registration of network entities, concurrently serves as the can be accessed, modified, or deleted by an adversary , irrespec- registration authority for the network. Moreover, it is expected that the tive of their active or passive status. The BAKMM-IoD is designed system’s security would be compromised if 𝑅𝐴 were compromised, so to counter many potential attacks. Examples of these attacks undermining the system’s overall integrity. encompass the ‘‘physical drone capture attack, the ephemeral secret leakage (ESL) attack, the secret data leakage attack, the 4. BAKMM-IoD: The proposed BAKMM-IoD impersonation attack, the replay attack, the man-in-the-middle (MiTM) attack, among others’’. The proposed BAKMM-IoD is comprehensively described in this sec- • The proposed BAKMM-IoD has been designed with the Canetti tion. The BAKMM-IoD is a multifaceted process that includes registra- and Krawczyk (CK) substantial adversary model as a consider- tion, authentication and key establishment, key management, dynamic ation [40]. Currently,  possesses comprehensive access to all device integration, and blockchain implementation. attributes related to the model DY. Furthermore, session states, In the proposed BAKMM-IoD, the drones are communicating enti- encompassing session keys and credentials linked to a particular ties, which collect various data through their inbuilt units, i.e., sensors. session, are obtained by . After this data collection they send their data to the connected ground The DY threat model and the CK adversary model focus on defending station servers in a secure way with the help of the proposed ‘‘au- against those adversaries who possess the ability to alter communica- thentication and key establishment phase’’. The ground station servers tion channels while the cryptographic primitives remain intact. In the create partial blocks from this received data and then send it to the DY model, the adversary can intercept, modify, and inject messages, connected cloud servers in a secure way with the help of the given 4 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Table 1 4.1.2. Registration of ground station server 𝐸 𝑆𝑗 Notations used in BAKMM-IoD. The registration of ground station server 𝐸 𝑆𝑗 is performed as fol- Notation Meaning lows. BAKMM-IoD Short name of the proposed mechanism  An adversary • RSES1: First 𝑅𝐴 chooses the secret key and secret number of 𝐷𝐸𝑖 , 𝐼 𝐷𝐷𝐸𝑖 , 𝑅𝐼 𝐷𝐷𝐸𝑖 𝑖th deployed drone, its identity 𝐸 𝑆𝑗 as 𝑘𝐸 𝑆𝑗 and 𝑆 𝑁𝐸 𝑆𝑗 . Then 𝑅𝐴 chooses its identity as 𝐼 𝐷𝐸 𝑆𝑗 . and pseudo-identity, respectively Further, it computes pseudo identity number of 𝐸 𝑆𝑗 as 𝑅𝐼 𝐷𝐸 𝑆𝑗 = 𝐸 𝑆𝑗 , 𝐼 𝐷𝐸 𝑆𝑗 , 𝑅𝐼 𝐷𝐸 𝑆𝑗 𝑗th ground station server, its identity ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐸 𝑆𝑗 ∥𝑘𝑅𝐴 ∥𝑘𝐸 𝑆𝑗 ∥𝑆 𝑁𝐸 𝑆𝑗 ) and temporal credentials and pseudo-identity, respectively 𝐶 𝑆𝑘 , 𝐼 𝐷𝐶 𝑆𝑘 , 𝑅𝐼 𝐷𝐶 𝑆𝑘 𝑘th cloud server, its identity parameter as 𝑇 𝐶𝐸 𝑆𝑗 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐸 𝑆𝑗 ∥𝑘𝑅𝐴 ∥𝑘𝐸 𝑆𝑗 ∥𝑆 𝑁𝐸 𝑆𝑗 and pseudo-identity, respectively ∥𝑅𝑇 𝑆𝐸 𝑆𝑗 ), where 𝑅𝑇 𝑆𝐸 𝑆𝑗 is the registration timestamp value of 𝑅𝐴, 𝑘𝑅𝐴 The registration authority 𝐸 𝑆𝑗 . 𝑅𝐴 also generates a provisional temporary identification (trusted entity), its secret key number for 𝐸 𝑆𝑗 as 𝑇 𝐼 𝑁𝐸 𝑆𝑗 , and a secret primary key for 𝐸 𝑆𝑗 and and its pseudo-identity, respectively cloud server 𝐶 𝑆𝑘 as 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 . Here, it is important to mention 𝑘𝐷𝐸𝑖 , 𝑘𝐸 𝑆𝑗 Private keys 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 𝑆 𝑁𝑅𝐴 , 𝑆 𝑁𝐷𝐸𝑖 and 𝑆 𝑁𝐸 𝑆𝑗 The secret numbers of that 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 are distinct for different ground station servers 𝑅𝐴, 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 , respectively and cloud server. Then 𝑅𝐴 stores the registration information of 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 primary secret key of both 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 registered 𝐷𝐸𝑖 and its own information in its database/memory. 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 primary secret key of both 𝐸 𝑆𝑗 and 𝐶 𝑆𝑘 • RSES2: Finally, 𝐸 𝑆𝑗 contains {{(𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑅𝐼 𝐷𝐷𝐸𝑖 ) |𝑖 = 1, 2, …, 𝑇𝑥 Different timestamp values used 𝑛𝐷𝐸 }, 𝑇 𝐼 𝑁𝐸 𝑆𝑗 , 𝑅𝐼 𝐷𝐸 𝑆𝑗 , 𝑇 𝐶𝐸 𝑆𝑗 , (𝑀 𝑆𝐷𝐸1 −𝐸 𝑆𝑗 , 𝑀 𝑆𝐷𝐸2 −𝐸 𝑆𝑗 …, 𝑟𝑠𝑥 Different random secret values used 𝑀 𝑆𝐷𝐸𝑛 −𝐸 𝑆𝑗 ), 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 , ℎ(⋅)} in the region of its secured 𝛥𝑇 The allowed delay value to 𝐷𝐸 mitigate replay attack database, where 𝑛𝐷𝐸 represents the entire quantity of drones ℎ(⋅) Cryptographic one-way hash deployed under ground station server 𝐸 𝑆𝑗 . function utilized 𝑆 𝐾𝑎𝑖 ,𝑏𝑗 The session key obtained and established The registration phase of ground station server 𝐸 𝑆𝑗 is given in Table 3. in between entities 𝑎𝑖 and 𝑏𝑗 ∥ A concatenation computation ⊕ A bitwise exclusive-OR (𝑋 𝑂𝑅) computation 4.1.3. Registration of 𝐶 𝑆𝑘 The subsequent process is employed to register cloud server 𝐶 𝑆𝑘 . ‘‘key management phase’’. The cloud servers are the part of peer-to- • RSCS1: First 𝑅𝐴 chooses the secret key and secret number of peer server network and does the task of blockchain implementation. 𝐶 𝑆𝑘 as 𝑘𝐶 𝑆𝑘 and 𝑆 𝑁𝐶 𝑆𝑘 . Then 𝑅𝐴 chooses its identity as 𝐼 𝐷𝐶 𝑆𝑘 . Some of the cloud servers are also the miner nodes of the network and Further, it calculates the pseudo identity of 𝐶 𝑆𝑘 as 𝑅𝐼 𝐷𝐶 𝑆𝑘 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐶 𝑆𝑘 ∥𝑘𝑅𝐴 ∥𝑘𝐶 𝑆𝑘 ∥𝑆 𝑁𝐶 𝑆𝑘 ) and temporal credentials perform the task of blockchain mining with the help of the consensus parameter as 𝑇 𝐶𝐶 𝑆𝑘 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐶 𝑆𝑘 ∥𝑘𝑅𝐴 ∥𝑘𝐶 𝑆𝑘 ∥𝑆 𝑁𝐶 𝑆𝑘 algorithm. ∥𝑅𝑇 𝑆𝐶 𝑆𝑘 ), where 𝑅𝑇 𝑆𝐶 𝑆𝑘 is the registration timestamp value of The details of the used notations are provided in Table 1 The 𝐶 𝑆𝑘 . following is a concise overview of the phases. • RSCS2: Finally, 𝐶 𝑆𝑘 contains {{(𝑇 𝐼 𝑁𝐸 𝑆𝑗 , 𝑅𝐼 𝐷𝐸 𝑆𝑗 ) |𝑗 = 1, 2, …, 𝑛𝐸 𝑆 }, 𝑅𝐼 𝐷𝐶 𝑆𝑘 , 𝑇 𝐶𝐶 𝑆𝑘 , (𝑀 𝑆𝐸 𝑆1 −𝐶 𝑆𝑘 , 𝑀 𝑆𝐸 𝑆2 −𝐶 𝑆𝑘 , …, 4.1. Registration phase 𝑀 𝑆𝐸 𝑆𝑛 −𝐶 𝑆𝑘 ), ℎ(⋅)} in its secured database, where 𝑛𝐸 𝑆 is the 𝐸𝑆 total number of ground station servers deployed under cloud In this phase, the registration authority (𝑅𝐴) is tasked with regis- server 𝐶 𝑆𝑘 . tering the entities, which comprise the drone (𝐷𝐸𝑖 ), the ground station server (𝐸 𝑆𝑗 ), and the cloud server (𝐶 𝑆𝑘 ). Comprehensive information The registration phase of cloud server 𝐶 𝑆𝑘 is provided in Table 4. is provided here. 4.2. Authentication phase 4.1.1. Registration of drone 𝐷𝐸𝑖 The drone 𝐷𝐸𝑖 ’s registration is performed as follows. This section provides a detailed description of the mutual authenti- cation and key establishment mechanism between a drone (𝐷𝐸𝑖 ) and • RSDI1: Initially, 𝑅𝐴 designates 𝑆 𝑁𝑅𝐴 as its confidential (secret) its associated ground station server (𝐸 𝑆𝑗 ). The following steps need to number and 𝑘𝑅𝐴 as its confidential key. The pseudo identity is be executed: subsequently computed as follows: 𝑅𝐼 𝐷𝑅𝐴 = ℎ(𝐼 𝐷𝑅𝐴 ∥𝑆 𝑁𝑅𝐴 • AKDDE1: The drone 𝐷𝐸𝑖 produces a new timestamp value repre- ∥𝑘𝑅𝐴 ). Subsequently, it designates 𝐼 𝐷𝐷𝐸𝑖 as the identifier for sented as 𝑇1 and a random secret value denoted as 𝑟𝑠1 . Further, it 𝐷𝐸𝑖 , 𝑘𝐷𝐸𝑖 as the confidential key, and 𝑆 𝑁𝐷𝐸𝑖 as the confidential estimates some values as 𝑀1 = ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) ⊕ number. The pseudo identity of 𝐷𝐸𝑖 is then calculated by 𝑅𝐴 as ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) and 𝑀2 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷𝐸𝑖 ∥𝑘𝑅𝐴 ∥𝑘𝐷𝐸𝑖 ∥𝑆 𝑁𝐷𝐸𝑖 ). It calculates 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇1 ). It then sends message 𝑀 𝑆 𝐺1 the temporal credentials parameter of 𝐷𝐸𝑖 using the formula = {𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑀1 , 𝑀2 , 𝑇1 } to 𝐸 𝑆𝑗 through open channel, which 𝑇 𝐶𝐷𝐸𝑖 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷𝐸𝑖 ∥𝑘𝑅𝐴 ∥𝑘𝐷𝐸𝑖 ∥𝑆 𝑁𝐷𝐸𝑖 ∥𝑅𝑇 𝑆𝐷𝐸𝑖 ), where is insecure in nature. 𝑅𝑇 𝑆𝐷𝐸𝑖 is the registration timestamp value of 𝐷𝐸𝑖 . It generates • AKDDE2: At the arrival of 𝑀 𝑆 𝐺1 , 𝐸 𝑆𝑗 checks condition |𝑇1 − 𝑇1∗ | 𝑇 𝐼 𝐷𝐷𝐸𝑖 as a provisional temporary identity for 𝐷𝐸𝑖 . The reg- ≤ 𝛥𝑇 , where the ‘‘maximum transmission delay’’ is given by istration data has subsequently been stored in the memory of 𝛥𝑇 and 𝑇1∗ is receiving time of 𝑀 𝑆 𝐺1 . Here, it is important 𝐷𝐸𝑖 . to say that 𝛥𝑇 also denotes the expected time interval for the • RSDI2: Finally, 𝐷𝐸𝑖 stores values {𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑅𝐼 𝐷𝐷𝐸𝑖 , 𝑇 𝐶𝐷𝐸𝑖 , transmission delay/preset acceptable delay threshold value. If 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 , ℎ(.)}. Here, it is important to mention that the condition holds, 𝐸 𝑆𝑗 then fetches the values of 𝑅𝐼 𝐷𝐷𝐸𝑖 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 is the primary secret key of both 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 , this and 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 from its memory which is corresponding to key distinct for different drones. As we have different deployed the received 𝑇 𝐼 𝐷𝐷𝐸𝑖 . After that 𝐸 𝑆𝑗 computes ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝐷𝐸𝑖 , where 𝑖 = 1, 2, …, 𝑛𝐷𝐸 , and 𝑛𝐷𝐸 is the number of deployed 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) = 𝑀1 ⊕ ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ). After 𝐸 𝑆𝑗 drones. computes 𝑀2′ = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ The above drone registration phase is also given in Table 2. 𝑇1 ). Then it checks if 𝑀2′ = 𝑀2 ? If it matches then 𝐷𝐸𝑖 is 5 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Table 2 Registration phase of drone 𝐷𝐸𝑖 . 𝑅𝐴 𝐷 𝐸𝑖 Generate 𝑆 𝑁𝑅𝐴 &𝑘𝑅𝐴 . Compute 𝑅𝐼 𝐷𝑅𝐴 = ℎ(𝐼 𝐷𝑅𝐴 ∥𝑆 𝑁𝑅𝐴 ∥𝑘𝑅𝐴 ). Generate 𝐼 𝐷𝐷𝐸𝑖 for 𝐷𝐸𝑖 , Generate 𝑘𝐷𝐸𝑖 &𝑆 𝑁𝐷𝐸𝑖 for 𝐷𝐸𝑖 Compute 𝑅𝐼 𝐷𝐷𝐸𝑖 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷𝐸𝑖 ∥𝑘𝑅𝐴 ∥𝑘𝐷𝐸𝑖 ∥𝑆 𝑁𝐷𝐸𝑖 ), 𝑇 𝐶𝐷𝐸𝑖 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷𝐸𝑖 ∥𝑘𝑅𝐴 ∥𝑘𝐷𝐸𝑖 ∥𝑆 𝑁𝐷𝐸𝑖 ∥𝑅𝑇 𝑆𝐷𝐸𝑖 ). Generate 𝑇 𝐼 𝐷𝐷𝐸𝑖 Store {𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑅𝐼 𝐷𝐷𝐸𝑖 , 𝑇 𝐶𝐷𝐸𝑖 , 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 , ℎ(.)}. Table 3 Registration phase of ground station server 𝐸 𝑆𝑗 . 𝑅𝐴 𝐸 𝑆𝑗 Generate 𝑘𝐸 𝑆𝑗 , 𝑆 𝑁𝐸 𝑆𝑗 &𝐼 𝐷𝐸 𝑆𝑗 for 𝐸 𝑆𝑗 . Compute 𝑅𝐼 𝐷𝐸 𝑆𝑗 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐸 𝑆𝑗 ∥𝑘𝑅𝐴 ∥𝑘𝐸 𝑆𝑗 ∥𝑆 𝑁𝐸 𝑆𝑗 ), 𝑇 𝐶𝐸 𝑆𝑗 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐸 𝑆𝑗 ∥𝑘𝑅𝐴 ∥𝑘𝐸 𝑆𝑗 ∥𝑆 𝑁𝐸 𝑆𝑗 ∥𝑅𝑇 𝑆𝐸 𝑆𝑗 ). Generate 𝑇 𝐼 𝑁𝐸 𝑆𝑗 &𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 . Store {{(𝑇 𝐼 𝐷𝐷𝐸 𝑖 , 𝑅𝐼 𝐷𝐷𝐸 𝑖 )|𝑖 = 1, 2, … , 𝑛𝐷𝐸 }, 𝑇 𝐼 𝑁 𝐸 𝑆 𝑗 , 𝑅𝐼 𝐷𝐸 𝑆 𝑗 , 𝑇 𝐶 𝐸 𝑆 𝑗 , (𝑀 𝑆 𝐷𝐸 1 −𝐸 𝑆 𝑗 , 𝑀 𝑆 𝐷𝐸 2 −𝐸 𝑆 𝑗 ⋯ , 𝑀 𝑆 𝐷𝐸 𝑛 −𝐸 𝑆 𝑗 ), 𝑀 𝑆 𝐸 𝑆 𝑗 −𝐶 𝑆 𝑘 , ℎ(⋅)} 𝐷𝐸 Table 4 Registration phase of cloud server 𝐶 𝑆𝑘 . 𝑅𝐴 𝐶 𝑆𝑘 Generate 𝑘𝐶 𝑆𝑘 , 𝑆 𝑁𝐶 𝑆𝑘 &𝐼 𝐷𝐶 𝑆𝑘 for 𝐶 𝑆𝑘 . Compute 𝑅𝐼 𝐷𝐶 𝑆𝑘 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐶 𝑆𝑘 ∥𝑘𝑅𝐴 ∥𝑘𝐶 𝑆𝑘 ∥𝑆 𝑁𝐶 𝑆𝑘 ), 𝑇 𝐶𝐶 𝑆𝑘 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐶 𝑆𝑘 ∥𝑘𝑅𝐴 ∥𝑘𝐶 𝑆𝑘 ∥𝑆 𝑁𝐶 𝑆𝑘 ∥𝑅𝑇 𝑆𝐶 𝑆𝑘 ). Store {{(𝑇 𝐼 𝑁𝐸 𝑆𝑗 , 𝑅𝐼 𝐷𝐸 𝑆𝑗 )|𝑗 = 1, 2, … , 𝑛𝐸 𝑆 }, 𝑅𝐼 𝐷𝐶 𝑆𝑘 , 𝑇 𝐶𝐶 𝑆𝑘 , (𝑀 𝑆𝐸 𝑆1 −𝐶 𝑆𝑘 , 𝑀 𝑆𝐸 𝑆2 −𝐶 𝑆𝑘 , … , 𝑀 𝑆𝐸 𝑆𝑛 −𝐶 𝑆𝑘 ), ℎ(⋅)} 𝐸𝑆 authenticated with 𝐸 𝑆𝑗 . Further, 𝐸 𝑆𝑗 produces a new timestamp Table 5 offers a succinct overview of the authentication and key value represented as 𝑇2 and a random secret value denoted as establishment mechanism. The above employed method provides the 𝑟𝑠2 . It then computes 𝑀3 = ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) ⊕ protection of the communication channel between drones and ground ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) and a session key stations from external influences and interception of information. This 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ is because the initially the channel between 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 is insecure. 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 )∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ). However, after the mutual authentication between 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 , both After that it computes 𝑀4 = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ). 𝑛𝑒𝑤 and the entities 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 are able to establish a common session key It generates a new temporary identity for 𝐸 𝑆𝑗 as 𝑇 𝐼 𝐷𝐷 𝑛𝑒𝑤 𝐸𝑖 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 (= 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ) which can now be used for encrypting the computes 𝑀5 = 𝑇 𝐼 𝐷𝐷𝐸 ⊕ ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑖 data exchanged between them. In that way, no adversaries will be able 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇2 ). 𝐸 𝑆𝑗 then sends message 𝑀 𝑆 𝐺2 = {𝑀3 , 𝑀4 , 𝑀5 , to tamper with the data because the data is already being encrypted 𝑇2 } to 𝐷𝐸𝑖 through open channel. with the established session key which is unknown to the adversary. For • AKDDE3: At the arrival of 𝑀 𝑆 𝐺2 , 𝐷𝐸𝑖 checks condition |𝑇2 − 𝑇2∗ | protecting a communication channel from unauthorized access, we use ≤ 𝛥𝑇 , where 𝑇2∗ is receiving time of 𝑀 𝑆 𝐺2 . If it matches the ‘‘Advanced Encryption Standard (AES-256) symmetric encryption’’ then 𝐷𝐸𝑖 compute ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) for reducing the computational time required for a drone. = 𝑀3 ⊕ ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥𝑇2 ). After that 𝐷𝐸𝑖 calculates the session key as 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 4.3. Key management phase 𝑇1 )∥ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ) and 𝑀4′ = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ). It This procedure is conducted to manage the keys shared by 𝐸 𝑆𝑗 and then checks condition 𝑀4′ = 𝑀4 ? If it matches, 𝐸 𝑆𝑗 is authen- 𝐶 𝑆𝑘 . Upon the successful conclusion of this process, 𝐸 𝑆𝑗 and 𝐶 𝑆𝑘 will ticated with 𝐷𝐸𝑖 and computed session key by 𝐷𝐸𝑖 is correct. securely transmit their data using the specifically generated session key 𝐷𝐸𝑖 then computes its new temporary identity as 𝑇 𝐼 𝐷𝐷 𝑛𝑒𝑤 = 𝐸𝑖 𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 . 𝑀5 ⊕ ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇2 ). Further, it computes a session key verifier by generating another fresh • AKDEC1: 𝐸 𝑆𝑗 starts communication and produces a new times- timestamp value 𝑇3 , which is 𝑀6 = ℎ(𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 ∥ 𝑇3 ). Here it is tamp value represented as 𝑇 𝑆1 and a random secret value denoted important to mention that 𝑀6 is a session key verifier, with the as 𝑅𝑆1 . Then, it computes 𝑚1 = ℎ(𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑅𝑆1 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ help of 𝑀6 , 𝐸 𝑆𝑗 can check whether 𝐷𝐸𝑖 has computed the correct 𝑇 𝑆1 )⊕ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ) and 𝑚2 = ℎ(ℎ(𝑅𝑆1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ session key or not. After that 𝐷𝐸𝑖 sends message 𝑀 𝑆 𝐺3 = {𝑀6 , 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ). After these 𝑇3 } to 𝐸 𝑆𝑗 through open channel. many computations 𝐸 𝑆𝑗 sends message 𝑚𝑠𝑔1 = {𝑇 𝐼 𝑁𝐸 𝑆𝑗 , 𝑚1 , 𝑚2 , • AKDDE4: At the arrival of 𝑀 𝑆 𝐺3 , 𝐸 𝑆𝑗 checks condition |𝑇3 − 𝑇3∗ | 𝑇 𝑆1 } to 𝐶 𝑆𝑘 through the open channel. ≤ 𝛥𝑇 , where 𝑇3∗ is receiving time of 𝑀 𝑆 𝐺3 . If it holds 𝐸 𝑆𝑗 • AKDEC2: At the arrival of 𝑚𝑠𝑔1 , 𝐶 𝑆𝑘 checks condition computes 𝑀6′ = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇3 ) and checks a condition 𝑀6′ |𝑇 𝑆1 − 𝑇 𝑆1∗ | ≤ 𝛥𝑇 , where 𝑇 𝑆1∗ is receiving time of 𝑚𝑠𝑔1 . If it = 𝑀6 ? In the event of a match, 𝐸 𝑆𝑗 presumes that the session satisfies, then 𝐶 𝑆𝑘 fetches 𝑅𝐼 𝐷𝐸 𝑆𝑗 , and 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 correspond- key generated by 𝐷𝐸𝑖 is correct. In the following phase, both ing to received 𝑇 𝐼 𝑁𝐸 𝑆𝑗 . Then, 𝐶 𝑆𝑘 computes ℎ(𝑅𝑆1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 establish the session key 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 (= 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ) 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ) = 𝑚1 ⊕ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥𝑇 𝑆1 ) and 𝑚′2 to facilitate the secure transmission of their data. = ℎ(ℎ(𝑟𝑠1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 6 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Table 5 Authentication and key establishment between 𝐷𝐸𝑖 and 𝐸 𝑆𝑗 . 𝐷 𝐸𝑖 𝐸 𝑆𝑗 Generate 𝑟𝑠1 &𝑇1 . Compute 𝑀1 = ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) ⊕ ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) 𝑀2 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇1 ). 𝑀 𝑆 𝐺1 = {𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑀1 , 𝑀2 , 𝑇1 } ⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖ (via open channel) ⃗ Check if |𝑇1 − 𝑇1∗ | ≤ 𝛥𝑇 ? If so Fetch 𝑅𝐼 𝐷𝐷𝐸𝑖 &𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 Compute ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ) = 𝑀1 ⊕ ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 ). 𝑀2′ = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇1 ). Check if 𝑀2′ = 𝑀2 ? If so, generate 𝑇2 &𝑟𝑠2 Compute 𝑀3 = ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) ⊕ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 )∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ). 𝑀4 = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ). 𝑛𝑒𝑤 Generate 𝑇 𝐼 𝐷𝐷 𝐸𝑖 Compute 𝑛𝑒𝑤 𝑀5 = 𝑇 𝐼 𝐷𝐷 𝐸𝑖 ⊕ ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇2 ). 𝑀 𝑆 𝐺2 = {𝑀3 , 𝑀4 , 𝑀5 , 𝑇2 } ⃖(via ⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖ open channel) Check |𝑇2 − 𝑇2∗ | ≤ 𝛥𝑇 ? If so,compute ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ) = 𝑀3 ⊕ ℎ(𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 ), 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ), 𝑀4′ = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇1 ∥ 𝑇2 ∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ). Check if 𝑀4′ = 𝑀4 ? If so, compute 𝑛𝑒𝑤 𝑇 𝐼 𝐷𝐷 𝐸𝑖 = 𝑀5 ⊕ ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑇2 ). Generate 𝑇3 & compute 𝑀6 = ℎ(𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 ∥ 𝑇3 ). 𝑀 𝑆 𝐺3 = {𝑀6 , 𝑇3 } ⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖⃖ (via open channel) ⃗ Check |𝑇3 − 𝑇3∗ | ≤ 𝛥𝑇 ? If so, compute 𝑀6′ = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 ∥ 𝑇3 ) Check 𝑀6′ = 𝑀6 ? If so, Store session key 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 store session key 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 𝑇 𝑆1 ). Next, it checks 𝑚′2 = 𝑚2 ? In case, if it holds, 𝐶 𝑆𝑘 produces 𝑇 𝑆2 ) and updates 𝑇 𝐼 𝑁𝐸𝑛𝑒𝑤 𝑆𝑗 with odd 𝑇 𝐼 𝑁𝐸 𝑆𝑗 in its database for a new timestamp value represented as 𝑇 𝑆2 and a random secret future use. Then, it generates another fresh timestamp value as value denoted as 𝑅𝑆2 . After that, it computes 𝑚3 = ℎ(𝑅𝑆2 ∥ 𝑇 𝑆3 and computes 𝑚6 = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 ∥ 𝑇 𝑆3 ) and sends message 𝑇 𝐶𝐶 𝑆𝑘 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐸 𝑆𝑗 ∥ 𝑇 𝑆2 ) ⊕ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ∥𝑇 𝑆2 ) 𝑚𝑠𝑔3 = {𝑚6 , 𝑇 𝑆3 } to 𝐶 𝑆𝑘 via open channel. and a session key as 𝑆 𝐾𝐶 𝑆𝑘 ,𝐸 𝑆𝑗 = ℎ(ℎ(𝑅𝑆2 ∥ 𝑇 𝐶𝐶 𝑆𝑘 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ • AKDEC4: At the arrival of 𝑚𝑠𝑔3 , 𝐶 𝑆𝑘 checks condition 𝑇 𝑆2 )∥ ℎ(𝑅𝑆1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ |𝑇 𝑆3 − 𝑇 𝑆3∗ | ≤ 𝛥𝑇 , where 𝑇 𝑆3∗ is receiving time of 𝑚𝑠𝑔3 , if it 𝑇 𝑆1 ∥ 𝑇 𝑆2 ). Again, it computes 𝑚4 = ℎ(𝑆 𝐾𝐶 𝑆𝑘 ,𝐸 𝑆𝑗 ∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ holds then 𝐶 𝑆𝑘 computes 𝑚′6 = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 ∥ 𝑇 𝑆3 ) and checks 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆2 ) and generates a new temporary identifica- 𝑚′6 = 𝑚6 ? If it matches 𝐶 𝑆𝑘 assumes that 𝐸 𝑆𝑗 has computed the tion number for 𝐸 𝑆𝑗 as 𝑇 𝐼 𝑁𝐸𝑛𝑒𝑤 𝑆𝑘 . After that 𝐶 𝑆𝑘 computes 𝑚5 correct session key. After that, both 𝐸 𝑆𝑗 and 𝐶 𝑆𝑘 establish session = 𝑇 𝐼 𝑁𝐸𝑛𝑒𝑤𝑆𝑗 ⊕ ℎ(𝑅𝐼 𝐷 𝐸 𝑆𝑗 ∥ ℎ(𝑅𝑆1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ key 𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 (= 𝑆 𝐾𝐶 𝑆𝑘 ,𝐸 𝑆𝑗 ) for their secure data transmission. 𝑇 𝑆2 ). After these many computations, 𝐶 𝑆𝑘 sends message 𝑚𝑠𝑔2 = {𝑚3 , 𝑚4 , 𝑚5 , 𝑇 𝑆2 } to 𝐸 𝑆𝑗 through the open channel. 4.4. Dynamic device addition phase • AKDEC3: At the arrival of 𝑚𝑠𝑔2 , 𝐸 𝑆𝑗 checks condition |𝑇 𝑆2 − 𝑇 𝑆2∗ | ≤ 𝛥𝑇 , where 𝑇 𝑆2∗ is receiving time of 𝑚𝑠𝑔2 , if In this phase, we provide the facility of addition of a new drone to it holds then 𝐸 𝑆𝑗 compute ℎ(𝑅𝑆2 ∥ 𝑇 𝐶𝐶 𝑆𝑘 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆2 ) the network. If we do not provide this phase, a new device (i.e., drone) = 𝑚3 ⊕ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ∥𝑇 𝑆2 ) and the session cannot be added to the network. However, this procedure is essentially key 𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 = ℎ(ℎ(𝑅𝑆2 ∥ 𝑇 𝐶𝐶 𝑆𝑘 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆2 )∥ ℎ(𝑅𝑆1 ∥ needed especially when we do the expansion of the network or the 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ∥ 𝑇 𝑆2 ). It requirements of the users increase even in the case of physical drones again computes 𝑚′4 = ℎ(𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 ∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆2 ). capture attack by an adversary. It can be done using the following steps. Then, it checks if 𝑚′4 = 𝑚4 ? If it matches, the computed session key by 𝐸 𝑆𝑗 is considered to be correct. Further, 𝐸 𝑆𝑗 computes • DDA1: 𝑅𝐴 chooses identity for 𝐷𝐸𝑖𝜈 as 𝐼 𝐷𝐷𝜈 , its secret key 𝐸𝑖 𝑇 𝐼 𝑁𝐶𝑛𝑒𝑤 𝑆 = 𝑚5 ⊕ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ ℎ(𝑅𝑆2 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ as 𝑘𝜈𝐷𝐸 and its secret number as 𝑆 𝑁𝐷 𝜈 . 𝑅𝐴 further 𝐸 computes 𝑘 𝑖 𝑖 7 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 the pseudo identity of 𝐷𝐸𝑖𝜈 as 𝑅𝐼 𝐷𝐷 𝜈 𝐸𝑖 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷 𝜈 𝐸𝑖 For the better understanding of the readers, the proposed BAKMM- ∥𝑘𝑅𝐴 ∥𝑘𝜈𝐷𝐸 ∥𝑆 𝑁𝐷 𝜈 ). It again computes the 𝐸𝑖 temporal credentials IoD is also explained through a process flow diagram, which is depicted 𝑖 𝜈 𝜈 𝜈 value of 𝐷𝐸𝑖 as 𝑇 𝐶𝐷𝐸 = ℎ(𝑅𝐼 𝐷𝑅𝐴 ∥𝐼 𝐷𝐷𝐸 ∥𝑘𝑅𝐴 ∥𝑘𝐷𝐸 ∥𝑆 𝑁𝐷𝐸 𝜈 𝜈 in Fig. 2. It provides the details of various activities and processes ∥𝑅𝑇 𝑆𝐷 𝜈 ), where 𝑅𝑇 𝑆𝑖 𝜈 𝑖 𝑖 is the registration timestamp value of 𝑖 𝐸𝑖 𝐷𝐸𝑖 of the proposed scheme. The activities like registration of drone, reg- 𝜈 𝐷𝐸𝑖 . It again generates a temporary identity for 𝐷𝐸𝑖 as 𝑇 𝐼 𝐷𝐷𝐸 . 𝜈 istration of ground station server, and registration of cloud server 𝑖 Then, the registration information has been stored in the memory are highlighted. After that, there is the execution of authentication of 𝐷𝐸𝑖𝜈 . and key establishment between the drone and ground station server. • DDA2: Finally, 𝐷𝐸𝑖𝜈 stores values {𝑇 𝐼 𝐷𝐷 𝜈 , 𝑅𝐼 𝐷𝜈 , 𝑇 𝐶 𝜈 , 𝐸𝑖 𝐷𝐸𝑖 𝐷𝐸𝑖 Further, there is the execution of key management between the ground 𝑀 𝑆𝐷 𝜈 , ℎ(.)}. Here, it is important to mention that station server and cloud server. After that, there is the execution of the 𝐸𝑖 −𝐸 𝑆𝑗 𝑀 𝑆𝐷 𝜈 is the primary secret key of both 𝐷𝐸𝑖𝜈 and 𝐸 𝑆𝑗 , this blockchain formation phase. 𝐸𝑖 −𝐸 𝑆𝑗 key distinct for different drones. 𝑅𝐴 also shares the registration information of 𝐷𝐸𝑖𝜈 with the deployed 𝐸 𝑆𝑗 s in a secure way. Remark 1. Here, we provide the importance of using the blockchain technology instead of using a strong public-key encryption algorithm, like RSA-2048 or others, for storing the encrypted data in a semi-trusted 4.5. Blockchain implementation phase cloud environment. In fact, Mitra et al. [38] interestingly investigated the ‘‘impact on blockchain-based artificial intelligence (AI)/machine During this step, we present the specifics of the blockchain. It is a learning (ML)-enabled big data analytics for cognitive IoT environ- significant phase of the proposed mechanism. Note that ‘‘Elliptic Curve ment’’. They argued that data poisoning attacks are a serious concern Cryptography (ECC)’’ encryption is used to encrypt a transaction in a when the data is simply stored in semi-trusted cloud storage in place block with the help of the public key 𝐾 𝑈𝐸 𝑆𝑗 of the respective ground of the blockchain, because they can significantly impact businesses station server (𝐸 𝑆𝑗 ) so that only 𝐸 𝑆𝑗 can decrypt the data using its and organizations, both financially and in terms of their reputation, own private key. In this case, since block verification involves the veri- particularly when the big data analytics rely on corrupted data. Their fication of signature present in a block using the ‘‘Elliptic Curve Digital comprehensive experimental results illustrate the impact of data poi- Signature Algorithm (ECDSA)’’ for signature verification, we have ap- soning attacks on an ML model when data is stored in cloud storage plied the public-key based ECC encryption for protection of transactions (i.e., outside of blockchain) versus in a blockchain (i.e., without data (containing the crucial data in case of sensitive applications such as poisoning). The findings reveal substantial performance improvements healthcare and military). in accuracy, recall, precision, and F1-score when the data remain free The particulars are delineated using the following steps: from poisoning attacks. This is true because the data residing into the • BIP1: As discussed earlier, the ground station server 𝐸 𝑆𝑗 receives blockchain cannot be tampered when the transactions are added into information 𝐼 𝑛𝑓𝐷𝐸𝑖 from a connected drone 𝐷𝐸𝑖 through the the blockchain through the consensus mechanism. Hence, though the established session key 𝑆 𝐾𝐷𝐸𝑖 ,𝐸 𝑆𝑗 in a secure way. Then 𝐸 𝑆𝑗 blockchain implementation becomes little more costly as compared to creates a partial block 𝑃 𝐵 𝐾𝐸 𝑆𝑗 from the received information simply putting encrypted data in semi-trusted cloud storage, we cer- 𝐼 𝑛𝑓𝐷𝐸𝑖 . First, 𝐸 𝑆𝑗 creates its public and private key pairs as tainly have various advantages not only for strengthening the security {𝐾 𝑈𝐸 𝑆𝑗 , 𝐾 𝑆𝐸 𝑆𝑗 } through some public key cryptographic sys- of the system, but also for improving substantial performance in terms tems, i.e., Elliptic Curve Cryptography (ECC) algorithm. It then of accuracy, recall, precision, and F1-score in big data analytics. divides 𝐼 𝑛𝑓𝐷𝐸𝑖 into some transactions say 𝑡𝑟𝑥 = {𝑡𝑟1 , 𝑡𝑟2 , …, 𝑡𝑟𝑥 }. Further, 𝐸 𝑆𝑗 encrypts 𝑡𝑟𝑥 with its public key 𝐾 𝑈𝐸 𝑆𝑗 to convert Remark 2. The identity is the original identity information of an entity them into encrypted transactions, say 𝑇 𝑅𝑥 = 𝐸𝐾 𝑈𝐸 𝑆 (𝑡𝑟𝑥 ). The (i.e., drone, ground station server and cloud server), whereas to make 𝑗 partial block contains fields as follows 𝑃 𝐵 𝐾𝐸 𝑆𝑗 = {𝑂𝑊 𝐼𝐸 𝑆𝑗 , the communication anonymous we have used pseudo identity, due to 𝐾 𝑈𝐸 𝑆𝑗 , 𝑇 𝑅𝑥 , 𝑀 𝑇𝑟𝑜𝑜𝑡𝐸 𝑆 }, where 𝑂𝑊 𝐼𝐸 𝑆𝑗 is owner 𝐸 𝑆𝑗 ’s identity this mechanism the original identity of an entity is not revealed to the 𝑗 information and 𝑀 𝑇𝑟𝑜𝑜𝑡𝐸 𝑆 is the Merkle tree root value, which other entities of the network. The temporary identity is used to make 𝑗 is generated from all transactions. 𝐸 𝑆𝑗 then sends partial block the communication anonymous as well as untraceable. The temporary 𝑃 𝐵 𝐾𝐸 𝑆𝑗 to connected cloud server 𝐶 𝑆𝑙 with the help of the identity information is changed in each session, because in each session established session key 𝑆 𝐾𝐸 𝑆𝑗 ,𝐶 𝑆𝑘 in a secure way. we have the provision of use of a new temporary identity. It helps us to achieve the untraceability property for the exchanged data in every • BIP2: After receiving 𝑃 𝐵 𝐾𝐸 𝑆𝑗 , 𝐶 𝑆𝑙 makes full block 𝐹 𝐵 𝐾𝐶 𝑆𝑙 session of the communications. from it. 𝐹 𝐵 𝐾𝐶 𝑆𝑙 contains fields as 𝐹 𝐵 𝐾𝐶 𝑆𝑙 = {𝐵 𝐼 𝐷𝐹 𝐵 𝐾𝐶 𝑆 , 𝑙 𝑅𝑁𝐹 𝐵 𝐾𝐶 𝑆 , 𝑇 𝑆 𝑉𝐹 𝐵 𝐾𝐶 𝑆 , 𝐻 𝑎𝑠ℎ𝐹 𝐵𝐾𝐶 𝑆 , 𝐻 𝑎𝑠ℎ𝐹 𝐵𝐾𝐶 𝑆 , 𝑂𝑊 𝐼𝐸 𝑆𝑗 , 𝑙 𝑙 𝑙 𝑙−1 𝐾 𝑈𝐸 𝑆𝑗 , 𝑇 𝑅𝑥 , 𝑀 𝑇𝑟𝑜𝑜𝑡𝐸 𝑆 , 𝑆 𝑖𝑔 𝑛𝐹 𝐵𝐾𝐶 𝑆 }, where 𝐵 𝐼 𝐷𝐹 𝐵 𝐾𝐶 𝑆 , 5. Security analysis of BAKMM-IoD 𝑗 𝑙 𝑙 𝑅𝑁𝐹 𝐵 𝐾𝐶 𝑆 , 𝑇 𝑆 𝑉𝐹 𝐵 𝐾𝐶 𝑆 , 𝐻 𝑎𝑠ℎ𝐹 𝐵𝐾𝐶 𝑆 , 𝐻 𝑎𝑠ℎ𝐹 𝐵 𝐾𝐶 𝑆 , and 𝑙 𝑙 𝑙 𝑙−1 In this section, a security analysis of the proposed scheme (BAKMM- 𝑆 𝑖𝑔 𝑛𝐹 𝐵 𝐾𝐶 𝑆 are the block’s (𝐹 𝐵 𝐾𝐶 𝑆𝑙 ) identity information, a 𝑙 IoD) is provided. The BAKMM-IoD has been subjected to an infor- random nonce value, the timestamp, the hash of the current mal security analysis utilizing mathematical concepts, assumptions and block, the hash of the preceding block, and the block’s signature proofs. The BAKMM-IoD has been shown to be secure to ‘‘replay at- 𝐹 𝐵 𝐾𝐶 𝑆𝑙 . tacks, man-in-the-middle (MiTM) attacks, impersonation attacks, priv- • BIP3: Upon the completion of this process, 𝐶 𝑆𝑙 will disseminate ileged insider attacks, stolen verifier attacks, physical drone capture 𝐹 𝐵 𝐾𝐶 𝑆𝑙 via its peer-to-peer cloud server network. At this junc- attacks, ephemeral secret leakage (ESL) attacks, secret data leakage ture, the appointed leader, referred to as 𝐶 𝑆𝑙′′ , will initiate a attacks, and other similar attacks’’. These findings were obtained after consensus over the just received block. To achieve this purpose, performing formal security analysis. the server (𝐶 𝑆𝑙′′ ) may employ the procedures of the standard ‘‘practical Byzantine Fault Tolerance (pBFT) method [21]’’. The Proposition 1. The SBBDA-IoD protocol makes it impossible to execute a block 𝐹 𝐵 𝐾𝐶 𝑆𝑙 is incorporated into the blockchain 𝐵 𝐶 𝐻𝐼 𝑜𝐷𝑖 at replay attack. the successful completion of the consensus process. The formed blockchain 𝐵 𝐶 𝐻𝐼 𝑜𝐷𝑖 can be considered like a ‘‘consortium blockchain’’. As it contains some private data, however, at the Proof. Different freshly generated timestamp values are used and then same time some of the data should be available publicly as per verified at the other recipient’s end. The aforementioned timestamp the raised requirements. values encompass values like 𝑇1 , 𝑇2 , 𝑇3 , 𝑇 𝑆1 , 𝑇 𝑆2 and 𝑇 𝑆3 . Successful 8 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 2. Process flow diagram of the proposed BAKMM-IoD. completion of the timestamp verification process may result in accep- is not permitted to access the database [42]. As a consequence of this, tance of the message by the recipient. Otherwise, it will be returned as BAKMM-IoD has afforded protection against privileged insider attacks undeliverable. By employing condition checking, i.e., |𝑇𝑥 − 𝑇𝑥∗ | ≤ 𝛥𝑇 , and other threats of a similar nature. These risks include attempts to and |𝑇 𝑆𝑥 − 𝑇 𝑆𝑥∗ | ≤ 𝛥𝑇 , where 𝑥 = 1, 2, 3, the BAKMM-IoD ensures impersonation attempts, and illegal session key computations. There- the prevention of replay attacks. Consequently, the BAKMM-IoD is fore, due to its capabilities, the proposal BAKMM-IoD has the potential safeguarded against any replay attacks. □ to reduce the impact of attacks carried out by privileged insiders. □ Proposition 4. The BAKMM-IoD is effectively safeguarded against the Proposition 2. The primary objective of the BAKMM-IoD is to prevent stolen verifier attack. man-in-the-middle and impersonation attacks. Proof. A segment of the cloud server’s database, safeguarded from unauthorized access, contains information related to parameters col- Proof. The computation of exchanged messages involves the utilization lected by various entities, including drones and ground station servers. of several proprietary factors, including 𝑘𝐸 𝑆𝑗 , 𝑆 𝑁𝐸 𝑆𝑗 , 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 , These traits are said to signify the secret information maintained on 𝑘𝐶 𝑆𝑘 , 𝑆 𝑁𝐶 𝑆𝑘 , 𝑘𝑅𝐴 , 𝑅𝑇 𝑆𝐶 𝑆𝑘 , 𝑅𝑇 𝑆𝐸 𝑆𝑗 , 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 , 𝑘𝐷𝐸𝑖 , and 𝑆 𝑁𝐷𝐸𝑖 . To ground station servers and devices. To ensure that fact, numerous layers the attacker , these discrete values are unknown. Under the present of protection have been established. Access to the confidential values of circumstances, it is not feasible for  to make any changes in the the entities is unattainable for  due to imposed restrictions [43]. Al- transmitted messages. Another important consideration is that  is though this mechanism remains functional, executing an attack on the unable to produce completely fresh messages in the correct way. Hence, BAKMM-IoD via the stolen verifier method or other related techniques the BAKMM-IoD offers protection against attacks, like, impersonation seem unfeasible. Consequently, the BAKMM-IoD is safeguarded against tries and man-in-the-middle attempts. □ the stolen verifier attack. □ Proposition 3. The BAKMM-IoD demonstrates robustness in the face of Proposition 5. The BAKMM-IoD possesses the capacity to prevent the privileged insider attacks. stolen drone attack. Proof. The secret values of the entities from the 𝑅𝐴’s database, namely Proof. The suggested implementation of the BAKMM-IoD safeguards 𝑘𝐸 𝑆𝑗 , 𝑆 𝑁𝐸 𝑆𝑗 , 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 , 𝑘𝐶 𝑆𝑘 , 𝑆 𝑁𝐶 𝑆𝑘 , 𝑅𝑇 𝑆𝐶 𝑆𝑘 , 𝑅𝑇 𝑆𝐸 𝑆𝑗 , 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 , sensitive information by ensuring that it is not stored in an unencrypted 𝑘𝐷𝐸𝑖 , and 𝑆 𝑁𝐷𝐸𝑖 have been removed. It may be deduced from this that state within the drones’ memory. Moreover,  should successfully the authorized user who possesses insider privileges (i.e., ) and who apprehend a drone and subsequently execute an advanced power anal- intends to cause harm to the entities (i.e., through a variety of attacks) ysis attack to get critical data from the drone’s memory, it would 9 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 3. SPDL snippet for the implemented role of DE in BAKMM-IoD. constitute one of the most perilous scenarios possible [41]. Assuming persistent information, such as secret keys and identities. In BAKMM- these conditions were satisfied,  would possess solely the session key IoD, the session keys are computed as 𝑆 𝐾𝐸 𝑆𝑗 ,𝐷𝐸𝑖 = ℎ(ℎ(𝑇 𝐶𝐷𝐸𝑖 ∥ 𝑟𝑠1 ∥ and registration data of this particular drone, lacking access to any 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇1 )∥ ℎ(𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑟𝑠2 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ∥ 𝑇2 )∥ 𝑇1 ∥ 𝑇2 ∥ other secret information related to the other drones. Each session key 𝑅𝐼 𝐷𝐷𝐸𝑖 ∥ 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 ) and 𝑆 𝐾𝐶 𝑆𝑘 ,𝐸 𝑆𝑗 = ℎ(ℎ(𝑅𝑆2 ∥ 𝑇 𝐶𝐶 𝑆𝑘 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ within the BAKMM-IoD is unique and exclusive. Every computation is 𝑇 𝑆2 )∥ ℎ(𝑅𝑆1 ∥ 𝑇 𝐶𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 )∥ 𝑅𝐼 𝐷𝐸 𝑆𝑗 ∥ 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 ∥ 𝑇 𝑆1 ∥ executed using a distinct set of parameters. The deduced session key 𝑇 𝑆2 ). These session keys are computed through the long-term secret cannot be utilized to ascertain the session key for additional drones, as parameters consist of the secret keys (i.e., 𝑅𝐼 𝐷𝐷𝐸𝑖 , 𝑅𝐼 𝐷𝐸 𝑆𝑗 , and such an action is infeasible. This clearly indicates that unauthorized 𝑅𝐼 𝐷𝐶 𝑆𝑘 , 𝑘𝐸 𝑆𝑗 , 𝑆 𝑁𝐸 𝑆𝑗 , 𝑀 𝑆𝐸 𝑆𝑗 −𝐶 𝑆𝑘 , 𝑘𝐶 𝑆𝑘 , 𝑆 𝑁𝐶 𝑆𝑘 , 𝑅𝑇 𝑆𝐶 𝑆𝑘 , 𝑅𝑇 𝑆𝐸 𝑆𝑗 , access to the remaining portions of the communication is severely 𝑀 𝑆𝐷𝐸𝑖 −𝐸 𝑆𝑗 , 𝑘𝐷𝐸𝑖 , and 𝑆 𝑁𝐷𝐸𝑖 ), and the short-term secret parameter forbidden. As a result, the BAKMM-IoD is protected against the stolen take the form of random secrets (i.e., 𝑟𝑠1 , 𝑟𝑠2 , 𝑅𝑆1 , 𝑅𝑆2 ). This results drone attack. □ in the generation of a new session key for a subsequent session. Furthermore, these concealed values are unknown to . Consequently, it is impractical for  to precisely ascertain the session key. This Proposition 6. The BAKMM-IoD is designed to provide anonymity and indicates that a  cannot reliably forecast the session key in any untraceability for the exchanged communications. measure. Consequently, the BAKMM-IoD demonstrates adequate in- tegrity to endure the ephemeral secret leaking (ESL) attack within the CK-adversary model. □ Proof. No personally identifiable information (i.e., identities of the communicating entities) is sent in plain text within the BAKMM-IoD’s architecture. It ensures the safeguarding of the privacy of every indi- 6. Formal security verification of presented BAKMM-IoD vidual thus helps us to achieve the anonymity of each entity during the This section presents the formal security verification of the BAKMM- communication. Freshly generated timestamp values (i.e., ‘‘𝑇1 , 𝑇2 , 𝑇3 , IoD. In the context of the BAKMM-IoD’s security, the Scyther tool [44, 𝑇 𝑆1 , 𝑇 𝑆2 , 𝑇 𝑆3 , and 𝑟𝑠1 , 𝑟𝑠2 , 𝑅𝑆1 , 𝑅𝑆2 ’’) and randomly produced secret 45], and [46] has been rigorously employed. The tools, like, ProVerif values (i.e., 𝑘𝐷𝐸𝑖 , 𝑘𝐸 𝑆𝑗 , 𝑘𝐶 𝑆𝑘 ) constitute the entirety of the information and AVISPA are somewhat less robust than this one in terms of ver- that is reciprocally shared. It causes the creation of distinct mes- ifying and analyzing the security of a recently developed security sages for different entities in distinct sessions. Due to this mechanism, protocol. During its operation, the system utilizes the most advanced the exchanged messages cannot be traced during the communication. cryptographic assumptions. The secret key ensures that an opponent Therefore, it can be considered that the proposed BAKMM-IoD achieves  will be incapable of decrypting the data unless they themselves anonymity and untraceability properties during the exchange of the possess it. The language employed throughout the implementation messages. □ phase is ‘‘Security Protocol Descriptive Language (SPDL)’’. A unique role is allocated to each communication party or entity in this particular Proposition 7. The ephemeral secret leakage (ESL) attack is unable to situation. As a consequence of their roles, the entities undertake several successfully target the BAKMM-IoD under the CK-adversary model. other functions, such as the transmission of messages and the reception of replies. The ‘‘send’’ and ‘‘recv’’ methods facilitate the attainment of these objectives. The scyther tool operates on the DY model, with nine Proof. The proposed BAKMM-IoD calculates the session key by com- other adversarial models, containing the eCK model and the CK model. bining dynamic information, such as random secret numbers, with The system utilizes tests that facilitate the execution of verifications 10 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 4. SPDL snippet for the implemented role of ES in BAKMM-IoD. such as agreement, synchronization, weak agreement, and secrecy. Table 6 In the Scyther implementation of a cryptographic protocol, metrics Execution time (in milliseconds) under a server. such as agreement, synchronization, and secrecy are crucial. These are Primitive Max. time (ms) Min. time (ms) Average time (ms) critical attributes for assessing the security and integrity of the newly 𝑇ℎ 0.149 0.024 0.055 designed protocol. These can be described as follows. 𝑇𝑚𝑡𝑝 0.199 0.092 0.114 𝑇𝑒𝑐 𝑠𝑖𝑔𝑔 3.147 0.308 0.729 𝑇𝑒𝑐 𝑠𝑖𝑔𝑣 6.147 0.593 1.405 • Agreement: It guarantees that two parties (e.g., drone and ground 𝑇𝑠𝑒𝑛𝑐 0.008 0.002 0.003 station server) recognize their participation in a session for data 𝑇𝑠𝑑 𝑒𝑐 0.005 0.002 0.003 communication. They both concur on significant aspects, such 𝑇𝑒𝑐 𝑚 2.998 0.284 0.674 as keys, identities, and so forth. It mitigates impersonation or 𝑇𝑒𝑐 𝑎 0.002 0.001 0.002 man-in-the-middle (MiTM) attacks by ensuring that both parties 𝑇𝑏𝑝 7.951 4.495 4.716 are authentically communicating as intended. Additionally, it confirms that the protocol accomplishes mutual authentication. Table 7 • Synchronization: It guarantees that the sequence of message Execution time (in milliseconds) under Raspberry PI 3. exchanges occurs as anticipated. Messages cannot be replayed, Primitive Max. time (ms) Min. time (ms) Average time (ms) dropped, or modified. It is crucial for a protocol to attain this 𝑇ℎ 0.643 0.274 0.309 property, as it depends on the freshness or sequencing of messages 𝑇𝑚𝑡𝑝 0.406 0.381 0.385 (i.e., for the prevention of replay attacks). Moreover, it confirms 𝑇𝑒𝑐 𝑠𝑖𝑔𝑔 5.175 2.480 2.597 that both parties are operating in the same session context. 𝑇𝑒𝑐 𝑠𝑖𝑔𝑣 9.728 4.701 4.901 𝑇𝑠𝑒𝑛𝑐 0.038 0.017 0.018 • Secrecy: It guarantees that confidential information, such as ses- 𝑇𝑠𝑑 𝑒𝑐 0.054 0.009 0.014 sion keys or random secret nonces/numbers, remains undisclosed. 𝑇𝑒𝑐 𝑚 4.532 2.206 2.288 These values must not be disclosed to any unauthorized individu- 𝑇𝑒𝑐 𝑎 0.021 0.015 0.016 als. It serves to safeguard against eavesdropping and unauthorized 𝑇𝑏𝑝 32.79 27.606 32.084 data breach attempts. To securely validate the ‘‘authentication and key establishment phase’’ of the proposed BAKMM-IoD, we analyze the two critical actions functionality attributes’’ have been conducted. The details are provided associated with DE (for a drone) and ES (for a ground station server). below. The comparisons of different schemes including Ali et al. [34], The importance of these roles is substantial. The SPDL code snippets Cho et al. [23], Rodrigues et al. [25], Ever [27], Bera et al. [21] and required for simulating the functions of a drone (𝐷𝐸𝑖 ) and a ground Mishra et al. [35] and the BAKMM-IoD are given. station server (𝐸 𝑆𝑗 ) are presented in Figs. 3 and 4. Further, Fig. 5, We have taken the results of MIRACL library [21], in which various located beneath the claim, status, and comments sections, displays values of execution time (i.e., computation time) are given. The exe- the outcomes of the BAKMM-IoD implementation. The obtained data cution time (in milliseconds) values for a server are given in Table 6. confirmed that the BAKMM-IoD corresponds with the stated assertions. Further, the execution time (in milliseconds) values under Raspberry Thus, the BAKMM-IoD provides protection against numerous possible PI 3 for a device (i.e., smart IoT device, drones) are given in 7. Here threats. it is important to mention that the donations 𝑇ℎ , 𝑇𝑠𝑒𝑛𝑐 ∕𝑇𝑠𝑑 𝑒𝑐 , 𝑇𝑏𝑝 , 𝑇𝑓 𝑒 , 𝑇𝑒𝑐 𝑎 , 𝑇𝑒𝑐 𝑚 , 𝑇𝑒𝑐 𝑠𝑖𝑔𝑔 , 𝑇𝑒𝑐 𝑠𝑖𝑔 𝑣 , and 𝑇𝑚𝑡𝑝 are taken for the time needed for 7. Comparative analysis the execution a ‘‘one-way cryptographic hash function’’, a ‘‘symmetric key encryption/decryption (AES-128)’’, a ‘‘bilinear pairing’’, a ‘‘fuzzy In this section, the comparisons and analysis have been done for extractor’’, an ‘‘elliptic curve point addition’’, an ‘‘elliptic curve point the BAKMM-IoD and other similar schemes of the domain. The compar- multiplication’’, a ‘‘ECDSA generation’’, ‘‘ECDSA verification’’, and a isons of the computation costs, communication costs and ‘‘security and ‘‘map to point’’, respectively. It is considered that 𝑇𝑓 𝑒 (≈ 𝑇𝑒𝑐 𝑚 ) [47]. 11 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 5. Results of security verification using scyther tool. 7.1. Comparison of computation costs Table 8 Comparing different computation costs. Scheme Smart device/Drone GSS/Server For computation costs assessment, 𝑇ℎ , 𝑇𝑠𝑒𝑛𝑐 ∕𝑇𝑠𝑑 𝑒𝑐 , 𝑇𝑏𝑝 , 𝑇𝑓 𝑒 , 𝑇𝑒𝑐 𝑎 , 𝑇𝑒𝑐 𝑚 , 𝑇𝑒𝑐 𝑠𝑖𝑔𝑔 , 𝑇𝑒𝑐 𝑠𝑖𝑔𝑣 , and 𝑇𝑚𝑡𝑝 are used to signify for the time needed Ali et al. [34] 18𝑇ℎ + 𝑇𝑓 𝑒 + 𝑇𝑠𝑒𝑛𝑐 7𝑇ℎ + 3𝑇𝑠𝑒𝑛𝑐 ∕𝑇𝑠𝑑 𝑒𝑐 ≈ 7.868 ms ≈ 0.394 ms to execute a ‘‘one-way cryptographic hash function’’, a ‘‘symmetric Cho et al. [23] 2𝑇𝑒𝑐 𝑠𝑖𝑔𝑣 + 𝑇𝑠𝑑 𝑒𝑐 2𝑇𝑒𝑐 𝑠𝑖𝑔𝑔 + 𝑇𝑠𝑒𝑛𝑐 key encryption/decryption (AES-128)’’, a ‘‘bilinear pairing’’, a ‘‘fuzzy +10001𝑇ℎ +10001𝑇ℎ extractor’’, an ‘‘elliptic curve point addition’’, an ‘‘elliptic curve point ≈ 3100.125 ms ≈ 551.516 ms multiplication’’, a ‘‘ECDSA generation’’, ‘‘ECDSA verification’’, and a Rodrigues et al. [25] 9𝑇ℎ + 6𝑇𝑒𝑐 𝑚 9𝑇ℎ + 2𝑇𝑒𝑐 𝑚 ≈ 16.509 ms ≈ 1.843 ms ‘‘map to point’’, respectively. It is assumed that 𝑇𝑓 𝑒 (≈ 𝑇𝑒𝑐 𝑚 ) [47]. Ever [27] 9𝑇ℎ + 2𝑇𝑏𝑝 + 6𝑇ℎ + 3𝑇𝑏𝑝 + The computation cost values are calculated on the basis of values 2𝑇𝑚𝑡𝑝 + 3𝑇𝑒𝑐 𝑚 2𝑇𝑚𝑡𝑝 + 3𝑇𝑒𝑐 𝑚 given in Tables 6 and 7. The computation cost values for the BAKMM- ≈ 74.583 ms ≈ 16.728 ms IoD are calculated 8𝑇ℎ ≈ 2.47 ms (for drone) and 8𝑇ℎ ≈ 0.44 ms for Bera et al. [21] 9𝑇ℎ + 2𝑇𝑠𝑒𝑛𝑐 ∕𝑇𝑠𝑑 𝑒𝑐 9𝑇ℎ + 2𝑇𝑠𝑒𝑛𝑐 ∕𝑇𝑠𝑑 𝑒𝑐 +2𝑇𝑒𝑐 𝑚 + 𝑇𝑒𝑐 𝑎 2𝑇𝑒𝑐 𝑚 + 𝑇𝑒𝑐 𝑎 (ground satiation server). From Table 8, it is clear that the BAKMM-IoD ≈ 7.405 ms ≈ 1.851 ms has less computation costs than the other compared schemes, i.e., the Mishra et al. [35] 9𝑇ℎ 7𝑇ℎ schemes of Cho et al. [23], Rodrigues et al. [25], Ever [27], and Algarni ≈ 2.78 ms ≈ 0.39 ms and Jan [36], whereas it is very similar to the scheme of Ali et al. [34] Algarni and Jan [36] 𝑇𝑓 𝑒 + 14𝑇ℎ 6𝑇ℎ and Mishra et al. [35]. ≈ 6.614 ms ≈ 0.33 ms BAKMM-IoD 8𝑇ℎ 8𝑇ℎ ≈ 2.47 ms ≈ 0.44 ms 7.2. Comparison of communication costs To compute the communication expenses, we have presumed the terms ‘‘identity’’, ‘‘random number’’, and ‘‘elliptic curve point 𝑃 = {𝑇 𝐼 𝐷𝐷𝐸𝑖 , 𝑀1 , 𝑀2 , 𝑇1 }, 𝑀 𝑆 𝐺2 = {𝑀3 , 𝑀4 , 𝑀5 , 𝑇2 }, 𝑀 𝑆 𝐺3 = {𝑀6 , 𝑇3 }. (𝑃𝑥 , 𝑃𝑦 ) ∈ 𝐸𝑞 (𝑎, 𝑏)’’, where the coordinates of 𝑃 are denoted as 𝑃𝑥 and 𝑃𝑦 , hash output, generated using the SHA-256 hashing algorithm, and If we calculate the sizes of these messages, this is estimated as |𝑀 𝑆 𝐺1 | the timestamp are 160 bits, 160 bits, (160 + 160) = 320 bits, 256 bits, = 160 + 256 + 256 + 32 = 704 bits, |𝑀 𝑆 𝐺2 | = 256 + 256 + 256 + 32 = 800 bits, and 32 bits, respectively. We subsequently calculate communication and |𝑀 𝑆 𝐺3 | = 256+32 = 2880 bits, as a whole the communication of the costs in terms of the bit count necessary for transmitting messages BAKMM-IoD becomes 704+ 800+ 288 = 1782 bits. The communication 𝑀 𝑆 𝐺1 , 𝑀 𝑆 𝐺2 , and 𝑀 𝑆 𝐺3 . expenses of different schemes are presented in Table 9. The data in In the authentication and key establishment process of drone 𝐷𝐸𝑖 Table 9 indicates that the communication cost of the BAKMM-IoD is and the 𝐸 𝑆𝑗 three messages are exchanged, which are 𝑀 𝑆 𝐺1 = lower than that of the other examined schemes. 12 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Fig. 6. Results of implementation of blockchain for the proposed BAKMM-IoD: effect on computational time. Fig. 7. Results of implementation of blockchain for the proposed BAKMM-IoD: effect on transactions per second (TPS). Table 9 distinct scenarios or cases (case-1, case-2 and case-3) were tested and Comparative study on communication costs. compared. This experiment was conducted on a Windows 64-bit 11 OS Scheme No. of messages Total cost (in bits) with an Intel(R) Core i5-8250U processor, running at up to 1800 MHz Ali et al. [34] 3 3424 and 8 GB RAM. Open source Visual Studio Code of version 1.93 with Cho et al. [23] 3 3968 Java was used for programming environment. For case-1, the drone Rodrigues et al. [25] 4 3456 Ever [27] 6 5344 deployment was 50, for case-2, drone deployment was 100 and for case- Bera et al. [21] 3 2368 3, it was 150. The five blocks in case-1, ten blocks in case-2 and fifteen Mishra et al. [35] 3 1792 blocks in case-3 were computed as well as committed. Four miner nodes Algarni and Jan [36] 4 2784 (i.e., cloud servers over P2PCS network) were used concurrently. It was BAKMM-IoD 3 1792 deployed, for 10 ground station servers in case-1, 20 in case-2, and 30 in case-3. The voting-based method is followed for making consensus in association with the practical byzantine fault tolerance (pBFT) in 7.3. Comparison of security and functionality attributes blockchain mining work. Such details of the current flow of the trans- actions are covered under the blanket of the encrypted transaction. For The juxtaposition of security and functionality attributes is pre- example, the entity (communicating party) by which the information sented in Table 10. Based on the comparison, it is evident that the is transmitted, or the underlying logic. The cipher-text of each such BAKMM-IoD offers superior security and additional functional features transaction depends on elliptic curve cryptography (ECC) algorithm. It compared to the other schemes given by Ali et al. [34], Cho et al. [23], could be said that the amount of additional bits necessary to encode Rodrigues et al. [25], Ever [27], Bera et al. [21], Mishra et al. [35], the data in the way described is equal to 640 bits which is (320 + 320) and Algarni and Jan [36]. bits. Encryption is done in every block to assess transactions worth 100. The results following the simulations were determined as such. 8. Practical implementation of BAKMM-IoD: blockchain simula- There are other critical applications, where the data is strictly tion confidential and private. Consider the healthcare applications using the drones. Unmanned aerial vehicle (UAV) technology has greatly The implementation of presented BAKMM-IoD is given here [48]. enriched the healthcare sector, making substantial contributions [49]. The details of the parameters that were used in the experimentation are As a result, drones are emerging as one of the fastest-growing technolo- described in Table 11. During the experimentation and validation, three gies in the healthcare industry, offering a diverse array of applications. 13 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 Table 10 Comparison of security and functionality features. Feature (𝐹 ) Ali et al. [34] Cho et al. [23] Rodrigues et al. [25] Ever [27] Bera et al. [21] Mishra et al. [35] Algarni and Jan [36] BAKMM-IoD 𝐴𝑆 𝐹 𝐹1 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹2 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹3 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹4 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹5 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹6 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹7 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹8 ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ 𝐴𝑆 𝐹 𝐹9 × × × × ✓ ✓ ✓ × 𝐴𝑆 𝐹 𝐹10 × × × × ✓ ✓ × ✓ 𝐴𝑆 𝐹 𝐹11 ✓ × × × ✓ ✓ × ✓ 𝐴𝑆 𝐹 𝐹12 × × × × ✓ × × ✓ 𝐴𝑆 𝐹 𝐹13 × × ✓ × ✓ ✓ × ✓ 𝐴𝑆 𝐹 𝐹14 × × × × × × × ✓ 𝐴𝑆 𝐹 𝐹1 : ‘‘protection for replay attack’’; 𝐴𝑆 𝐹 𝐹2 : ‘‘protection for man-in-the-middle attack’’; 𝐴𝑆 𝐹 𝐹3 : ‘‘availability of mutual authentication’’; 𝐴𝑆 𝐹 𝐹4 : ‘‘availability of key agreement’’; 𝐴𝑆 𝐹 𝐹5 : ‘‘protection for device/drone impersonation attack’’; 𝐴𝑆 𝐹 𝐹6 : ‘‘protection for GSS/server impersonation attack’’; 𝐴𝑆 𝐹 𝐹7 : ‘‘protection for malicious device deployment attack’’; 𝐴𝑆 𝐹 𝐹8 : ‘‘protection for drone/device physical capture attack’’; 𝐴𝑆 𝐹 𝐹9 : ‘‘formal security verification using AVISPA/Scyhter tool’’; 𝐴𝑆 𝐹 𝐹10 : ‘‘protection for ESL attack under the CK-adversary model’’; 𝐴𝑆 𝐹 𝐹11 : ‘‘availability of dynamic drone/device addition phase’’; 𝐴𝑆 𝐹 𝐹12 : ‘‘implementation of blockchain’’; 𝐴𝑆 𝐹 𝐹13 : ‘‘availability of anonymity and untraceability properties’’; 𝐴𝑆 𝐹 𝐹14 : ‘‘availability of mechanism for secure communication of ground station server and cloud server’’. ✓: ‘‘a scheme is secure or it supports an attribute’’; ×: ‘‘a scheme is insecure or it does not support an attribute’’. Table 11 8.1. Effect on computational time Simulation parameters and their values used in BAKMM-IoD. Parameter Value The computation time values (in ms) were assessed to evaluate the Platform used Windows 11 64 bit OS effect of a rising number of drones and ground station servers in each Processor Intel (R) core (TM), scenario examined. The estimated computational times for case-1, case- i5-8250U, 1600 MHz–1800 MHz 2, and case-3 are 9.12 ms, 17.88 ms, and 23.43 ms, respectively. The RAM size 8 GB Programming platform Visual studio code outcomes are also depicted in Fig. 6. The computational time escalates v1.93 with Java with the growth in the number of drones and ground station servers Quantity of deployed drones 50 (case-1), 100 (case-2), from case-1 to case-2 and from case-2 to case-3 due to the rise in the 150 (case-3) number of drones and ground station servers result in the generation Quantity of ground station server 10 (case-1), 20 (case-2), and incorporation of additional blocks (creation and mining) in the 30 (case-3) Quantity of miner nodes 4 in all cases blockchain. over P2P CS network 8.2. Effect on transactions per second (TPS) These applications include real-time data collection, patient monitor- The effect of BAKMM-IoD on transactions per second (TPS) in the ing, improved quality of care, and drug transportation. Hospitals are examined situations is measured. The transactions per second (TPS) increasingly using drones to deliver medical supplies to remote and values are 54825, 55928 and 64103 for case-1, case-2 and case-3, re- rural areas. Additionally, medical professionals are finding that drones spectively. The supplementary findings are depicted in Fig. 7. The can enhance the accuracy of disease diagnoses. This technology has transactions value per second (TPS) on the blockchain escalates with the potential to tackle some of the most pressing healthcare challenges, the augmentation of drones and ground station servers. This is the such as providing medical assistance during disasters and transporting result of the production and incorporation (mining) of further blocks organs for transplantation. entries to the blockchain. Consider another sensitive application using the drones for battle- field or military [50], where the data is also private and confidential. 9. Conclusions The increasing adoption of UAVs in the defense and security sectors for various purposes – including surveying, mapping, transportation, Security solutions are essential for safeguarding the data and de- combat operations, and monitoring – is anticipated to drive demand vices, such as drones and servers, within IoD networks. A reliable for military UAVs in the coming years. Additionally, the rise in defense blockchain-enabled authentication and key management mechanism budgets across multiple countries aimed at acquiring modern and tech- for various IoD applications (BAKMM-IoD) was introduced. BAKMM- nologically advanced military drones is expected to contribute to the IoD has been demonstrated to be secure against numerous potential growth of the global market. threats through comprehensive security study and formal verification For the simplicity of the implementation, the information which is with the widely recognized Scyther tool. BAKMM-IoD outperforms used in the creation of the blocks, i.e., for the transactions field are like, other comparable current mechanisms regarding communication cost, ‘‘current temperature value for a particular location of region’’, ‘‘current calculation cost, and attributes of security and functionality. At the end, humidity level for a particular location of a region’’. Likewise, we have a practical implementation of BAKMM-IoD is subsequently shown to used various information in the transactions fields of a block. All these illustrate its applicability in real-world scenarios and highlight its effect information are sent by the drones to the connected ground station on key performance metrics. servers in a secure way with the help of the deployed ‘‘authentication In the future, we intend to provide machine learning/deep learning- and key establishment phase’’. After that the ground station server based big data analytics phase in the presented scheme for the real-time creates partial block from this information by putting this information data analysis of the received data. We have plan to provide a testbed in the transaction field of the partial block. The transactions are en- implementation for the presented scheme. The post-quantum cryptog- crypted (i.e., via Elliptic Curve Cryptography (ECC)-based encryption raphy (PQC)-based security primitives can also be incorporated in the algorithm) since we need to provide the secrecy to the data. Please refer design of the presented scheme to make it more secure especially for to the information given in Section 4.5. the era of quantum cryptography. 14 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 CRediT authorship contribution statement [17] Y. Li, An improved lightweight and privacy preserving authentication scheme for smart grid communication, J. Syst. Archit. 152 (2024) 103176. [18] G. Thakur, S. Prajapat, P. Kumar, C.-M. Chen, A privacy-preserving three-factor Mohammad Wazid: Writing – original draft, Resources, Methodol- authentication system for IoT-enabled wireless sensor networks, J. Syst. Archit. ogy, Formal analysis, Data curation, Conceptualization. Saksham Mit- 154 (2024) 103245. tal: Visualization, Software, Resources, Data curation. Ashok Kumar [19] Y. Yao, H. Chen, K. Wang, H. Yu, Y. Wang, Q. Wang, Efficient iNTRU-based Das: Writing – review & editing, Validation, Investigation, Conceptu- public key authentication keyword searchable encryption in cloud computing, J. alization. SK Hafizul Islam: Validation, Methodology, Investigation, Syst. Archit. 154 (2024) 103231. [20] A. Yazdinejad, R.M. Parizi, A. Dehghantanha, H. Karimipour, G. Srivastava, Formal analysis. Mohammed J.F. Alenazi: Resources, Project admin- M. Aledhari, Enabling drones in the Internet of Things with decentralized istration, Investigation, Funding acquisition. Athanasios V. Vasilakos: blockchain-based security, IEEE Internet Things J. 8 (8) (2021) 6406–6415. Visualization, Project administration, Investigation, Funding acquisi- [21] B. Bera, A.K. Das, A.K. Sutrala, Private blockchain-based access control mech- tion. anism for unauthorized UAV detection and mitigation in internet of drones environment, Comput. Commun. 166 (2021) 91–109. [22] C. Feng, B. Liu, Z. Guo, K. Yu, Z. Qin, K.-K.R. Choo, Blockchain-based cross- Declaration of competing interest domain authentication for intelligent 5G-enabled internet of drones, IEEE Internet Things J. 9 (8) (2022) 6224–6238. The authors declare that they have no known competing finan- [23] G. Cho, J. Cho, S. Hyun, H. Kim, SENTINEL: A secure and efficient authentication cial interests or personal relationships that could have appeared to framework for unmanned aerial vehicles, Appl. Sci. 10 (9) (2020). [24] R. Gupta, P. Bhattacharya, S. Tanwar, N. Kumar, S. Zeadally, GaRuDa: A influence the work reported in this paper. blockchain-based delivery scheme using drones for healthcare 5.0 applications, IEEE Internet Things Mag. 4 (4) (2021) 60–66. Acknowledgments [25] M. Rodrigues, J. Amaro, F.S. Osorio, B. Kalinka. R. L. J. C., Authentication methods for UAV communication, in: 2019 IEEE Symposium on Computers The authors extend their appreciation to Researcher Supporting and Communications, ISCC, 2019, pp. 1210–1215, http://dx.doi.org/10.1109/ ISCC47284.2019.8969732. Project number (RSPD2025R582), King Saud University, Riyadh, Saudi [26] M. Farash, M. Turkanovic, S. Kumari, M. Holbl, An efficient user authentication Arabia. The authors would also like to thank the anonymous reviewers and key agreement scheme for heterogeneous wireless sensor network tailored and associate editor for their valuable feedback on the paper. for the Internet of Things environment, Ad Hoc Netw. 36 (2016) 152–176. [27] Y. Kirsal Ever, A secure authentication scheme framework for mobile-sinks used in the internet of drones applications, Comput. Commun. 155 (2020) 143–149. Data availability [28] M.P. Singh, G.S. Aujla, R.S. Bali, Blockchain for the internet of drones: Applica- tions, challenges, and future directions, IEEE Internet Things Mag. 4 (4) (2021) No data was used for the research described in the article. 47–53. [29] R. Xiong, Q. Xiao, Z. Wang, Z. Xu, F. Shan, Leveraging lightweight blockchain for secure collaborative computing in UAV Ad-Hoc Networks, Comput. Netw. References 251 (2024) 110612. [30] W. Wang, Z. Han, T.R. Gadekallu, S. Raza, J. Tanveer, C. Su, Lightweight [1] C. Lin, D. He, N. Kumar, K.-K.R. Choo, A. Vinel, X. Huang, Security and privacy blockchain-enhanced mutual authentication protocol for UAVs, IEEE Internet for the internet of drones: Challenges and solutions, IEEE Commun. Mag. 56 (1) Things J. 11 (6) (2024) 9547–9557. (2018) 64–69. [31] W. Wang, Y. Yang, Z. Yin, K. Dev, X. Zhou, X. Li, N.M.F. Qureshi, C. Su, BSIF: [2] C. Singh, R. Mishra, H.P. Gupta, P. Kumari, The internet of drones in precision Blockchain-based secure, interactive, and fair mobile crowdsensing, IEEE J. Sel. agriculture: Challenges, solutions, and research opportunities, IEEE Internet Areas Commun. 40 (12) (2022) 3452–3469. Things Mag. 5 (1) (2022) 180–184. [32] X. Yu, Y. Xie, Q. Xu, Z. Xu, R. Xiong, Secure data sharing for cross-domain [3] M.P. Singh, G.S. Aujla, R.S. Bali, Blockchain for the internet of drones: Applica- industrial IoT based on consortium blockchain, in: 26𝑡ℎ IEEE International tions, challenges, and future directions, IEEE Internet Things Mag. 4 (4) (2021) Conference on Computer Supported Cooperative Work in Design, CSCWD, Rio de 47–53. Janeiro, Brazil, 2023, pp. 1508–1513, http://dx.doi.org/10.1109/CSCWD57460. [4] Z. Lv, Y. Li, J. Wu, H. Lv, Securing the internet of drones against cyber-physical 2023.10152584. attacks, IEEE Internet Things Mag. 4 (4) (2021) 74–78. [33] J. Srinivas, A.K. Das, N. Kumar, J.J.P.C. Rodrigues, TCALAS: Temporal credential- [5] A. Derhab, O. Cheikhrouhou, A. Allouch, A. Koubaa, B. Qureshi, M.A. Ferrag, L. based anonymous lightweight authentication scheme for internet of drones Maglaras, F.A. Khan, Internet of drones security: Taxonomies, open issues, and environment, IEEE Trans. Veh. Technol. 68 (7) (2019) 6903–6916. future directions, Veh. Commun. 39 (2023) 100552. [34] Z. Ali, S.A. Chaudhry, M.S. Ramzan, F. Al-Turjman, Securing smart city surveil- [6] W. Yang, S. Wang, X. Yin, X. Wang, J. Hu, A review on security issues and lance: A lightweight authentication mechanism for unmanned vehicles, IEEE solutions of the internet of drones, IEEE Open J. Comput. Soc. 3 (2022) 96–110. Access 8 (2020) 43711–43724. [7] C. Badii, P. Bellini, A. Difino, P. Nesi, Smart city IoT platform respecting GDPR [35] A.K. Mishra, M. Wazid, D.P. Singh, A.K. Das, J. Singh, A.V. Vasilakos, Secure privacy and security aspects, IEEE Access 8 (2020) 23601–23623. blockchain-enabled authentication key management framework with big data [8] N. Azam, L. Michala, S. Ansari, N.B. Truong, Data privacy threat modelling for analytics for drones in networks beyond 5G applications, Drones 7 (8) (2023). autonomous systems: A survey from the GDPR’s perspective, IEEE Trans. Big [36] F. Algarni, S.U. Jan, PSLAPS-IoD: A provable secure and lightweight authentica- Data 9 (2) (2023) 388–414. tion protocol for securing internet-of-drones (IoD) environment, IEEE Access 12 [9] C. Li, B. Palanisamy, Privacy in Internet of Things: From principles to (2024) 45948–45960, http://dx.doi.org/10.1109/ACCESS.2024.3382579. technologies, IEEE Internet Things J. 6 (1) (2019) 488–505. [37] K.A. Tychola, K. Voulgaridis, T. Lagkas, Beyond flight: Enhancing the internet [10] P.-Y. Kong, A survey of cyberattack countermeasures for unmanned aerial of drones with blockchain technologies, Drones 8 (6) (2024) URL https://www. vehicles, IEEE Access 9 (2021) 148244–148263. mdpi.com/2504-446X/8/6/219. [11] G.N. Nguyen, N.H.L. Viet, M. Elhoseny, K. Shankar, B. Gupta, A.A.A. El-Latif, [38] A. Mitra, B. Bera, A.K. Das, S.S. Jamal, I. You, Impact on blockchain-based Secure blockchain enabled cyber–physical systems in healthcare using deep belief AI/ML-enabled big data analytics for cognitive Internet of Things environment, network with ResNet model, J. Parallel Distrib. Comput. 153 (2021) 150–160. Comput. Commun. 197 (2023) 173–185. [12] A. Raj, S. Prakash, A privacy-preserving authentic healthcare monitoring system [39] D. Dolev, A. Yao, On the security of public key protocols, IEEE Trans. Inform. using blockchain, Int. J. Softw. Sci. Comput. Intell. 14 (2022) 1–23. Theory 29 (2) (1983) 198–208. [13] Y. Xu, Z. Peng, C. Zhang, G. Wang, H. Wang, H. Jiang, Y. Zhang, Enhancing [40] R. Canetti, H. Krawczyk, Universally composable notions of key exchange and privacy in cyber-physical systems: An efficient blockchain-assisted data-sharing secure channels, in: International Conference on the Theory and Applications scheme with deniability, J. Syst. Archit. 150 (2024) 103132. of Cryptographic Techniques– Advances in Cryptology, EUROCRYPT 2002, [14] Y. Zhang, L. Xiong, F. Li, X. Niu, H. Wu, A blockchain-based privacy-preserving Amsterdam, The Netherlands, 2002, pp. 337–351. auditable authentication scheme with hierarchical access control for mobile cloud [41] T.S. Messerges, E.A. Dabbish, R.H. Sloan, Examining smart-card security under computing, J. Syst. Archit. 142 (2023) 102949. the threat of power analysis attacks, IEEE Trans. Comput. 51 (5) (2002) 541–552. [15] C.-M. Chen, S. Liu, X. Li, S.H. Islam, A.K. Das, A provably-secure authenticated [42] M. Wazid, A.K. Das, N. Kumar, M. Alazab, Designing authenticated key man- key agreement protocol for remote patient monitoring IoMT, J. Syst. Archit. 136 agement scheme in 6G-enabled network in a box deployed for industrial (2023) 102831. applications, IEEE Trans. Ind. Inf. 17 (10) (2021) 7174–7184. [16] A. Shahidinejad, J. Abawajy, S. Huda, Untraceable blockchain-assisted authen- [43] M. Wazid, B. Bera, A.K. Das, S.P. Mohanty, M. Jo, Fortifying smart transportation tication and key exchange in medical consortiums, J. Syst. Archit. 151 (2024) security through public blockchain, IEEE Internet Things J. 9 (17) (2022) 103143. 16532–16545. 15 M. Wazid et al. Journal of Systems Architecture 160 (2025) 103365 [44] B. Khadem, A.M. Suteh, M. Ahmad, A. Alkhayyat, M.S. Farash, H.S. Khalifa, An Systems Journal, Journal of Network and Computer Ap- improved WBSN key-agreement protocol based on static parameters and hash plications (Elsevier), Computer Communications (Elsevier), functions, IEEE Access 9 (2021) 78463–78473. International Journal of Communication Systems (Wiley), [45] C.J.F. Cremers, Scyther : Semantics and verification of security protocols, Journal of Cloud Computing (Springer), Cyber Security 2006, https://pure.tue.nl/ws/files/2425555/200612074.pdf (Accessed on August and Applications (Elsevier), Alexandria Engineering Jour- 2024). nal (Elsevier), IET Communications, KSII Transactions on [46] M. Tanveer, A.H. Zahid, M. Ahmad, A. Baz, H. Alhakami, LAKE-IoD: Lightweight Internet and Information Systems, and International Jour- authenticated key exchange protocol for the internet of drone environment, IEEE nal of Communication Systems (Wiley). He also served as Access 8 (2020) 155645–155659. one of the Technical Program Committee Chairs of the [47] D. He, S. Zeadally, B. Xu, X. Huang, An efficient identity-based conditional first International Congress on Blockchain and Applications privacy-preserving authentication scheme for vehicular ad hoc networks, IEEE (BLOCKCHAIN’19), Avila, Spain, June 2019, International Trans. Inf. Forensics Secur. 10 (12) (2015) 2681–2691. Conference on Applied Soft Computing and Communica- [48] M. Fan, X. Zhang, Consortium blockchain based data aggregation and regulation tion Networks (ACN’20), October 2020, Chennai, India, mechanism for smart grid, IEEE Access 7 (2019) 35929–35940. second International Congress on Blockchain and Appli- [49] Drones in healthcare: A lifesaving innovation, 2024, Available at: cations (BLOCKCHAIN’20), L’Aquila, Italy, October 2020, https://www.indowings.com/blog/5-reasons-why-we-need-to-use-drones-in- and International Conference on Applied Soft Computing the-hospital-management.php. (Accessed on October 2024). and Communication Networks (ACN’23), December 2023, Bangalore, India. His Google Scholar h-index is 92 and [50] Military drone market, 2023, https://www.fortunebusinessinsights.com/military- i10-index is 302 with over 25,200 citations. drone-market-102181. (Accessed on October 2024). SK Hafizul Islam received the M.Sc. degree in applied Mohammad Wazid received his Master of Technology in mathematics from Vidyasagar University, Midnapore, India, Computer Network Engineering from Graphic Era Univer- in 2006, and the M.Tech. degree in Computer Application sity, Dehradun, India, and received a Ph.D. in Computer and the Ph.D. degree in Computer Science and Engineering Science and Engineering from the International Institute of in 2009 and 2013, respectively, from Indian Institute of Information Technology, Hyderabad, India. He is currently Technology [IIT (ISM)] Dhanbad, Jharkhand, India, un- working as a Professor in the Department of Computer der the INSPIRE Fellowship Ph.D. Program (funded by Science and Engineering, Graphic Era University, Dehradun, the Department of Science and Technology, Government India. He is the head of the cybersecurity and IoT research of India). He is currently an Assistant Professor in the group at Graphic Era University, Dehradun, India. Prior to Department of Computer Science and Engineering, Indian this, he was an assistant professor in the Department of Institute of Information Technology Kalyani (IIIT Kalyani), Computer Science and Engineering at the Manipal Institute West Bengal, India. He has more than ten years of teaching of Technology, MAHE, Manipal, India. He was also a post- and thirteen years of research experience. He has authored doctoral researcher in the cyber security and networks lab, or co-authored 150 research papers in journals and con- Innopolis University, Innopolis, Russia. His current research ference proceedings of international reputes. His research interests include security, remote user authentication, the interests include Cryptography, Information Security, Neural Internet of Things (IIoT), and cloud computing. He has Cryptography, Lattice-based Cryptography, IoT & Blockchain published more than 100 papers in international journals Security, and Deep Learning. He has edited four books for and conferences in the above areas. He was a recipient of the publishers Scrivener-Wiley, Elsevier, and CRC Press. He the University Gold Medal and the Young Scientist Award is an Associate Editor for IEEE Transactions on Intelligent from UCOST, the Department of Science and Technology, Transportation Systems, IEEE Access, International Journal Government of Uttarakhand, India. He is a senior member of Communication Systems (Wiley), Telecommunication Sys- of IEEE. tems (Springer), IET Wireless Sensor Systems, Security and Privacy (Wiley), and Array - Journal (Elsevier). He is a senior member of IEEE, and a member of ACM. Saksham Mittal is pursuing Ph.D. CSE in the department of CSE at Graphic Era Deemed to be University, Dehradun, India. He is also associated with Graphic Era Hill University, Mohammed J.F. Alenazi earned his B.S., M.S., and Ph.D. Dehradun, India as the teaching staff. His research inter- degrees in computer engineering from the University of ests include intrusion detection systems, big data analytics, Kansas, USA, in 2010, 2012, and 2015, respectively. He is threat analysis, and machine learning. a Professor in computer engineering at King Saud Univer- sity and a reviewer for several international journals. His research interests span cybersecurity, focusing on network security, encryption, and vulnerability analysis, as well as machine learning, where he applies AI to enhance network security and performance. He also works on the design and analysis of resilient networks, network routing, and mobile Ashok Kumar Das, received a Ph.D. degree in computer ad hoc network (MANET) protocols. A member of ACM, his science and engineering, an M.Tech. degree in computer work contributes to the intersection of cybersecurity and science and data processing, and an M.Sc. degree in math- machine learning for developing adaptive, threat-resistant ematics from IIT Kharagpur, India. He is currently a full systems. Professor with the Center for Security, Theory and Algo- rithmic Research, IIIT, Hyderabad, India. He is an adjunct professor at the Korea University, Seoul, South Korea. He Athanasios V. Vasilakos is with the Center for AI Research was also a visiting research professor with the Virginia (CAIR), University of Agder (UiA), Grimstad, Norway. He is Modeling, Analysis and Simulation Center, Old Dominion WoS Highly Cited Researcher (HC), from 2016 to 2021. He University, Suffolk, p=VA 23435, USA. His research inter- served or is serving as an Editor for many technical journals, ests include cryptography, system and network security, such as the IEEE TRANSACTIONS ON NETWORK AND blockchain, security in the Internet of Things (IoT), In- SERVICE MANAGEMENT, IEEE TRANSACTIONS ON CLOUD ternet of Vehicles (IoV), Internet of Drones (IoD), smart COMPUTING, IEEE TRANSACTIONS ON INFORMATION grids, smart city, cloud/fog computing, intrusion detection, FORENSICS AND SECURITY, IEEE TRANSACTIONS ON CY- AI/ML security, and post-quantum cryptography. He has BERNETICS, IEEE TRANSACTIONS ON NANOBIOSCIENCE, authored over 465 papers in international journals and IEEE TRANSACTIONS ON INFORMATION TECHNOLOGY conferences in the above areas, including over 395 re- IN BIOMEDICINE, ACM Transactions on Autonomous and puted journal papers. He was a recipient of the Institute Adaptive Systems, and the IEEE JOURNAL ON SELECTED Silver Medal from IIT Kharagpur. He has been listed in AREAS IN COMMUNICATIONS. the Web of Science (ClarivateTM ) Highly Cited Researcher 2022 and 2023 in recognition of his exceptional research performance. He is/was on the editorial board of IEEE Transactions on Information Forensics and Security, IEEE 16