Next Article in Journal
Analysis and Proposal of Strategies for the Management of Drone Swarms Through Wi-Fi Technologies
Previous Article in Journal
A Model-Driven Multi-UAV Spectrum Map Fast Fusion Method for Strongly Correlated Data Environments
Previous Article in Special Issue
Network Design and Content Deployment Optimization for Cache-Enabled Multi-UAV Socially Aware Networks
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Drones
Volume 9
Issue 8
10.3390/drones9080583
drones-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques

by
Sayani Sarkar
1,*,
Sima Shafaei
1,
Trishtanya S. Jones
2 and
Michael W. Totaro
2
1
Department of Computer Science, Bellarmine University, 2001 Newburg Rd, Louisville, KY 40205, USA
2
Department of Computer Science & Informatics, University of Louisiana at Lafayette, 104 E University Ave, Lafayette, LA 70504, USA
*
Author to whom correspondence should be addressed.
Drones 2025, 9(8), 583; https://doi.org/10.3390/drones9080583
Submission received: 14 July 2025 / Revised: 5 August 2025 / Accepted: 11 August 2025 / Published: 18 August 2025
(This article belongs to the Special Issue Advances in Detection, Security, and Communication for UAV: 2nd Edition)
Browse Figures
Versions Notes

Abstract

Highlights

What are the main findings?
  • This survey offers a comprehensive classification of cryptographic solutions tailored for resource-constrained UAV systems, focusing on lightweight encryption, secure key management, and post-quantum cryptography.
  • The paper introduces a multilayer UAV-specific security framework and maps state-of-the-art cryptographic protocols to different OSI layers and UAV application domains.
What is the implication of the main finding?
  • The proposed taxonomy and cross-layer evaluation guide future research on energy-aware and quantum-resilient cryptographic integration in UAV networks.
  • Insights from this work promote the development of interoperable and scalable security architectures to support safe UAV operations across diverse civilian and military missions.

Abstract

Deployment of Unmanned Aerial Vehicles (UAVs) continues to expand rapidly across a wide range of applications, including environmental monitoring, precision agriculture, and disaster response. Despite their increasing ubiquity, UAVs remain inherently vulnerable to security threats due to resource-constrained hardware, energy limitations, and reliance on open wireless communication channels. These factors render traditional cryptographic solutions impractical, thereby necessitating the development of lightweight, UAV-specific security mechanisms. This review article presents a comprehensive analysis of lightweight encryption techniques and key management strategies designed for energy-efficient and secure UAV communication. Special emphasis is placed on recent cryptographic advancements, including the adoption of the ASCON family of ciphers and the emergence of post-quantum algorithms that can secure UAV networks against future quantum threats. Key management techniques such as blockchain-based decentralized key exchange, Physical Unclonable Function (PUF)-based authentication, and hierarchical clustering schemes are evaluated for their performance and scalability. To ensure comprehensive protection, this review introduces a multilayer security framework addressing vulnerabilities from the physical to the application layer. Comparative analysis of lightweight cryptographic algorithms and multiple key distribution approaches is conducted based on energy consumption, latency, memory usage, and deployment feasibility in dynamic aerial environments. Unlike design- or implementation-focused studies, this work synthesizes existing literature across six interconnected security dimensions to provide an integrative foundation. Our review also identifies key research challenges, including secure and efficient rekeying during flight, resilience to cross-layer attacks, and the need for standardized frameworks supporting post-quantum cryptography in UAV swarms. By highlighting current advancements and research gaps, this study aims to guide future efforts in developing secure communication architectures tailored to the unique operational constraints of UAV networks.

1. Introduction

Unmanned Aerial Vehicles (UAVs) have evolved into versatile platforms supporting a wide range of civilian applications, including aerial surveillance, disaster response, environmental monitoring, precision agriculture, and autonomous logistics [1]. Their operational advantages, such as high maneuverability, reduced operational costs, and the ability to operate in harsh or inaccessible environments, have driven exponential growth in both research initiatives and commercial deployment across multiple domains [2]. As UAVs become increasingly integrated into critical infrastructure and multi-agent systems, the volume and sensitivity of their data exchanges continue to expand, making secure and reliable communication within UAV networks a paramount challenge for both industry and academia [3].
In response to the growing complexity of UAV communication security, this review article consolidates recent research efforts and provides a structured analysis of emerging technologies and frameworks. Rather than presenting new cryptographic designs or experimental results, the focus is on synthesizing peer-reviewed literature to support future research, development, and implementation.
Despite their growing adoption, UAV communication systems remain fundamentally constrained by hardware limitations, energy capacity restrictions, and dynamic network topologies. UAVs operate with limited computational resources on board, making traditional cryptographic approaches, such as full-scale RSA, TLS implementations, or computationally intensive AES variants, impractical for real-time aerial operations [4]. Additionally, UAV networks frequently operate in self-organized, highly dynamic configurations, particularly in swarm deployments where coordinated systems of potentially hundreds of drones must perform missions autonomously with minimal human oversight [5]. These operational conditions introduce significant complexities in key management, authentication, and data confidentiality protocols [6].
The emergence of quantum computing poses an additional and unprecedented threat to UAV communication security. Quantum computers, leveraging Shor’s and Grover’s algorithms, have the potential to break conventional cryptographic methods, including both symmetric and asymmetric schemes that currently secure UAV communications [7]. This quantum threat necessitates the adoption of post-quantum cryptography (PQC) algorithms specifically designed to remain secure against quantum attacks while maintaining efficiency suitable for resource-constrained UAV platforms [8]. Recent developments in lightweight post-quantum algorithms, including lattice-based cryptography and code-based cryptography, offer promising solutions for future-proofing UAV security [7].
Recent research efforts have explored innovative approaches to UAV security, including the integration of blockchain technology for decentralized identity and key management in drone swarms [9]. Blockchain-based authentication schemes, such as BETA-UAV, exploit the inherent properties of immutability and decentralization to establish secure communication sessions while reducing reliance on centralized trust infrastructures [10]. Similarly, Physical Unclonable Function (PUF)-based authentication protocols have emerged as lightweight alternatives that eliminate the need for storing sensitive cryptographic keys on UAV devices, thereby mitigating key storage vulnerabilities [11].
The advent of the ASCON family of authenticated encryption algorithms, selected as the NIST lightweight cryptography standard, represents a significant milestone for UAV security [12]. ASCON’s sponge-based design offers superior performance metrics compared to traditional AES implementations while maintaining robust security properties suitable for resource-constrained environments [4]. Performance evaluations demonstrate that ASCON-128a provides optimal balance between efficiency and security for UAV communication systems, achieving comparable throughput to AES with significantly reduced memory footprint and energy consumption [13].
Regulatory developments further underscore the urgency of implementing robust UAV security measures. The Federal Aviation Administration (FAA) has proposed new cybersecurity regulations requiring design approval applicants to identify, assess, and mitigate risks from intentional unauthorized electronic interactions (IUEI) in transport category aircraft, including UAV systems [14]. Similarly, the European Union Aviation Safety Agency (EASA) has issued draft policies mandating secure data transmission and resilient control link architectures in civilian UAV operations [15]. These regulatory frameworks emphasize the need for standardized, lightweight security solutions that can be effectively deployed across diverse UAV platforms.
Contemporary UAV security research has predominantly focused on single-layer defensive mechanisms or narrow application domains, lacking comprehensive frameworks that address the full spectrum of security challenges across multiple communication layers [16]. While recent surveys have examined specific aspects such as physical layer security or blockchain applications in UAV networks, there remains a critical gap in understanding how lightweight cryptographic techniques, scalable key management strategies, and cross-layer security mechanisms can be integrated into unified security architectures [17,18]. This fragmentation limits the development of holistic security solutions capable of addressing the complex, multi-faceted threat landscape facing modern UAV deployments.
The rapid evolution of UAV swarm technology further complicates the security landscape. Modern swarm systems can coordinate hundreds of autonomous drones using distributed control algorithms and real-time communication protocols. These swarms leverage artificial intelligence and machine learning to navigate complex environments while maintaining synchronized operations, but they also present new attack vectors and scalability challenges for traditional security mechanisms [19]. Energy-efficient communication protocols, including non-orthogonal multiple access (NOMA) schemes, must be carefully designed to balance performance optimization with security requirements [20].
This review article aims to address these critical gaps by integrating findings from a wide range of recent studies on UAV communication security. It provides an analysis of secure communication techniques for UAV networks, with particular emphasis on lightweight encryption methods and efficient key management schemes tailored to resource-constrained aerial platforms. The review critically examines recent advances in symmetric and asymmetric cryptography suitable for constrained devices, evaluates the feasibility of decentralized trust infrastructures such as blockchain, and explores post-quantum solutions that anticipate future computational threats. Furthermore, this work expands the discussion to encompass security threats and defenses across multiple communication layers from physical channel obfuscation to application-layer authentication protocols. Through a multilayer security framework (Figure 1) and a performance-based comparative analysis of lightweight cryptographic algorithms and key management techniques, this review integrates six core security dimensions: lightweight encryption, post-quantum cryptography, key distribution strategies, blockchain and PUF-based trust mechanisms, application-specific deployment factors, and cross-layer security frameworks. By bringing these dimensions together, this review provides a unified reference for researchers and system designers seeking to develop secure and scalable UAV communication architectures under real-world operational constraints.
The organization of this survey is illustrated in Figure 2. Section 2 provides essential background on UAV communication challenges and reviews existing survey literature. Section 3 outlines computational, energy, and storage constraints specific to UAV platforms and defines metrics for evaluating lightweight cryptographic solutions. In Section 4, the fundamental requirements and design trade-offs of lightweight cryptographic systems are discussed. Section 5 surveys optimized encryption techniques, including symmetric, asymmetric, and post quantum cryptography tailored for UAV applications. Section 6 examines key management strategies, such as static, dynamic, and hardware-assisted approaches. Section 7 presents a multilayer security framework designed specifically for UAV communications. Section 8 evaluates the applicability of these security techniques across various UAV application scenarios. Current limitations and emerging research directions are highlighted in Section 9, while Section 10 synthesizes the findings and offers a future research outlook.

2. Background and Related Survey Studies

UAV communication security has become a prominent area of research due to the increasing reliance on drones for surveillance, delivery, and mission-critical operations. A substantial number of survey papers have explored security challenges by addressing threats, countermeasures, and architectural models for secure UAV networking. However, these surveys tend to examine isolated components such as detection techniques [2], physical-layer vulnerabilities [21], or specific cryptographic schemes [4,7], rather than offering a unified framework that spans the entire communication and control stack. This fragmented treatment limits the ability to develop end-to-end, secure, and efficient UAV systems tailored to real-world deployment constraints.
Table 1 offers a structured comparison of existing survey literature, mapping each study’s contributions across six essential security dimensions: lightweight encryption (LWE), key management (KM), post-quantum cryptography (PQC), blockchain or PUF-based trust mechanisms (B/P), multilayer security frameworks (MLS), and application suitability (APS). Early foundational works, such as those by Abro et al. [2] and Mekdad et al. [21], provide general overviews of UAV detection and privacy concerns, yet overlook critical emerging domains such as lightweight cryptography, quantum-safe encryption, and scalable key exchange. Similarly, studies like Patel et al. [4] emphasize efficient encryption algorithms but do not incorporate key management or trust frameworks.
While existing survey studies predominantly focus on specific security dimensions (see Table 1), a comprehensive understanding of various cryptographic and security technologies is essential to identify appropriate solutions for secure UAV communications. Table 2 presents a structured comparison between lightweight encryption and key management approaches versus alternative security mechanisms, including traditional cryptographic methods, post-quantum cryptography, blockchain-based frameworks, PUFs, Intrusion Detection Systems (IDS), Secure Multi-party Computation (MPC), Federated Learning (FL), and Integrated Sensing and Communication (ISAC). Each technology is evaluated based on computational costs, energy efficiency, scalability, latency sensitivity, and suitability for UAV deployment. This comparative analysis highlights that although advanced methods such as blockchain, MPC, and FL provide significant security assurances and decentralized capabilities, their associated computational complexity, communication overhead, and energy demands may limit their practicality for resource-constrained UAV platforms. In contrast, lightweight encryption schemes, hardware-assisted trust mechanisms such as PUFs, and integrated sensing techniques offered by ISAC frameworks achieve an effective balance between robust security and operational efficiency, making them particularly suitable for real-time and resource-sensitive UAV scenarios.
Recent surveys have begun to bridge these gaps. For instance, Khan et al. [7], Xia et al. [8], and Aissaoui et al. [30] explored post-quantum cryptographic solutions suitable for UAV contexts. Hafeez et al. [10] and Choi et al. [28] integrated blockchain and PUF-based trust mechanisms to enhance authentication and key agreement. Abdelaziz et al. [22] and Rugo et al. [24] extended their coverage across multiple layers but still did not unify these elements into a cohesive framework. As summarized in Table 1, none of the reviewed works have simultaneously addressed all six dimensions of UAV security, leaving a gap in the literature for holistic, future-proof solutions.
This review addresses the identified limitations by presenting a unified analysis of secure UAV communication technologies. It integrates lightweight encryption techniques, scalable key management methods, post-quantum secure protocols, and blockchain or PUF-based trust solutions within a multilayer security architecture. In addition, it evaluates these technologies against operational factors such as latency, computational overhead, and mission-specific constraints. By offering a comprehensive framework that spans cryptographic design to system-level deployment, this work aims to guide future research and implementation of secure, scalable, and resilient UAV communication networks.

3. Threat Landscape in Drone Networks

UAVs are increasingly used across diverse domains such as precision agriculture, logistics, and disaster response. These autonomous or semi-autonomous systems rely heavily on wireless communication to exchange commands and application data within dynamic and often decentralized network environments. However, UAVs are particularly vulnerable to cyber-attacks due to their reliance on open-air interfaces, constrained energy and computational resources, and constant mobility. To contextualize these vulnerabilities, this section presents a threat analysis mapped to the OSI model, highlighting critical attacks such as eavesdropping, spoofing, jamming, and routing manipulation and explores how contemporary cryptographic algorithms are employed to mitigate these risks in real-world UAV deployments.
As illustrated in Figure 3, each OSI layer is associated with specific threat types—ranging from physical-layer jamming to application-layer command injection. Correspondingly, Table 3 summarizes cryptographic countermeasures tailored to each layer, demonstrating the layered approach required for securing UAV communications.

3.1. Threats at the Physical Layer

The physical layer (L1) governs radio frequency communication and is particularly susceptible to attacks due to its open and broadcast nature. Among the most critical threats at this layer are jamming and eavesdropping, both of which can severely disrupt mission-critical operations or compromise sensitive information. In surveillance, adversaries may exploit these vulnerabilities to intercept or jam UAV communication links, potentially derailing operations or rendering drones uncontrollable [48,49].
Jamming involves the deliberate transmission of disruptive signals that degrade the UAV’s communication channel, resulting in a denial of control or data loss. To counteract this, frequency hopping, spread-spectrum techniques, and cognitive radio approaches are employed to adapt transmission parameters in real time. Meanwhile, eavesdropping exploits the open nature of UAV broadcasts, allowing adversaries to passively intercept data streams. In response, physical layer security (PLS) methods such as artificial noise injection, cooperative jamming, and secure beamforming have been adopted to improve confidentiality without relying solely on upper-layer encryption [18,50].
The characteristics of aerial-to-ground (A2G) channels further exacerbate these vulnerabilities. High mobility, Doppler shifts, multipath fading, and variable line-of-sight conditions present challenges for both communication reliability and security. These dynamic propagation environments are difficult to secure through static cryptographic approaches and demand real-time adaptation [18]. Moreover, UAVs themselves can serve as mobile adversaries, launching eavesdropping or jamming attacks against terrestrial networks. Due to their elevation and maneuverability, malicious UAVs can maintain advantageous positions for longer durations, enhancing the impact of their attacks [51].

3.2. MAC and Data Link Layer Attacks

The Medium Access Control (MAC) and data link layers play a foundational role in address resolution, identity management, and intra-network communication for UAV systems. These layers are particularly vulnerable to spoofing, injection, and protocol-based attacks that can compromise communication integrity, redirect traffic, or isolate UAVs, leading to mission failure [52,53]. Spoofing attacks at the MAC layer involve adversaries falsifying MAC addresses or control signals to impersonate legitimate devices. In UAV networks, this can trick drones into accepting commands from malicious sources, resulting in command hijacking, situational confusion, or loss of control [54]. Frame injection attacks are similarly disruptive, where attackers transmit unauthorized MAC frames containing forged telemetry or control instructions, such as disarm signals. These attacks are particularly dangerous in autonomous or semi-autonomous operations, where UAVs rely on uninterrupted and authenticated data streams [55]. Studies show that sustained spoofed packet flooding, such as repeated ARP replies or disarm requests, can cause denial-of-service (DoS) conditions or prematurely ground drones [56].
Data link vulnerabilities are further exacerbated by the widespread use of lightweight and unencrypted protocols like MAVLink. As these messages are typically broadcast in plaintext, attackers can eavesdrop or manipulate control flows using simple packet sniffers. ARP spoofing and dictionary attacks on these channels enable adversaries to extract sensitive telemetry, flight logs, and live command feeds [55]. Replay attacks and message fabrication are also feasible in the absence of cryptographic safeguards. Attackers can inject falsified messages, jam frequencies, or manipulate channel access parameters, particularly when MAC overhead is minimized to enhance link efficiency [57]. Such optimizations must be balanced with robust threat modeling to prevent the emergence of new attack vectors. Overall, MAC and data link layer attacks constitute a critical risk to UAV communication integrity and necessitate dedicated detection and mitigation mechanisms.

3.3. Network and Transport Layer Attacks

UAV networks operating in dynamic, decentralized environments are highly susceptible to attacks targeting the network (L3) and transport (L4) layers. These layers are central to routing and reliable data transmission, and their disruption can cascade across the system. Key network-layer threats include Sybil, black hole, and wormhole attacks. In Sybil attacks, a malicious UAV or node generates multiple fake identities to distort routing tables and manipulate network structure. Black hole attacks involve deceptive nodes that advertise optimal paths only to drop all received packets, while wormhole attacks create false tunnels between remote malicious nodes to reroute traffic through unauthorized paths [52,58,59]. These threats are especially impactful in UAV swarms, where cooperative missions depend on consistent and secure routing. Moreover, attackers may combine techniques-such as using Sybil nodes to amplify black hole effects or wormholes to propagate false routes-making coordinated defenses essential.
Transport-layer vulnerabilities exacerbate these challenges. DoS attacks targeting this layer can flood UAV links and sever communication with ground control, degrading telemetry quality and disabling command channels. Additionally, session hijacking allows adversaries to intercept session tokens and insert malicious packets or suppress legitimate transmissions [4,60]. UAVs often operate under tight energy and compute budgets, relying on lightweight protocols with minimal session validation. This makes them vulnerable to replay attacks, sequence desynchronization, and connection resets, all of which can delay or disrupt mission-critical data flow. Effective mitigation requires transport-layer defenses tailored for UAV constraints, including session management, rekeying support, and adaptive rate-limiting techniques.

3.4. Application Layer Vulnerabilities

At the application layer (L5), UAV networks become targets for high-impact cyberattacks aimed at mission execution, firmware integrity, and data confidentiality. This layer governs tasks such as remote command processing, mission planning, and over-the-air software updates, frequently involving interactions with cloud services or ground control systems [52,53]. Weak or inconsistent authentication allows adversaries to gain unauthorized access to cloud-linked UAV services, leading to data exfiltration, misrouting, or unauthorized control over UAV behavior [33]. In multi-UAV systems lacking fine-grained access controls or end-to-end encryption, this threat is amplified.
Software updates are another major attack surface. Over-the-air (OTA) update mechanisms, if not cryptographically authenticated, may be intercepted and used to deploy malicious firmware. Such insertions can persistently compromise UAVs, enabling long-term access and backdoor installation [61,62]. Additionally, command injection attacks at the application interface can reroute UAVs, manipulate payloads, or terminate missions. In delivery operations, for example, this could result in theft or rerouting to unauthorized drop zones [63]. Many UAV platforms also store credentials-such as FTP login keys or update server secrets-in plaintext within configuration files, making it easy for attackers to extract and misuse them. These oversights expose UAVs to both online and offline credential theft, persistent access, and telemetry spoofing. As remote UAV control becomes more common, securing application-layer components is critical for ensuring mission safety and operational trust.

3.5. Cross-Layer Attack Vectors

Cross-layer attacks represent one of the most complex and disruptive forms of cyber threats in UAV systems. These attacks target multiple protocol layers simultaneously, leveraging the interdependencies among them to escalate their impact [24,64]. For instance, a jamming attack at the physical layer can inhibit signal transmission, which in turn prevents routing updates at the network layer and disrupts application-layer services such as video streaming or command relay. In swarm deployments, such cascading disruptions can desynchronize drones, leading to collisions, coverage gaps, or mission failure [50].
What makes cross-layer threats particularly dangerous is their ability to mask malicious activity through distributed and time-synchronized strategies. Attackers may coordinate jamming with transport-layer flooding to overwhelm both the wireless channel and the onboard CPU or combine spoofing at the MAC layer with network-layer redirection. These composite attacks are difficult to detect using conventional, layer-specific intrusion detection systems, as their effects may manifest indirectly at higher layers. Lower-layer compromises may also degrade the integrity of upper-layer security measures. For example, synchronization errors at the data link layer can break encryption sessions or distort timestamp validations in application-layer logs.
Given these complexities, cross-layer attacks challenge the modular design assumptions of many defense frameworks. Their mitigation demands integrated, context-aware monitoring that correlates anomalies across layers. As UAV systems grow more autonomous and interconnected, addressing cross-layer attack surfaces becomes vital for safeguarding mission continuity, system resilience, and fleet-wide coordination.
To consolidate these insights, Table 4 provides a comprehensive summary of attack vectors across the OSI model. The table categorizes dominant threats, typical attack methods, and operational consequences at each layer, highlighting the multidimensional nature of the UAV threat landscape. This reinforces the need for a multi-layered and adaptive security architecture capable of responding to both traditional and emerging cyber threats in aerial environments.

3.6. Lessons Learned from the UAV Threat Landscape

The layered threat analysis presented in this section highlights the complex and evolving nature of cyber vulnerabilities in UAV networks. Key insights can be drawn regarding how threats propagate across the communication stack and how specific attack vectors target operational dependencies.
First, threats at the physical and data link layers, such as jamming, eavesdropping, and spoofing, represent foundational risks that can undermine upper-layer security mechanisms if not mitigated early. These lower-layer vulnerabilities demand adaptive, energy-efficient protections like frequency agility and lightweight encryption.
Second, the network and transport layers are particularly prone to logic manipulation through attacks like Sybil, wormhole, and session hijacking. These threats disrupt routing and command integrity, especially in decentralized or autonomous UAV networks. Effective countermeasures must include dynamic key management and anomaly-aware routing schemes that can tolerate mobility and latency constraints.
Third, application-layer threats remain a critical challenge due to increasing reliance on remote cloud services, OTA updates, and third-party integrations. Command injection and software tampering can have direct mission consequences. Therefore, secure boot, robust access control, and authenticated update mechanisms must be integral to the system design.
Finally, cross-layer attacks underscore the limitations of isolated defense strategies. The cascading nature of these attacks reveals that modular defenses are insufficient in swarm-based or highly mobile UAV systems. A unified, context-aware, and multilayered security architecture is essential for resilience and rapid threat response.
These observations emphasize the importance of end-to-end security planning, wherein lightweight cryptographic techniques, decentralized trust frameworks, and real-time anomaly detection work in concert to secure UAV operations across diverse mission profiles.

4. Overview of Lightweight Cryptographic Requirements

The increasing deployment of digital systems in resource-constrained environments, such as UAVs, IoT devices, and embedded platforms, has increased the demand for cryptographic solutions that are both secure and efficient. Traditional encryption algorithms often prove unsuitable for these platforms due to limitations in memory, processing speed, throughput, energy consumption, and implementation cost. To overcome these challenges, lightweight cryptography has emerged as a promising approach, offering an optimal balance between security and resource efficiency, particularly for real-time and low-power operations [65,66].
A foundational consideration in this domain is the characterization of what constitutes “lightweight” cryptography. Although such schemes are typically simpler and faster than conventional algorithms, these benefits may entail reduced performance margins or lower cryptographic strength [65,66]. Accordingly, a clear understanding of the core design requirements is essential for evaluating and selecting algorithms suitable for UAV applications.
The literature consistently highlights four principal metrics for lightweight cryptographic systems: (1) computational complexity, defined by the number of logical operations required for encryption or decryption [67]; (2) memory footprint, which encompasses both code size (ROM) and working memory (RAM) [68]; (3) energy consumption, which is critical for battery-operated or energy-harvesting UAVs [69,70]; and (4) latency, the time needed to compute a single encryption or decryption block, which is particularly important in time-sensitive missions [68,71].
To address these requirements, a diverse set of lightweight cryptographic primitives has been developed. Prominent among them are lightweight block ciphers such as PRESENT [72], SPECK, and SIMON [73,74], which are optimized for compact implementations on constrained devices. Similarly, lightweight stream ciphers including Trivium [75] and Grain [76] provide rapid, low-overhead encryption suitable for continuous data streams. For public key operations, Elliptic Curve Cryptography (ECC) [77,78] remains a leading choice due to its high security-to-resource ratio and reduced key sizes compared to RSA or DSA [79].
The remainder of this section is structured as follows: Section 4.1 explores the computational and energy constraints inherent to UAV platforms. Section 4.2 outlines the standard evaluation metrics for lightweight cryptography, and Section 4.3 discusses design principles and performance-security trade-offs that influence algorithm selection.

4.1. Resource Constraints in UAV Platforms

Recent advancements in UAV technologies have led to their widespread adoption across numerous public and industrial sectors. UAVs are now deployed in diverse domains, including surveillance [80], environmental monitoring [81], disaster response [82], delivery services [83,84], traffic monitoring [85], and precision agriculture [86]. Each application imposes unique demands on UAV platforms, often under stringent resource constraints. For instance, UAVs used in real-time video surveillance or disaster response typically capture and transmit high-resolution images or video, requiring low-latency communication and fast data processing, all while operating on limited battery power [87,88]. In contrast, agricultural UAVs conducting periodic mapping may prioritize data storage and secure network connectivity over computational speed [89]. For delivery UAVs, energy efficiency is critical for maximizing flight range, while stable communication ensures reliable navigation and real-time tracking, particularly in dynamic environments such as urban areas or traffic congestion [90].
Despite their growing utility, UAVs are inherently constrained by limited energy, processing capability, memory, latency tolerance, and communication bandwidth. Energy efficiency is particularly challenging, as UAVs are typically battery-powered and may not have opportunities to recharge during extended missions [91]. Power-intensive operations significantly reduce flight time. Most UAVs rely on low-power microcontrollers that are not suitable for computationally demanding tasks. Memory is also limited, particularly in small and nano-scale UAVs, restricting the deployment of large datasets or advanced algorithms. Furthermore, many UAV applications require on-board real-time processing and low-latency response, especially in mission-critical operations such as object tracking or autonomous navigation [92]. Cryptographic functions and control algorithms must therefore be computationally lightweight to avoid introducing delays. Communication bandwidth can also be limited or highly variable, requiring compact and efficient encryption protocols. These challenges are especially pronounced in lightweight UAVs, which are chosen for their mobility and ease of deployment, but often lack advanced hardware support. Consequently, both hardware and software components must be optimized to meet operational demands without compromising system performance or mission success. Table 5 highlights selected studies that emphasize various resource limitations in UAV systems.

4.2. Definition and Metrics of Lightweight Cryptography

To assess the suitability of lightweight cryptographic algorithms for constrained platforms, it is necessary to evaluate not only their security strength but also their performance under limited computational and energy budgets. Figure 4 summarizes key operational challenges and the corresponding metrics used to evaluate algorithm efficiency.
A primary consideration is hardware cost, which is often expressed using metrics such as silicon area, slice usage, area per bit [104], or gate equivalents (GE) [105,106]. GE represents the area needed to implement an algorithm on an integrated circuit and serves as a proxy for cost and complexity.
Latency is another essential metric, representing the time taken from the start of an operation to the generation of output [105]. It can be measured in clock cycles per operation [107,108], peak execution time, or average execution time [4,109]. For evaluating throughput, which measures the volume of data processed per unit time, hardware performance is typically evaluated at 100 kHz, while software implementations use 4 MHz CPU frequencies [110,111].
In battery-powered systems, energy and power consumption are critical. Metrics such as energy per bit [104,106,112] or energy per operation [110] directly impact the longevity of UAV missions.
Memory usage is also a key constraint. This includes RAM for runtime operations and ROM for storing constants, such as S-boxes or precomputed keys [105,109]. Evaluation metrics such as code size, key size, and block size are commonly used to estimate storage requirements [33,110].
Given the limited processing capabilities of UAV hardware, computational efficiency must also be assessed. Metrics such as CPU cycles per operation [112], CPU utilization percentage [33], and CPU execution time [109] provide a quantitative basis for comparison.
In networked environments, communication overhead must be minimized. Metrics such as message size [107,112], number of transmissions [112], transfer speed [33], and bandwidth utilization [109] help assess the communication efficiency of cryptographic protocols.
While reducing resource consumption, cryptographic algorithms must continue to meet essential security requirements. Standard internal structures used to achieve this include Substitution-Permutation Networks (SPN), Feistel Networks (FN), Generalized Feistel Networks (GFN), Add-Rotate-XOR (ARX), Nonlinear Feedback Shift Registers (NLFSR), and hybrid models. Security is typically quantified in terms of minimum strength (in bits) and resistance to side-channel and fault injection attacks [109,110]. Table 6 and Table 7 summarize key evaluation metrics and studies that have applied them.
NIST’s [105] Lightweight Cryptography Project serves as a standard reference to evaluate various algorithms. Ref. [113] was the first to use both NIST and ISO standards as benchmarks for selecting optimal lightweight authentication cryptographic ciphers. This study develops evaluation metrics and criteria based on various requirements and then applies hybrid multi-criteria decision-making (MCDM) methods, such as CRITIC and TOPSIS, to objectively weight the criteria and rank the alternatives. Therefore, it provides a valuable benchmark for the assessment and ranking of lightweight cryptographic ciphers.
To support practical algorithm selection for resource-constrained UAV platforms, we introduce qualitative threshold ranges that reflect the typical capabilities of embedded systems such as Pixhawk and STM32-based flight controllers. These thresholds, outlined in Table 8, provide a coarse classification of cryptographic algorithm overhead, categorized as low, moderate, or high, based on metrics including code size, RAM usage, energy per operation, latency, CPU utilization, and message size increase. The values are informed by empirical findings reported in recent benchmark studies [4,33,109,112,114], and are intended to offer general guidance rather than strict performance limits, considering the diversity of mission profiles and hardware configurations in UAV deployments.

4.3. Design Principles: Trade-Offs and Optimization

Designing lightweight cryptographic algorithms for UAVs involves balancing security requirements with constraints on energy, memory, and computational power. As discussed in previous sections, these limitations restrict the use of conventional cryptographic approaches. Therefore, designers must evaluate trade-offs between performance, cost, and security to create algorithms that meet operational demands without overburdening system resources [104,115].
While lightweight cryptographic algorithms are expected to be simpler and faster than conventional schemes, they may offer reduced security margins [65]. Figure 5 illustrates the typical trade-offs in designing such algorithms. Enhancing security through longer keys, additional rounds, or added integrity checks increases computational demand and latency. High-speed encryption may require additional memory for storing intermediate values or lookup tables. Conversely, memory-optimized schemes reduce speed due to serialized processing. Parallelization improves throughput but consumes more area and power. Similarly, minimizing latency through higher clock rates increases energy consumption. In hardware implementations, higher throughput often results in increased gate count, while minimizing area generally reduces performance.
Table 9 presents a comparative overview of several widely studied lightweight cryptographic algorithms in terms of key size, block size, memory footprint (ROM and RAM), latency, energy consumption per bit, throughput, and hardware area measured in gate equivalents (GE). These metrics reflect the fundamental trade-offs discussed above and help identify which algorithms align best with specific UAV deployment scenarios. For instance, algorithms like SPECK and SIMON offer low latency and high throughput, making them suitable for real-time aerial tasks, whereas PRESENT and SEA prioritize minimal memory and area, which is advantageous for smaller UAV platforms with tighter resource constraints.The values of this table are compiled from multiple benchmark studies and surveys including [110,116,117,118,119]. These sources evaluate algorithm performance based on implementations on 8-bit microcontrollers.
Several strategies are used to optimize lightweight cryptographic designs:
  • Algorithmic simplification by reducing rounds or using basic operations [73].
  • Bit-serial processing to minimize hardware complexity [72].
  • Substitution-Permutation Networks (SPNs) optimized for hardware efficiency [72].
  • Platform-specific customization based on target architectures (e.g., 8-bit or 32-bit processors).
These approaches help ensure acceptable security while remaining deployable on constrained hardware platforms. The choice of design technique is often guided by the application context, requiring careful trade-off decisions among competing metrics.

4.4. Lessons Learned

Lightweight cryptography has emerged as a vital enabler for secure communication in UAV systems, where resource constraints such as limited energy, processing power, memory, and communication bandwidth significantly limit the practicality of traditional encryption methods. This section emphasizes that a nuanced understanding of platform-specific limitations is essential for selecting appropriate algorithms. Unlike conventional cryptographic systems built for general-purpose computing, lightweight algorithms must achieve a delicate balance between performance and protection, often requiring trade-offs in cryptographic strength or redundancy to meet operational feasibility. UAV applications vary widely in their constraint profiles depending on mission objectives, from real-time video streaming and autonomous navigation to periodic environmental monitoring. These diverse use cases demand flexible and efficient cryptographic solutions. The literature consistently identifies key evaluation metrics such as computational cost, code size, RAM usage, energy per operation, latency, and message overhead, which together provide a comprehensive view of an algorithm’s suitability for deployment. Benchmark studies and threshold-based classifications highlight the importance of empirical testing and context-aware performance evaluation. Trade-offs are central to cryptographic design, where enhancements in one metric often come at the cost of another. For instance, increasing encryption speed may raise memory consumption, while minimizing latency can elevate energy usage. Hardware-specific design strategies, algorithmic simplification, and efficient internal structures such as SPNs and Feistel Networks are shown to mitigate these challenges. The findings from this section reinforce the critical need for customized cryptographic design in UAV environments, where resource constraints fundamentally shape both implementation feasibility and mission success.

5. Survey of Lightweight Encryption Techniques

Building upon the cryptographic requirements, performance metrics, and design considerations presented in Section 4, this section provides a structured survey of lightweight encryption techniques tailored for UAV platforms. These techniques are designed to meet the stringent resource constraints of UAVs while ensuring essential security services such as confidentiality, integrity, and authentication [120].
UAVs operate in dynamic and often adversarial environments, where reliable and secure communication is critical to mission success. Due to limited processing power, energy reserves, and onboard memory, traditional encryption schemes are often impractical. In response, lightweight cryptography has emerged as a viable solution for protecting UAV data exchanges without imposing significant performance overhead.
To secure UAV communications, a comprehensive suite of cryptographic services must be in place. As shown in Figure 6, the core services include confidentiality, integrity, authentication, nonrepudiation, and availability. Additionally, UAV systems must be resilient against targeted threats such as node capture, impersonation, data duplication, and forensic attacks. Properly selected lightweight cryptographic primitives form the basis for defending against such vulnerabilities [79,121].
At the core of cryptographic security lies the use of keyed algorithms, which rely on secret values for encryption and decryption. These algorithms fall into two broad categories: symmetric key cryptography and asymmetric key cryptography. Symmetric algorithms use a single shared key for both encryption and decryption, making them computationally efficient and well-suited for constrained platforms. They support confidentiality, data integrity, and authentication, although secure key distribution remains a challenge. This limitation is often addressed by pre-sharing keys through trusted mechanisms. In contrast, asymmetric algorithms use separate public and private keys, offering greater flexibility for tasks such as digital signatures and key exchange, but at the cost of higher computational complexity [79,110].
In symmetric lightweight cryptography, a range of primitives has been developed to achieve specific security objectives while minimizing resource usage. These primitives are tailored for constrained environments like UAV platforms, where computational and energy efficiency is critical. As illustrated in Figure 7, the primary categories include:
  • Lightweight Block Ciphers (LWBC): Designed for encrypting fixed-size blocks of data with minimal overhead.
  • Lightweight Stream Ciphers (LWSC): Operate on continuous data streams and are well-suited for real-time encryption tasks.
  • Lightweight Hash Functions (LWHF): Ensure data integrity and are commonly used in digital signature schemes and authentication protocols.
  • Lightweight Message Authentication Codes (MACs): Authenticate messages and verify their origin using minimal computational resources.
  • Lightweight Authenticated Encryption (AE): Provide combined confidentiality and integrity in a single operation [105,121,122].

5.1. Lightweight Block Ciphers

Block cipher cryptography is grounded in two core principles: confusion and diffusion. Confusion aims to obscure the relationship between the ciphertext and the encryption key, typically achieved through substitution operations such as S-boxes. Diffusion, on the other hand, spreads the influence of individual plaintext bits across the ciphertext using permutation mechanisms [68,110,117,123]. In a block cipher, encryption and decryption are performed on fixed-size data blocks, generally 64 bits or larger [110].
Figure 8 categorizes block ciphers based on their internal structures, including Substitution-Permutation Networks (SPNs), Feistel Networks, Generalized Feistel Networks (GFNs), Add-Rotate-XOR (ARX) architectures, Nonlinear Feedback Shift Register (NLFSR)-based designs, and hybrid models. Examples of widely used ciphers within these categories include AES (SPN), DES (Feistel), TWINE (GFN), IDEA (ARX), KeeLoq (NLFSR-based), and the Hummingbird family (hybrid) [68,110].
Each architectural model presents unique design advantages and trade-offs. SPNs apply iterative substitution and permutation layers, which facilitate efficient serialization and minimal datapath widths [68,110]. A notable example is PRESENT [72], a highly compact SPN cipher developed for embedded systems. It incorporates 31 lightweight rounds, each consisting of a substitution layer, a permutation layer, and round key integration [124].
Feistel networks operate by dividing input data into halves, applying a round function to one half, and recombining the result with the other half through XOR operations. While this structure increases hardware cost slightly, it simplifies decryption by mirroring the encryption process. The Generalized Feistel Network (GFN) extends this model by partitioning input into multiple sub-blocks, enhancing flexibility and allowing for diverse round functions and shifting patterns.
ARX-based ciphers utilize only modular addition, bitwise rotation, and XOR operations. These primitives enable fast and compact implementations but are generally less scrutinized in terms of cryptanalytic robustness. AES-128, for instance, has been adapted into a compact software form that uses processor registers to store the internal state and the mix column step, while storing the key in RAM. This implementation requires approximately 1659 bytes of ROM and 4557 cycles to encrypt a 128-bit block [68,118].
NLFSR-based ciphers, which originate from stream cipher structures, are predominantly used in hardware implementations. Their security depends on nonlinear feedback shift register configurations commonly analyzed in stream cipher design. Hybrid architectures combine features from multiple cipher structures to optimize specific performance or security metrics. The effectiveness of these designs is determined by the selection and integration of component mechanisms [68,110].

5.2. Stream Ciphers and Real-Time Encryption

Stream ciphers are symmetric encryption algorithms that process data as a continuous stream, encrypting bits by bits or word by word rather than in fixed-size blocks. This design enables high-speed and low-latency encryption, making stream ciphers particularly well-suited for resource-constrained environments. Unlike block ciphers, which leverage both confusion and diffusion properties, stream ciphers primarily employ confusion through simple operations such as bitwise XOR [110]. As a result, they are generally less complex, easier to implement in hardware, and more efficient in scenarios where processing power and energy are limited.
Lightweight stream ciphers typically generate keystreams using structures such as Linear Feedback Shift Registers (LFSRs) or Nonlinear Feedback Shift Registers (NLFSRs). These designs support high-speed and low-power operations, making them ideal for use in wireless networks and mobile platforms, including UAVs [125].
The theoretical foundation of stream ciphers is based on the one-time pad (OTP) model, which offers perfect secrecy when a truly random keystream of the same length as the plaintext is used [126]. However, the challenges of generating and securely distributing such keystreams have led to the adoption of pseudorandom keystream generators. In lightweight stream ciphers, encryption is performed by XORing the plaintext with a pseudorandom keystream derived from a secret key and initialization vector (IV). While this method offers efficiency, it also introduces vulnerabilities such as key reuse and synchronization issues, necessitating robust key and IV management strategies. Despite these challenges, stream ciphers remain a strong candidate for real-time encryption in UAV systems, where data is transmitted continuously and low latency is essential.
To promote the development of secure and efficient stream ciphers, the eSTREAM project was launched under the European Network of Excellence in Cryptology II [127]. The project evaluated 34 candidate algorithms and selected a portfolio of ciphers suitable for deployment in both software and hardware-constrained environments. Two implementation profiles were defined: Profile 1 targeted high-throughput software ciphers, including Salsa20/12, Rabbit, LEX, and SOSEMANUK; Profile 2 focused on compact hardware implementations, featuring Grain, Trivium, and MICKEY 2.0. These ciphers were benchmarked on microcontroller platforms and extensively analyzed in the context of wireless sensor networks. While some candidates were disqualified due to security vulnerabilities, the remaining finalists demonstrated resilience against all known attacks exceeding brute-force complexity [126].
Among the selected ciphers, Trivium and Grain are notable for their lightweight hardware design and strong efficiency. Trivium [75], standardized under ISO/IEC 29192-3:2012 [128], is a synchronous, bit-oriented cipher utilizing 80-bit keys and IVs. It employs three interdependent shift registers to achieve nonlinearity, maintaining a minimal hardware footprint of approximately 749 gate equivalents (GE), while also offering reasonable software performance. However, its simplicity makes it susceptible to certain fault injection attacks.
Grain [76] combines both LFSR and NFSR components to generate a secure keystream. It features a bit-oriented architecture and produces between 1 and 32 bits per cycle, depending on configuration. Grain-128a, an enhanced version, supports 128-bit keys and allows for adjustable authentication tag sizes, making it suitable for applications requiring both confidentiality and integrity [125,126].
Salsa20 [129], a Profile 1 finalist, was developed for efficient software encryption and uses modular addition, XOR, and bit rotation operations. It supports 256-bit keys and 128-bit IVs, with variants such as Salsa20/8, Salsa20/12, and Salsa20/20 offering trade-offs between performance and security. Although it performs well in software, its relatively large hardware footprint limits its applicability in highly constrained systems. ChaCha [130], a variant of Salsa20, enhances diffusion and cryptographic strength and is widely adopted due to its speed and robustness.
MICKEY 2.0 (Mutual Irregular Clocking KEYstream generator) employs irregularly clocked Galois LFSRs and NFSRs to improve keystream randomness. It supports 80-bit keys and variable IVs, offering secure encryption with a higher implementation complexity of over 3000 GE. The extended version, MICKEY-128 2.0, supports larger keys and improved throughput but has also shown vulnerability to related-key and fault injection attacks [125]. Despite such limitations, these ciphers continue to serve as reference benchmarks for real-time secure communication in UAV networks and other resource-limited systems.

5.3. Asymmetric Encryption

Asymmetric cryptography, also known as Public Key Cryptography (PKC), plays a critical role in securing communication within networked systems such as UAVs. Unlike symmetric encryption, which uses a single shared key, PKC employs a key pair consisting of a public key for encryption and a private key for decryption. These keys are generated using mathematical functions designed to make it computationally infeasible to derive the private key from the public one [79]. This cryptographic paradigm supports essential security services, including confidentiality, data integrity, authentication, non-repudiation, availability, and access control [79,110]. In practical implementations, a sender encrypts data using the recipient’s public key, while digital signatures are created with the sender’s private key and verified using the corresponding public key [110].
Despite its robustness, asymmetric cryptography presents challenges in resource-constrained environments. Operations often involve large key sizes and computationally intensive arithmetic over algebraic structures, with operands reaching lengths of thousands of bits. These requirements can strain the limited processing, memory, and energy resources of UAV platforms [79,131].
Among existing PKC schemes, Elliptic Curve Cryptography (ECC) is widely considered the most suitable for constrained systems. ECC achieves comparable security to classical methods such as RSA, while requiring significantly smaller key sizes, reduced memory footprint, and lower computational load. It is commonly adopted for key exchange, digital signature generation, and authentication in lightweight environments, and is standardized under ISO/IEC 29192 [131].
The efficiency of ECC in constrained settings is enabled through implementation-specific optimizations. Although ECC itself is not inherently lightweight, lightweight elliptic curve cryptography (ECLC) leverages design decisions across protocol, algorithm, architecture, and circuit levels to meet performance and energy constraints. These optimizations include using efficient point representations (such as projective or mixed coordinates), selecting specialized curve models (including Koblitz, Edwards [132], and Montgomery curves [133]), and tailoring implementations to the underlying hardware [79].
A notable extension of ECC in the lightweight cryptography domain is identity-based encryption (IBE), which simplifies key management by deriving public keys from unique identifiers (e.g., email addresses). In contrast to RSA, where key pairs are generated independently, IBE enables a public key to be deterministically generated from an identity string, while the corresponding private key is issued by a trusted authority. The Boneh–Franklin IBE scheme, one of the earliest and most influential constructions, employs elliptic curve cryptography and uses Weil pairing to achieve chosen ciphertext security under the elliptic curve variant of the computational Diffie–Hellman assumption [134]. To improve resilience and decentralization, this scheme can also support threshold cryptography for distributed key generation without requiring a centralized master key.
To further adapt IBE for resource-limited platforms such as UAVs, lightweight variants like IBE-Lite have been introduced [135]. IBE-Lite retains the core functionality of identity-based public key derivation and secure private key distribution while minimizing computational and memory demands. Built upon the ECC framework, it provides a practical and secure public key infrastructure alternative for embedded and low-power environments.

5.4. Post-Quantum Cryptography

Classical cryptographic systems are built on the computational hardness of problems such as the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP), and the Elliptic Curve Discrete Logarithm Problem (ECDLP). However, the development of quantum computing poses a significant threat to these systems. Algorithms such as Shor’s and Grover’s, when implemented on a sufficiently powerful quantum computer, can efficiently break traditional encryption and key exchange mechanisms. In response, the field of post-quantum cryptography (PQC)—also referred to as quantum-resistant or quantum-safe cryptography—has emerged as a critical area of research to ensure secure communication in the quantum era [136,137].
As illustrated in Figure 9, PQC encompasses five primary categories of cryptographic schemes: code-based, lattice-based, hash-based, isogeny-based, and multivariate-based cryptosystems.
To identify viable quantum-resistant algorithms, the National Institute of Standards and Technology (NIST) launched a multi-round standardization effort. The process began in 2017 with 69 algorithm submissions. Through successive rounds of evaluation—focused on robustness, performance, and implementation feasibility—a subset of algorithms advanced to the final stages. By the conclusion of Round 3 in 2022, NIST had selected a set of finalists and alternate candidates for future standardization [138]. Although not all candidates are suitable for resource-limited platforms such as UAVs, the selected algorithms have undergone extensive public scrutiny and represent the most promising approaches for real-world deployment [139].
Figure 10 presents an overview of the algorithms evaluated throughout the competition, organized by cryptographic category. Many of these schemes remain unsuitable for UAVs due to their computational and memory requirements.
The following subsections provide a brief overview of the major classes of PQC schemes and their applicability to UAV platforms [137,140].
  • Code-Based Cryptosystems: These systems are grounded in the use of error-correcting codes. Security is achieved by deliberately introducing errors into messages, rendering them unintelligible without a private decoding key [141]. A canonical example is the McEliece cryptosystem [142], which uses a structured code (e.g., a Goppa code [143]) that is scrambled to produce a public key. The private key consists of the unscrambled, structured version, known only to the recipient [144,145]. McEliece is attractive for UAV applications due to its fast encryption and decryption but suffers from very large key sizes—often exceeding 100 KB—posing significant storage and transmission challenges. Research efforts have explored more compact alternatives, such as low-density parity-check (LDPC), moderate-density parity-check (MDPC), and quasi-cyclic variants [139].
  • Lattice-Based Cryptosystems: These systems rely on the hardness of problems like the Shortest Vector Problem (SVP) and Learning with Errors (LWE), defined over multidimensional lattices [144,146]. Lattice-based schemes are considered among the most promising for quantum resistance due to their strong security proofs and relatively efficient implementations. However, key and ciphertext sizes remain a concern. Compared to code-based cryptography, they require less storage but still impose nontrivial computational costs. Leading candidates such as NTRU [147] and NewHope [148] offer a favorable balance between security and efficiency. Signature schemes based on the Short Integer Solution (SIS) problem have also shown promise, though most remain in early testing stages on constrained hardware. UAV-specific adaptations may benefit from compression techniques and optimized hardware-aware implementations [139].
  • Hash-Based Cryptosystems: These systems use the cryptographic properties of hash functions—namely, collision resistance and pre-image resistance—to build secure digital signature schemes [141,144]. Hash-based signatures typically generate one-time-use secret keys from a master key and organize them using tree-based structures, such as Merkle trees [149,150]. While highly secure and resistant to quantum attacks, such systems require careful management of key states and may involve large tree structures. Stateless variants reduce the risk of key reuse but come with increased computational overhead. Although hash-based signatures are computationally lightweight, their implementation complexity and management requirements have limited adoption in UAVs [151].
  • Multivariate Cryptosystems: Multivariate public key schemes are based on the difficulty of solving systems of multivariate polynomial equations over finite fields [140]. These systems use simple operations like addition and multiplication, making them computationally attractive for constrained environments [144]. Well-known schemes include Hidden Field Equations (HFE) [152] and Unbalanced Oil and Vinegar (UOV), which have been applied in both encryption and signature protocols. Despite their efficiency, multivariate cryptosystems often involve large public keys and ciphertexts, which can limit practical deployment in UAVs. Variants like Rainbow, QUARTZ, QUAD, and Tame Transformation Signatures (TTS) have demonstrated success on low-power devices, but key sizes remain a challenge. For example, a Rainbow implementation with parameters n = 42 , m = 24 , q = 256 yields a public key size of approximately 22,680 bytes [7,139]. Compression techniques and parameter tuning are essential for making these schemes viable for UAV systems.
  • Isogeny-Based Cryptosystems: Isogeny-based cryptography leverages the mathematical properties of isogenies, or structure-preserving maps between elliptic curves [153]. Supersingular elliptic curves, which lack a commutative endomorphism ring, offer strong resistance to quantum attacks [154]. The Supersingular Isogeny Key Encapsulation (SIKE) protocol has been among the most studied candidates in this category [144,155]. While isogeny-based schemes are appealing due to their relatively small key sizes, they often require intensive computations and are sensitive to side-channel and fault injection attacks. These limitations present challenges for deployment on UAV platforms with tight power and timing constraints [139].
  • Hybrid Cryptosystems: Hybrid approaches combine classical and post-quantum algorithms to provide defense-in-depth during the transition period. For example, Google’s CECPQ1 and CECPQ2 protocols integrated post-quantum key exchange alongside traditional TLS mechanisms. Although hybrid systems offer an additional layer of protection, they are often not suitable for UAVs due to the increased computational and memory demands required to run two cryptographic systems concurrently [139].
According to Fernandez-Carames and Fraga-Lamas [139], the most promising post-quantum cryptographic candidates for UAVs are code-based and lattice-based schemes. Most code-based proposals are derived from McEliece or Niederreiter structures, often using quasi-cyclic enhancements. In contrast, lattice-based approaches typically rely on solving the Learning with Errors (LWE) or Learning with Rounding (LWR) problems, and offer a favorable balance between security and implementation feasibility for lightweight platforms.

5.5. Lessons Learned

Lightweight encryption techniques are central to enabling secure and efficient communication in UAV networks. This section demonstrates that symmetric cryptography, especially in the form of lightweight block and stream ciphers, remains the most practical choice for resource-constrained platforms due to its simplicity, lower overhead, and suitability for real-time operations. Stream ciphers such as Trivium and Grain excel in scenarios requiring continuous, low-latency data transmission, while block ciphers like PRESENT and SIMON offer structured encryption with compact implementations. Asymmetric cryptography, particularly ECC, provides essential functionalities such as secure key exchange and digital signatures with significantly lower resource consumption compared to RSA, making it the preferred public key technique for UAVs. Identity-based encryption further simplifies key management for dynamic networks. However, these methods must be optimized at both algorithmic and architectural levels to align with the hardware limitations of UAV systems. The survey also highlights the growing importance of post-quantum cryptography in safeguarding UAV communications against future quantum threats. Although many PQC schemes remain too resource-intensive for UAV deployment, lattice-based and code-based cryptosystems offer a promising balance between quantum resistance and implementation feasibility. Overall, this analysis reinforces that algorithm selection must be tightly aligned with specific mission requirements, hardware capabilities, and emerging security paradigms, particularly as quantum-era readiness becomes increasingly relevant.

6. Key Management Techniques

While cryptographic primitives, including lightweight symmetric ciphers and post-quantum algorithms, serve as the foundation of secure communication, their effectiveness in UAV systems depends significantly on the management of cryptographic keys. Key management is a critical challenge in securing UAV communication networks due to their dynamic topologies, limited resources, and susceptibility to adversarial attacks. The secure distribution, renewal, and storage of cryptographic keys directly influence the confidentiality, integrity, and availability of UAV communications. This section presents a scientific overview of key management strategies, examining the strengths and limitations of pre-deployed (static) and dynamically distributed key schemes. It also highlights recent advances involving blockchain-based trust infrastructures and Physical Unclonable Functions (PUFs), which offer promising directions for lightweight and tamper-resistant key provisioning. An overview of these key management strategies is shown in Figure 11.

6.1. Pre-Deployed vs. Dynamic Key Distribution

Pre-deployed key distribution schemes involve the assignment of cryptographic keys to UAVs prior to mission deployment. These keys may be distributed individually, hierarchically, or in clusters, and are typically stored in the UAV’s onboard memory. The primary advantage of such static schemes lies in their simplicity and low computational overhead, making them suitable for missions with fixed network topologies or limited resource budgets. However, static approaches suffer from limited scalability, inflexibility, and high vulnerability in adversarial settings. If a UAV is captured or compromised, all pre-shared keys stored on the device may be exposed, potentially putting the entire network at risk. Moreover, these static schemes lack forward secrecy and cannot be updated efficiently, which increases their vulnerability to both conventional and emerging threats, including those posed by quantum computing.
Dynamic key distribution schemes, in contrast, enable the generation and negotiation of cryptographic keys during mission execution. These schemes support session-based or on-demand key establishment using protocols such as Diffie–Hellman or Elliptic Curve Diffie–Hellman. Unlike static approaches, dynamic schemes offer improved adaptability to changes in network topology and are well-suited for scenarios involving UAV swarms or rapidly reconfigurable networks. The ability to refresh keys at regular intervals improves forward secrecy and limits the damage caused by a compromised node. However, these benefits come at the cost of increased computational and communication overhead, which can be a significant concern in UAV platforms that have limited energy, memory, and processing capabilities.
As UAV deployments scale to large cooperative swarms, the design of dynamic key management schemes must address substantial scalability challenges. In such environments, frequent key updates, decentralized negotiation processes, and intermittent connectivity make it difficult to maintain consistent security without overwhelming the network. The latency involved in key exchanges, the communication burden of group coordination, and the limited capacity of UAV processors must all be considered.
Several strategies have been proposed to mitigate these issues and support scalable key management in UAV swarms. One widely explored approach involves organizing the swarm into logical clusters, where designated cluster heads handle local key negotiation and distribution. This model reduces the number of messages required for rekeying and limits the propagation of compromise. Another promising direction is the use of logical key hierarchies, where keys are arranged in a tree structure, allowing efficient updates that affect only a subset of the network. Identity-based encryption techniques simplify key handling by enabling public keys to be derived from node identifiers, eliminating the need for complex certificate infrastructure and facilitating key generation in highly dynamic environments. In addition, decentralized key management protocols using blockchain or directed acyclic graph (DAG) architectures are gaining traction. These systems support distributed trust and facilitate group-wide key updates without reliance on a centralized controller. Furthermore, threshold cryptography techniques allow a subset of nodes to cooperatively generate or update keys, improving resilience and distributing the computational load of key management.
Table 10 presents a comparative overview of pre-deployed and dynamic key distribution schemes, highlighting their performance in terms of scalability, security, adaptability, and resource consumption.
In summary, while pre-deployed key schemes remain useful for small or static UAV missions, dynamic key distribution mechanisms are essential for enabling secure communication in large-scale and adaptive aerial networks. The increasing adoption of UAV swarms, particularly in mission-critical and infrastructure-free environments, necessitates scalable key management protocols that can cope with mobility, dynamic topology, and real-time constraints. Emerging solutions combining hierarchical organization, identity-based methods, decentralized trust models, and post-quantum security primitives represent promising paths toward addressing the inherent challenges of secure key distribution in UAV swarms. The next subsections explore these advanced mechanisms in detail, including blockchain-assisted coordination, hardware-based identity anchors, and the incorporation of quantum-resilient encryption techniques.

6.2. Cluster-Based and Hierarchical Key Management

Cluster-based and hierarchical key management strategies have gained significant traction in UAV networks due to their ability to balance scalability, efficiency, and security within dynamic and resource-constrained environments. In cluster-based approaches, UAVs are organized into logical groups or clusters, each managed by a designated cluster head responsible for key generation, distribution, and renewal within its domain [156]. This structure reduces the complexity of key management by localizing key-related operations, thereby minimizing communication overhead and confining the impact of potential node compromise to individual clusters rather than the entire network [157,158].
Hierarchical key management extends this concept by introducing multiple layers of authority and responsibility. A typical architecture involves a two-tier structure, where the lower tier consists of cell or cluster groups managed by local leaders (such as mobile backbone nodes or cluster heads), and the upper tier comprises a control group or supernodes that oversee the overall network. This hierarchical arrangement enables efficient group key management and supports secure inter-cluster communication using group key agreement protocols and implicitly certified public keys. The main advantage of this approach is its ability to restrict the effects of membership changes, such as node join or leave events, to the relevant cluster, thus enhancing scalability and reducing the frequency and scope of costly rekeying operations [159,160].
Recent advancements have incorporated unsupervised learning and clustering algorithms to further optimize cluster formation and maintenance, enabling UAV networks to dynamically adapt to changing mission requirements and network topologies [161]. For instance, agglomerative hierarchical clustering has been used to assign UAVs to clusters based on communication quality or mission objectives, ensuring that key management remains efficient even as the network evolves in real time.
Cluster-based and hierarchical schemes also facilitate the integration of advanced security features, such as distributed key agreement, resilience to node capture, and efficient lost key recovery. In denied or adversarial environments, these approaches have demonstrated the ability to maintain secure communication with minimal energy and bandwidth consumption, making them particularly suitable for large-scale UAV swarms and mission-critical applications [162].
In summary, cluster-based and hierarchical key management architectures provide a robust foundation for scalable, resilient, and efficient key distribution in UAV networks. By localizing key operations and leveraging layered control, these schemes address many of the unique challenges posed by dynamic aerial environments, supporting both intra- and inter-cluster security with reduced overhead and enhanced adaptability.

6.3. Blockchain-Based Decentralized Key Management

Blockchain-based decentralized key management has emerged as a robust paradigm for enhancing the security, transparency, and scalability of UAV networks. Traditional centralized key distribution models are prone to single points of failure and scalability limitations, particularly in dynamic and adversarial environments. In contrast, blockchain leverages a distributed, immutable ledger to enable consensus-driven management of cryptographic operations, including key generation, distribution, and revocation [9,163].
In a blockchain-enabled UAV ecosystem, each UAV or ground station may function as a participating node in a private or consortium blockchain, validating and recording security-related transactions. This decentralized architecture eliminates dependency on centralized trust authorities and enhances resilience against impersonation, data tampering, and unauthorized access [37]. Permissioned blockchain frameworks such as Hyperledger Fabric and Tendermint offer high throughput and low-latency performance, rendering them suitable for real-time UAV applications.
Several blockchain-based protocols have been proposed to address the unique constraints of UAV communication. Notably, the BETA-UAV scheme integrates smart contracts to automate mutual authentication between UAVs and ground control stations, effectively mitigating replay and spoofing attacks with minimal communication overhead [10]. Other solutions implement group key management where a private blockchain ledger is used to orchestrate secure join/leave operations, distribute group keys, and enable key recovery upon node failure [164]. These mechanisms ensure tamper-evident logging of security events and provide traceable, auditable key lifecycle management.
Beyond authentication, blockchain also supports decentralized identity frameworks. Each UAV can be assigned a unique digital identity anchored in the blockchain ledger, enabling transparent and verifiable trust relationships across multi-operator or cross-border deployments [165]. Smart contracts further enhance autonomy by orchestrating key lifecycle tasks such as renewal, revocation, and recovery without manual intervention.
Performance evaluations suggest that lightweight, permissioned blockchain configurations can achieve latency and throughput levels compatible with aerial mission timelines [9]. However, challenges persist regarding resource consumption, real-time consensus synchronization, and integration with PQC. Emerging research is exploring hybrid architectures that combine blockchain with AI/ML techniques for adaptive threat detection and self-healing key infrastructures [37].
In summary, blockchain-based decentralized key management offers a scalable, tamper-resistant solution tailored to the operational and security requirements of UAV networks. As autonomous aerial systems grow in complexity and interconnectivity, blockchain is positioned to become a foundational enabler of secure, interoperable, and self-managing UAV ecosystems.

6.4. PUF-Based Secure Key Storage and Generation

PUFs have emerged as a foundational technology for secure key storage and generation in UAV networks, addressing limitations associated with traditional cryptographic key management systems. PUFs exploit uncontrollable physical variations in integrated circuits to produce unique device-specific responses to external challenges. These responses are reproducible under controlled conditions but nearly impossible to clone or predict, making PUFs an effective basis for lightweight and tamper-resistant security solutions in resource-constrained UAV environments [166,167].
Unlike conventional approaches that store sensitive cryptographic keys in non-volatile memory, thereby exposing them to extraction through physical attacks, PUF-based systems derive keys dynamically from the hardware at runtime. During an initial enrollment phase, a set of challenge–response pairs (CRPs) is generated from the UAV embedded PUF and stored securely at the ground station (GS). When authentication or key derivation is needed, the GS transmits a challenge to the UAV, which computes the response using its PUF circuitry. The resulting transient key is reconstructed in real time, eliminating the need for persistent key storage and reducing susceptibility to physical compromise [28,168].
This architecture enhances several core security properties. First, tamper resistance is achieved by avoiding long-term storage of static secrets, making it infeasible for adversaries to extract usable key material from a captured node. Second, PUFs support forward secrecy by generating fresh keys for each session, ensuring that the compromise of one key does not retroactively endanger past communications. Third, the lightweight computational profile of PUF-based protocols makes them ideal for UAV platforms with limited processing power and battery capacity. Studies report that authentication latencies can be reduced to 214 μs using programmable switches—roughly twice as fast as CPU-bound methods—while also consuming up to 42% less energy than AES-128 under comparable security assumptions [107,167].
Recent PUF-based schemes combine physical uniqueness with cryptographic primitives to achieve robust and scalable key management. Hybrid PUF-hash models use functions such as SHA-3 to convert raw responses into uniform and collision-resistant key material, thereby improving entropy while obscuring hardware-specific noise. Lattice-based PUF designs have also been proposed to extend these methods to post-quantum key exchange, achieving 1024-bit quantum-resistant security at energy costs as low as 18 mJ per exchange [169,170].
A summary of PUF defenses against common UAV attack vectors is provided in Table 11. These systems resist node capture through volatile key derivation, withstand cloning due to their inherent physical randomness, and protect against eavesdropping with opaque, non-deterministic CRP mappings. Hardware tampering typically disrupts circuit behavior, rendering key generation invalid or unreliable.
Despite their advantages, PUF systems face challenges related to reliability and protocol design. Environmental factors—such as voltage fluctuations and temperature variations—can alter response stability. To mitigate this, error correction codes like BCH and Reed–Solomon are integrated to achieve bit error rates below 10 6 [170]. Additionally, early PUF schemes (e.g., PLAKE, EV-PUF) demonstrated vulnerabilities such as key leakage and response collisions. These have been addressed in more recent protocols by incorporating adaptive CRP sets and authenticated encryption using lightweight standards such as ASCON-128a [171].
Standardization efforts are underway to formalize PUF evaluation criteria for UAV and aerospace systems. NIST’s Interagency Report 8420 aims to establish metrics to evaluate the reliability, uniqueness, and resistance of PUF to physical and logical attacks, thus supporting a greater adoption in secure UAV communication frameworks.

6.5. Post-Quantum Key Exchange Techniques

The emergence of quantum computing presents a substantial threat to classical cryptographic schemes that currently underpin UAV communication systems. Algorithms based on number-theoretic assumptions such as RSA, DSA, and Elliptic Curve Cryptography (ECC) are vulnerable to quantum attacks, particularly due to Shor’s algorithm, which can solve integer factorization and discrete logarithm problems in polynomial time. Given that many UAV key management protocols rely on these primitives, their long-term security is at risk as quantum computing becomes more viable.
PQC has been proposed as a class of cryptographic algorithms that remain secure in the presence of both classical and quantum adversaries. These include lattice-based, code-based, multivariate, hash-based, and isogeny-based families. Among them, lattice-based schemes such as Kyber, NewHope, and NTRU have demonstrated promise for UAV applications due to their efficiency, strong security proofs, and ongoing standardization through NIST’s Post-Quantum Cryptography project [7]. Kyber and NTRU are Key Encapsulation Mechanisms (KEMs) that rely on the hardness of problems such as Learning With Errors (LWE) and Ring-LWE, which are believed to be resistant to quantum attacks.
In UAV environments, where energy efficiency, processing speed, and communication overhead are constrained, PQC protocols must be optimized for embedded implementation. Evaluations of Kyber and NewHope have shown that key exchange can be performed with latency under 10ms and memory usage below 32KB on embedded processors, while offering 128-bit post-quantum security levels [8,151]. Despite their cryptographic strength, code-based algorithms like Classic McEliece and BIKE present challenges in terms of key size, with public keys often exceeding several hundred kilobytes [172].
To facilitate gradual migration, hybrid key exchange schemes that combine traditional algorithms (e.g., ECDH) with post-quantum primitives (e.g., Kyber) are being implemented to ensure backward compatibility and layered defense. These approaches enable resilience even if one algorithm is later broken, which is particularly useful in transitional environments like UAV networks [173]. Additionally, quantum-resilient protocols for cross-domain authentication have been developed using PUF and lattice-based key exchanges, enabling robust identity verification in drone swarms and distributed aerial systems [174].
Another area of active research involves quantum key distribution (QKD) protocols applied to UAVs. QKD enables information-theoretic security by leveraging quantum entanglement and the no-cloning theorem to generate shared secrets. Demonstrations of mobile QKD between moving aerial platforms have shown the feasibility of secure optical links under flight dynamics, though limitations remain in terms of range, environmental sensitivity, and hardware requirements [175]. As UAVs transition into more secure and autonomous roles, QKD may complement PQC in high-assurance scenarios.
Performance comparisons of post-quantum techniques indicate that lattice-based protocols offer the most practical balance for UAV networks between computational efficiency and quantum resistance. The adoption of schemes like Kyber is accelerating, driven by NIST’s standardization and increasing availability of optimized embedded libraries [151,176]. Continued work in hardware acceleration, including GPU and FPGA-based implementations, further supports their real-world deployment [145]. Building on the foundational role of key distribution and maintenance in secure UAV communications, it becomes essential to address how these cryptographic mechanisms integrate across the full communication stack.

6.6. Lessons Learned

Secure and efficient key management is central to safeguarding UAV communication networks, especially in adversarial and resource-constrained environments. Through this survey, several critical insights have emerged regarding the applicability and limitations of key management strategies in UAV systems.
First, pre-deployed (static) key distribution, while computationally lightweight, is unsuitable for dynamic or large-scale UAV deployments due to poor adaptability, lack of forward secrecy, and susceptibility to full-network compromise upon node capture. Conversely, dynamic key distribution offers better resilience and flexibility but at the cost of increased computation and energy usage—necessitating lightweight protocol designs tailored to embedded UAV platforms.
Second, cluster-based and hierarchical schemes mitigate the overhead of dynamic keying by localizing trust and key operations, reducing rekeying scope, and enhancing scalability. These models also allow for integration of unsupervised learning for adaptive cluster formation, improving mission responsiveness.
Third, blockchain-based approaches introduce tamper-evident decentralized infrastructures that eliminate single points of failure. They support secure identity management, key lifecycle automation, and inter-operator interoperability. However, their real-time synchronization and energy requirements must be carefully balanced against UAV resource budgets.
Fourth, PUF-based key generation emerges as a highly effective method for secure, ephemeral key provisioning without persistent storage. PUFs provide physical tamper resistance, forward secrecy, and low-latency authentication. However, reliability under environmental variation and the need for error correction present ongoing design challenges.
Finally, post-quantum key exchange schemes, especially lattice-based mechanisms like Kyber and NTRU, demonstrate promising trade-offs between cryptographic strength and embedded-system feasibility. While code- and multivariate-based schemes face limitations in key size and implementation cost, hybrid and PUF-integrated post-quantum protocols offer transitional pathways toward future-proof UAV communications. Additionally, quantum key distribution (QKD), though in its infancy for mobile platforms, introduces a novel paradigm for unconditional security.
Collectively, these lessons underscore that no single key management solution is universally optimal for UAV systems. Instead, a context-aware, layered approach—combining static and dynamic methods, hardware-rooted trust anchors, and quantum-resistant protocols—is necessary to meet the evolving demands of UAV security while preserving operational efficiency.

7. Multilayer Security Framework

UAV (unmanned aerial vehicle) networks should not be limited to only a few aspects of the operation but should encompass the entire operational model in addressing all the vulnerabilities prevailing, from MAC-layer spoofing to application-layer control manipulation. In this section, a defense-in-depth strategy is described that relies on the use of lightweight and post-quantum cryptographic primitives, cryptographic trust models based on blockchain, and secure identity generation protocols. These strategies are deployed systematically throughout multiple OSI layers to build a compact, untrustworthy architecture that is resistant to certain types of layer and layer cross-attacks. In particular, the designed approach presents a set of sick inhibition, response, and post-recovery mechanisms that are resource-efficiently designed for aerial platforms in cases where such platforms are surrounded by hostile forces.

7.1. Physical Layer Security

Physical Layer Security (PLS) plays a foundational role in safeguarding UAV communication systems by addressing vulnerabilities inherent to the open and broadcast nature of wireless channels. UAVs are particularly exposed due to their high mobility and reliance on line-of-sight (LoS) air-to-ground links, making them prime targets for both eavesdropping and jamming attacks. These threats can disrupt mission-critical operations by compromising confidentiality or degrading communication availability. While upper-layer cryptographic methods remain essential, they often incur computational and energy overheads unsuitable for resource-constrained UAV platforms. In contrast, PLS offers a complementary and lightweight approach by harnessing the physical properties of wireless channels to enhance secrecy and resilience.
Jamming attacks intentionally inject interference to reduce the signal-to-noise ratio (SNR) at the receiver, potentially leading to denial of service or UAV disconnection. To mitigate this, techniques such as frequency hopping, spread-spectrum communication, and cognitive radio enable UAVs to dynamically adapt transmission parameters in response to changing interference patterns [48]. Similarly, eavesdropping, which capitalizes on the broadcast nature of wireless signals, can be countered by artificial noise injection, cooperative jamming, and secure beamforming, each designed to deteriorate adversary reception while maintaining link quality with legitimate receivers [18,50]. UAV mobility further enhances PLS through trajectory optimization, where flight paths are adjusted to avoid proximity to eavesdroppers or to improve channel characteristics for secure communication. Multi-antenna systems, such as beamforming and MIMO (Multiple-Input Multiple-Output), allow UAVs to direct signal energy toward intended recipients and nullify transmissions in vulnerable directions [49]. Recently, reconfigurable intelligent surfaces (RIS) have emerged as a transformative technology, enabling programmable wireless environments. By reflecting signals in a controlled manner, RIS can amplify legitimate links and suppress undesired reception, thereby improving secrecy performance under both jamming and surveillance conditions [177].
The effectiveness of PLS is commonly evaluated using metrics such as secrecy capacity, secrecy outage probability, and secrecy rate. Empirical studies demonstrate that integrating PLS significantly enhances the confidentiality and robustness of UAV communications, even under complex and adversarial conditions [18]. However, the dynamic and heterogeneous nature of aerial communication channels, affected by Doppler shifts, multipath fading, and environmental obstacles, presents ongoing challenges. These call for adaptive, context-aware PLS solutions. For comprehensive protection, PLS should be integrated with upper-layer lightweight encryption schemes, such as ASCON or Grain-128a, and dynamic key management protocols. This integration ensures a robust multilayered defense, capable of withstanding both passive and active attacks while adhering to the strict resource constraints of UAV platforms. Emerging research directions include AI-assisted mobility planning, RIS-augmented secure links, and seamless interoperability with post-quantum cryptographic frameworks. As UAV operations grow in scale and complexity, the advancement of physical layer security will remain essential for ensuring secure, resilient, and energy-efficient aerial networks.

7.2. MAC Layer: Authentication and Frame Integrity

The Medium Access Control (MAC) layer plays a central role in securing UAV communication systems by regulating access and enforcing node identity. Due to the wireless and broadcast nature of UAV networks, the MAC layer is highly susceptible to adversarial attacks such as spoofing, replay, and frame injection. These threats exploit the reliance on address-based communication, enabling malicious actors to impersonate legitimate nodes or insert falsified control messages. In UAV swarms, such vulnerabilities can lead to network partitioning, misdirection of flight paths, loss of coordination, and, in severe cases, physical collisions or emergency landings. To mitigate these risks, researchers have proposed several lightweight security mechanisms tailored for the resource-constrained environments typical of UAV platforms. A widely adopted solution is the use of lightweight authenticated encryption with associated data (AEAD). ASCON, a cipher selected by the National Institute of Standards and Technology (NIST) as the standard for lightweight cryptography, provides both confidentiality and integrity with minimal processing overhead. It enables secure encryption and authentication of control frames in real time, thereby defending against frame injection and spoofing while maintaining energy efficiency and low latency, which are critical for UAV operations [4]. Replay attacks, in which adversaries retransmit intercepted packets to disrupt operations, are addressed through hash chain synchronization. This approach attaches a unique, time-evolving hash value to each packet, ensuring freshness and preventing reuse of old messages. Hash chain synchronization has proven effective in swarm communication, where message sequence integrity is essential to maintain formation and coordinated behavior [23].
In addition, synchronized message authentication codes are employed to verify message authenticity using shared cryptographic secrets and clock synchronization between nodes. This method allows UAVs to confirm the origin and timeliness of received data, making it more difficult for attackers to inject unauthorized messages. Such synchronized MAC verification strengthens trust across swarm participants and helps sustain uninterrupted and validated control communication [178]. Protocol-level defenses complement these cryptographic techniques. Rate-limiting policies and anomaly detection algorithms can monitor MAC-level activity, identify abnormal patterns such as excessive frame transmission, and throttle or block suspicious traffic. These strategies serve as an important second line of defense, particularly during active interference or flooding attempts [179]. Securing the MAC layer through integrated cryptographic and procedural controls is fundamental to maintaining the stability, confidentiality, and integrity of UAV networks. The combination of ASCON AEAD encryption, hash chain synchronization, and synchronized MAC validation forms a comprehensive and lightweight framework that can withstand attacks targeting low-level wireless protocols. These safeguards are essential for reliable operation in both benign and adversarial environments, contributing significantly to the broader multilayer security architecture required for resilient UAV deployments.

7.3. Network Layer: Secure Routing and Trust Models

The network layer in UAV networks is responsible for enabling reliable inter-drone and drone-to-ground station communication, but it is also a prime target for sophisticated routing-based attacks such as black hole, Sybil, and wormhole attacks. These threats can result in packet misrouting, intentional packet dropping, or the distortion of network topology, ultimately leading to the isolation or compromise of UAVs within a swarm and disruption of mission objectives [24,60]. Addressing these vulnerabilities requires a combination of cryptographic, hardware-rooted, and trust-based mechanisms tailored to the dynamic and resource-constrained environment of UAV operations [23,180]. A leading defense strategy is blockchain-based routing validation, as exemplified by protocols like BETA-UAV. Blockchain technology provides a decentralized and tamper-resistant ledger for logging and verifying routing updates. Each routing announcement or path change is cryptographically recorded and validated by network participants, making it extremely difficult for adversaries to inject forged or malicious routes without detection. The BETA-UAV protocol leverages smart contracts to automate route validation and consensus, significantly mitigating the risk of route manipulation and Sybil attacks in large-scale UAV deployments [9,10]. Performance assessments indicate that such blockchain-enabled frameworks can achieve high throughput and low latency, supporting real-time swarm operations without introducing prohibitive overhead.
In parallel, Physical Unclonable Function (PUF)-tied cryptographic certificates provide robust hardware-level identity assurance. Each UAV is equipped with a PUF module that generates a unique, tamper-resistant cryptographic identity based on intrinsic hardware characteristics. This identity is used to bind digital certificates directly to the physical device, preventing identity spoofing and ensuring that only legitimate UAVs participate in routing and network operations. PUF-based authentication protocols have demonstrated fast verification times and strong resistance to physical capture or cloning attacks, making them highly suitable for mobile and adversarial environments [28,166,167].
Decentralized trust management further strengthens network layer security by enabling UAVs to evaluate the trustworthiness of their peers based on observed behaviors such as packet forwarding consistency and historical route validity. Trust anchors and peer scoring mechanisms allow the network to dynamically adjust routing preferences, isolating or penalizing nodes that exhibit malicious or unreliable behavior [25,52]. This distributed approach to trust evaluation reduces reliance on any single point of failure and enhances resilience against coordinated attacks, including collaborative black hole and Sybil threats. Recent research also explores the integration of artificial intelligence and anomaly detection for real-time monitoring of routing behaviors and early identification of suspicious activity. AI-driven frameworks such as Aero-LLM adaptively adjust routing policies and trust scores in response to evolving attack patterns, further improving the robustness of UAV network communications [181]. Lastly, secure routing and trust at the network layer are achieved through the synergistic use of blockchain-based validation, PUF-tied cryptographic identities, and decentralized trust anchors. These mechanisms collectively provide authenticated, tamper-resistant routing, protect against identity and route spoofing, and enable dynamic adaptation to emerging threats, thereby supporting resilient and mission-assured UAV operations in contested environments.

7.4. Transport Layer: End-to-End Encryption and Quantum-Resilient Defense

The transport layer in UAV networks plays a crucial role in enabling reliable, low-latency communication between drones and ground control stations. However, this layer remains a significant target for a range of cyber threats, including session hijacking, denial-of-service (DoS), and flooding attacks. These attacks threaten not only the continuity of telemetry and command transmission but also the safety and autonomy of UAV operations. Given the real-time and mission-critical nature of aerial systems, securing the transport layer is essential for ensuring end-to-end confidentiality, integrity, and availability. To mitigate these risks, authenticated encryption with associated data (AEAD) algorithms such as ASCON and AES-GCM are widely employed to protect data in transit. ASCON, recently selected by NIST as the standard for lightweight cryptography, offers robust message integrity and encryption with minimal computational overhead, which makes it particularly well suited for resource-constrained UAVs [4]. AES-GCM, a well-established AEAD cipher, provides high throughput and efficient integrity checking, especially useful in bandwidth-sensitive telemetry channels. These encryption schemes ensure that transport-layer messages remain tamper-evident and protected from unauthorized interception or modification. In addition to symmetric encryption, the deployment of post-quantum cryptographic protocols has become increasingly relevant as UAV systems evolve. The Kyber key encapsulation mechanism enables secure session key establishment with resistance to quantum attacks [182]. By integrating Kyber into the transport layer handshake protocols, UAV networks achieve forward secrecy against both classical and quantum adversaries, thus enhancing the long-term security posture of autonomous aerial operations.
DoS and flooding attacks at this layer are addressed through intrusion detection mechanisms and traffic shaping techniques. Filters capable of identifying anomalous connection patterns, including high-frequency session requests or malformed handshake packets, are essential to maintain system responsiveness. For instance, Rugo and Wang proposed lightweight filters designed to detect protocol-level anomalies that commonly precede DoS events [24]. These filters can throttle, reroute, or isolate malicious traffic sources, ensuring continuity of legitimate communication. In addition to detection systems, container-based architectures have been introduced to further enhance resilience. Chen et al. present a control framework that leverages containers to isolate mission-critical processes, allowing real-time control functions to remain operational even under attack [183]. This architectural separation ensures rapid recovery and fault containment, preserving the integrity of the UAV control in hostile environments. Emerging research also emphasizes the importance of adaptive and context-aware transport-layer security policies. These approaches dynamically adjust session key lifetimes, cipher strengths, and detection thresholds based on environmental factors and mission profiles [151]. Such adaptability enables UAV platforms to optimize the trade-off between energy efficiency and security robustness, particularly in long-duration or swarm deployments. In summary, securing the transport layer in UAV networks requires a layered strategy that combines lightweight AEAD algorithms (ASCON, AES-GCM), post-quantum key exchange (Kyber), intrusion detection filters, and resilient system design. Together, these elements provide a comprehensive defense capable of maintaining real-time, secure communication under both traditional and advanced cyber threats.

7.5. Application Layer: Data Integrity, Access Control, and Secure Interfaces

The application layer in UAV networks forms a critical security boundary, as it governs mission execution, software updates, data offloading, and remote service communication. With the increasing reliance on cloud infrastructure, third-party APIs, and autonomous control platforms, the attack surface at this layer has expanded significantly. This layer is particularly vulnerable to high-impact threats such as command injection, firmware tampering, unauthorized data access, and credential theft, which can result in mission failure, data breaches, or drone hijacking [25,54]. One of the most prominent attack vectors is unauthorized access to cloud-connected services. Weak authentication schemes and improper access control mechanisms can enable adversaries to intercept or manipulate mission data, access sensitive telemetry, or reroute UAVs. These risks are amplified in swarm and multi-tenant environments, where improperly scoped access rights and hardcoded credentials, such as FTP passwords or update server keys, may exist within the application code [184]. Persistent attackers can exploit these flaws to inject malicious commands or exfiltrate data, compromising operational integrity.
Software and firmware update mechanisms are a well-known vulnerability at this layer. Over-the-air (OTA) updates are essential for feature deployment and patching, yet, if not cryptographically authenticated, they offer an avenue for adversaries to upload tampered firmware or install persistent backdoors. Elliptic Curve Cryptography (ECC)-based digital signatures are widely adopted to ensure software integrity. These signatures allow UAVs to verify the origin and validity of update files before execution, thereby defending against counterfeit firmware deployment [21]. Command injection threats, particularly common in logistics and delivery scenarios, are often realized through insecure application interfaces. In such attacks, adversaries may reroute drones, alter mission parameters, or hijack payloads. Role-Based Access Control (RBAC) mechanisms mitigate these risks by enforcing privilege separation. By assigning fine-grained permissions based on user roles, RBAC restricts access to critical commands, reducing the likelihood of unauthorized mission manipulation [25].
In addition, secure API gateways and token-based authentication protocols are instrumental in protecting UAV-ground-cloud communication channels. These systems enforce real-time request validation, support logging and auditing of control events, and block unauthorized access to sensitive operations or mission data. When integrated with encrypted channels, these gateways help establish a verifiable trust perimeter around the functions of the application layer [21]. In summary, securing the application layer of UAV networks demands a multi-pronged strategy involving ECC-based digital signatures for firmware validation, RBAC enforcement for privilege control, lightweight encryption protocols such as ASCON for data confidentiality, and secure API gateways to manage authentication and communication flows. These components collectively defend against command injection, firmware tampering, and unauthorized access, ensuring that only verified entities and trusted data influence mission-critical operations.

7.6. Cross-Layer Security: Coordinated Defense Across the Communication Stack

The security of UAV communication systems must be considered holistically due to the increasing sophistication of multi-layer attacks and the interdependence of protocol layers in modern UAV deployments. Traditional layer-specific defenses are often inadequate against coordinated attacks that spread across layers, causing system-wide disruptions. A cross-layer security strategy enables tighter integration of encryption, authentication, trust management, and anomaly detection across the OSI stack, offering broader protection without excessive resource consumption. In UAV systems operating in dynamic or resource-constrained environments, a disturbance at one layer often affects others. For example, a jamming event at the physical layer may degrade MAC-level message integrity, compromise routing updates at the network layer, and ultimately impair command delivery at the application layer. At the physical and MAC layers, lightweight authenticated encryption algorithms such as ASCON, mitigate replay, and spoofing attacks while minimizing processing latency and memory overhead. Frequency hopping and reconfigurable intelligent surfaces (RIS) improve link robustness and signal-to-noise ratio (SNR) without increasing power consumption. Hash-chain synchronization and synchronized MAC protocols with nonce caching provide further protection against packet injection and replay.
For the network layer, blockchain-backed schemes such as BETA-UAV support route validation using decentralized consensus, while Physical Unclonable Function (PUF)-tied certificates ensure that only authenticated devices participate in routing. Trust models based on behavior scoring and anomaly detection in routing tables enhance resilience to Sybil and wormhole attacks. The transport layer integrates hybrid encryption schemes including Kyber and ASCON, to achieve both classical and quantum-safe confidentiality. DoS-aware socket control and microservice isolation techniques reduce vulnerability to flooding and session hijacking while maintaining throughput for legitimate traffic. At the application layer, ECC-based firmware validation, Kyber-ECIES payload encryption, and role-based access control (RBAC) mechanisms secure software updates and cloud interfaces. Token-authenticated APIs and TLS-based encryption complement these to ensure trusted UAV-to-cloud communication. System-wide, middle ware enforces key expiration and anomaly-triggered re-keying policies. Identity is anchored through PUF hardware binding, while authentication is extended via blockchain-backed registries. Recent advances also include convolutional attention networks that extract spatiotemporal features across OSI layers to detect complex intrusion patterns. Other implementation-level best practices—such as secure firmware updates, disabling unused services, and access whitelisting—help reduce attack surfaces without burdening hardware. To present an engineering-grounded overview of these defense mechanisms, Table 12 maps the threats discussed in Section 3 to their respective cross-layer countermeasures. It includes technical parameters such as latency, CPU utilization, and memory footprint to contextualize deployment feasibility.
In summary, cross-layer defense in UAV communication systems enables the alignment of threat detection, cryptographic protection, and trust enforcement across all protocol levels. It improves system robustness under constrained hardware and volatile link conditions while maintaining real-time responsiveness through lightweight, interoperable mechanisms.

7.7. Lessons Learned

The multilayer security framework for UAV networks underscores the necessity of coordinated defense strategies that span the OSI stack. At the physical layer, lightweight and adaptive mechanisms like frequency hopping and reconfigurable intelligent surfaces provide resilience without burdening constrained hardware. The MAC layer benefits from authenticated encryption and synchronized verification techniques that guard against injection and spoofing. At the network layer, blockchain and PUFs offer decentralized and hardware-bound trust models, while transport layer protections are strengthened through post-quantum key exchanges and container-based isolation. The key takeaway is that no single layer suffices on its own. Instead, an integrated defense-in-depth architecture, tailored to the constraints and dynamic conditions of UAV operations, provides a scalable and robust pathway for ensuring confidentiality, integrity, and availability. Future research should continue exploring how these layers interact under real-world mission dynamics and how to adapt security policies based on context and energy availability.

8. Application Suitability

The effectiveness of any UAV security strategy depends not only on its technical soundness but also on its suitability for specific operational environments. UAVs are increasingly deployed across diverse application domains such as disaster response, logistics and delivery, precision agriculture, environmental monitoring, and infrastructure inspection. Each of these domains presents distinct operational requirements related to energy availability, latency tolerance, scalability, and the level of security assurance needed.
Security mechanisms must therefore be tailored to meet the constraints and objectives of each context. For example, mission-critical applications and emergency response demand high assurance of confidentiality and integrity, even under adversarial conditions or limited connectivity. On the other hand, commercial uses such as crop monitoring or package delivery may prioritize low-latency communication and energy efficiency over advanced cryptographic features. These differences underscore the importance of aligning cryptographic choices, key management schemes, and trust models with the specific mission goals and environmental constraints of each UAV deployment [1].
Figure 12 summarizes these diverse application domains, highlighting how their distinct characteristics influence security design.

8.1. Precision Agriculture

UAVs used in precision agriculture typically operate in low-risk, well-controlled environments where the probability of targeted adversarial actions such as jamming, spoofing, or traffic interception is minimal [89]. The primary operational concerns in these scenarios involve maximizing battery efficiency, maintaining long-range communication, and ensuring coordinated functioning across large UAV fleets deployed for crop monitoring, irrigation assessment, or resource distribution. Given these resource constraints, the security design emphasizes minimalism and energy efficiency. Symmetric lightweight ciphers are favored for maintaining confidentiality and data integrity without introducing computational bottlenecks or reducing flight time [109]. These ciphers are sufficient to protect telemetry data and sensor streams from passive threats while maintaining real-time responsiveness in the field [86].
For key management, agricultural UAVs often rely on prefigured symmetric keys with occasional offline updates during refueling or recharging cycles. This approach eliminates the need for energy-intensive key exchange protocols and minimizes communication overhead in field deployments [50]. In most operational scenarios, static or infrequently rotated keys are sufficient to deter basic misuse or accidental interception, especially when transmission ranges and endpoints are well known and controlled. Advanced security measures such as blockchain-based trust models or post-quantum key encapsulation are generally unnecessary in this context. These mechanisms are designed to mitigate high-assurance threats that are unlikely to occur in rural or industrial farming environments. Their deployment would introduce unjustified complexity and consume valuable energy without significantly improving threat resilience [31].
In summary, UAV operations in precision agriculture are best supported by lightweight, low-overhead security mechanisms that enable scalable deployment and maximize operational endurance. Security solutions must align with the domain’s emphasis on autonomy, longevity, and efficient resource usage rather than comprehensive defense against sophisticated adversaries.

8.2. Disaster Response

In disaster-stricken environments, UAVs are often deployed to support real-time situational awareness, structural assessment, and victim localization. The operational landscape is typically unstable, with limited infrastructure, disrupted communication channels, and dynamic mission parameters [82]. UAVs engaged in these tasks transmit sensitive data, such as live video, environmental readings, and geolocation metrics, which may be intercepted or manipulated if left unprotected. Disaster zones may also involve adversarial conditions, particularly in politically sensitive regions or during humanitarian conflicts. Potential threats include signal jamming, GPS spoofing, and malicious interference with control or telemetry streams [102]. These disruptions can delay response efforts, compromise safety, or distort situational intelligence. Given these conditions, security mechanisms deployed in disaster scenarios tend to prioritize adaptability and lightweight implementation. Encryption protocols with low computational overhead are typically employed to preserve battery life while maintaining confidentiality. Dynamic key management supports rapidly changing topologies, allowing secure communication even when UAVs are introduced or removed from the network during operation.
Inter-agency coordination during disaster relief introduces the challenge of establishing trust between systems managed by different organizations. Decentralized trust models, including distributed ledgers or cross-certification schemes, can offer traceability and tamper resistance without relying on persistent centralized authority. A multilayered security framework provides operational continuity, even when specific defenses are degraded. In such architectures, the loss or compromise of a single security layer does not result in complete system failure. This is particularly relevant in situations with intermittent ground control or delayed data synchronization. The security profile for disaster response UAVs reflects the need for flexible and efficient protection strategies that function reliably under degraded, unpredictable, and time-sensitive conditions.

8.3. Logistics and Delivery

UAVs supporting logistics and delivery services operate in semi-structured environments where both operational efficiency and security are important. These systems typically navigate urban or suburban routes, often in autonomous or semi-autonomous modes, while transporting high-value or sensitive items [187]. Threats in this domain include unauthorized rerouting, payload interception, and manipulation of delivery authorization processes. Preserving the integrity of predefined routes is a key requirement. Adversaries may attempt to hijack control links, spoof positional data, or redirect UAVs through compromised navigation channels. Lightweight cryptographic protocols and tightly managed session keys are commonly used to protect telemetry and navigation data [83]. These mechanisms help ensure that flight paths remain aligned with authorized delivery instructions, even under conditions of signal interference or attempted relay attacks.
Authenticating both the UAV and the recipient is important for preventing fraudulent handovers. PUF-based hardware authentication or blockchain-anchored verification systems can support this requirement by enabling device-specific identity checks and secure handoff logs [90]. These approaches also facilitate post-event audits, particularly in enterprise or regulated logistics contexts. In addition to secure communication and hardware validation, access control policies at the application layer, such as role-based access control (RBAC), are often implemented to restrict operator privileges and prevent unauthorized command injection. Secure firmware update processes are equally important to defend against software tampering or rollback attacks. The logistics and delivery domain emphasizes end-to-end integrity across the transport workflow, with a focus on real-time authentication, route validation, and protection of control logic from unauthorized manipulation.

8.4. Environmental Monitoring

UAVs deployed for environmental monitoring typically operate in sparsely populated or remote regions where adversarial interference is relatively unlikely [81]. These systems are primarily tasked with collecting long-term data on climate conditions, vegetation health, air quality, or water resources. In such scenarios, energy efficiency and scalability are prioritized to support large-scale or extended deployments. Security mechanisms in this domain are often optimized for minimal computational overhead. Lightweight encryption techniques are generally adequate for maintaining confidentiality and data integrity during flight operations [96]. Static or infrequently rotated symmetric keys are often configured prior to deployment, as real-time key negotiation is typically unnecessary in isolated environments. Although advanced trust mechanisms such as blockchain or PUF-based identity validation are less commonly applied in this setting, additional controls become relevant when UAVs transmit data to cloud-based storage or analytics platforms. Application-layer safeguards, including secure API access, data filtering, and privacy-preserving protocols, offer enhanced protection for environmental datasets and associated credentials. As environmental monitoring applications evolve to incorporate multi-UAV coordination, real-time alerts, and third-party data sharing, there may be a need to adapt existing security architectures. Solutions that offer reliable protection while preserving low-power operation and long-range coverage are likely to remain fundamental.

8.5. Search and Rescue

Search and rescue operations require time-sensitive UAV deployments across complex and unpredictable terrains. These missions often involve continuous communication between aerial platforms and ground responders to support victim detection, guidance, and emergency triage logistics [87]. The transmitted data, which may include thermal imagery, GPS coordinates, and route information, is frequently sensitive and operationally critical. Environmental and adversarial factors increase the likelihood of disruption. Signal loss due to terrain, jamming attempts, or targeted attacks on data streams could interfere with coordination and delay assistance [158]. Protection of control channels and situational data is therefore a core concern, particularly under resource constraints. To address these risks, lightweight encryption protocols are commonly used to maintain data confidentiality and integrity without significant processing delay. Dynamic key management supports frequent rekeying as UAVs enter and exit the network, which helps maintain continuity in collaborative or mesh network topologies. Multilayer security architectures enhance mission resilience by offering redundant protections. In the event of communication failure or identity spoofing, additional verification layers and autonomous fallback protocols can support partial mission continuation. Search and rescue UAVs operate under conditions that demand responsiveness and adaptability. Security implementations must therefore align with fluctuating network configurations and intermittent access to ground infrastructure.

8.6. Infrastructure Inspection

UAVs used for infrastructure inspection operate in controlled environments and focus on visual and sensor-based evaluation of critical assets such as bridges, pipelines, and electrical lines [85]. The data they capture may expose structural vulnerabilities or operational irregularities, making confidentiality and data integrity important from both industrial and regulatory perspectives [99]. Since these UAVs often operate over extended durations and along linear infrastructures, their security protocols are designed to balance protection with endurance. Lightweight encryption helps safeguard telemetry and imaging data while minimizing energy consumption. Efficient key management practices, such as scheduled key updates or segmented encryption zones, support sustained secure operation with minimal communication overhead.
Application-layer security is critical once UAV data is integrated into backend systems. Inspection outputs are frequently shared with enterprise asset management platforms or analytics engines. As a result, secure APIs, access control policies, and data authentication mechanisms are used to maintain system-level integrity and restrict unauthorized access. Although infrastructure inspection missions are less likely to be actively targeted during flight, the sensitivity of the data collected warrants continued attention to end-to-end security. Ensuring confidentiality during transmission, along with secure storage and controlled retrieval, supports both operational continuity and regulatory compliance.

8.7. Suitability Matrix for UAV Security Mechanisms

The effectiveness of a UAV security framework is highly dependent on the application domain in which the UAV operates. Each mission type presents distinct priorities related to latency, energy availability, interoperability, and threat level. Table 13 provides a comparative analysis of how well various security mechanisms and operational factors align with common UAV application scenarios. The matrix helps highlight which technologies are essential, optional, or less applicable across different operational contexts.
In addition to aligning security mechanisms with mission objectives, it is essential to consider the operational metrics that directly influence system performance in different UAV applications. Factors such as latency sensitivity, communication coverage requirements, energy constraints, and reliability expectations significantly shape the feasibility and design of secure communication protocols. These parameters not only affect the choice of cryptographic algorithms but also inform deployment strategies, such as real-time versus delay-tolerant communication or centralized versus decentralized trust management. Table 14 provides a comparative overview of how these operational metrics vary across major UAV application domains, offering a concise reference for selecting appropriate security and communication strategies.
In summary, the selection and integration of security mechanisms must be closely aligned with the operational context, threat landscape, and resource constraints of each UAV application. Disaster response UAVs require the most comprehensive and adaptive security frameworks, while civilian applications such as agriculture and environmental monitoring can often prioritize efficiency and scalability over advanced cryptographic features [1,4,7,81,82,85,87].

9. Current Limitations and Emerging Research Directions

Despite significant progress in lightweight cryptographic algorithms, decentralized trust mechanisms, and post-quantum encryption schemes, several critical challenges remain in securing UAV communication systems. These challenges arise from the operational complexity of aerial networks, which include dynamic topologies, constrained energy and computation resources, adversarial exposure, and increasing demands for interoperability. Moreover, existing solutions often lack practical validation across diverse UAV platforms and mission profiles. This section identifies key limitations in current security frameworks and highlights emerging research directions aimed at enhancing resilience, scalability, and regulatory alignment in next-generation UAV networks.

9.1. Secure Rekeying in Dynamic Swarm Topologies

Rekeying is essential to maintain forward secrecy and prevent key compromise during node mobility, departure, or failure. In UAV swarms, where topology changes are frequent and autonomous coordination is expected, rekeying protocols must adapt without inducing significant latency or computational burden. Existing solutions often suffer from scalability limitations or communication overhead, especially when the entire swarm must synchronize cryptographic material. New lightweight group key management approaches are required to support scalable and self-healing rekeying across dynamic UAV formations [188,189,190].

9.2. Defending Against Cross-Layer and Coordinated Attacks

UAV systems face security threats at every layer of the protocol stack, including physical jamming, MAC spoofing, routing manipulation, and data tampering at the application layer. Moreover, cross-layer attacks, which exploit interactions between layers, present a sophisticated threat model that is often overlooked by single-layer defense mechanisms. Integrated security frameworks that span the full communication stack and leverage anomaly detection, AI-enhanced monitoring, and protocol-aware resilience strategies are increasingly necessary [21,191].

9.3. Lack of Security Standards and Interoperability Guidelines

The absence of standardized, UAV-specific cryptographic frameworks continues to hinder secure interoperability across heterogeneous aerial systems. Although regulatory agencies such as the FAA and EASA have introduced cybersecurity requirements for UAVs, a unified guideline covering lightweight encryption protocols, decentralized trust infrastructures, and post-quantum secure key exchange mechanisms is still lacking. Ongoing standardization efforts, including those led by NIST and other international collaborative bodies, must prioritize a balance between implementation feasibility and strong cryptographic assurances that are compatible with real-time, energy-constrained UAV operations [192,193].

9.4. PQC Deployment in UAV Systems

As quantum computing advances, traditional public key infrastructures face increasing vulnerabilities. Post-quantum cryptography, particularly lattice-based and code-based schemes such as Kyber, NTRU, and Classic McEliece, offers promising resilience against quantum threats. However, the computational complexity and memory requirements of these algorithms present significant challenges for integration into UAV systems with constrained resources. Although hybrid approaches that combine classical and quantum-resistant methods (for example, ECDH with Kyber) and hardware acceleration using FPGAs or GPUs offer potential mitigation strategies, further research is necessary to support efficient deployment and long-term compatibility within aerial communication networks [7,30,35].

9.5. Energy-Efficient Security Solutions

UAV platforms are energy-constrained by design, and cryptographic operations contribute significantly to power consumption, especially in multi-hop or high-throughput scenarios. Lightweight encryption algorithms such as ASCON and energy-aware key exchange schemes have demonstrated promise, but optimal trade-offs between security strength, computation cost, and battery life are still poorly defined. Emerging techniques, such as reinforcement learning for the adaptation of encryption strategies or context-sensitive cipher selection, require further validation through field-deployable testbeds, as discussed in recent efforts to model energy-sensitive encryption schemes for UAVs [13,31].

9.6. Physical Layer and Environmental Considerations

UAVs operating in urban landscapes or rugged terrains encounter significant physical-layer impairments, including non-line-of-sight propagation, multipath fading, Doppler shifts, and environmental interference. These effects reduce signal reliability and increase vulnerability to jamming, spoofing, and eavesdropping attacks. To mitigate these risks, future UAV systems must incorporate physical layer security (PLS) techniques such as beamforming, cooperative relaying, frequency hopping, and reconfigurable intelligent surfaces. These methods can dynamically adapt to propagation characteristics to enhance confidentiality, resilience, and spectral efficiency [50,177].

9.7. Data Privacy and Regulation Compliance

The proliferation of UAVs in civilian surveillance, logistics, and smart infrastructure raises growing concerns around user privacy and regulatory compliance. UAVs frequently capture sensitive data such as facial imagery, behavioral patterns, and geolocation histories. While encryption protects data in transit, privacy-by-design principles remain underdeveloped in UAV communication frameworks. Future protocols must incorporate techniques such as differential privacy, secure multi-party computation, homomorphic encryption, and privacy-preserving data aggregation. Furthermore, UAV systems must align with international data protection standards (e.g., GDPR, CCPA), which are not yet fully addressed in existing security architectures [21,194].

9.8. AI-Driven and Autonomous Security Management

Artificial intelligence (AI) is poised to play a transformative role in UAV cybersecurity by enabling autonomous detection, prediction, and mitigation of threats. Machine learning models can support anomaly detection, adaptive trust assessment, and context-aware encryption strategies. However, AI-driven systems also introduce new risks, such as susceptibility to adversarial inputs, model inversion, and data poisoning attacks. In safety-critical UAV deployments, explainable and robust AI architectures must be developed to ensure transparency, accountability, and fault tolerance under adversarial conditions. This area remains underexplored and requires close coordination between AI, embedded systems, and cryptographic research communities [29,195].

9.9. Space–Air–Ground Integrated Networks (SAGIN) for UAV Communication Security

As the need for seamless, wide-area coverage and robust communication continues to grow, Space–Air–Ground Integrated Networks (SAGIN) have emerged as a promising paradigm for next-generation UAV systems. SAGIN architectures unify satellite links, high-altitude platforms, UAV swarms, and terrestrial infrastructure into a multi-layered, heterogeneous communication network. This integrated approach enhances coverage, improves redundancy, and supports adaptive routing strategies essential for mission-critical aerial applications.
However, the integration of UAVs into SAGIN environments introduces unique security challenges. Establishing secure communication across layers involves high variability in latency, heterogeneous trust models, and inconsistent availability of cryptographic resources. UAVs may function as dynamic relays or edge nodes within SAGIN, requiring flexible identity management, efficient key distribution mechanisms, and real-time trust negotiation protocols. Furthermore, the shared spectrum among space and aerial assets increases the risk of interference, jamming, and interception, necessitating advanced protection mechanisms.
Recent research has explored the application of blockchain-based trust management to address these challenges. For instance, a blockchain-empowered SAGIN framework has been proposed to ensure secure identity verification, traceability, and tamper resistance across all layers through smart contracts and distributed ledgers [196,197]. While promising, such systems must be optimized to minimize computational and energy overhead, especially on resource-constrained UAV platforms. SAGIN offers a scalable and resilient foundation for future UAV communication systems, but its success depends on the development of lightweight, cross-layer security architectures capable of adapting to dynamic topologies and diverse environmental conditions.

9.10. Large Model-Based Optimizations for UAV Security and Communication

Recent advancements in foundation models and large-scale transformers have sparked interest in their application to autonomous aerial systems. Large model-based optimization techniques, which leverage pre-trained models with billions of parameters, offer new capabilities in dynamic decision-making, real-time threat detection, and policy adaptation. When applied to UAV networks, these models can facilitate adaptive routing, anomaly detection, context-aware encryption, and resource-efficient mission planning by learning from vast multimodal datasets.
However, the deployment of such large-scale AI models within UAVs poses significant challenges. Resource limitations in flight controllers constrain onboard inference, necessitating the use of edge or cloud-assisted processing. This, in turn, raises concerns around latency, reliability, and data privacy, particularly in delay-sensitive and mission-critical applications. In response, hybrid approaches that combine lightweight local models with periodic synchronization to large models hosted at edge servers have gained traction. In addition, as large models become embedded in the decision loops of UAV systems, their interpretability, robustness to adversarial input, and alignment with mission objectives become critical. Emerging paradigms such as explainable AI (XAI), continual learning, and reinforcement learning with safety constraints are being actively explored to ensure reliability and trustworthiness.
The integration of large model-based optimization techniques into UAV systems represents a promising frontier. It enables more intelligent, resilient, and autonomous communication security strategies, especially when combined with edge intelligence, federated learning, and privacy-preserving computation methods [198,199].

9.11. Deployment Challenges in Real UAV Systems

Despite the conceptual maturity of many secure communication techniques discussed in this review, their deployment in real UAV systems presents unresolved engineering challenges. Most lightweight cryptographic protocols, post-quantum key exchanges, and cross-layer security models have been evaluated primarily in simulation environments or using generalized IoT hardware. However, integrating these mechanisms into commercial UAV platforms such as Pixhawk, STM32-based autopilots, or proprietary drone firmware often requires firmware-level access, cryptographic acceleration support, and real-time operating system (RTOS) compatibility- constraints that are rarely addressed in academic literature [114,200].
For instance, post-quantum algorithms such as Kyber and Classic McEliece demand substantial memory and CPU cycles, which may not be available on constrained flight controllers. Similarly, blockchain-based protocols for identity and routing verification introduce latency and synchronization overheads that may degrade system responsiveness, especially in multi-hop UAV swarms. Over-the-air key rekeying, while conceptually attractive, remains difficult to implement without persistent connectivity and secure boot validation.
Table 12 provides a mapping between known threats and solution mechanisms along with associated engineering constraints such as memory usage, CPU overhead, latency, and firmware requirements. These trade-offs must be carefully evaluated during system design, especially when UAVs are deployed in environments with high mobility, intermittent connectivity, or limited ground control. To move from theory to practice, future work should explore hardware-software co-design strategies, secure firmware interfaces, and benchmark evaluations across a range of COTS UAV platforms. Additionally, establishing testbed frameworks and reference implementations could significantly accelerate the translation of academic research into deployable security solutions.
The key challenges and emerging research directions discussed in this section are consolidated in Table 15, which summarizes each challenge area, its problem context, and potential solution pathways for securing UAV communications.

9.12. Path Forward

Securing UAV communication requires interdisciplinary collaboration across cryptography, wireless systems, artificial intelligence, embedded hardware, and policy domains. Emphasis must be placed on designing lightweight, quantum-resistant cryptographic protocols; developing scalable key management schemes; establishing interoperable security standards; and ensuring privacy-preserving mechanisms for sensitive data. Future systems should incorporate adaptive, multilayer security models that can respond in real time to evolving threats. The path forward demands joint efforts from academia, industry stakeholders, and regulatory bodies to align innovation with practical deployment and compliance needs.

10. Conclusions

The rapid adoption of UAVs across diverse domains has introduced significant opportunities alongside considerable security challenges, particularly as UAV systems become more autonomous and interconnected via wireless networks, heightening the importance of ensuring communication confidentiality, integrity, authenticity, and availability. This review systematically analyzed UAV communication security by identifying core threats, evaluating emerging solutions, and contextualizing these approaches across major UAV application scenarios. Key strategies explored include lightweight encryption techniques, key management protocols, post quantum cryptography (PQC), trust establishment through blockchain or Physical Unclonable Functions (PUFs), and multilayer security frameworks, each assessed for computational efficiency, scalability, and adaptability to UAV-specific constraints. A comprehensive suitability matrix was developed to compare these security mechanisms across diverse operational contexts such as precision agriculture, disaster response, logistics and delivery, environmental monitoring, search and rescue, and infrastructure inspection, revealing that no single solution is universally optimal. Instead, effective UAV security requires carefully selecting and tailoring methods aligned with domain-specific threats and operational goals. The paper emphasized future-proofing UAV communications using advanced cryptographic algorithms and decentralized trust methods, highlighting promising approaches like ASCON, Kyber, NTRU, blockchain-based routing validation, and PUF-based authentication. This study synthesizes existing literature into an integrated framework, emphasizing tradeoffs between performance and protection, and provides guidance for researchers and designers aiming at future development, simulation, and empirical evaluation. Ultimately, this work stresses the necessity of lightweight, context-aware, and resilient UAV security frameworks, recommending further research focused on optimizing cryptographic primitives for resource-limited UAV platforms, standardizing evaluation metrics, and enabling adaptive, real-time threat responses through integrated sensing and secure AI to maintain robust security in future UAV deployments supporting 6G connectivity, edge intelligence, and autonomous swarm operations.

Author Contributions

Conceptualization, S.S. (Sayani Sarkar); methodology, S.S. (Sayani Sarkar); validation, S.S. (Sayani Sarkar), S.S. (Sima Shafaei) and T.S.J.; formal analysis, S.S. (Sayani Sarkar); investigation, S.S. (Sayani Sarkar), S.S. (Sima Shafaei) and T.S.J.; resources, S.S. (Sayani Sarkar), S.S. (Sima Shafaei) and T.S.J.; data curation, S.S. (Sayani Sarkar), S.S. (Sima Shafaei), T.S.J. and M.W.T.; writing—original draft preparation, S.S. (Sayani Sarkar), S.S. (Sima Shafaei), and T.S.J.; writing, review and editing, S.S. (Sayani Sarkar) and M.W.T.; visualization, S.S. (Sayani Sarkar), S.S. (Sima Shafaei) and T.S.J.; supervision, M.W.T.; project administration, S.S. (Sayani Sarkar). All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Telli, K.; Kraa, O.; Himeur, Y.; Ouamane, A.; Boumehraz, M.; Atalla, S.; Mansoor, W. A comprehensive review of recent research trends on unmanned aerial vehicles (uavs). Systems 2023, 11, 400. [Google Scholar] [CrossRef]
  2. Abro, G.E.M.; Zulkifli, S.A.B.; Masood, R.J.; Asirvadam, V.S.; Laouiti, A. Comprehensive review of UAV detection, security, and communication advancements to prevent threats. Drones 2022, 6, 284. [Google Scholar] [CrossRef]
  3. Yang, Z.; Xu, W.; Shikh-Bahaei, M. Energy efficient UAV communication with energy harvesting. IEEE Trans. Veh. Technol. 2019, 69, 1913–1927. [Google Scholar] [CrossRef]
  4. Patel, A.; Cherukuri, A.K. Analysis of Light-Weight Cryptography Algorithms for UAV-Networks. arXiv 2025, arXiv:2504.04063. [Google Scholar] [CrossRef]
  5. Meer, I.A.; Besser, K.L.; Ozger, M.; Schupke, D.; Poor, H.V.; Cavdar, C. Hierarchical Multi-Agent DRL Based Dynamic Cluster Reconfiguration for UAV Mobility Management. arXiv 2024, arXiv:2412.16167. [Google Scholar]
  6. Lei, Y.; Zeng, L.; Li, Y.X.; Wang, M.X.; Qin, H. A lightweight authentication protocol for UAV networks based on security and computational resource optimization. IEEE Access 2021, 9, 53769–53785. [Google Scholar] [CrossRef]
  7. Khan, M.A.; Javaid, S.; Mohsan, S.A.H.; Tanveer, M.; Ullah, I. Future-proofing security for UAVs with post-quantum cryptography: A review. IEEE Open J. Commun. Soc. 2024, 5, 6849–6871. [Google Scholar] [CrossRef]
  8. Xia, T.; Wang, M.; He, J.; Yang, G.; Fan, L.; Wei, G. A Quantum-Resistant Identity Authentication and Key Agreement Scheme for UAV Networks Based on Kyber Algorithm. Drones 2024, 8, 359. [Google Scholar] [CrossRef]
  9. Hossain, M.I.; Tahtali, M.; Turhan, U.; Biswas, K. Blockchain Integration in UAV Networks: Performance Metrics and Analysis. Sensors 2024, 24, 7813. [Google Scholar] [CrossRef]
  10. Hafeez, S.; Shawky, M.A.; Al-Quraan, M.; Mohjazi, L.; Imran, M.A.; Sun, Y. Beta-UAV: Blockchain-based efficient authentication for secure UAV communication. arXiv 2024, arXiv:2402.15817. [Google Scholar]
  11. Ranjitha, K.; Pathak, D.; Tammana, P.; A, A.F.; Alladi, T. Accelerating PUF-based UAV authentication protocols using programmable switch. In Proceedings of the 2022 14th International Conference on COMmunication Systems & NETworkS (COMSNETS), Bangalore, India, 4–8 January 2022; pp. 309–313. [Google Scholar]
  12. Avery, J.; Fraelich, B.; Duran, W.; Lee, A.; Sullivan, A.; Mechalke, Z.; Birrer, M.; Dick, S.; Cochran, J. Analysis of Practical Application of Lightweight Cryptographic Algorithm Ascon; Computer Security Resource Center: Gaithersburg, MD, USA, 2022. [Google Scholar]
  13. Li, T.; Zhang, J.; Obaidat, M.S.; Lin, C.; Lin, Y.; Shen, Y.; Ma, J. Energy-efficient and secure communication toward UAV networks. IEEE Internet Things J. 2021, 9, 10061–10076. [Google Scholar] [CrossRef]
  14. Federal Aviation Administration. Equipment, Systems, and Network Information Security Protection (2120-AL94): Notice of Proposed Rulemaking. Docket No. FAA-2024-1398. 2024. Available online: https://www.regulations.gov/docket/FAA-2024-1398 (accessed on 13 July 2025).
  15. European Union Aviation Safety Agency. Easy Access Rules for Unmanned Aircraft Systems: Regulations (EU) 2019/947 and 2019/945. Technical Report, EASA, 2024. Consolidated Version with Amendments and Guidance Material. Available online: https://www.easa.europa.eu/en/document-library/easy-access-rules/easy-access-rules-unmanned-aircraft-systems-regulations-eu (accessed on 12 July 2025).
  16. Pandey, G.K.; Gurjar, D.S.; Nguyen, H.H.; Yadav, S. Security threats and mitigation techniques in UAV communications: A comprehensive survey. IEEE Access 2022, 10, 112858–112897. [Google Scholar] [CrossRef]
  17. Rupasinghe, N.; Yapici, Y.; Guvenc, I.; Dai, H.; Bhuyan, A. Physical layer security for UAV communications. In UAV Communications for 5G and Beyond; John Wiley & Sons Ltd.: Hoboken, NJ, USA, 2020; pp. 373–397. [Google Scholar]
  18. Wang, J.; Wang, X.; Gao, R.; Lei, C.; Feng, W.; Ge, N.; Jin, S.; Quek, T.Q. Physical layer security for UAV communications: A comprehensive survey. China Commun. 2022, 19, 77–115. [Google Scholar] [CrossRef]
  19. Xiaoning, Z. Analysis of military application of UAV swarm technology. In Proceedings of the 2020 3rd International Conference on Unmanned Systems (ICUS), Harbin, China, 27–28 November 2020; pp. 1200–1204. [Google Scholar]
  20. Jin, H.; Zhou, Y.; Jin, X.; Zhang, S. Energy-efficient UAV communication: A NOMA scheme with resource allocation and trajectory optimization. PLoS ONE 2024, 19, e0301819. [Google Scholar] [CrossRef]
  21. Mekdad, Y.; Aris, A.; Babun, L.; El Fergougui, A.; Conti, M.; Lazzeretti, R.; Uluagac, A.S. A survey on security and privacy issues of UAVs. Comput. Netw. 2023, 224, 109626. [Google Scholar] [CrossRef]
  22. Abdullayeva, F.; Valikhanli, O. A survey on UAVs security issues: Attack modeling, security aspects, countermeasures, open issues. Control Cybern. 2023, 52, 405–439. [Google Scholar] [CrossRef]
  23. Felix, O.O. Securing the skies: A comprehensive survey on internet of drones security challenges and solutions. World J. Adv. Res. Rev. 2023, 20, 780–800. [Google Scholar] [CrossRef]
  24. Rugo, A.; Ardagna, C.A.; Ioini, N.E. A security review in the UAVNet era: Threats, countermeasures, and gap analysis. ACM Comput. Surv. (CSUR) 2022, 55, 21. [Google Scholar] [CrossRef]
  25. Tang, A.C. A review on cybersecurity vulnerabilities for urban air mobility. In Proceedings of the Aiaa Scitech 2021 Forum, Virtual, 11–15 and 19–21 January 2021; p. 0773. [Google Scholar]
  26. Patel, T.; Salot, N.; Parikh, V. A systematic literature review on Security of Unmanned Aerial Vehicle Systems. arXiv 2022, arXiv:2212.05028. [Google Scholar] [CrossRef]
  27. Niyonsaba, S.; Konate, K.; Soidridine, M.M. A Survey on Cybersecurity in Unmanned Aerial Vehicles: Cyberattacks, Defense Techniques and Future Research Directions. Int. J. Comput. Networks Appl. 2023, 10, 688–705. [Google Scholar] [CrossRef]
  28. Choi, J.; Son, S.; Kwon, D.; Park, Y. A PUF-Based Secure Authentication and Key Agreement Scheme for the Internet of Drones. Sensors 2025, 25, 982. [Google Scholar] [CrossRef] [PubMed]
  29. Tlili, F.; Ayed, S.; Fourati, L.C. Advancing UAV security with artificial intelligence: A comprehensive survey of techniques and future directions. Internet Things 2024, 27, 101281. [Google Scholar] [CrossRef]
  30. Aissaoui, R.; Deneuville, J.C.; Guerber, C.; Pirovano, A. Evaluating Post-Quantum Key Exchange Mechanisms for UAV Communication Security. In Proceedings of the 2024 AIAA DATC/IEEE 43rd Digital Avionics Systems Conference (DASC), San Diego, CA, USA, 29 September–3 October 2024; pp. 1–10. [Google Scholar]
  31. Gu, X.; Zhang, G.; Wang, M.; Duan, W.; Wen, M.; Ho, P.H. UAV-aided energy-efficient edge computing networks: Security offloading optimization. IEEE Internet Things J. 2021, 9, 4245–4258. [Google Scholar] [CrossRef]
  32. Yaacoub, J.P.; Noura, H.; Salman, O.; Chehab, A. Security analysis of drones systems: Attacks, limitations, and recommendations. Internet Things 2020, 11, 100218. [Google Scholar] [CrossRef]
  33. Khan, N.A.; Jhanjhi, N.; Brohi, S.N.; Almazroi, A.A.; Almazroi, A.A. A secure communication protocol for unmanned aerial vehicles. CMC-Comput. Mater. Contin. 2022, 70, 601–618. [Google Scholar]
  34. Cagua, G.; Gauthier-Umaña, V.; Lozano-Garzon, C. Implementation and Performance of Lightweight Authentication Encryption ASCON on IoT Devices. IEEE Access 2025, 13, 16671–16682. [Google Scholar] [CrossRef]
  35. Abbood, A.A.; AL-Shammri, F.K.; Alzamili, Z.M.; Al-Shareeda, M.A.; Almaiah, M.A.; AlAli, R. Investigating quantum-resilient security mechanisms for flying ad-hoc networks (fanets). J. Robot. Control (JRC) 2025, 6, 456–469. [Google Scholar] [CrossRef]
  36. Ghribi, E.; Khoei, T.T.; Gorji, H.T.; Ranganathan, P.; Kaabouch, N. A secure blockchain-based communication approach for UAV networks. In Proceedings of the 2020 IEEE International Conference on Electro Information Technology (EIT), Chicago, IL, USA, 31 July–1 August 2020; pp. 411–415. [Google Scholar]
  37. Hafeez, S. Blockchain-Based Secure Unmanned Aerial Vehicles (UAV) in Network Design and Optimization. Ph.D. Thesis, University of Glasgow, Glasgow, UK, 2024. [Google Scholar]
  38. Jagatheesaperumal, S.K.; Rahouti, M.; Chehri, A.; Xiong, K.; Bieniek, J. Blockchain-based security architecture for unmanned aerial vehicles in b5g/6g services and beyond: A comprehensive approach. IEEE Open J. Commun. Soc. 2025, 6, 1042–1069. [Google Scholar] [CrossRef]
  39. Alkatheiri, M.S.; Saleem, S.; Alqarni, M.A.; Aseeri, A.O.; Chauhdary, S.H.; Zhuang, Y. A lightweight authentication scheme for a network of unmanned aerial vehicles (UAVs) by using physical unclonable functions. Electronics 2022, 11, 2921. [Google Scholar] [CrossRef]
  40. Fotohi, R.; Abdan, M.; Ghasemi, S. A Self-Adaptive Intrusion Detection System for Securing UAV-to-UAV Communications Based on the Human Immune System in UAV Networks: A Self-adaptive intrusion detection system for securing UAV-to-UAV communications based on the Human immune system in UAV networks. J. Grid Comput. 2022, 20, 22. [Google Scholar]
  41. AL-Syouf, R.A.; Bani-Hani, R.M.; AL-Jarrah, O.Y. Machine learning approaches to intrusion detection in unmanned aerial vehicles (UAVs). Neural Comput. Appl. 2024, 36, 18009–18041. [Google Scholar] [CrossRef]
  42. George, D.R.; Sciancalepore, S.; Zannone, N. Privacy-Preserving Multi-Party Access Control for Third-Party UAV Services. In Proceedings of the 28th ACM Symposium on Access Control Models and Technologies, Trento, Italy, 7–9 June 2023; pp. 19–30. [Google Scholar]
  43. Vomvas, M.; Blass, E.O.; Noubir, G. SELEST: Secure elevation estimation of drones using MPC. In Proceedings of the 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks, Abu Dhabi, United Arab Emirates, 28 June–2 July 2021; pp. 238–249. [Google Scholar]
  44. Al Farsi, A.; Khan, A.; Mughal, M.R.; Bait-Suwailam, M.M. Privacy and security challenges in federated learning for uav systems: A systematic review. IEEE Access 2025, 13, 86599–86615. [Google Scholar] [CrossRef]
  45. Wang, Y.; Su, Z.; Zhang, N.; Benslimane, A. Learning in the air: Secure federated learning for UAV-assisted crowdsensing. IEEE Trans. Netw. Sci. Eng. 2020, 8, 1055–1069. [Google Scholar] [CrossRef]
  46. Mu, J.; Zhang, R.; Cui, Y.; Gao, N.; Jing, X. UAV meets integrated sensing and communication: Challenges and future directions. IEEE Commun. Mag. 2023, 61, 62–67. [Google Scholar] [CrossRef]
  47. Meng, K.; Wu, Q.; Xu, J.; Chen, W.; Feng, Z.; Schober, R.; Swindlehurst, A.L. UAV-enabled integrated sensing and communication: Opportunities and challenges. IEEE Wirel. Commun. 2023, 31, 97–104. [Google Scholar] [CrossRef]
  48. Sun, X.; Ng, D.W.K.; Ding, Z.; Xu, Y.; Zhong, Z. Physical layer security in UAV systems: Challenges and opportunities. IEEE Wirel. Commun. 2019, 26, 40–47. [Google Scholar] [CrossRef]
  49. Wu, Q.; Mei, W.; Zhang, R. Safeguarding wireless network with UAVs: A physical layer security perspective. IEEE Wirel. Commun. 2019, 26, 12–18. [Google Scholar] [CrossRef]
  50. Xu, F.; Ahmad, S.; Khan, M.N.; Ahmed, M.; Raza, S.; Khan, F.; Ma, Y.; Khan, W.U. Beyond encryption: Exploring the potential of physical layer security in UAV networks. J. King Saud Univ.-Comput. Inf. Sci. 2023, 35, 101717. [Google Scholar] [CrossRef]
  51. Lu, H.; Zhang, H.; Dai, H.; Wu, W.; Wang, B. Proactive eavesdropping in UAV-aided suspicious communication systems. IEEE Trans. Veh. Technol. 2018, 68, 1993–1997. [Google Scholar] [CrossRef]
  52. Ceviz, O.; Sen, S.; Sadioglu, P. A Survey of Security in Uavs and Fanets: Issues, Threats, Analysis of Attacks, and Solutions. IEEE Commun. Surv. Tutor. 2024. early access. [Google Scholar] [CrossRef]
  53. Tsao, K.Y.; Girdler, T.; Vassilakis, V.G. A survey of cyber security threats and solutions for UAV communications and flying ad-hoc networks. Ad Hoc Netw. 2022, 133, 102894. [Google Scholar] [CrossRef]
  54. Wang, Z.; Li, Y.; Wu, S.; Zhou, Y.; Yang, L.; Xu, Y.; Zhang, T.; Pan, Q. A survey on cybersecurity attacks and defenses for unmanned aerial systems. J. Syst. Archit. 2023, 138, 102870. [Google Scholar] [CrossRef]
  55. Emani, R. Cybersecurity Analysis and Defense of the MAVLink UAS Protocol. Master’s Thesis, The Pennsylvania State University, University Park, PA, USA, 2024. [Google Scholar]
  56. Koubâa, A.; Allouch, A.; Alajlan, M.; Javed, Y.; Belghith, A.; Khalgui, M. Micro air vehicle link (mavlink) in a nutshell: A survey. IEEE Access 2019, 7, 87658–87680. [Google Scholar] [CrossRef]
  57. Baek, H.; Lim, J. Design of future UAV-relay tactical data link for reliable UAV control and situational awareness. IEEE Commun. Mag. 2018, 56, 144–150. [Google Scholar] [CrossRef]
  58. Thakur, A.; Sharma, S.K.; Bhogey, R.K.; Kumar, B. Evaluating ad-hoc network performance against black hole, sybil, and ddos attacks. Mach. Intell. Res. 2024, 18, 161–173. [Google Scholar]
  59. Younas, S.; Rehman, F.; Maqsood, T.; Mustafa, S.; Akhunzada, A.; Gani, A. Collaborative detection of black hole and gray hole attacks for secure data communication in VANETs. Appl. Sci. 2022, 12, 12448. [Google Scholar] [CrossRef]
  60. Wang, X.; Zhao, Z.; Yi, L.; Ning, Z.; Guo, L.; Yu, F.R.; Guo, S. A Survey on Security of UAV Swarm Networks: Attacks and Countermeasures. ACM Comput. Surv. 2024, 57, 74. [Google Scholar] [CrossRef]
  61. Choe, H.; Kang, D. ECC based Authentication Protocol for Military Internet of Drone (IoD): A Holistic Security Framework. IEEE Access 2025, 13, 21503–21519. [Google Scholar] [CrossRef]
  62. Catuogno, L.; Galdi, C. Secure Firmware Update: Challenges and Solutions. Cryptography 2023, 7, 30. [Google Scholar] [CrossRef]
  63. Ficco, M.; Esposito, C.; Aloi, G.; Palmieri, F. MAVLink Protocol for Unmanned Aerial Vehicle: Vulnerabilities Analysis. In Proceedings of the 2022 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing, International Conference on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), Falerna, Italy, 12–15 September 2022; pp. 453–460. [Google Scholar] [CrossRef]
  64. Pathak, D.; Ranjitha, K.; Tammana, P.; Alladi, T. Accelerating PUF-Based Authentication Protocols Using Programmable Switch. In Proceedings of the NOMS 2023–2023 IEEE/IFIP Network Operations and Management Symposium, Miami, FL, USA, 8–12 May 2023; pp. 1–6. [Google Scholar] [CrossRef]
  65. Mouha, N. The design space of lightweight cryptography. Cryptol. ePrint Arch. 2015. [Google Scholar]
  66. Buchanan, W.J.; Li, S.; Asif, R. Lightweight cryptography methods. J. Cyber Secur. Technol. 2017, 1, 187–201. [Google Scholar] [CrossRef]
  67. Aljaedi, A.; Alharbi, A.R.; Aljuhni, A.; Alghuson, M.K.; Alassmi, S.; Shafique, A. A lightweight encryption algorithm for resource-constrained IoT devices using quantum and chaotic techniques with metaheuristic optimization. Sci. Rep. 2025, 15, 14050. [Google Scholar] [CrossRef] [PubMed]
  68. Hatzivasilis, G.; Fysarakis, K.; Papaefstathiou, I.; Manifavas, C. A review of lightweight block ciphers. J. Cryptogr. Eng. 2018, 8, 141–184. [Google Scholar] [CrossRef]
  69. Salama, D.; Kader, H.A.; Hadhoud, M. Studying the effects of most common encryption algorithms. Int. Arab J. e-Technol. 2011, 2, 1–10. [Google Scholar]
  70. Alizadeh, M.; Salleh, M.; Zamani, M.; Shayan, J.; Karamizadeh, S. Security and performance evaluation of lightweight cryptographic algorithms in RFID. In Recent Researches in Communications and Computers; WSEAS: Stevens Point, WI, USA, 2012; pp. 45–50. [Google Scholar]
  71. Prakasam, P.; Madheswaran, M.; Sujith, K.; Sayeed, M.S. Low latency, area and optimal power hybrid lightweight cryptography authentication scheme for internet of things applications. Wirel. Pers. Commun. 2022, 126, 351–365. [Google Scholar] [CrossRef]
  72. Bogdanov, A.; Knudsen, L.R.; Leander, G.; Paar, C.; Poschmann, A.; Robshaw, M.J.; Seurin, Y.; Vikkelsoe, C. PRESENT: An ultra-lightweight block cipher. In Cryptographic Hardware and Embedded Systems-CHES 2007, Proceedings of the 9th International Workshop, Vienna, Austria, 10–13 September 2007; Proceedings 9; Springer: Berlin/Heidelberg, Germany, 2007; pp. 450–466. [Google Scholar]
  73. Abed, F.; List, E.; Lucks, S.; Wenzel, J. Cryptanalysis of the speck family of block ciphers. Cryptol. ePrint Arch. 2013. [Google Scholar]
  74. Beaulieu, R.; Shors, D.; Smith, J.; Treatman-Clark, S.; Weeks, B.; Wingers, L. The SIMON and SPECK lightweight block ciphers. In Proceedings of the 52nd Annual Design Automation Conference, San Francisco, CA, USA, 7–11 June 2015; pp. 1–6. [Google Scholar]
  75. De Canniere, C.; Preneel, B. Trivium. In New Stream Cipher Designs: The eSTREAM Finalists; Springer: Berlin/Heidelberg, Germany, 2008; pp. 244–266. [Google Scholar]
  76. Hell, M.; Johansson, T.; Meier, W. Grain: A stream cipher for constrained environments. Int. J. Wirel. Mob. Comput. 2007, 2, 86–93. [Google Scholar] [CrossRef]
  77. Miller, V.S. Use of elliptic curves in cryptography. In Advances in Cryptology, Proceedings of the Conference on the Theory and Application of Cryptographic Techniques, Santa Barbara, CA, USA, 18–22 August 1985; Springer: Berlin/Heidelberg, Germany, 1986; pp. 417–426. [Google Scholar]
  78. Koblitz, N. Elliptic curve cryptosystems. Math. Comput. 1987, 48, 203–209. [Google Scholar] [CrossRef]
  79. Lara-Nino, C.A.; Diaz-Perez, A.; Morales-Sandoval, M. Elliptic curve lightweight cryptography: A survey. IEEE Access 2018, 6, 72514–72550. [Google Scholar] [CrossRef]
  80. Semsch, E.; Jakob, M.; Pavlicek, D.; Pechoucek, M. Autonomous UAV surveillance in complex urban environments. In Proceedings of the 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology, Milan, Italy, 15–18 September 2009; Volume 2, pp. 82–85. [Google Scholar]
  81. Asadzadeh, S.; de Oliveira, W.J.; de Souza Filho, C.R. UAV-based remote sensing for the petroleum industry and environmental monitoring: State-of-the-art and perspectives. J. Pet. Sci. Eng. 2022, 208, 109633. [Google Scholar] [CrossRef]
  82. Hildmann, H.; Kovacs, E. Using unmanned aerial vehicles (UAVs) as mobile sensing platforms (MSPs) for disaster response, civil security and public safety. Drones 2019, 3, 59. [Google Scholar] [CrossRef]
  83. Dorling, K.; Heinrichs, J.; Messier, G.G.; Magierowski, S. Vehicle routing problems for drone delivery. IEEE Trans. Syst. Man, Cybern. Syst. 2016, 47, 70–85. [Google Scholar] [CrossRef]
  84. Chiang, W.C.; Li, Y.; Shang, J.; Urban, T.L. Impact of drone delivery on sustainability and cost: Realizing the UAV potential through vehicle routing optimization. Appl. Energy 2019, 242, 1164–1175. [Google Scholar] [CrossRef]
  85. Outay, F.; Mengash, H.A.; Adnan, M. Applications of unmanned aerial vehicle (UAV) in road safety, traffic and highway infrastructure management: Recent advances and challenges. Transp. Res. Part A Policy Pract. 2020, 141, 116–129. [Google Scholar] [CrossRef] [PubMed]
  86. Tsouros, D.C.; Bibi, S.; Sarigiannidis, P.G. A review on UAV-based applications for precision agriculture. Information 2019, 10, 349. [Google Scholar] [CrossRef]
  87. Scherer, J.; Rinner, B. Multi-UAV surveillance with minimum information idleness and latency constraints. IEEE Robot. Autom. Lett. 2020, 5, 4812–4819. [Google Scholar] [CrossRef]
  88. Motlagh, N.H.; Bagaa, M.; Taleb, T. UAV-based IoT platform: A crowd surveillance use case. IEEE Commun. Mag. 2017, 55, 128–134. [Google Scholar] [CrossRef]
  89. Maddikunta, P.K.R.; Hakak, S.; Alazab, M.; Bhattacharya, S.; Gadekallu, T.R.; Khan, W.Z.; Pham, Q.V. Unmanned aerial vehicles in smart agriculture: Applications, requirements, and challenges. IEEE Sens. J. 2021, 21, 17608–17619. [Google Scholar] [CrossRef]
  90. Betti Sorbelli, F. UAV-based delivery systems: A systematic review, current trends, and research challenges. J. Auton. Transp. Syst. 2024, 1, 12. [Google Scholar] [CrossRef]
  91. Noorwali, A.; Javed, M.A.; Khan, M.Z. Efficient UAV Communications: Recent Trends and Challenges. Comput. Mater. Contin. 2021, 67, 463–476. [Google Scholar] [CrossRef]
  92. Vandersteegen, M.; Van Beeck, K.; Goedemé, T. Super accurate low latency object detection on a surveillance UAV. In Proceedings of the 2019 16th International Conference on Machine Vision Applications (MVA), Tokyo, Japan, 27–31 May 2019; pp. 1–6. [Google Scholar]
  93. Jin, H.; Jin, X.; Zhou, Y.; Guo, P.; Ren, J.; Yao, J.; Zhang, S. A survey of energy efficient methods for UAV communication. Veh. Commun. 2023, 41, 100594. [Google Scholar] [CrossRef]
  94. Abubakar, A.I.; Ahmad, I.; Omeke, K.G.; Ozturk, M.; Ozturk, C.; Abdel-Salam, A.M.; Mollel, M.S.; Abbasi, Q.H.; Hussain, S.; Imran, M.A. A survey on energy optimization techniques in UAV-based cellular networks: From conventional to machine learning approaches. Drones 2023, 7, 214. [Google Scholar] [CrossRef]
  95. Kumar, N. Energy efficient communication methods for unmanned ariel vehicles (UAVs): Last five years’ study. In Unmanned Aerial Vehicles for Internet of Things (IoT) Concepts, Techniques, and Applications; Scrivener Publishing: Beverly, MA, USA, 2021; pp. 73–88. [Google Scholar]
  96. Nawaz, H.; Ali, H.M.; Laghari, A.A. UAV communication networks issues: A review. Arch. Comput. Methods Eng. 2021, 28, 1349–1369. [Google Scholar] [CrossRef]
  97. Di, H.; Zhu, X.; Liu, Z.; Tu, X. Joint blocklength and trajectory optimizations for urllc-enabled uav relay system. IEEE Commun. Lett. 2023, 28, 118–122. [Google Scholar] [CrossRef]
  98. Huang, Y.; Cui, M.; Zhang, G.; Chen, W. Bandwidth, power and trajectory optimization for UAV base station networks with backhaul and user QoS constraints. IEEE Access 2020, 8, 67625–67634. [Google Scholar] [CrossRef]
  99. Saleab, M.; Sax, F.; Schumann, J.; Holzapfel, F. Low-level memory and timing analysis of flight code for unmanned aerial systems. Aerosp. Syst. 2024, 7, 209–225. [Google Scholar] [CrossRef]
  100. Iacovelli, G.; Boccadoro, P.; Grieco, L.A. On the interplay between energy and memory constraints in optimized uav communications. IEEE Netw. Lett. 2020, 2, 203–206. [Google Scholar] [CrossRef]
  101. Thammawichai, M.; Baliyarasimhuni, S.P.; Kerrigan, E.C.; Sousa, J.B. Optimizing communication and computation for multi-UAV information gathering applications. IEEE Trans. Aerosp. Electron. Syst. 2017, 54, 601–615. [Google Scholar] [CrossRef]
  102. Khalid, R.; Shah, Z.; Naeem, M.; Ali, A.; Al-Fuqaha, A.; Ejaz, W. Computational efficiency maximization for UAV-assisted MEC networks with energy harvesting in disaster scenarios. IEEE Internet Things J. 2023, 11, 9004–9018. [Google Scholar] [CrossRef]
  103. Jouhari, M.; Al-Ali, A.K.; Baccour, E.; Mohamed, A.; Erbad, A.; Guizani, M.; Hamdi, M. Distributed CNN inference on resource-constrained UAVs for surveillance systems: Design and optimization. IEEE Internet Things J. 2021, 9, 1227–1242. [Google Scholar] [CrossRef]
  104. Mohd, B.J.; Hayajneh, T.; Vasilakos, A.V. A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues. J. Netw. Comput. Appl. 2015, 58, 73–93. [Google Scholar] [CrossRef]
  105. McKay, K.; Bassham, L.; Sönmez Turan, M.; Mouha, N. Report on Lightweight Cryptography; Technical Report; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2016. [Google Scholar]
  106. Al-Yousfi, E.A.; Alkhawlani, M. Comprehensive Survey of Lightweight Ciphers for Resource-Constrained IoT Devices. Univ. Sci. Technol. J. Eng. Technol. 2025, 3, 77–115. [Google Scholar]
  107. Son, S.; Kwon, D.; Lee, S.; Jeon, Y.; Das, A.K.; Park, Y. Design of secure and lightweight authentication scheme for UAV-enabled intelligent transportation systems using blockchain and PUF. IEEE Access 2023, 11, 60240–60253. [Google Scholar] [CrossRef]
  108. Nikooghadam, M.; Amintoosi, H.; Islam, S.H.; Moghadam, M.F. A provably secure and lightweight authentication scheme for Internet of Drones for smart city surveillance. J. Syst. Archit. 2021, 115, 101955. [Google Scholar] [CrossRef]
  109. Zhang, J.; Gu, P.; Wang, Z.; Zou, J.; Liu, G. A Low-Complexity Security Scheme for Drone Communication Based on PUF and LDPC. Drones 2024, 8, 472. [Google Scholar] [CrossRef]
  110. Thakor, V.A.; Razzaque, M.A.; Khandaker, M.R. Lightweight cryptography algorithms for resource-constrained IoT devices: A review, comparison and research opportunities. IEEE Access 2021, 9, 28177–28193. [Google Scholar] [CrossRef]
  111. Okello, W.J.; Liu, Q.; Siddiqui, F.A.; Zhang, C. A survey of the current state of lightweight cryptography for the Internet of things. In Proceedings of the 2017 International Conference on Computer, Information and Telecommunication Systems (CITS), Dalian, China, 21–23 July 2017; pp. 292–296. [Google Scholar]
  112. Pu, C.; Wall, A.; Choo, K.K.R.; Ahmed, I.; Lim, S. A lightweight and privacy-preserving mutual authentication and key agreement protocol for Internet of Drones environment. IEEE Internet Things J. 2022, 9, 9918–9933. [Google Scholar] [CrossRef]
  113. Ning, L.; Ali, Y.; Ke, H.; Nazir, S.; Huanli, Z. A hybrid MCDM approach of selecting lightweight cryptographic cipher based on ISO and NIST lightweight cryptography security requirements for internet of health things. IEEE Access 2020, 8, 220165–220187. [Google Scholar] [CrossRef]
  114. Ravi, N. Integration of UAVS with Real Time Operating Systems and Establishing a Secure Data Transmission. Master’s Thesis, Purdue University, West Lafayette, IN, USA, 2019. [Google Scholar]
  115. De Canniere, C.; Dunkelman, O.; Knežević, M. KATAN and KTANTAN—A family of small and efficient hardware-oriented block ciphers. In Cryptographic Hardware and Embedded Systems—CHES 2009, Proceedings of the International Workshop on Cryptographic Hardware and Embedded Systems, Lausanne, Switzerland, 6–9 September 2009; Springer: Berlin/Heidelberg, Germany, 2009; pp. 272–288. [Google Scholar]
  116. Suryateja, P.; Rao, K.V. A survey on lightweight cryptographic algorithms in IoT. Cybern. Inf. Technol. 2024, 24, 21–34. [Google Scholar] [CrossRef]
  117. Bansod, G.; Raval, N.; Pisharoty, N. Implementation of a new lightweight encryption design for embedded security. IEEE Trans. Inf. Forensics Secur. 2014, 10, 142–151. [Google Scholar] [CrossRef]
  118. Eisenbarth, T.; Gong, Z.; Güneysu, T.; Heyse, S.; Indesteege, S.; Kerckhof, S.; Koeune, F.; Nad, T.; Plos, T.; Regazzoni, F.; et al. Compact implementation and performance evaluation of block ciphers in ATtiny devices. In Progress in Cryptology-AFRICACRYPT 2012, Proceedings of the 5th International Conference on Cryptology in Africa, Ifrance, Morocco, 10–12 July 2012; Proceedings 5; Springer: Berlin/Heidelberg, Germany, 2012; pp. 172–187. [Google Scholar]
  119. Eisenbarth, T.; Kumar, S.; Paar, C.; Poschmann, A.; Uhsadel, L. A survey of lightweight-cryptography implementations. IEEE Des. Test Comput. 2007, 24, 522–533. [Google Scholar] [CrossRef]
  120. Fadhil, K.; Batan, A.B. Advancing Lightweight Cryptographic Techniques for Encrypted Drone Data in Cooperative Smart Grid Transportation. Open J. Robot. Auton. Decis.-Making, Hum.-Mach. Interact. 2024, 9, 10–17. [Google Scholar]
  121. Dhanda, S.S.; Singh, B.; Jindal, P. Lightweight cryptography: A solution to secure IoT. Wirel. Pers. Commun. 2020, 112, 1947–1980. [Google Scholar] [CrossRef]
  122. Singh, S.; Sharma, P.K.; Moon, S.Y.; Park, J.H. Advanced lightweight encryption algorithms for IoT devices: Survey, challenges and solutions. J. Ambient. Intell. Humaniz. Comput. 2024, 15, 1625–1642. [Google Scholar] [CrossRef]
  123. Stallings, W. Cryptography and Network Security, 4th ed.; Pearson Education: Noida, India, 2006. [Google Scholar]
  124. Alshamsi, R.; Naouss, M. Communication Security for UAV in military. Preprint 2025, 2025041585. [Google Scholar]
  125. Jassim, S.A.; Farhan, A.K. A survey on stream ciphers for constrained environments. In Proceedings of the 2021 1st Babylon International Conference on Information Technology and Science (BICITS), Babil, Iraq, 28–29 April 2021; pp. 228–233. [Google Scholar]
  126. Manifavas, C.; Hatzivasilis, G.; Fysarakis, K.; Papaefstathiou, Y. A survey of lightweight stream ciphers for embedded systems. Secur. Commun. Netw. 2016, 9, 1226–1246. [Google Scholar] [CrossRef]
  127. Robshaw, M.; Billet, O. New Stream Cipher Designs: The eSTREAM Finalists; Springer: Berlin/Heidelberg, Germany, 2008; Volume 4986. [Google Scholar]
  128. International Organization for Standardization. ISO/IEC 29192-3:2012—Information Technology—Security Techniques—Lightweight Cryptography—Part 3: Stream Ciphers; ISO: Geneva, Switzerland, 2012; Available online: https://www.iso.org/standard/54533.html (accessed on 13 June 2025).
  129. Bernstein, D.J. The Salsa20 family of stream ciphers. In New Stream Cipher Designs: The eSTREAM Finalists; Springer: Berlin/Heidelberg, Germany, 2008; pp. 84–97. [Google Scholar]
  130. Bernstein, D.J. ChaCha, a variant of Salsa20. In Proceedings of the Workshop Record of SASC, Lausanne, Switzerland, 13–14 February 2008; Volume 8, pp. 3–5. [Google Scholar]
  131. Hasan, H.; Ali, G.; Elmedany, W.; Balakrishna, C. Lightweight encryption algorithms for internet of things: A review on security and performance aspects. In Proceedings of the 2022 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT), Sakheer, Bahrain, 20–21 November 2022; pp. 239–244. [Google Scholar]
  132. Van Tilborg, H.C.; Jajodia, S. Encyclopedia of Cryptography and Security; Springer Science & Business Media: New York, NY, USA, 2014. [Google Scholar]
  133. Liu, Z.; Weng, J.; Hu, Z.; Seo, H. Efficient elliptic curve cryptography for embedded devices. ACM Trans. Embed. Comput. Syst. (TECS) 2016, 16, 53. [Google Scholar] [CrossRef]
  134. Boneh, D.; Franklin, M. Identity-based encryption from the Weil pairing. In Advances in Cryptology—CRYPTO 2001, Proceedings of the 21st Annual International Cryptology Conference, Santa Barbara, CA, USA, 19–23 August 2001; Springer: Berlin/Heidelberg, Germany, 2001; pp. 213–229. [Google Scholar]
  135. Tan, C.C.; Wang, H.; Zhong, S.; Li, Q. IBE-Lite: A lightweight identity-based cryptography for body sensor networks. IEEE Trans. Inf. Technol. Biomed. 2009, 13, 926–932. [Google Scholar] [CrossRef]
  136. Jordan, S.P.; Liu, Y.K. Quantum cryptanalysis: Shor, grover, and beyond. IEEE Secur. Priv. 2018, 16, 14–21. [Google Scholar] [CrossRef]
  137. Kumar, A.; Bhatia, S.; Kaushik, K.; Gandhi, S.M.; Devi, S.G.; Pacheco, D.A.D.J.; Mashat, A. Survey of promising technologies for quantum drones and networks. IEEE Access 2021, 9, 125868–125911. [Google Scholar] [CrossRef]
  138. Alagic, G.; Alagic, G.; Apon, D.; Cooper, D.; Dang, Q.; Dang, T.; Kelsey, J.; Lichtinger, J.; Liu, Y.K.; Miller, C.; et al. Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process; NIST: Gaithersburg, MD, USA, 2022. [Google Scholar]
  139. Fernández-Caramés, T.M. From pre-quantum to post-quantum IoT security: A survey on quantum-resistant cryptosystems for the Internet of Things. IEEE Internet Things J. 2019, 7, 6457–6480. [Google Scholar] [CrossRef]
  140. Bernstein, D.J.; Lange, T. Post-quantum cryptography. Nature 2017, 549, 188–194. [Google Scholar] [CrossRef]
  141. Halak, B.; Gibson, T.; Henley, M.; Botea, C.B.; Heath, B.; Khan, S. Evaluation of performance, energy, and computation costs of quantum-attack resilient encryption algorithms for embedded devices. IEEE Access 2024, 12, 8791–8805. [Google Scholar] [CrossRef]
  142. McEliece, R.J. A public-key cryptosystem based on algebraic. Coding Thv 1978, 4244, 114–116. [Google Scholar]
  143. Berlekamp, E. Goppa codes. IEEE Trans. Inf. Theory 2003, 19, 590–592. [Google Scholar] [CrossRef]
  144. Kumar, M. Post-quantum cryptography Algorithm’s standardization and performance analysis. Array 2022, 15, 100242. [Google Scholar] [CrossRef]
  145. Sandanamudi, P.K.; Agrawal, N.; Tripathi, N.; BN, P.K. Securing UAV Communications: A Comparative Performance Analysis of Post-Quantum Cryptographic Techniques. In Proceedings of the 2025 17th International Conference on COMmunication Systems and NETworks (COMSNETS), Bengaluru, India, 6–10 January 2025; pp. 1096–1101. [Google Scholar]
  146. Pradhan, P.K.; Rakshit, S.; Datta, S. Lattice based cryptography: Its applications, areas of interest & future scope. In Proceedings of the 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC), Erode, India, 27–29 March 2019; pp. 988–993. [Google Scholar]
  147. Hoffstein, J.; Pipher, J.; Silverman, J.H. NTRU: A ring-based public key cryptosystem. In Proceedings of the International Algorithmic Number Theory Symposium, Portland, OR, USA, 21–25 June 1998; Springer: Berlin/Heidelberg, Germany, 1998; pp. 267–288. [Google Scholar]
  148. Alkim, E.; Ducas, L.; Pöppelmann, T.; Schwabe, P. Post-quantum key {Exchange—A} new hope. In Proceedings of the 25th USENIX Security Symposium (USENIX Security 16), Austin, TX, USA, 10–12 August 2016; pp. 327–343. [Google Scholar]
  149. Lamport, L. Constructing Digital Signatures from a One Way Function; SRI International: Menlo Park, CA, USA, 1979. [Google Scholar]
  150. Merkle, R.C. A digital signature based on a conventional encryption function. In Advances in Cryptology—CRYPTO ’87, Proceedings of the Conference on the Theory and Application of Cryptographic Techniques, Amsterdam, The Netherlands, 13–15 April 1987; Springer: Berlin/Heidelberg, Germany, 1998; pp. 369–378. [Google Scholar]
  151. Aissaoui, R. Assessment and Optimization of Post-Quantum Cryptographic Protocols for Civil UAV Communications. Ph.D. Thesis, Ecole Nationale Aviation Civile, Toulouse, France, 2024. [Google Scholar]
  152. Courtois, N.T. The security of hidden field equations (HFE). In Topics in Cryptology—CT-RSA 2001, Proceedings of the Cryptographers’ Track at RSA Conference 2001, San Francisco, CA, USA, 8–12 April 2001; Springer: Berlin/Heidelberg, Germany, 2001; pp. 266–281. [Google Scholar]
  153. Rostovtsev, A.; Stolbunov, A. Public-key cryptosystem based on isogenies. Cryptol. ePrint Arch. 2006. [Google Scholar]
  154. Childs, A.; Jao, D.; Soukharev, V. Constructing elliptic curve isogenies in quantum subexponential time. J. Math. Cryptol. 2014, 8, 1–29. [Google Scholar] [CrossRef]
  155. Costello, C.; Longa, P.; Naehrig, M. Efficient algorithms for supersingular isogeny Diffie-Hellman. In Advances in Cryptology–CRYPTO 2016, Proceedings of the 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, 14–18 August 2016; Proceedings, Part I 36; Springer: Berlin/Heidelberg, Germany, 2016; pp. 572–601. [Google Scholar]
  156. Abdulhae, O.T.; Mandeep, J.S.; Islam, M. Cluster-based routing protocols for flying ad hoc networks (FANETs). IEEE Access 2022, 10, 32981–33004. [Google Scholar] [CrossRef]
  157. Liu, J.; Yuan, L. Key management technology analysis based on UAV cluster communication security. In Proceedings of the International Conference on Network Communication and Information Security (ICNCIS 2021), Sanya, China, 3–5 December 2021; Volume 12175, pp. 127–132. [Google Scholar]
  158. Mehmood, A.; Iqbal, Z.; Shah, A.A.; Maple, C.; Lloret, J. An intelligent cluster-based communication system for multi-unmanned aerial vehicles for searching and rescuing. Electronics 2023, 12, 607. [Google Scholar] [CrossRef]
  159. Zhang, X.; Wang, Y.L.; Byun, H. Divisive hierarchical clustering for energy saving and latency reduction in UAV-assisted WSANs. EURASIP J. Wirel. Commun. Netw. 2025, 2025, 2. [Google Scholar] [CrossRef]
  160. Tummala, V.M.R.; Hazra, A.; Kalita, A.; Gurusamy, M. Cluster Based Pseudo Hierarchical Decentralized Federated Learning in UAV Networks. In Proceedings of the 2024 IEEE 100th Vehicular Technology Conference (VTC2024-Fall), Washington, DC, USA, 7–10 October 2024; pp. 1–5. [Google Scholar]
  161. Tran, T.N.; Nguyen, T.L.; Hoang, V.T.; Voznak, M. Sensor clustering using a K-means algorithm in combination with optimized unmanned aerial vehicle trajectory in wireless sensor networks. Sensors 2023, 23, 2345. [Google Scholar] [CrossRef] [PubMed]
  162. Yuan, L.; Feng, Z.; Zhang, C.; Ji, H. Cross-platform UAV swarm key management in denied environments. Appl. Sci. 2023, 13, 8918. [Google Scholar] [CrossRef]
  163. Lv, Z.; Qiao, L.; Hossain, M.S.; Choi, B.J. Analysis of using blockchain to protect the privacy of drone big data. IEEE Netw. 2021, 35, 44–49. [Google Scholar] [CrossRef]
  164. Harbi, Y.; Medani, K.; Gherbi, C.; Senouci, O.; Aliouat, Z.; Harous, S. A systematic literature review of blockchain technology for Internet of Drones security. Arab. J. Sci. Eng. 2023, 48, 1053–1074. [Google Scholar] [CrossRef]
  165. Decent Cybersecurity. Decentralized Drone Identity Management: Securing the Skies with Blockchain Technology. 2024. Available online: https://decentcybersecurity.eu/decentralized-drone-identity-management-securing-the-skies-with-blockchain-technology/ (accessed on 10 June 2025).
  166. Lee, S.W.; Safkhani, M.; Le, Q.; Ahmed, O.H.; Hosseinzadeh, M.; Rahmani, A.M.; Bagheri, N. Designing secure PUF-based authentication protocols for constrained environments. Sci. Rep. 2023, 13, 21702. [Google Scholar] [CrossRef]
  167. Zhang, L.; Xu, J.; Obaidat, M.S.; Li, X.; Vijayakumar, P. A PUF-based lightweight authentication and key agreement protocol for smart UAV networks. IET Commun. 2022, 16, 1142–1159. [Google Scholar] [CrossRef]
  168. Karmakar, R.; Kaddoum, G.; Akhrif, O. A PUF and fuzzy extractor-based UAV-ground station and UAV-UAV authentication mechanism with intelligent adaptation of secure sessions. IEEE Trans. Mob. Comput. 2023, 23, 3858–3875. [Google Scholar] [CrossRef]
  169. Irshad, A.; Alzahrani, B.A.; Albeshri, A.; Alsubhi, K.; Nayyar, A.; Chaudhry, S.A. SPAKE-DC: A secure PUF enabled authenticated key exchange for 5G-based drone communications. IEEE Trans. Veh. Technol. 2023, 73, 5770–5780. [Google Scholar] [CrossRef]
  170. Wang, D.; Cao, Y.; Lam, K.Y.; Hu, Y.; Kaiwartya, O. Authentication and key agreement based on three factors and PUF for UAVs-assisted post-disaster emergency communication. IEEE Internet Things J. 2024, 11, 20457–20472. [Google Scholar] [CrossRef]
  171. National Institute of Standards and Technology. NIST Lightweight Cryptography Standard: ASCON. 2023. Available online: https://csrc.nist.gov/Projects/lightweight-cryptography/finalists/ascon (accessed on 13 July 2025).
  172. Kuznetsov, O.; Kandiy, S.; Frontoni, E.; Smirnov, O. Trade-offs in Post-Quantum Cryptography: A Comparative Assessment of BIKE, HQC, and Classic McEliece. In Proceedings of the CQPC, Salt Lake City, UT, USA, 8 October 2023; pp. 1–11. [Google Scholar]
  173. Turnip, T.N.; Andersen, B.; Vargas-Rosales, C. Towards 6G Authentication and Key Agreement Protocol: A Survey on Hybrid Post Quantum Cryptography. IEEE Commun. Surv. Tutor. 2025. [Google Scholar] [CrossRef]
  174. Nair, A.S.; Thampi, S.M.; Jafeel, V. A post-quantum secure PUF based cross-domain authentication mechanism for Internet of drones. Veh. Commun. 2024, 47, 100780. [Google Scholar] [CrossRef]
  175. Conrad, A.; Cochran, R.; Sanchez-Rosales, D.; Isaac, S.; Javid, T.; Rezaei, T.; Schroeder, A.; Golba, G.; Gutha, A.; Wilens, B.; et al. Drone-and Vehicle-Based Quantum Key Distribution. arXiv 2025, arXiv:2505.17587. [Google Scholar]
  176. National Institute of Standards and Technology (NIST). Post-Quantum Cryptography Standardization. 2025. Available online: https://csrc.nist.gov/projects/post-quantum-cryptography (accessed on 10 June 2025).
  177. Khan, W.U.; Lagunas, E.; Ali, Z.; Javed, M.A.; Ahmed, M.; Chatzinotas, S.; Ottersten, B.; Popovski, P. Opportunities for physical layer security in UAV communication enhanced with intelligent reflective surfaces. IEEE Wirel. Commun. 2022, 29, 22–28. [Google Scholar] [CrossRef]
  178. Abduljabbar, Z.A.; Nyangaresi, V.O.; Ma, J.; Al Sibahee, M.A.; Khalefa, M.S.; Honi, D.G. MAC-based symmetric key protocol for secure traffic forwarding in drones. In Future Access Enablers for Ubiquitous and Intelligent Infrastructures, Proceedings of the 6th EAI International Conference, FABULOUS 2022, Virtual Event, 4 May 2022; Springer: Cham, Switzerland, 2022; pp. 16–36. [Google Scholar]
  179. Swinney, C.J.; Woods, J.C. A review of security incidents and defence techniques relating to the malicious use of small unmanned aerial systems. IEEE Aerosp. Electron. Syst. Mag. 2022, 37, 14–28. [Google Scholar] [CrossRef]
  180. Abdulrazak, C. Cybersecurity Threat Analysis and Attack Simulations for Unmanned Aerial Vehicle Networks. arXiv 2024, arXiv:2404.16842. [Google Scholar] [CrossRef]
  181. Dharmalingam, B.; Mukherjee, R.; Piggott, B.; Feng, G.; Liu, A. Aero-LLM: A Distributed Framework for Secure UAV Communication and Intelligent Decision-Making. arXiv 2025, arXiv:2502.05220. [Google Scholar]
  182. Gandhi, M.; Mulay, C.; Durai, K.; Murali, G.; Masood, J.A.I.S.; Vijayarajan, V.; Gautam, K.; Chakravarthy, N.K.; Kumar, S.S.; Agarwal, S.; et al. Quantum blockchain: Trends, technologies, and future directions. IET Quantum Commun. 2024, 5, 516–542. [Google Scholar] [CrossRef]
  183. Chen, J.; Feng, Z.; Wen, J.Y.; Liu, B.; Sha, L. A container-based DoS attack-resilient control framework for real-time UAV systems. In Proceedings of the 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 9–13 March 2019; pp. 1222–1227. [Google Scholar]
  184. Alhawi, O.M.; Mustafa, M.A.; Cordiro, L.C. Finding security vulnerabilities in unmanned aerial vehicles using software verification. In Proceedings of the 2019 International Workshop on Secure Internet of Things (SIOT), Luxembourg, 26 September 2019; pp. 1–9. [Google Scholar]
  185. Aldossary, M.; Alzamil, I.; Almutairi, J. Enhanced Intrusion Detection in Drone Networks: A Cross-Layer Convolutional Attention Approach for Drone-to-Drone and Drone-to-Base Station Communications. Drones 2025, 9, 46. [Google Scholar] [CrossRef]
  186. Malik, N.; Sinha, H.; Dahiya, M. Security in UAV ecosystem: An implementation perspective. Sigma J. Eng. Nat. Sci. 2024, 42, 1986–1994. [Google Scholar] [CrossRef]
  187. Tan, X.; Zuo, Z.; Su, S.; Guo, X.; Sun, X. Research of security routing protocol for UAV communication network based on AODV. Electronics 2020, 9, 1185. [Google Scholar] [CrossRef]
  188. Ouadah, M.; Merazka, F. Securing UAV communication: Authentication and integrity. In Proceedings of the 2024 11th International Conference on Wireless Networks and Mobile Communications (WINCOM), Leeds, UK, 23–25 July 2024; pp. 1–7. [Google Scholar]
  189. Banerjee, B.; Neogy, S. Study and Analysis of the Recent Trends for Security Mechanisms in Mobile Adhoc Network. In Proceedings of the International Conference on Security, Surveillance and Artificial Intelligence (ICSSAI-2023), Kolkata, India, 1–2 December 2024; pp. 23–32. [Google Scholar]
  190. Park, M.; Lee, S.; Lee, S. Dynamic topology reconstruction protocol for uav swarm networking. Symmetry 2020, 12, 1111. [Google Scholar] [CrossRef]
  191. Shah, S.F.A.; Mazhar, T.; Al Shloul, T.; Shahzad, T.; Hu, Y.C.; Mallek, F.; Hamam, H. Applications, challenges, and solutions of unmanned aerial vehicles in smart city using blockchain. PeerJ Comput. Sci. 2024, 10, e1776. [Google Scholar] [CrossRef] [PubMed]
  192. Chittoor, P.K.; Chokkalingam, B.; Mihet-Popa, L. A review on UAV wireless charging: Fundamentals, applications, charging techniques and standards. IEEE Access 2021, 9, 69235–69266. [Google Scholar] [CrossRef]
  193. Mohsan, S.A.H.; Othman, N.Q.H.; Li, Y.; Alsharif, M.H.; Khan, M.A. Unmanned aerial vehicles (UAVs): Practical aspects, applications, open challenges, security issues, and future trends. Intell. Serv. Robot. 2023, 16, 109–137. [Google Scholar] [CrossRef]
  194. Al Farsi, A.S.; Khan, A.; Mughal, M.R.; Bait-Suwailam, M. Privacy and Security Challenges in Federated Learning for UAV Systems: A Comprehensive Review. Secur. Priv. 2024. [Google Scholar] [CrossRef]
  195. Zolfaghari, B.; Abbasmollaei, M.; Hajizadeh, F.; Yanai, N.; Bibak, K. Secure UAV (drone) and the great promise of AI. ACM Comput. Surv. 2024, 56, 286. [Google Scholar] [CrossRef]
  196. Wang, Y.; Su, Z.; Ni, J.; Zhang, N.; Shen, X. Blockchain-empowered space-air-ground integrated networks: Opportunities, challenges, and solutions. IEEE Commun. Surv. Tutor. 2021, 24, 160–209. [Google Scholar] [CrossRef]
  197. Liu, W.; Wang, J.; Xing, H.; Jin, Z.; Zhang, X.; Shen, Y. Blockchain-empowered space-air-ground integrated networks for remote internet of things. In Proceedings of the 2023 IEEE/CIC International Conference on Communications in China (ICCC), Dalian, China, 10–12 August 2023; pp. 1–6. [Google Scholar]
  198. Wang, Y.; Pan, Y.; Su, Z.; Deng, Y.; Zhao, Q.; Du, L.; Luan, T.H.; Kang, J.; Niyato, D. Large model based agents: State-of-the-art, cooperation paradigms, security and privacy, and future trends. IEEE Commun. Surv. Tutor. 2025. [Google Scholar] [CrossRef]
  199. Guo, T.; Chen, X.; Wang, Y.; Chang, R.; Pei, S.; Chawla, N.V.; Wiest, O.; Zhang, X. Large language model based multi-agents: A survey of progress and challenges. arXiv 2024, arXiv:2402.01680. [Google Scholar] [CrossRef]
  200. Anonymous. RTOS vs Bare-Metal for Drones: Choosing the Right Software Architecture in 2025. 2025. Available online: https://promwad.com/news/rtos-vs-bare-metal-drones (accessed on 26 June 2025).
Drones 09 00583 g001
Figure 1. Multilayer security focus areas for UAV communications: lightweight encryption, post-quantum cryptography, trust mechanisms, application suitability, key management schemes, and a multilayer security framework.
Figure 1. Multilayer security focus areas for UAV communications: lightweight encryption, post-quantum cryptography, trust mechanisms, application suitability, key management schemes, and a multilayer security framework.
Drones 09 00583 g001
Drones 09 00583 g002
Figure 2. Organizational structure of the UAV communication security survey.
Figure 2. Organizational structure of the UAV communication security survey.
Drones 09 00583 g002
Drones 09 00583 g003
Figure 3. Security threats mapped to the five-layer OSI model for UAV networks.
Figure 3. Security threats mapped to the five-layer OSI model for UAV networks.
Drones 09 00583 g003
Drones 09 00583 g004
Figure 4. Key challenges in lightweight cryptography and the corresponding evaluation metrics they impose.
Figure 4. Key challenges in lightweight cryptography and the corresponding evaluation metrics they impose.
Drones 09 00583 g004
Drones 09 00583 g005
Figure 5. Trade-offs involved in designing and implementing lightweight cryptographic algorithms.
Figure 5. Trade-offs involved in designing and implementing lightweight cryptographic algorithms.
Drones 09 00583 g005
Drones 09 00583 g006
Figure 6. Most important security services required in UAVs.
Figure 6. Most important security services required in UAVs.
Drones 09 00583 g006
Drones 09 00583 g007
Figure 7. Categories of lightweight cryptographic primitives.
Figure 7. Categories of lightweight cryptographic primitives.
Drones 09 00583 g007
Drones 09 00583 g008
Figure 8. Basic types of block ciphers based on internal structure.
Figure 8. Basic types of block ciphers based on internal structure.
Drones 09 00583 g008
Drones 09 00583 g009
Figure 9. Different categories of post-quantum cryptographic methods.
Figure 9. Different categories of post-quantum cryptographic methods.
Drones 09 00583 g009
Drones 09 00583 g010
Figure 10. Post-quantum encryption systems in the NIST competition.
Figure 10. Post-quantum encryption systems in the NIST competition.
Drones 09 00583 g010
Drones 09 00583 g011
Figure 11. Overview of key management strategies in UAV networks.
Figure 11. Overview of key management strategies in UAV networks.
Drones 09 00583 g011
Drones 09 00583 g012
Figure 12. UAV application domains and their distinct security requirements.
Figure 12. UAV application domains and their distinct security requirements.
Drones 09 00583 g012
Table 1. Comparison of related survey works on UAV security topics.
Table 1. Comparison of related survey works on UAV security topics.
AuthorsYearFocusLWEKMPQCB/PMLSAPS
Abro et al. [2]2022UAV detection and security overview
Abdullayeva et al. [22]2023Comprehensive UAV cybersecurity analysis
Patel et al. [4]2025ASCON lightweight cryptography analysis
Mekdad et al. [21]2023Security and privacy issues across four levels
Khan et al. [7]2024PQC for UAVs
Felix [23]2023Internet of Drones security challenges
Rugo et al. [24]2022UAVNet threats and countermeasures
Tang [25]2021Cybersecurity vulnerabilities for UAM
Patel et al. [26]2022Systematic literature review on UAV security
Niyonsaba et al. [27]2022Systematic literature review on UAV security
Xia et al. [8]2024Kyber-based PQC authentication for UAVs
Hafeez et al. [10]2024Blockchain-based secure UAV communication (BETA-UAV)
Choi et al. [28]2025PUF-based secure key agreement for Internet of Drones
Tlili et al. [29]2024AI-enhanced UAV security and adaptive frameworks
Aissaoui et al. [30]2024Evaluation of PQC protocols for UAV networks
Gu et al. [31]2021UAV energy-efficient edge security with optimization
This Paper2025Secure communication in UAVs
Legend: ✓ = Fully Covered, ✗ = Not Covered. Abbreviations: LWE: Lightweight Encryption Techniques; KM: Key Management Schemes; PQC: Post-Quantum Cryptography; B/P: Blockchain/PUF Trust Mechanisms; MLS: Multilayer Security Framework; APS: Application Suitability.
Table 2. Comparative analysis of lightweight encryption and key management vs. other security technologies in UAV Networks.
Table 2. Comparative analysis of lightweight encryption and key management vs. other security technologies in UAV Networks.
Security TechniqueComputational CostEnergy EfficiencyScalabilityLatencyUAV SuitabilityAdvantagesLimitations
Traditional Encryption (RSA, ECC, AES-256) [32,33]HighModerate to LowLowModerateModerateHigh security, well studied, widely adoptedHigh computational and energy demands unsuitable for resource-constrained UAVs
Lightweight Encryption (AES, ChaCha20, ASCON) [4,34]Low to ModerateHighHighLowHighLightweight, energy efficient, suitable for constrained UAVsLower security margin compared to full-scale algorithms
Post-Quantum Cryptography (Kyber, NTRU) [7,35]Moderate to HighModerateModerateModerateEmergingQuantum resistant, future-proofHigher resource demands, integration complexity
Blockchain-based Security (Smart Contracts, Distributed Ledger) [36,37,38]HighLowHighHighContext dependentDecentralized trust, tamper resistant, multi-party validationLatency-sensitive, energy-intensive computations
Physical Unclonable Functions (PUFs) [11,39]LowHighModerateLowHighHardware-anchored trust, tamper-resistant identityRequires specialized hardware integration
Intrusion Detection Systems (IDS) [40,41]Moderate to HighModerateModerateModerateModerateReal-time threat detection, adaptableReactive approach, requires continuous monitoring
Secure Multi-Party Computation (MPC) [42,43]Very HighVery LowLowHighLowStrong confidentiality and data privacy guaranteesHigh computational overhead, unsuitable for real-time UAV networks
Federated Learning (FL) [44,45]Moderate to HighModerateHighModerateEmergingDecentralized learning, privacy-preserving threat modelingCommunication overhead, resource-intensive model training
Integrated Sensing and Communication (ISAC) [46,47]ModerateModerateHighLowHighUnified communication and sensing, rapid threat adaptationComplexity in implementation, requires advanced hardware integration
Table 3. Cryptographic countermeasures across OSI layers in UAV networks.
Table 3. Cryptographic countermeasures across OSI layers in UAV networks.
OSI LayerPrimary ThreatsCryptographic Defenses
Physical (L1)Eavesdropping, JammingTrivium, Grain-128a, Frequency hopping, Quantum resilience
Data Link (L2)MAC Spoofing, Frame InjectionASCON, Hash chains, Synchronized MACs
Network (L3)Sybil, Blackhole, Wormhole attacksBlockchain routing, ECC, Kyber
Transport (L4)DoS, End-to-End DisruptionAES-GCM, Ephemeral keys, Packet filtering
Application (L5)Command Injection, Data Tampering, Access ViolationsKyber, ECC Signatures, RBAC, Secure APIs
Cross-LayerMulti-layer Cascaded FailuresBlockchain + PUF, Secure boot, Dynamic key refresh
Table 4. Summary of threat landscape across OSI layers in UAV networks.
Table 4. Summary of threat landscape across OSI layers in UAV networks.
OSI LayerPrimary ThreatsCommon Attack VectorsImpact on UAV Operations
Physical (L1)Jamming, EavesdroppingRF interference, passive sniffingCommunication loss, mission disruption, control hijack
Data Link (L2)MAC spoofing, Frame injectionARP spoofing, fake control packets, DoS floodsIdentity theft, drone misrouting, premature grounding
Network (L3)Sybil, Blackhole, WormholeFake route advertisement, malicious relay tunnelsPacket loss, routing failure, drone isolation
Transport (L4)Session hijacking, DoSTCP flooding, replay attacks, connection resetCommand interception, session loss, delayed control
Application (L5)Command injection, Update tampering, Credential theftAPI misuse, OTA update spoofing, plaintext key accessUAV capture, data exfiltration, remote control takeover
Cross-LayerCoordinated disruption across L1–L5Synchronized jamming + flooding, timing manipulationCascade failure, swarm desynchronization, stealth attack masking
Table 5. Sample of studies addressing various UAV resource constraints.
Table 5. Sample of studies addressing various UAV resource constraints.
ApplicationConstraint TypeSummary
Reference Energy Communication Latency Memory CPU Power
[93]GeneralClassifies existing energy-efficient technologies for UAVs
[94]GeneralClassifies various energy optimization techniques and algorithms
[95]GeneralReviews the Energy Consumption Models in different flight scenarios
[96]GeneralCharacteristics of UAV communication networks and their issues
[97]GeneralInvestigates the blocklengths and UAV trajectory optimization
[98]GeneralA joint optimization of bandwidth, transmit power, and trajectory.
[99]GeneralA methodology for evaluating runtime memory, and timing.
[100]MultimediaA framework to maximize the amount of acquired and uploaded data
[101]Tracking, MappingAn approach to balance communication and computation energy
[102]DisasterA model to maximize computational efficiency under energy constraints
[103]SurveillanceMinimize decision-making latency considering UAV mobility
Legend: ✓ = constraint addressed; ✗ = not addressed.
Table 6. Key metrics for evaluating lightweight cryptography algorithms.
Table 6. Key metrics for evaluating lightweight cryptography algorithms.
MetricDefinitionUnit
CPU UtilizationThe percentage of CPU resources used by a process [33].percentage
CPU TimeThe amount of time the CPU spends executing a process [109].ms
ThroughputThe rate of producing new outputs (e.g., authentication tags or ciphertext) and obtained by total data processed divided by the total time taken to process it [4,105].bits/second
Key SizeThe length of the cryptographic key (e.g., 64-bit, 128-bit) [68].bytes
Code SizeThe amount of memory required for algorithm’s code [68].bytes
Area/bitRatio of the design area over the block size [104]. μ m 2
EBEnergy to encrypt one block [104].joules
EbEnergy to encrypt a single text bit [68,104].joules
PowerThe amount of power required by the circuit to process the algorithm [110].µW
TBTime to encrypt one block [104].ms
TbTime to encrypt a single text bit [104].ms
TcycleCycle time [104].ms
Peak Execution TimeThe maximum execution time observed across all instances of a specific process [4].ms
Average Execution TimeThe average execution time measured over all instances of a specific process [4].ms
Transfer SpeedThe number of packets transmitted per second [33].packets/s
Number of MessagesTotal number of messages exchanged among the UAV, control server, and user [112].count
Message SizeAverage size of messages sent during a process [107,112].bytes
Table 7. Sample of selected studies and the metrics they applied to evaluate lightweight cryptographic methods.
Table 7. Sample of selected studies and the metrics they applied to evaluate lightweight cryptographic methods.
ReferenceTime per OperationPeak Execution TimesAverage Execution TimesThroughputMemory UsageTransfer SpeedCPU UtilizationNumber of MessagesSize of MessagesEnergy ConsumptionCPU Time
[4]
[109]
[33]
[112]
[107]
[108]
Table 8. Indicative threshold ranges for lightweight cryptography metrics in UAV platforms.
Table 8. Indicative threshold ranges for lightweight cryptography metrics in UAV platforms.
MetricLow Overhead (Preferred)Moderate OverheadHigh Overhead (Challenging)
Code Size (ROM)<5 KB5–15 KB>15 KB
RAM Usage<1 KB1–5 KB>5 KB
Energy per Operation<0.1 mJ0.1–1 mJ>1 mJ
Latency per Operation<5 ms5–20 ms>20 ms
CPU Utilization<5%5–20%>20%
Message Size Increase<10%10–25%>25%
Table 9. Comparative specifications of lightweight cryptographic algorithms.
Table 9. Comparative specifications of lightweight cryptographic algorithms.
LWC AlgorithmKey SizeBlock SizeROM (KB)RAM (KB)Latency (Cycles/Block)Energy (μJ/bit)Throughput (Kbps)Area (GE)
PRINCE12864~10~3000–400014.470.82953
SIMON96480.20~6002.3323763
SPECK96480.20~4001.6470.5884
LEA128128~0.5<0.05~5000-97.83826
Hummingbird128/25616<2<0.1~4000–50006.213.8-
Hummingbird2128/25616<10.05~1500242.12159
Salsa20128/2565121.5<0.3~18,000 111.3
LEX9696~20~10,000 39.72562
SEA96960.5–2<0.05~40,000173.7473758
AES128/192/2561281–2.5<0.31000–600016.777.12400
PRESENT80/12864~1<0.05~11,0004523.71570
DES5664~4.508500–900029.631.32309
DESXL1846430~850034.530.4
DESL5464308000–850034.531.31848
Hight128640.4-5<0.05~3000–650025.580.33048
IDEA12864<1<0.3~3000–10,00010.894.8-
TEA12864~1<0.056000–700030.334.52355
XTEA128640.5–10~20,0007014.6-
PRIDE12864~0.20~15006169-
TWINE80/12864< 1.5< 0.5~8000 1782285
Table 10. Qualitative comparison of pre-deployed and dynamic key distribution schemes in UAV networks.
Table 10. Qualitative comparison of pre-deployed and dynamic key distribution schemes in UAV networks.
AttributePre-Deployed (Static) SchemesDynamic Schemes
ScalabilitySuitable for small or fixed topologiesScales efficiently for large and dynamic UAV swarms
SecurityVulnerable to key compromise; lacks forward secrecyResilient to compromise; supports forward secrecy
Quantum ResistanceNot inherently resistant to quantum attacksSupports the integration of post-quantum or QKD protocols
Energy/Latency OverheadLow computational and communication costModerate to high depending on the protocol design
FlexibilityPoor adaptability to dynamically changing topologiesHighly adaptive to dynamic or ad hoc networks
Implementation ComplexityLow; straightforward to implementHigher complexity due to real-time negotiation and rekeying
Table 11. PUF-Based security strategies for UAV threat mitigation.
Table 11. PUF-Based security strategies for UAV threat mitigation.
Threat ModelPUF-Based Mitigation Strategy
Node CaptureNo static key storage; responses generated dynamically on-demand
Cloning AttacksPhysical randomness prevents duplication across devices
EavesdroppingNon-deterministic challenge-response mappings resist inference
Hardware TamperingAltered circuit behavior degrades PUF reliability and invalidates authentication
Table 12. Threat-to-solution mapping with engineering context across OSI layers in UAV networks.
Table 12. Threat-to-solution mapping with engineering context across OSI layers in UAV networks.
OSI LayerSection 3 ThreatsSection 7 Solutions with Engineering Context
Physical (L1)Jamming, eavesdroppingFrequency hopping (adaptive channel switching, requires 1–5 ms switching latency), RIS-based beamforming (low-power passive arrays), trajectory planning to maintain LoS and SNR [48,49,50,177]
MAC (L2)Spoofing, replay, frame injectionASCON AEAD (authenticated encryption with 128-bit key, <200 cycles/block), hash chain sync (requires 8–16B state memory), synchronized MACs with nonce caching (RAM < 1 KB), detection rules in firmware-based IDS [4,23,178]
Network (L3)Routing manipulation, Sybil, WormholeBETA-UAV blockchain (smart contract overhead  7% CPU), PUF-linked certificates (16-bit challenge-response pairs), decentralized trust scoring (requires historical mobility logs), graph anomaly detection in dynamic routing tables [10,25,28,181]
Transport (L4)Session hijacking, DoS, floodingASCON and Kyber AEAD (CPU < 10% for key exchange), AES-GCM fallback for legacy systems, DoS-aware socket throttling, containerization with 512 MB overhead per microservice [24,182,183]
Application (L5)Command injection, firmware tampering, credential theftECC signatures (256-bit ECDSA, 2.1 ms signing time), Kyber-ECIES hybrid (1.2 KB ciphertext), RBAC enforced via role tags in MQTT headers, token-authenticated REST APIs secured with TLS 1.3 [21,25,145]
Cross-LayerCascading attacks, identity misusePUF hardware binding (error correction code overhead  5%), blockchain-based ID anchors, adaptive rekeying protocols (rekey every 10 min or triggered by anomaly flag), CNN-based cross-layer IDS with 92% detection accuracy [185,186]
Table 13. Expanded APS matrix: security mechanism and operational requirement suitability across UAV application domains.
Table 13. Expanded APS matrix: security mechanism and operational requirement suitability across UAV application domains.
Application DomainLWEKMPQCB/PMLSBCIDTD
Precision AgricultureMediumMediumLowLowMediumHighLowLow
Disaster ResponseHighHighMediumMediumHighMediumHighHigh
Logistics & DeliveryHighHighMediumMediumHighMediumMediumMedium
Environmental MonitoringMediumMediumLowLowMediumHighMediumLow
Search & RescueHighHighMediumMediumHighMediumHighMedium
Infrastructure InspectionMediumMediumLowLowMediumMediumHighLow
LWE: Lightweight Encryption Techniques; KM: Key Management Schemes; PQC: PQC; B/P: Blockchain or PUF Trust Mechanisms; MLS: Multilayer Security Framework; BC: Battery Constraint; ID: Interoperability Demand; TD: Trust Decentralization Need.
Table 14. Comparison of UAV application domains based on key operational metrics.
Table 14. Comparison of UAV application domains based on key operational metrics.
Application DomainLatency SensitivityCoverage RequirementEnergy ConstraintReliability Requirement
Precision AgricultureLowLong-Range (Rural)HighMedium
Disaster ResponseHighDynamic/MobileMediumVery High
Logistics & DeliveryHighUrban CorridorMediumHigh
Environmental MonitoringLowWide-Area/RemoteVery HighMedium
Search & RescueVery HighTerrain-DependentMediumVery High
Infrastructure InspectionMediumLinear InfrastructureMediumHigh
Table 15. Summary of current limitations and emerging research directions for UAV communication security.
Table 15. Summary of current limitations and emerging research directions for UAV communication security.
Challenge AreaProblem SummaryResearch Direction / Solution
Secure Rekeying in SwarmsFrequent topology changes and synchronization overhead in UAV swarmsLightweight group key management and event-triggered, self-healing rekeying schemes for autonomous coordination
Cross-Layer and Coordinated AttacksAttacks span multiple protocol layers; existing defenses are siloedIntegrated, full-stack security with AI-enhanced intrusion detection and cross-layer threat correlation
Lack of Security StandardsAbsence of UAV-specific cryptographic and interoperability guidelinesDevelopment of unified standards for lightweight cryptography, PQC, and identity management tailored to UAVs
PQC DeploymentHigh computational and memory cost of PQC algorithms on embedded systemsHybrid cryptography (e.g., Kyber+ECDH), hardware acceleration (FPGAs, ASICs), and lightweight PQC variants
Energy-Efficient SecurityCryptographic operations consume significant battery and processing resourcesContext-aware cipher switching, energy profiling, and reinforcement learning for adaptive security management
Physical Layer SecurityEnvironmental interference and signal degradation in urban and non-LoS conditionsUse of beamforming, cooperative relaying, RIS, and frequency agility to enhance signal robustness
Data Privacy ComplianceUAVs collect sensitive data, often without built-in privacy safeguardsDifferential privacy, homomorphic encryption, and GDPR/CCPA-aligned transmission protocols
AI-Based Security ManagementML models may be vulnerable to adversarial examples and data poisoningRobust and explainable AI models integrated with secure embedded firmware and tamper-proof inference
Space–Air–Ground IntegrationHeterogeneous latency, trust models, and synchronization issues across satellite, aerial, and terrestrial linksLightweight blockchain-based trust, cross-layer identity protocols, and secure routing for SAGIN integration
Large Model-Based OptimizationHigh resource requirements and latency in deploying large AI models onboard UAVsFederated learning, lightweight model distillation, and hybrid edge–cloud inference for secure decision-making
Deployment ConstraintsLack of integration paths for algorithms into real UAV hardware/softwareHardware-software co-design, secure RTOS integration, and testbeds on STM32/Pixhawk platforms
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Sarkar, S.; Shafaei, S.; Jones, T.S.; Totaro, M.W. Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques. Drones 2025, 9, 583. https://doi.org/10.3390/drones9080583

AMA Style

Sarkar S, Shafaei S, Jones TS, Totaro MW. Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques. Drones. 2025; 9(8):583. https://doi.org/10.3390/drones9080583

Chicago/Turabian Style

Sarkar, Sayani, Sima Shafaei, Trishtanya S. Jones, and Michael W. Totaro. 2025. "Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques" Drones 9, no. 8: 583. https://doi.org/10.3390/drones9080583

APA Style

Sarkar, S., Shafaei, S., Jones, T. S., & Totaro, M. W. (2025). Secure Communication in Drone Networks: A Comprehensive Survey of Lightweight Encryption and Key Management Techniques. Drones, 9(8), 583. https://doi.org/10.3390/drones9080583

Article Metrics

Back to TopTop