Lightweight Mutual Authentication Scheme Enabled by Stateless Blockchain for UAV Networks

)e UAV network composed of resource-constrained lightweight UAV swarms can efficiently accomplish mission with time critical requirements in dynamic and complex environments. However, the trusted authentication of network nodes poses a huge challenge due to its own resource constraints, the lack of trusted centralized support, frequent joining or departure of UAVs to or from the network, and the presence of cyber-attacks. In this paper, we propose a stateless blockchain based on triple aggregatable subvector commitment and present a dynamic proof of trust authorization consensus mechanism with a periodic random selection of authorized nodes to guarantee the trustworthiness of mutual authentication of UAV nodes. Our proposed triple vector authentication solution solves several of the challenges mentioned above very well. )e extensive experiments demonstrate that our blockchain-based authentication scheme enjoins significant advantages over the four schemes currently available for UAV network authentication in terms of single authentication latency, speed of energy consumption, average computational cost, and end-to-end latency.


Introduction
e UAV network is a mission-oriented, temporary mobile self-organizing network, consisting of a fleet of lightweight UAVs that collaborate with each other at low cost; with distributed, equal, and destruction-resistant characteristics, all drones are linked as peer entities, both as data processing hosts and to undertake message routing and forwarding functions, interdrone communication without base station forwarding, to complete data transmission in a multi-hop manner, capable of complex environments, and high timeliness. It has a wide range of practical applications, such as joint search and rescue, environmental surveys, emergency communications, and military missions. Lightweight UAV nodes have the advantage of efficient networking and easy deployment, but at the cost of limited resources in terms of energy supply, storage, and computing power, which makes UAV networks a special type of mobile self-organized networks and face more complex network threats than MANETs [1,2].
Firstly, the use of wireless links makes the UAV network more vulnerable to attacks launched from the links, which can come from all directions, and any node can be targeted. Ways of compromise include revealing secret information, jamming information, and impersonating nodes. Each node therefore needs to be in direct or indirect contact with the adversary. Further, the autonomy of nodes in UAV networks, operating in an unpredictable environment, increases the risk of nodes being captured, compromised, and hijacked, and thus in addition to being subject to external attacks, attacks launched from within by compromised nodes are more difficult to detect and more dangerous. erefore, the operation of any node must adhere to a certain pattern rather than immediately trusting its peers. Finally, the mobility of UAVs, complex mission environments, and mission needs all make UAVs frequent access to the network, resulting in dynamic changes in UAV network topology and size, leading to a network with no clear defensive boundaries and statically configured security solutions that are not applicable. At the same time, invalid network node information leads to increased end-to-end latency and higher routing costs, increasing the number of mutual communication failures and reducing the overall performance of the network.
In conclusion, mission UAV networks in complex and unknown environments are inherently very vulnerable and dynamic, and such characteristics bring new challenges to their security defense. It is necessary to build a lightweight and trusted global trust platform on UAV networks to achieve efficient authentication and key management to secure UAV networks, while also meeting the requirements of real-time, robustness, and dynamic adaptability of ad hoc mission networks.
As a special mobile self-organizing network, the nodes of the UAV network are mainly authenticated based on the threshold secret sharing technology authentication mode, certificate chain authentication, blockchain-based authentication mode, and stateless blockchain based on the cryptographic accumulator method, but due to the limited resources of the UAV network, the dynamic nature of these methods are not good enough to meet the needs in terms of computing, bandwidth, storage, and energy supply.
In the stateless authentication blockchain recommended in this paper, UAV nodes establish the local trust degree of neighboring nodes by monitoring each other's forwarding behavior with neighboring nodes. e network periodically performs data consensus on the local trust degree of the authorized agent node group and completes a decision consensus based on this; i.e., it counts the global trust degree of nodes, elects a new round of authorized agent groups, and resets the three-vector commitment weights. A new block is created with the decision consensus result, and the UAV blockchain network system is updated. rough the identity vector commitment in the new block, untrustworthy nodes are identified and isolated from the network, maximizing the availability and trustworthiness of the network nodes actually involved in the mission and enabling a new round of UAV identity authentication. e decision consensus result is stored in the blockchain, while local trust transactions as data consensus can be discarded after the decision consensus is reached and do not need to be on the chain, so the identity blockchain for UAVs is stateless and lightweight for fast authentication of inter-UAV communication.
e main contributions of this work are as follows: (i) First, we introduce the new concept of triple vector commitment stateless blockchain in UAV networks.
Using an aggregatable subvector commitment technology, the blockchain only records the dynamic changes of identity commitments in triple vectors instead of every authentication transaction. is not only enables lightweight blockchain storage, but also avoids the massive amount of recalculation in individual vector commitment due to membership changes. It greatly reduces the computational and communication overhead incurred by UAVs frequently entering and leaving the network and the isolation of untrustworthy nodes.
(ii) Second, we propose a novel dynamic multicenter trust authorization proof consensus mechanism, where a set of agent nodes are periodically elected as a blockchain consensus committee among all UAVs that have been registered to the mission network. e committee members are randomly and dynamically replaced periodically to sense the UAV flight dynamics in real time and monitor the nodes' reports on the abnormal forwarding behavior of their own neighboring nodes. New block generation and consensus are either achieved periodically or triggered to complete in time according to node identity status changes.
is not only ensures consensus efficiency, but also significantly reduces the risk of blockchain consensus master nodes being tracked and locked, and improves the security of the consensus process. (iii) ird, we propose the method of local mutual authentication of blockchain nodes. In each period of the blockchain, any node of the UAV network is a peer-to-peer full node. e UAVs only need to provide their own commitment witness to achieve localized two-way authentication which only involves giving the existence of vector commitment instead of traversing the whole blockchain. is reduces both the computational and communication complexities of UAV mutual authentication to a constant level. (iv) We compare our scheme with several major existing MANET node authentication schemes, including remote direct anonymous authentication, threshold key sharing authentication, certificate-coin authentication by blockchain token method, and blockchain authentication based on cryptographic accumulator. e extensive experimental results demonstrate that our proposed scheme outperforms other competitive schemes in terms of single-step authentication latency, energy consumption, authentication computational overhead, and end-toend latency. e rest of paper is organized as follows. e related work is discussed in Section 2. e system model, including the network model, the threat model, and the blockchain model, is elaborated in Section 3. Section 4 describes the design details of our proposed vector commitment-based lightweight authentication scheme for stateless blockchains. In Section 5, the safety certification and performance analysis on our proposed scheme are conducted. Simulation results and analysis are illustrated in Section 6. Finally, the conclusion is presented in Section 7.

Related Works
For the distributed, self-organized, and autonomous characteristics of self-organized networks, according to different application models, domestic and international research mainly includes the authentication model based on threshold secret sharing technology [3], certificate chain-based authentication, and blockchain-based authentication model.
In [4], the UAV remotely connects to the control center via a 4G wireless network using direct anonymous attestation (DAA) for remote authentication. However, this method requires the support of a remote center and is not very scalable. Using the threshold secret sharing technique, [5] proposed a distributed certificate-based authentication model where the certificate is partitioned into n shares, a share is allocated to the node acting as a distributed certificate authority (D-CA), and t of these shares are collected at authentication time to reconstruct the certificate. In the scheme proposed by Yi and Krave [6], the node uses flooding to send a certificate request (CREQ) and the D-CA responds with a certificate reply (CREP) as a response. e successful collection of t copies of the certificate shares node, and the user reconstructs the complete certificate. A valid certificate indicates successful authentication. is approach increases the communication overhead of the network and does not protect against black hole attacks launched by resourcepowered malicious nodes. [7][8][9] proposed to apply identity-based public key cryptosystems to MANETs, introducing distributed cryptography to propose a fully distributed identity-based scheme, and each node performs the process of issuing and managing certificates and maintains a certificate repository. e nodes complete mutual authentication through the chain of authentication formed by the certificate repository. e advantage is that there is no need for a certification center to authorize the management of worker certificates, avoiding the risk of a single point of failure. But the introduction of private key generators (PKGs) caused key escrow problems and the risk of impersonation attacks. Certificates and identities cannot be bound, and malicious nodes can impersonate other nodes to join the network at will. In addition, the inconsistency of the certificate chain of each node also leads to authentication failure, and the certificate repository management and maintenance costs of the nodes increase with the expansion of the network scale.
is is difficult to achieve for resource-constrained UAV nodes.
Certificate-less public key passwords [10] are an improvement on identity ID-based public key passwords, and [11][12][13][14] combined threshold cryptography with certificateless public key passwords in the MANET authentication model. However, the security of the system master key relies on the absolute security and reliability of the distributed server, and in addition, there is a risk of man-in-the-middle attacks during key negotiation. Most of the schemes in the above literature use bilinear pairing, which provides good security, but their high operational complexity results in these schemes not being lightweight; key distribution mostly requires the establishment of a secure channel. Ad hoc, highly dynamic UAV networks cannot be provided.
Blockchain-based decentralized authentication uses the tamper-evident and traceable nature of the blockchain to store information such as identity and public key. e process of authentication traverses the blockchain to query the certificate, then checks whether the public key belongs to its declared identity, and finally sends a challenge message to determine whether the other party holds a matching private key by verifying the digital signature. [15] proposed authentication and key management mechanisms to achieve security of heterogeneous drones through the combination of transaction chain and blockchain, but the scheme requires that the drones as cluster head must have sufficient resources and act as the full node role of the blockchain, so there is still the risk of local single point of failure, which cannot guarantee the security of the full node of the cluster head itself, and the nonstop growth of the blockchain shared ledger makes the section face problems such as "storage bloat" and reduced authentication efficiency.
Researchers [16,17] used blockchain technology to improve the public key infrastructure (PKI) authentication technology. Distributed PKI authentication is implemented to avoid the problems of single point of failure and certificate transparency in traditional PKI, and to effectively address the inefficiency of using the method of traversing the blockchain to query certificate authentication and the increasing storage overhead as the size of the blockchain grows. By combining blockchain and dynamic accumulator, a blockchain PKI model that can update certificates in bulk is constructed, thus improving the efficiency of authentication. e model can efficiently add, revoke, and renew user certificates. However, the consensus of the blockchain until the transaction is on the chain confirms that the authentication is successful, which makes the latency of a single authentication, as well as the computational and communication overheads insufficient to meet the requirements of mission drone networks in terms of real-time and low energy consumption.
[18] Color green addressed this paradox by proposing a novel semipermitted blockchain framework that balances decentralization and efficiency, making the system scalable and efficient at the same time. A randomly selected public node joins the committee to execute the protocol to protect the block, but separates transaction execution from the protocol, thus reducing protocol waiting time and allowing lightweight nodes to participate, but the public node requires high resources. e combination of blockchain technology and cryptographic accumulator technology has been used to solve the authentication problem of distributed network systems, and there have been many research results at home and abroad. e accumulator, first proposed by Benaloh and de Mare [19], is a compact representation of an arbitrarily large set that can be used to prove claims of membership or nonmembership in the underlying set. e protocol in [20] used RSA accumulators to combine large states into a short commitment to design stateless blockchains where the verifier only needs to store block headers, greatly reducing the need for disk and RAM, reducing the storage overhead of the verifier, and linearly increasing system throughput. [21] provides cryptographic accumulator universal composable (UC) processing using two weaker accumulators, constructing the accumulator in a modular fashion and extending the anonymous credential system to support revocation using the results of the UC accumulator. Libert and Yung in [22][23][24] vector commitments give Security and Communication Networks commitments to ordered sequences that satisfy positional binding; i.e., an adversary algorithm should not open a commitment for two different values at the same position. e commitment string and the open witness are short, and their size is independent of the vector length. [20] applies unknown-order group batch processing techniques to cryptographic accumulators and vector commitments to develop techniques for noninteractive aggregated membership proofs that are verified by a constant number of group operations and provide size invariant bulk nonmembership proofs for a large number of elements. Using these new accumulator and vector commitment constructs to design stateless blockchains where nodes require only a constant number of stores to participate in consensus. [25] proposed vector commitments with subvector openings that allow a commitment vector to be opened at a set of locations with an opening size that is independent of the length of the vector and the number of open locations. On its basis, [23] proposed incremental aggregation to design an algorithm that generates openings quickly by preprocessing and then to implement subvector commitments. VMware research and the Ethereum team [24] propose aggregatable subvector commitment (aSVC) schemes that can aggregate multiple proofs into a small subvector proof. e approach of aSVC obtaining a stateless payment cryptocurrency has very low communication and computational overhead. However, the above authentication methods complete consensus on a fixed number of nodes and all suffer from accumulator recalculation when nodes leave or join. e joining and leaving of drone nodes in a UAV network are frequent, and there is interference from Byzantine nodes with legitimate identities, which the above parties cannot handle. Table 1 summarizes the above authentication methods. e authentication methods described above cannot be applied to lightweight, dynamic, and time-varying node trustworthiness for UAV networks. How to build a dynamic UAV trustworthy platform based on stateless blockchain to provide fast mutual authentication between UAVs is the main research objective of this paper.

System Models
UAV networks in complex and unknown mission environments are inherently Byzantine distributed systems with time-varying trustworthiness. e purpose of the lightweight authentication blockchain system is to monitor the trustworthiness of drone nodes during a mission and to provide a global platform for rapid mutual authentication between nodes. In traditional blockchains, transactions need to complete consensus and update the blockchain across the network before they can be authenticated successfully, which makes the authentication efficiency, and the computation and communication overhead insufficient to meet the requirements of UAV networks in terms of real-time and low energy consumption. e stateless authentication blockchain provided in this paper periodically performs data consensus on the local trustworthy state records of nodes, which are generated by monitoring the forwarding behavior of neighboring nodes, and then performs decision consensus on the data consensus results, i.e., aggregatable identity vector commitment based on the global trustworthiness of nodes. Its lightweight nature is reflected in the fact that only the decision consensus result is kept, and the new blocks added to the blockchain are blockheads of fixed size, without the need to keep intermediate historical state data; thus, its storage is controlled.

Network Model.
In the mission preparation phase, the system authorizes the registration server as the authoritative control center in the initialization phase of the system, which initializes the security environment parameters of the mission.
e UAV nodes and the created blocks of the blockchain register the UAV identity, calculate the identity vector commitment, and select the authoritative UAV node for the task execution phase. e proof-of-authority consensus mechanism (POA) is used to broadcast the created block to all the mission UAV nodes on the chain for reaching a consensus. e system network model is divided into a network model for the mission preparation phase and a network model for the mission execution period based on the process of the mission (Figure 1). In the mission preparation phase, the UAV swarms and the registration server form a wireless network with the registration server as the authorization center in a secure environment. All nodes deploy blockchain client programs, and the registration server acts as a trusted authority to initialize the security environment parameters of the UAV mission network. e registration server acts as a Table 1: Classification and comparison of authentication methods.

Method
Papers Overhead and shortcomings reshold secret sharing [3,5,6] High computational and communication overheads; unable to defend against black hole attacks launched by malicious nodes with powerful resources.
Certificate chain [7][8][9] High storage and communication overheads; there are key escrow issues and risk of impersonation attacks. Inconsistencies in the certificate chain across nodes lead to authentication failures. As the size of the network increases, the cost of managing and maintaining the certificate store increases. Certificate-less public key [10][11][12][13] High computational and communication overheads; man-in-the-middle attack risk during key negotiation, key distribution mostly requires establishment of secure channels. Traditional blockchain [15][16][17] High storage and computational overheads, "storage explosion," inefficient consensus, and limited system scale.
trusted authority to initialize the security environment parameters of the UAV mission network, register the identity of the UAV, assign public and private keys, establish the genesis block, and build the blockchain network system with the proof-of-authority consensus mechanism. e registration server does not participate in the mission execution, and the network after the mission starts is a selforganized network of autonomous UAV nodes that forward data in a multi-hop manner.
e blockchain system supervises the flight dynamics and forwarding behavior of the network nodes in real time to maintain the effective operation of the mission network.

reat Model.
e ultimate goal of a mission-oriented UAV network is to complete time-sensitive missions, and any factor that affects the proper achievement of the mission can be considered a threat to the UAV network.
(i) Environmental threats: e UAV network mission execution environment is complex and variable, it may be the scene of distress and rescue, or it may be the enemy-occupied area of the battlefield, the UAV network may suffer physical interference, or even be directly damaged and affect the performance of the overall network, and the network system should have the ability to sense the nodes leaving the network in a timely manner and cancel the identity of the lost network members; at the same time, the additional network members can be quickly authenticated into the network. e network system should have the ability to sense when a node has left the network, to cancel the identity of lost network members, and to quickly authenticate additional network members to the network to ensure the network's ability to perform its mission. (ii) Malicious nodes: Malicious nodes include external unauthorized malicious nodes and compromised nodes. Malicious nodes can launch impersonation attacks, black hole attacks, and DOS attacks, and can also conspire to conduct wormhole attacks. Compromised nodes with legitimate identities can be more damaging to the network by launching internal attacks. erefore, in addition to authentication, the drone network should also have the ability to detect untrustworthy nodes and isolate compromised nodes from the network in a timely manner.
(iii) Selfish nodes: Due to their own reduced energy, nodes only receive information and do not forward it out of self-protection. Such uncooperative zombie nodes, although they do not initiate harmful attacks, exist in the network and generate ineffective communication, wasting energy and reducing the overall performance of the network. e system should also have the ability to identify and mark them for isolation.

Blockchain Model.
e solution recommended in this paper implements local mutual authentication of UAV network nodes using a stateless authentication blockchain. e initialization of the blockchain is done in a secure environment.
e mission starts with all UAV network nodes having the same Genesis block, which contains an identity vector commitment, an authenticated smart contract, and a specified set of authorized nodes. e consensus process takes place in the authorized node group, with the number of authorized nodes set based on the network size. e authorized nodes are responsible for detecting the flight status of the drone nodes, such as whether they leave the network. All nodes send to the authorized nodes the local trust assessment of neighboring nodes generated during the consensus cycle. Similar to the node trustworthiness monitoring method (WatchDog) proposed in [26], monitor the forwarding behavior of neighboring nodes to assess their trustworthiness. e consensus cycle is set according to the network size, but consensus is initiated when two conditions occur during the consensus cycle: (i) an authorized node finds a record below the trustworthiness threshold in the collected local trustworthiness assessment dataset; (ii) an authorized node does not receive a response from a particular drone node several times in a row, and this number exceeds the threshold set by the system. e consensus process consists of a data consensus and a decision consensus. e data consensus consists of a local trustworthiness assessment generated by all nodes during the consensus cycle, and the status records of the UAV flights detected by the authorized nodes (whether they respond or not). Data consensus results in each authorized node having an identical subset of status records. A decision consensus is performed on the results of the data consensus to determine the global trustworthiness of the nodes, elect a new set of authorized nodes, and update the triple identity vector commitment. e results of the above decision consensus are recorded in a new block, a fixed size block header to be exact, and the drone network continues to work under the management of the new authorized node group after the blockchain has been synchronized and updated. In the meantime, historical state data used for data consensus can be discarded after decision consensus, and the blockchain grows only the block head that holds the decision consensus result at a time, avoiding the creation of a "storage explosion." e consensus process is generated periodically, and the group of authorized nodes for consensus in each period is dynamically generated according to the consensus result of Security and Communication Networks the decision, which is a dynamic polycentric proof-of-authority consensus mechanism (DPOTA), as shown in Figure 2, where the UAV network is reorganized by new blocks added to the blockchain, triple identity vector commitment, node cancellation determined by dynamic aggregation, and isolation. e stateless blockchain UAV network guarantees network trustworthiness and provides fast mutual authentication between nodes.

Recommended Scheme
In this section, we explain the stateless blockchain authentication system supporting DPOTA consensus mechanism, and our approach solves or alleviates the conflict between UAV networks with resource constraints in storage, computation, energy, and bandwidth and high requirements in dynamism, real time, and security during mission execution. Figure 3 shows the operation of the mission-oriented UAV network stateless blockchain light authentication certification by timeline. e mission-oriented stateless blockchain authentication system for UAV networks consists of two phases and four roles. In the mission preparation phase, the UAV network operates in a secure network environment, including a trusted third party, a registration server (RS), and a UAV to be registered (UAV); in the mission execution phase, it works in a nonsecure network state, including a stateless blockchain trusted platform and a blockchain UAV node (BUAV), and throughout the mission, the UAV network security is performed by the registration server and the blockchain together.
At the beginning of the mission, a blockchain client program is deployed for the registration server and the candidate UAVs participating in the mission to initialize the UAV network in a secure environment with the registration server as the center. e registration server constructs the UAV network mission-related security environment parameters based on the hyperelliptic curve public key cryptosystem [27] (HECC), receives UAV registration requests, generates public and private keys and identity IDs, and builds the identity vector. e vector commitment is calculated based on the identity vector, and the identity witness of the corresponding UAV is generated at the same time. Subsequently, trust authorization committee members are randomly selected, node trust vectors are initialized, and creation blocks are constructed. After completing the initialization, the registration server broadcasts the Genesis block to all registered UAVs to build the blockchain system of the UAV network.

System Initialization.
In the mission preparation phase, the network environment is secure and the registration server is authorized as the control center to complete the initialization of the stateless blockchain system. e missionoriented UAV network system is initialized, including the initialization of the registration server, the initialization of the UAV, and the initialization of the blockchain. Table 2 lists the main authentication-related global symbol.
Registration server initialization: First, the hyperelliptic curve HE(F p ) is customized for the system, where p ∈ HE(F p ) is its basis, the large prime q is its order, q ≠ p, and q is not divisible by p − 1. en, set the one-way hash functions by equation (1), where G 1 ⊆(C, F q ) is the Abelian cyclic additive group on the hyperelliptic curve, generating the element P ∈ G 1 . (1) Randomly select k ∈ Z * q as the private key of the registration server and P k � kP as its public key. e public cryptographic parameters, q, G 1 , P, P k , H 1 , H 2 , are stored in the registration server only as important security environment parameters for the current mission.
UAV initialization: e UAV provides hardware-related information such as MAC and IP address, and applies for identity registration with U‖U mac ‖IP as a request to the registration server, which is not involved in the mission execution. e registration server generates the private key d ∈ Z * q and the corresponding public key U � d · P for the UAV. e public security parameters, q, G 1 , P, P k , H 1 , H 2 , are built into the associated smart contract in binary form, which is deployed to the Genesis block by the registration server. Based on the UAV identity request U‖U mac ‖IP , the registration server key k ∈ Z * q is used to sign the requested UAV, and the registration smart contract generates the UAV node identity and assigns the initial value of trust to each node, with the identity ID calculated by equation (2). e final registration server assigns the public and private keys of the UAV, the identity ID, and the creation block to the corresponding UAV nodes.
Stateless blockchain initialization: During the mission preparation phase, the network environment of the registration server is secure and the setup (1 λ , 1 N ) function is run to establish vector committed common reference parameters (crs), which are built into the smart contract associated with the creation of the block in binary form. Since the registration server does not participate in the task network, the crs of the UAV network are hidden during the mission execution phase and no adversary algorithm can use the crs to fake the related information. e structure of the Genesis block is shown in Figure 4, which mainly includes the registered UAV identity vector commitment, the consensus committee member list, the UAV trust value vector, and the smart contracts related to registration, deregistration, trust management, and authentication. e UAV identity registration contract (SC IDReg) is invoked only at the registration server. e hyperelliptic curve cryptosystem is used to sign UAV requests and generate unique UAV ID. e order of UAV registration forms the order of positions in the identity vector, and values in the trust vector are assigned in this order. e number of registered UAVs can be much larger than the number of UAVs for mission execution.
In the registration server, the smart contract, vector commitment accumulator (SC_VCCom), completes the registration of UAVs, generates identity witnesses, and builds vector commitments for all registered UAVs. After determining the UAVs to participate in the mission execution, t UAVs are randomly selected (t is set by the system in advance according to the application requirements) and their identity information key-value pairs, {ID: Pubkey, IPaddress}, are used to construct the initial list of trusted authorized members.
ese t UAVs are used as the blockchain consensus committee members in the first round of the mission execution phase.

Triple Vector Commitment Stateless Blockchain.
In the mission execution phase, the network environment is complex and insecure; with the possibility of external network attacks, nodes leaving the network, and nodes being compromised, the stateless blockchain serves as a global trust platform to manage the mission UAV network.
Dynamic multicenter proof-of-authority consensus protocol: When a new block is created, the current authoritative nodes randomly select the consensus committee members for the next round based on the blockchain trust  (1) In Register Server:  Security and Communication Networks vector. is makes it difficult for adversaries to ascertain the target to attack rough a smart contract related to trust management, the consensus committee members respond to the flight status of the drones and handle reports of abnormal behaviors when nodes forward data. e consensus mechanism is triggered directly when the aggregatable deregistration subvector or blacklist subvector of consensus nodes changes to ensure the trustworthiness and validity of participating members in the mission-oriented UAV network. Figure 5 represents the structure of a new block added to the stateless blockchain, a fixed size block header that holds the results of each cycle of decision consensus, containing subvector witness aggregation, subvector witness aggregation for nodes leaving the network, subvector witness aggregation for untrustworthy nodes, and a dynamically changing vector of trust values for all nodes. e system sets the blockchain consensus period according to the network size and specific environment, and the historical state data used for data consensus need not be on the chain. Consensus committee members call the smart contract SC_SVCScala to perform dynamic aggregation of drone member witness and call the smart contract SC_TrustManage to modify the trust vector value of the drone. After the decision consensus, if any drone's trust value is below a certain threshold, its witness will be aggregated into the malicious node blacklist subvector; the witness of a drone that does not respond to the authorized node detection with a test greater than a set value will be aggregated into the revocation subvector. e number of authorized node groups is relatively small, and the PBFT consensus algorithm can be used for data consensus.
Identity vector commitment: Mission-oriented UAV networks operate in unknown and complex mission environments. e mission process is exposed to multiple risks, such as environmental factors causing nodes to leave the network, or compromise of internal nodes due to malicious attacks, and selfish behavior of nodes protecting their own resources. e UAV network needs to sense the dynamic changes in the validity and trustworthiness of UAV nodes in a timely manner. Rapid response to the deregistration, restoration, or isolation of abnormal nodes is necessary to maintain the overall performance of the network and ensure the reliability of mission execution. e proposed triple identity vector commitment mechanism avoids costly recalculation of the generic cryptographic accumulator due to changes in membership status and only requires reclassification of the changing UAV identity proofs.
e key functions of the proposed scheme are shown below: (1) crs←Setup(1 λ , 1 N ), output public parameter crs, supported vector length N, (crs include public parameters of the security environment of this mission network, providing implicit input for other algorithms, including adversary algorithms, and UAV network applications need hidden processing). In the mission preparation phase, the legal information of all nodes' ID witness is compressed into the identity vector commitment, and the UAV is assigned the identity ID i in the registration phase, as well as the witness W i that proves its existence in the commitment C. e first layer of vector commitment, C ID ←Commit(ID �→ , r), is created by the registration server and saved in the Genesis block. UAVs that become members of the consensus committee initiate the UAV flight state sensing module, which aggregates the identity witness of UAVs that have left the network to the revocation subvector commitment (the second layer vector commitment). During the mission execution phase, when the

Security and Communication Networks
UAV forwards data, its built-in monitoring module WatchDog [12] reports the bad behaviors of neighboring nodes to authorized nodes. e smart contract related to trust management of the blockchain system determines whether to aggregate the identity witness of the questioned nodes to the blacklist subvector (the third layer vector commitment) based on their trustworthiness. As shown in Figure 6, when a UAV launches a communication request, the received UAV verifies whether it is in the identity vector commitment in turn, then detects whether its witness is in the blacklist subcommitment, otherwise detects whether its witness is in the revocation subvector commitment, and finally decides whether to deaggregate the witness of the UAV from the revocation subvector, and de-aggregation means that the UAV rejoins the network.
is ensures that the UAVs participating in the mission network are valid and trusted.

Identity Revocation Subvector Commitment.
During the execution of the mission, the UAV leaves the network actively due to the mission need or the UAV leaves the network passively due to failure, attack, and other reasons, as well as the flight obstacle that causes the UAV to temporarily leave the network; the members of the blockchain trust authority committee in each period activates the UAV flight state sensing module, sensing UAV leaving, and dynamically aggregate the corresponding UAV according to the received UAV leaving event transactions of the witness and update the cancellation identity subvector commitment, indicating the identity of the node corresponding to the revocation witness from the task network, as shown in Figure 6, UAV ID1, ID2, ID3 at due to the loss of connection state; the smart contract SC_SVCScala invokes the aggregation function module to establish or update the dual identity commitment as follows.
S � 1, 2, 3, When the once departed UAV returns to the mission network, if UAV ID3 requests network communication, its identity is verified as legitimate in the first layer vector commitment, it is determined not to be a compromised node after verification in the third layer subvector commitment, and the associated smart contract then updates its second layer identity deregistration subvector commitment as follows.

(4)
De-aggregation with identity subvector commitment adapts to network scalability and reduces invalid communication. Revocation aggregation refers to the algorithm 2, where actively departing UAVs send departure transactions to the current authority committee; meanwhile, the authority committee members periodically sense all current trusted members of the UAV network. If no response is received for more than two periods, the unresponsive UAVs are set to leave the network state. e authority committee members in the current cycle accumulate the departure time, update the trust vector in the blockchain, and reach consensus on whether the UAV leaves the network by voting. e high four bits of the UAV trust value vector in the block structure are the trust value of the UAV, and the low four bits are the cumulative value of the time the UAV is off the network.

Untrustworthy Node Identity Subvector Commitment.
To secure the entire UAV network and prevent malicious nodes from causing unbearable malicious damage to the entire network system, the triple identity subvector promises an irrecoverable revocation mechanism for malicious drone node identities. e objective is to discover and isolate the malicious nodes from the mission UAV network in the shortest possible time.
e trustworthiness of the UAV nodes involved in the mission execution is guaranteed. is paper focuses on stateless local lightweight authentication based on vector commitment, node trustworthiness control refers to WatchDog algorithm to identify whether neighboring nodes are abnormal by nodes monitoring their neighboring nodes to forward packets, and the detailed process refers to [28].  authority members in the periodic consensus. If the trust value of UAV ID 4 , ID 5 , ID i is less than the threshold value set by the system, a triple identity subvector aggregation, and malicious node blacklist, an irreversible identity witness aggregation is established or updated, and the smart contract invokes the following functional module to achieve it.
Triple subvector commitment: Identity witness of a node whose identity is legitimate but not trusted can be classified as a third layer of blacklisted subvector commitment. During this period, a new block is created by a bookkeeper elected by the committee and the new block is multicast with updated trust vectors and blacklisted subvector commitments to UAVs that the blockchain confirms are valid. When a UAV initiates a communication request, the UAV that receives the request first performs the first layer of vector commitment verification to determine whether the identity of the requesting node is legitimate and again verifies that its identity is trustworthy. All the verification is done locally without traversing the blockchain to query. e details are described in Algorithm 3.

Local Two-Way Authentication of UAV Node.
Two-way authentication process: e identity vector commitment ensures the infeasibility of forgery attacks, man-inthe-middle attacks; timestamp mechanism ensures that reentry attack requests are directly abandoned, circumventing the formation of broadcast storms; at the same time, the random number r is generated by the initiating request node, then signed by the receiver, and sent back to the requester, confirming that it is a response to the requester's request, while the information replied by other receivers is directly rejected. e authentication protocol in the recommended scheme, whether it is a replay attack of the legitimate identity of the compromised node, or a replay attack of the external malicious node after eavesdropping, can be effectively circumvented. Figure 7 shows an authentication process between two nodes of the task-oriented UAV network. e UAV ID A broadcasts an authentication request, and the UAV ID B receives the request, verifies the legitimacy of ID A through the authentication smart contract of the local blockchain, determines the legitimacy of its identity through triple subvector commitment, detects the timestamp, and filters the replay request. After the verification is passed, ID B sends a response to ID A , and ID A also verifies the legitimacy of ID B . After passing the verification, it stops receiving the response information sent by other nodes, establishes the session key, encrypts the sent data, and sends it directly to ID B , completing one-time transmission, where t A is the request timestamp, t B is the response timestamp, r← R Z * n is the random number generated when ID A requests, sign(SK A (r � � � �t A ) is the signature when UAV ID A requests, sign(SK B (r � � � �t B ) is the signature when UAV ID B responds, SK A /PK A , SK B /PK B are the public and private keys of UAV ID A and ID B , respectively, and W A , W B are the respective identity witnesses. Algebraic group model means that the group elements of the adversary output cannot be created arbitrarily, but must be obtained by group computation based on the group elements. If the adversary algorithm is given group elements X 1 , X 2 , . . . , X N ∈ G 1 , then each adversary algorithm outputs group elements:

System Analysis
Security assumption: Let G 1 , G 2 be cyclic additive groups and G T be cyclic multiplicative groups, both of order prime q. G 1 , G 2 , G T is based on the hyperelliptic curve public key cryptosystem and satisfies the nondegenerate bilinear pairing: g 1 , g 2 , g T : � e(g 1 , g 2 ) then are G 1 , G 2 , G T generating elements, respectively. It is difficult to solve the l-wBDHE (weak bilinear Diffie-Hellman exponent problem) in the group of bilinear pairings; i.e., the probability expressed by the following equation can be neglected.
where α←Z p is the secret value, no one knows after the initial generation of public parameters, the public parameters are taken from the group G 1 with 2N − 1 values except g α(N+1) 1 , and N values are taken in G 2 by calculating the values in G T : Stateless verification: Establish the commitment, vector ID �→ � (ID 1 , ID 2 , . . . , ID N ) ∈ Z N p , and compute the commitment:

Security and Communication Networks
Generate witness and member ID i existence evidence establishment: Member verification, based on commitment C and witness W i verification, is

Security
Analysis. e timeliness of mission-oriented UAV networks is the biggest feature that distinguishes them from other self-organized networks. e security configuration of network nodes, such as public and private keys, and identity IDs, is generated by the mission and expires with the completion of the mission. erefore, physical attacks such as capture and cloning are not considered, but they must have the ability to resist unauthorized access, eavesdropping, impersonation, replay, and man-in-the-middle attacks. Since the registration server that keeps the system master key does not participate in the task execution, there is no possibility of generating legitimate malicious nodes due to the master key leakage during the mission, the generation of vector commitment and witness are also completed in the task preparation stage, and the vector commitment cryptographic accumulator has conflict-free and strong unidirectionality, so the success probability of active attackers forging witnesses by constructing false member sets is negligible.
Resistance to eavesdropping attacks: Communication between UAVs in a UAV network begins with two-way authentication, and after authentication is passed, a session key is negotiated to encrypt the information for  (19) while aggregation flag is true do (20) iftimeout_court++ > Monitor_periodthen (21) blockchain.Broadcast_Send(online_hello) (22) timeout_court � 0; (23) end if (24) end while (25) #current turn expired, (26) In the header of committee: (27)  transmission. Eavesdropping attacks alone do not cause degradation of the performance of the UAV network in the mission.
Resisting man-in-the-middle attacks: Active tampering attacks that can be launched by the man-in-the-middle role through eavesdropping attacks are rejected outright because the identity and identity witness of the vector commitment cannot be forged and the identity of the man-in-the-middle node cannot be verified by the authentication smart contract because it is not registered in the stateless blockchain. Manin-the-middle attacks do not pose a threat to the UAV network.
Resistant to replay attacks, for replay attacks after eavesdropping, the UAV network generates a large amount of invalid communication, which will seriously affect the performance of the network. ere are three main methods to resist replay attacks, timestamp, execution sequence number, and random number to ensure the freshness of requests, but execution sequence number and random number methods need to save historical data and require consensus of all nodes, which is unaffordable for lightweight drones, so this paper recommends the stateless lightweight blockchain authentication method, which uses a timestamp plus a random number side for two-way authentication to identify replay attacks, reject malicious forwarding, and avoid unnecessary communication interference.

Efficacy Analysis.
In this paper, we recommend a lightweight authentication scheme based on the hyperelliptic curve cryptosystem, which has a shorter key length compared to RSA and elliptic curve cryptosystem at the same security level, and its dot product operation is faster than the bilinear pair operation. It is concluded from the [29] that the relative computational cost of the bilinear [30] pair operation is about several twenty times that of the elliptic curve dot product operation; therefore, the elliptic curve dot product algorithm is more efficient and more suitable for UAV networks with limited arithmetic power. Transferring, drones run the stateless blockchain system as full nodes, and the dynamic trust authorization proof consensus mechanism ensures the security and trustworthiness of the UAV network in each round of generating new blocks. Each authentication process record is not used as a blockchain transaction to mark whether the nodes within the drone network are valid and trustworthy in the current round by recording the dynamically aggregated identity witness subvector change values into new blocks.

QualNet Network Simulation.
e QualNet Simulator, developed by Scalable Networks Technologies (SNT), is software to help with network design, operation, and management. e QualNet Simulator simulates the network behavior and performance of thousands of nodes and is a comprehensive suite of tools for simulating large wireless or wired networks. e simulation experiment scenario for the proposed solution is described in Table 3. e scenario was developed by comparing the single-step authentication latency of the UAV nodes at different network sizes, the energy consumption rate of the UAV network for a fixed period of time at a specified size, the computational effort of the UAV network in the presence of different numbers of malicious nodes at a specified time (200 s), and the fixed size of the UAV network with different malicious nodes to measure the performance superiority of the stateless block authentication scheme with triple vector commitment recommended in this paper relative to the following schemes.

Analysis of Experimental Results of UAV Network
Simulation. Single-step authentication latency: e authentication latency is tested at the node movement speed of 10 m/s and different scales. e time required for the UAV to initiate an authentication request and obtain access or start communication after verification is passed as shown in Figure 8. In Scheme I, the UAV connects to a trusted third entity through a remote network for direct anonymous authentication, and the latency continues to increase as the number of nodes increases because all nodes share the mobile communication connection center. Scheme II increases with the size of the network and the time to collect the key share to recover the master key to ensure the security threshold value increases. In Scheme III, with blockchain certificate token authentication, the query time and  consensus time grow rapidly with the number of outgoing blockchain certificates and the increase in the size of participating network nodes. Constructing a stateless blockchain with the cryptographic accumulator approach in Scheme IV, the time for authentication is theoretically constant in magnitude, but fluctuates in time due to recalculation of accumulation values and network member witnesses caused by UAVs entering and leaving the network. e recommended method does not update computation by triple vector commitment and only changes some of the member witness aggregation to other subvectors into a promise, and the authentication delay fluctuation is small. e rate of energy consumption of the UAV network: e consumption of the mission UAV network energy is directly related to the UAV range, and reducing the consumption rate of energy usage is the key to mission completion. Figure 9 shows the simulation test of five scenarios; in the time of 800 s, 50 UAV network, the presence of 20 malicious nodes, and the implementation of replay attack case, observe the rate of energy decline; in Scheme III due to the consensus algorithm of proof of workload, energy consumption is the fastest, about 400 s of time simulation energy is consumed; Scheme I requires remote communication, shared channel resource competition, and the interference from replay attacks; the energy consumption also decreases quickly and eventually ends around 500 s; and because the UAV moves in a random wandering manner, resulting in frequent access to the network by the UAV, leading to an increase in the computation of the update of Scheme IV, the energy decreases significantly at a later stage. Recommended scheme. e recommended scheme because they are all local authentication, no consensus, and better resistance to replay attacks, knowledge in maintaining the network trustworthy is the DPOTA consensus protocol cycle, processing can be aggregated subvector commitment operations, energy consumption is small, energy consumption is also the slowest, increasing the overall working time of the UAV network.
Computational cost under different numbers of malicious nodes: e test conditions are set up with a drone network size of 50 drones, running for 100 seconds, with different numbers of malicious nodes in the network, initiating the same communication task, and comparing the computational cost required for the five authentication schemes. As shown in Figure 10, Scheme III has insignificant changes because the computational overhead is mainly Remote DAA [11] reshold Secret [9] BlockchainPKI [20] Proposed Scheme Pocketchain [24]    derived from the consensus overhead caused by the scale of the nodes due to the qualities of the traditional blockchain itself to prevent double-splash attacks; Scheme I, which relies on a remote third-party trusted entity to provide authentication, can resist replay attacks, and the computational overhead is basically unchanged; Scheme II has a rapid increase in computational overhead when the number of malicious nodes increases, as there is no effective defense given by the certificate center or blockchain platform. e computational overhead of Scheme IV also increases gradually because of the increase in malicious nodes, which increases the frequency of recalculating the cumulative value and updating the identity witness of its system.
Remote DAA [11] reshold Secret [9] BlockchainPKI [20] Proposed Scheme Pocketchain [24]  Remote DAA [11] reshold Secret [9] BlockchainPKI [20] Proposed Scheme Pocketchain [24]   End-to-end transmission latency under different numbers of malicious nodes: e test conditions are set with a drone network size of 50 drones and the presence of 5 malicious nodes and 20 malicious nodes in the network. e end-to-end communication latency of the five authentication schemes is compared, as shown in Figure 11. Scheme III, the interference of replay attacks by malicious nodes on end-to-end transmission, is negligible due to the traditional blockchain with the feature of preventing replay attacks, and the inefficient consensus leads to its high time consumption. Scheme I, which relies on remote third-party trusted entities to provide authentication, can resist replay attacks, and end-to-end latency makes no difference in these two cases. In Scheme II, when the number of malicious nodes increases, its end-to-end malicious nodes 5 malicious nodes 20 reshold Secret [9] Blockchain_ PKI [20] Pocketchain [24] Proposed Scheme Remote DAA [11]  transmission latency is severely affected due to the absence of effective defense given by certificate centers or blockchain platforms; Scheme IV, because the increase of malicious nodes leads to the change of effective nodes in the network, which increases the computation of commitment and witness updates, thus affecting the end-to-end transmission latency; Recommended scenario, due to local two-way authentication and effective defense against malicious nodes, the end-to-end changes in transmission latency are minimal. Consensus and storage: Blockchains are shared databases that keep growing along with consensus. Experiments are conducted to compare the storage requirements of drone networks under different blockchains. To satisfy comparability, the following experimental scenario is set up, where malicious nodes are not considered, the UAV network is well connected, the network size is 100 nodes, the running time is 200 seconds, the routing protocol is DSR, all nodes send data randomly every 5 seconds, and the size of data packets is fixed.
(1) Traditional blockchain based on a distributed PKI with a delegated proof of stake consensus algorithm (DPOS). Each time a packet is sent as a transaction, consensus is accomplished by a fixed number of 21 delegated nodes, with a provision to initiate consensus every 20 seconds. (2) Stateless blockchain based on accumulator: same as above.
(3) Stateless authentication chain recommended in this paper: set the consensus cycle to 20 s, and the local trustworthiness assessment generated by monitoring the forwarding behavior of neighboring nodes on routing information and data packets as a data consensus transaction, again reaching consensus among the 21 authorized nodes selected dynamically in the cycle and completing consensus on the decision.
e experimental results are shown in Figure 12. As with traditional blockchains, each of transaction data needs to be on the chain, and the new block after consensus is reached contains the transaction data within 20 s. As new blocks are created, the size of the blockchain keeps increasing, and the larger the transaction data package, the faster the blockchain grows.
Stateless blockchain based on cryptographic accumulator or vector commitment is to create new blocks with authentication results as transactions, and the new blocks reach consensus at delegated authorized nodes to finally confirm the authentication success. Its transactions are smaller than the authenticated data, but still have transaction blocks.
e recommended stateless authentication chain is with triple identity vector commitment, its consensus process contains data consensus and decision consensus, the local trust assessment of all nodes to their neighboring nodes in each cycle is the object of its number consensus, its ultimate purpose is to obtain decision results through statistical analysis of the results of data consensus, its decision results in fixed size, including updated triple vector commitment and new authorized node group, the size is not more than 50 bytes. e historical state data used for data consensus do not need to be saved.
At the same time, it is clear that the first two types of authentication are confirmed after the block consensus, then the blockchain is updated, and their authentication efficiency is equivalent to the consensus efficiency. e recommended solution, on the other hand, whose consensus aims to maintain the trustworthiness of the drone network, is authenticated locally by the nodes on that blockchain's trusted platform, which is fast and not limited by the size of the network.

Conclusions
In this paper, a scheme for lightweight mutual authentication of UAV network nodes is proposed. e recommended scheme is based on vector commitment to establish a stateless blockchain with a consensus mechanism of dynamic multicentric trust authorization proof to maintain the trustworthiness and effectiveness of participating nodes in the UAV network during mission execution in the scenario of dynamic changes in the size and agency of the mission network due to environmental factors and cyber attacks. According to the timeliness requirements of the mission network, a triple aggregatable subvector commitment mutual authentication protocol is designed to effectively resist counterfeit attacks, man-in-the-middle attacks, and replay attacks. Simulation experiments demonstrate that this scheme has better performance in terms of energy consumption, computational cost, single authentication latency, and end-to-end delay compared to current authentication methods that can run in mission-based UAV networks.

Data Availability
Due to the privacy of the data and sensitive information, it is not convenient to provide.

Conflicts of Interest
e authors declare that they have no conflicts of interest.