A Novel Cipher for Enhancing MAVLink Security: Design, Security Analysis, and Performance Evaluation Using a Drone Testbed

Unmanned Aerial Vehicles (UAVs) are being widely deployed for diverse applications, including surveillance, agriculture, logistics, disaster response, etc. Secure communication between a UAV and its ground control station (GCS) is paramount, as vulnerabilities can expose the system to cyber threats. Micro Air Vehicle Link (MAVLink) is a widely used open-source communication protocol that facilitates the exchange of messages between a UAV and a GCS. However, UAV-GCS communication under this protocol is unencrypted, making it vulnerable to eavesdropping and potential data compromise. While prior research has explored encryption mechanisms for MAVLink, most efforts remain theoretical or simulation-based rather than practical implementations. In this paper, we integrate various existing encryption algorithms, viz., Advanced Encryption Standard -Counter mode (AES-CTR), ChaCha20, Speck-CTR, and Rabbit, into MAVLink. We propose a novel cipher, MAVShield, designed to safeguard MAVLink-based communications. We perform a formal security analysis of MAVShield, which includes the study of 24 distinct attacks on the proposed cipher using various statistical test suites, viz., the National Institute of Standards and Technology (NIST) and Diehard test suites. Our analysis demonstrates the robust resistance of MAVShield to differential cryptanalysis. Furthermore, we show that the cipher also successfully thwarts over-the-air Man-in-the-Middle (MITM) and replay attacks. In addition, we thoroughly evaluate the performance of all five algorithms, viz., AES-CTR, ChaCha20, Speck-CTR, Rabbit, and MAVShield, and compare it with that of the standard unencrypted MAVLink protocol in terms of various metrics such as memory usage, battery power consumption, and CPU load, using a real drone testbed. Our performance evaluation demonstrates that MAVShield outperforms all the other encryption algorithms, and is hence a secure and efficient solution for protecting MAVLink-based communications in real-world deployments.