LP2-CASKU: Lightweight Cluster Auth & Key Update

• The paper introduces LP2-CASKU, a protocol that employs batch authentication with message aggregation to reduce communication rounds and verification complexity in dynamic clusters.
• LP2-CASKU achieves dynamic, privacy-preserving cross-cluster authentication by utilizing pseudonymous identities and lightweight cryptographic tokens to ensure unlinkability.
• It incorporates a secure session key update mechanism via distributed secret sharing that guarantees forward and backward secrecy while minimizing computational overhead.

Lightweight and Privacy-Preserving Cluster Authentication and Session Key Update (LP2-CASKU) refers to a class of cryptographic protocols that simultaneously address secure, efficient group (or cluster) authentication, anonymity/pseudonymity for privacy, and robust session key update with forward/backward secrecy for dynamic clusters—specifically in highly dynamic environments such as UAV swarms, IoT deployments, and multi-server networks (Gong et al., 7 Sep 2025). These protocols achieve scalability, low computational and communication overhead, and resilience to a wide range of attacks while ensuring that parties’ true identities and data remain hidden from both external adversaries and unauthorized internal parties.

1. Batch Authentication with Message Aggregation

The LP2-CASKU paradigm incorporates a batch authentication mechanism implemented through message aggregation (MAm), which allows multiple new members (e.g., new UAVs—NUAVs) to be authenticated in a single protocol invocation, minimizing communication rounds and verification complexity compared to naive sequential authentication.

• Each NUAV constructs a join request including a pseudonymous identity (PID), public key, and cryptographic proof elements (e.g., a challenge response $V_k = g^{v_k}$ and signature $\mathit{sig}_k = D_k^{v_k w_k}$ dependent on public parameters of ground base station (GBS) and cluster head (CH), with $w_k = H(PID_{NUAV_k}, PID_{CH}, pk_{NUAV_k})$).
• The cluster head aggregates requests, forming a batch authenticated signature as:

$$\mathit{sig}_{NUAVs} = H\left(\left(\prod_{k=1}^{N_{NUAV}} \mathit{sig}_k\right)^{sk_{CH}^{-1}}\right) \oplus \mathit{key}$$

and an aggregated ciphertext

$$c_{NUAVs} = \prod_{k=1}^{N_{NUAV}} V_k^{H(PID_{NUAV_k}, PID_{CH}, pk_{NUAV_k})}$$

which are broadcast to cluster members (CMs) for decentralized, parallel verification using only hash/XOR and a low number of group operations.

• This design reduces both the total number of exchanged messages and the per-member computational load, enabling the authentication latency for larger groups to remain almost constant as the system scales (Gong et al., 7 Sep 2025).

2. Lightweight Cross-Cluster Authentication for Dynamic Privacy

When a previously authenticated UAV (denoted EUAV) migrates between clusters, LP2-CASKU provides a lightweight cross-cluster authentication mechanism (LC2Am) to ensure seamless, privacy-preserving re-authentication with unlinkability.

• The source CH computes a token $C_{i,j} = H(PID_{EUAV}, T_3, CT) \oplus CT$ using the UAV’s pseudonymous identity, a fresh timestamp $T_3$, and a cross-cluster secret $CT$ shared between legitimate base stations.
• The destination CH recovers $H(PID_{EUAV}, T_3, CT)$ and validates recency and membership using the system’s directory (e.g., a GBS database).
• Upon completion, the EUAV is assigned a new pseudonymous identity: $PID_{EUAV}^{(new)} = H(PID_{EUAV}, T_3, CT)$ independent of the prior PID. As each authentication uses freshly hashed PIDs and timestamps, an adversary cannot link repeated authentications to the same physical device, thus achieving strong unlinkability (Gong et al., 7 Sep 2025).

3. Session Key Update Mechanism via Distributed Secret Sharing

To maintain confidentiality as cluster membership evolves, LP2-CASKU includes an efficient session key update mechanism (CSKUm) that guarantees forward and backward secrecy leveraging distributed secret sharing (a variant of the Shamir polynomial method).

• After a membership change, the CH generates a new session key $key_{i,j}^{(new)} \in \mathbb{Z}_p^*$ and constructs a random polynomial $f(x)$ of degree $N_{CM} - 1$ such that:

$$f(x) = key_{i,j}^{(new)} + b_1 x + \dots + b_{N_{CM}-1} x^{N_{CM}-1}$$

• Each CM receives a masked share $$F_{CM_{i,j,l}} = f(H(PID_{CM_{i,j,l}})) \oplus H(sk_{CM_{i,j,l}}, T_4)$$, where $x_{i,j,l} = H(PID_{CM_{i,j,l}})$ and $T_4$ is a new timestamp.
• Session key reconstruction among legitimate CMs uses Lagrange interpolation over their shares. The consistency of the reconstructed key is checked against the original via a hash comparison (Gong et al., 7 Sep 2025).

This ensures that:

• Forward secrecy: Departed members cannot derive any future session keys.
• Backward secrecy: Newly joined members cannot reconstruct earlier group keys.

4. Security Properties and Formal Analysis

LP2-CASKU is proven to enforce several security properties relevant for cluster and group authentication protocols:

• Authenticity: Both batch and cross-cluster authentication are cryptographically bound to secret keys and ephemeral random values, ensuring only legitimate devices gain access.
• Anonymity and Unlinkability: Ephemeral pseudonyms for each new authentication event guarantee that adversaries cannot correlate or trace devices across sessions or clusters.
• Message/Data Confidentiality and Integrity: Session keys are updated using robust, distributed methods; message integrity checks use collision-resistant hashes.
• Forward/Backward Secrecy: Polynomial-based session key distribution provides provable guarantees; formal cryptographic games (Data Unforgeability Game, Data Confidentiality Game) are used for security proofs (Gong et al., 7 Sep 2025).
• Resistance to Key Compromise: Knowledge of a current session key does not enable attacker inference of past or future keys, even when multiple messages are intercepted.

A summary of the protocol’s coverage of these properties against prior work is typically shown in comparison tables (Table 3 in (Gong et al., 7 Sep 2025)).

5. Performance and Scalability Evaluations

Theoretical and OMNeT++-based simulation analyses confirm that LP2-CASKU achieves:

• Latency reduction of 82.8%–90.8% compared to non-batched baseline protocols for batch onboardings across various swarm and network configurations.
• Energy consumption lowered by approximately 37.6%–72.6% across both cluster heads and members, attributed to the aggregation of cryptographic operations and message transmissions.
• Low computation/communication overhead due to the dominance of lightweight operations (hash, XOR) and rare use of higher-cost group exponentiations or polynomial interpolations.
• Scalability: Latency and energy consumption remain nearly constant as number of NUAVs or cluster membership increases, supporting large, highly dynamic UAV swarms or IoT clusters.

Performance details, including operation counts and numerical results, are presented in operation/overhead tables and in figures plotting latency or energy consumption against the number of authenticated devices (Gong et al., 7 Sep 2025).

6. Practical Applications and Deployment Considerations

LP2-CASKU is designed for multi-party, highly dynamic settings where cluster composition changes frequently and member privacy/anonymity must be preserved. The architecture and mechanisms are well suited for:

• UAV/Drone swarms in low-altitude economy networks
• Industrial or vehicular IoT with fluctuating membership
• Large-scale multi-server authentication scenarios where server-side state and overhead must be minimized

Deployment considerations include:

• The need for lightweight cryptographic primitives (e.g., hashes over public-key cryptography) to accommodate resource-constrained devices.
• Time synchronization for timestamp-based replay and freshness validation (can be tuned via allowable $\Delta T$).
• Provisioning and management of pseudonymous identities and per-cluster secret distribution.

Adoption of the protocol in these mobility-focused environments yields strong privacy guarantees, robust authentication under rapid membership churn, and minimal performance degradation as network size or traffic grows.

7. Comparative Perspective and Future Directions

Relative to prior multi-server, group, and mobile IoT authentication protocols, LP2-CASKU introduces several enhancements:

• Batch authentication with message aggregation for simultaneous onboarding with sublinear latency and energy cost.
• Privacy-preserving cross-cluster (i.e., inter-group) authentication with cryptographically fresh, untraceable pseudonyms.
• Session key update that tightly binds key evolution to group composition, merging forward/backward secrecy with distributed trust.

Open research directions involve generalizing the aggregation and distributed key update mechanisms for more heterogeneous network deployments, formalizing security under new adversarial models (e.g., quantum threats or side-channel leakage), and further minimizing message size and operation count for extreme resource-constrained or delay-sensitive applications.

---

In summary, LP2-CASKU exemplifies the state-of-the-art for lightweight, privacy-preserving, scalable, and secure group authentication and session key management in highly dynamic cluster-based networks, validated through rigorous security analysis and large-scale performance evaluations (Gong et al., 7 Sep 2025).