Mysterious sightings of Unmanned Aircraft Systems (UAS) over U.S. military facilities, suburban neighborhoods, and commercial airports have intensified scrutiny of drone activity. To increase accountability, the Federal Aviation Administration (FAA) introduced a Remote ID mandate, requiring unmanned aircraft to broadcast their location, operator's location, and identity in real-time. However, current standards leave authentication mechanisms underspecified, enabling spoofing, relay, and replay attacks that can undermine surveillance efforts and potentially disrupt UAS-to-UAS coordination in future deployments. In this paper, we propose TBRD, a practical system for authenticating Remote ID messages in a manner that aligns with existing standards and UAS capabilities. TBRD leverages the TESLA protocol and mobile device TEEs, and introduces a verification mechanism to build a lightweight, mission-scoped authentication system that is both computationally efficient and requires a low communication footprint. We evaluate the performance of TBRD using both an FAA-requirements compatible proof-of-concept implementation for performance metrics and a simulated 4-drone swarm mission scenario to demonstrate its security guarantees under adversarial conditions. Our system provides a 50\% reduction in authentication overhead compared to digital signatures and a 100x reduction in computation time. Our results demonstrate that TBRD can be integrated into current Remote ID infrastructures to provide a scalable, standards-compliant message authentication for both regulatory and operational use cases.

翻译：美国军事设施、郊区居民区及商业机场上空频繁出现不明无人航空系统（UAS），引发对无人机活动的高度关注。为加强监管问责，美国联邦航空管理局（FAA）推出远程身份识别强制规范，要求无人机实时广播其位置、操作者位置及身份信息。然而，现行标准对认证机制的规定尚不完善，导致欺骗攻击、中继攻击与重放攻击有机可乘，这不仅会削弱监控效能，还可能破坏未来部署中无人机集群的协同作业。本文提出TBRD系统，该方案可在兼容现有标准与无人机能力的前提下，实现对远程身份识别信息的实用化认证。TBRD融合TESLA协议与移动设备可信执行环境（TEE），并引入验证机制构建轻量级任务范围认证系统，兼具计算高效性与低通信开销特性。我们通过两种方式评估TBRD性能：采用符合FAA要求的原型系统进行性能指标测试，以及通过四机集群任务仿真场景验证其在对抗条件下的安全保证。相较于数字签名方案，本系统可降低50%的认证开销，并将计算时间缩减至百分之一。实验结果表明，TBRD能够融入现有远程身份识别基础设施，为监管与运营场景提供可扩展、符合标准的消息认证服务。