Blockchain-Assisted Lightweight Broadcast Encryption with Revocation Support for Secure ADS-B in IoT Aviation

Automatic Dependent Surveillance–Broadcast (ADS-B) is widely deployed in both civil and unmanned aviation networks, yet its plaintext broadcast design leaves it vulnerable to eavesdropping, spoofing, and message forgery. Existing cryptographic solutions incur excessive overhead, depend on complex key infrastructures, and fail to accommodate the broadcast nature of ADS-B, making them unsuitable for real-time IoT aviation scenarios. In this paper, we propose ADSB-IBBE, the first lightweight and scalable security scheme tailored for confidential ADS-B broadcast communication in IoT-enabled aerial networks. ADSB-IBBE integrates a novel Identity-based Broadcast Encryption (IBBE) construction to enable efficient key distribution, together with a purpose-built, format-preserving stream cipher that secures critical ADS-B fields without extending the message size. It further incorporates a customized sharding consortium blockchain for decentralized identity management and rapid key revocation, while a header compression mechanism reduces transmission overhead. Security analysis confirms Indistinguishability against Selective-Identity Chosen Ciphertext Attacks (IND-sID-CCA) security under the Random Oracle Model (ROM). Experiments show over 80% lower computational cost and 90% reduced communication overhead compared to the most demanding baseline, with increasing advantages as the number of receivers grows, achieving the lowest overhead of 510bit header and 80bit ciphertext. These results demonstrate the suitability of our scheme for secure and efficient ADS-B communication in next-generation IoT-enabled air traffic management (ATM) systems.