Current Remote ID standards for unmanned aerial vehicles (UAVs) lack robust authentication mechanisms, rendering them vulnerable to spoofing, replay, and relay attacks—thereby undermining regulatory trustworthiness and multi-UAV collaborative security. To address this, we propose a lightweight, standards-compliant identity authentication system that uniquely integrates the TESLA time-delayed authentication protocol with the trusted execution environment (TEE) of mobile devices, enabling task-oriented, low-overhead verification. Our design employs efficient cryptographic primitives and is validated on an FAA-compliant hardware prototype and multi-UAV formation simulation. Compared to conventional digital signature schemes, our approach reduces authentication communication overhead by 50% and decreases end-device computation latency by two orders of magnitude. Crucially, it achieves seamless integration with existing Remote ID infrastructure, balancing strong security guarantees, real-time performance, and practical deployability.

Mysterious sightings of Unmanned Aircraft Systems (UAS) over U.S. military facilities, suburban neighborhoods, and commercial airports have intensified scrutiny of drone activity. To increase accountability, the Federal Aviation Administration (FAA) introduced a Remote ID mandate, requiring unmanned aircraft to broadcast their location, operator's location, and identity in real-time. However, current standards leave authentication mechanisms underspecified, enabling spoofing, relay, and replay attacks that can undermine surveillance efforts and potentially disrupt UAS-to-UAS coordination in future deployments. In this paper, we propose TBRD, a practical system for authenticating Remote ID messages in a manner that aligns with existing standards and UAS capabilities. TBRD leverages the TESLA protocol and mobile device TEEs, and introduces a verification mechanism to build a lightweight, mission-scoped authentication system that is both computationally efficient and requires a low communication footprint. We evaluate the performance of TBRD using both an FAA-requirements compatible proof-of-concept implementation for performance metrics and a simulated 4-drone swarm mission scenario to demonstrate its security guarantees under adversarial conditions. Our system provides a 50% reduction in authentication overhead compared to digital signatures and a 100x reduction in computation time. Our results demonstrate that TBRD can be integrated into current Remote ID infrastructures to provide a scalable, standards-compliant message authentication for both regulatory and operational use cases.