Quick disclaimer: I'm still learning this stuff. This comes out of a small personal project where I'm trying to secure the link between a hobby drone and its ground station. Everything below was tested in simulation (ArduPilot SITL) and a little on real hardware, on a very modest setup — so please take my own results with a grain of salt.

Context: a protocol everywhere, secured nowhere

If you build an open-source drone today, chances are it speaks MAVLink — the communication protocol between the drone and its ground control station (GCS), used by ArduPilot and PX4, running on millions of devices.

The catch: MAVLink was designed for one thing — performance. Compact packets, low latency, long range. Security wasn't part of the original spec, and it shows.

MAVLink in 30 seconds