The infrastructureless architecture for Internet-of-Drones (IoD) environment regulates drones in airspace for performing tactical tasks. Synergy is crucial for IoD participants; otherwise, complex task completion is impossible because IoD is a newer area that has gained more attention for domestic and commercial usage. However, wireless communication in the IoD environment is prone to numerous threats; security and privacy are among the top challenges. If all the participating entities of IoD become securely authenticated, then information broadcasting will never be confronted by a strong adversary. Therefore, in this research article, we designed a robust and lightweight security mechanism based on a fuzzy extractor and the MD5 (Message Digest 5) method to authenticate all IoD participants and ensure secure communication. The security analysis of the proposed biometric-based authentication mechanism has been formally verified through a simulation toolkit ProVerif and Random-Oracle Model (ROM) and informally through propositions. The performance metrics of the proposed protocol have been measured by considering communication and computation costs. The result obtained from the security and performance analysis sections shows that the secrecy, reachability, and confidentiality of the session secret key are, of course, ensuring secure information communication for the IoD environment. When comparing it with prior works, the result demonstrated that it can be strongly recommended for practical implementation in the IoD environment.