Abstract
LoRaWAN appears as one of the new Low Power Wide Area Network (LPWAN) standards in recent IoT market. The outstanding features of LPWAN are the low power consumption and long-range coverage. The LoRaWAN 1.1 specification has a basic security scheme defined. However, the scheme can be further improved in the aspect of the key management. In this paper, the overall LoRaWAN 1.1 security is reviewed and an enhanced LoRaWAN security with a root key update scheme is proposed. The root key update will make the cryptanalysis on security keys in LoRaWAN more difficult. The analysis and simulation have shown that the proposed root key update scheme has the lowest requirement on computing resources compared with other key derivation schemes including the one used in LoRaWAN session key update. The results have also shown the key generated in the proposed scheme has high randomness which is a basic requirement for a security key.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Naoui, S., Elhdhili, M.E., Saidane, L.A.: Enhancing the security of the IoT LoraWAN architecture. In: 2016 International Conference on Performance Evaluation and Modeling in Wired and Wireless Networks (PEMWN), pp. 1–7 (2016)
Sornin, N., Yegin, A.: LoRaWAN backend interfaces 1.0 specification. Lora Alliance Standard Specification, 11 October 2017. www.lora-alliance.org. Accessed 20 Mar 2018
Sornin, N., Yegin, A.: LoRa specification 1.1. Lora Alliance Standard Specification, 11 October 2017. www.lora-alliance.org. Accessed 20 Mar 2018
Miller, R.: LoRa security: building a secure LoRa solution, 1st edn. MWR LABS (2016)
Roman, R., Alcaraz, C., Lopez, J., Sklavos, N.: Key management systems for sensor networks in the context of the Internet of Things. Comput. Electr. Eng. 37, 147–159 (2011)
SeungJae, N., DongYeop, H., WoonSeob, S., Ki-Hyung, K.: Scenario and countermeasure for replay attack using join request messages in LoRaWAN. In: 2017 International Conference on Information Networking (ICOIN), pp. 718–720 (2017)
Kim, J., Song, J.: A simple and efficient replay attack prevention scheme for LoRaWAN. In: ACM International Conference Proceeding Series, pp. 32–36 (2017)
Gildas Avoine, L.F.: Rescuing LoRaWAN 1.0. INSA Rennes, CNRS, France (2016)
Zhang, Z.-K., Cho, M.C.Y., Shieh, S.: Emerging security threats and countermeasures in IoT. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security (ASIA CCS 2015), pp. 1–6. ACM (2015)
Hossain, M.M., Fotouhi, M., Hasan, R.: Towards an analysis of security issues, challenges, and open problems in the internet of tings. In: Proceedings of the IEEE World Congress on Services, SERVICES, pp. 21–28 (2015)
Zhao, K., Ge, L.: A survey on the internet of things security. In: Proceedings of the 9th International Conference on Computational Intelligence and Security, CIS, pp. 663–667 (2013)
He, J., Zhang, X., Wei, Q.: EDDK: energy-efficient distributed deterministic key management for wireless sensor networks. EURASIP J. Wirel. Commun. Netw. 2011, 765143 (2011)
Barker, E., Barker, W., Burr, W., Polk, W., Smid, M.: Recommendation for Key Management Part 1: General (Revision 4). NIST Special Publication (2016)
Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_34
National Institute of Standards and Technology, FIPS 198-1, The Keyed-Hash Message Authentication Code, Federal Information Processing Standard (FIPS), Publication 198-1 (2008)
Chen, L.: SP 800-56C. Recommendation for key derivation through extraction-then-expansion. National Institute of Standards & Technology (2011)
Dworkin, M.J.: SP 800-38B. Recommendation for block cipher modes of operation: the CMAC mode for authentication. National Institute of Standards & Technology (2005)
Boesgaard, M., Vesterager, M., Zenner, E.: The rabbit stream cipher. In: Matthew, R., Olivier, B. (eds.) New Stream Cipher Designs, pp. 69–83. Springer, Berlin (2008). https://doi.org/10.1007/978-3-540-68351-3_7
Suárez-Albela, M., Fernández-Caramés, T.M., Fraga-Lamas, P., Castedo, L.: A practical evaluation of a high-security energy-efficient gateway for IoT fog computing applications. Sensors 17(9), 1978 (2017)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Han, J., Wang, J. (2018). An Enhanced Key Management Scheme for LoRaWAN. In: Wang, G., Chen, J., Yang, L. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2018. Lecture Notes in Computer Science(), vol 11342. Springer, Cham. https://doi.org/10.1007/978-3-030-05345-1_35
Download citation
DOI: https://doi.org/10.1007/978-3-030-05345-1_35
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05344-4
Online ISBN: 978-3-030-05345-1
eBook Packages: Computer ScienceComputer Science (R0)