Security of Join Procedure and its Delegation in LoRaWAN v1.1

We examine the security features of LoRaWAN v1.1 and propose countermeasures for the determined security problems. LoRaWAN is among the emerging wireless communication technologies for the internet-of-things (IoT) that provide long-range connectivity for low-power IoT devices. As most IoT based appl...

Full description

Saved in:
Bibliographic Details
Published in:Procedia computer science 2018, Vol.134, p.204-211
Main Authors: Dönmez, Tahsin C.M., Nigussie, Ethiopia
Format: Article
Language:English
Subjects:
IoT
join procedure
LoRaWAN
security
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We examine the security features of LoRaWAN v1.1 and propose countermeasures for the determined security problems. LoRaWAN is among the emerging wireless communication technologies for the internet-of-things (IoT) that provide long-range connectivity for low-power IoT devices. As most IoT based applications operate without human intervention and deal with sensitive data, it is crucial to keep the security of LoRaWAN under scrutiny. The examined features in this work are key management, the newly introduced delegation of join procedure to network operators, backward compatibility, and replay protection for join procedure. The evaluation of key management exposes the fact that LoRaWAN v1.1 does not provide forward secrecy. The closer study of the join procedure delegation with backward compatibility reveals that they cannot securely coexist. The examination of join procedure demonstrates that when the assumption of trustworthy network server fails, not only integrity but also confidentiality of application data may be compromised. To overcome these issues, we proposed countermeasures that prevent the compromise of integrity and confidentiality of application data in the cases of join procedure delegation and malicious network server.
ISSN:1877-0509
1877-0509
DOI:10.1016/j.procs.2018.07.202