A Novel Secure Root Key Updating Scheme for LoRaWANs Based on CTR_AES DRBG 128

A long-range wide area network (LoRaWAN) has a weakness in terms of key management: its root key is static, meaning that it never changes. Since all cryptographic keys are derived from the root key, such a weakness endangers LoRaWAN security. This paper proposes a novel secure root key updating sche...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access 2022, Vol.10, p.18807-18819
Main Authors: Hayati, Nur, Ramli, Kalamullah, Windarta, Susila, Suryanegara, Muhammad
Format: Article
Language:English
Subjects:
Algorithms
cryptographic key
Cryptography
CTR_AES DRBG
key management
LoRaWAN security
Randomness
root key update
Statistical tests
Wide area networks
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A long-range wide area network (LoRaWAN) has a weakness in terms of key management: its root key is static, meaning that it never changes. Since all cryptographic keys are derived from the root key, such a weakness endangers LoRaWAN security. This paper proposes a novel secure root key updating scheme for LoRaWAN that involves periodically changing the root key value based on the CTR_AES DRBG 128 algorithm. The scheme consists of two sequential phases: the initialization process that occurs at the end device and the root key update process that occurs at the join server. To validate the proposed scheme, we conduct randomness and communication protocol tests. The results indicate that the proposed scheme has a high degree of randomness, passes all 15 statistical tests in the NIST suite, and has secure communication protocols. The analyses verify that the new scheme has a mechanism to resist replay attacks and protects data integrity. The main advantage of the scheme is that it has a perfect forward secrecy feature that enhances the root key updating scheme with a lightweight computational load for the end device; additionally, root key updating can be performed automatically from a remote distance within the LoRaWAN coverage network. The proposed scheme also supports simultaneous updates for implementation in a large area with many devices. Finally, the overall results demonstrate how our proposed scheme may compensate for the weakness of LoRaWANs in key management and improve their security performance.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2022.3150281