short-paper

General Security Considerations of LoRaWAN Version 1.1 Infrastructures

Authors:

Alexander Gladisch,

Simon Rietschel,

Johannes Goltz,

Simeon WiedenmannAuthors Info & Claims

MobiWac'18: Proceedings of the 16th ACM International Symposium on Mobility Management and Wireless Access

Pages 118 - 123

https://doi.org/10.1145/3265863.3265882

Published: 25 October 2018 Publication History

Abstract

We assess the security mechanisms defined in the LoRaWAN specification and describe own research to show, whether those security mechanisms are sufficient. For this, we explain typical attacks on radiobased networks. We further show which precautions are necessary not to undermine these measures and whether additional security measures may be necessary.

References

[1]

2006. IEEE Standard for Information technology -- Local and metropolitan area networks -- Specific requirements -- Part 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low Rate Wireless Personal Area Networks (WPANs). IEEE Std 802.15.4--2006 (Revision of IEEE Std 802.15.4--2003) (Sept 2006), 1--320.

[2]

Alper Yegin (Actility), Editor. 2017. LoRaWAN Backend Interfaces Specification - Version 1.0. LoRa Alliance, Inc., 3855 SW 153rd Drive, Beaverton, OR 97003, USA.

[3]

Emekcan Aras, Gowri Sankar Ramachandran, Piers Lawrence, and Danny Hughes. 2017. Exploring The Security Vulnerabilities of LoRa. In Cybernetics (CYBCONF), 2017 3rd IEEE International Conference on. IEEE, 1--6.

[4]

IEEE Standards Association et al. 2010. Guidelines for 64-bit Global Identifier (EUI-64 (TM)). Registration Authority Tutorials, April (2010).

[5]

Mihir Bellare, Joe Kilian, and Phillip Rogaway. 2000. The security of the cipher block chaining message authentication code. J. Comput. System Sci. 61, 3 (2000), 362--399.

Digital Library

[6]

John Black and Phillip Rogaway. 2001. A Suggestion for handling Arbitrary-Length Messages with the CBC MAC. In NIST Second Modes of Operation Workshop, August.

[7]

Norbert Blenn and Fernando Kuipers. 2017. LoRaWAN in the wild: Measurements from the things network. arXiv preprint arXiv:1706.03086 (2017).

[8]

Morris J Dworkin. 2016. Recommendation for block cipher modes of operation: The CMAC mode for authentication. Technical Report.

[9]

Jakob Jonsson. 2002. On the security of CTR+ CBC-MAC. In International Workshop on Selected Areas in Cryptography. Springer, 76--93.

Digital Library

[10]

Alfred J Menezes, Jonathan Katz, Paul C Van Oorschot, and Scott A Vanstone. 1996. Handbook of applied cryptography. CRC press.

Digital Library

[11]

SeungJae Na, DongYeop Hwang, WoonSeob Shin, and Ki-Hyung Kim. 2017. Scenario and countermeasure for replay attack using join request messages in Lo- RaWAN. In Information Networking (ICOIN), 2017 International Conference on. IEEE, 718--720.

[12]

Nicolas Sornin (Semtech), Editor. 2017. LoRaWAN Specification - Version 1.1. LoRa Alliance, Inc., 3855 SW 153rd Drive, Beaverton, OR 97003, USA.

[13]

JH. Song, R. Poovendran, J. Lee, and T. Iwata. 2006. The AES-CMAC Algorithm. RFC 4493. RFC Editor. https://www.rfc-editor.org/rfc/rfc4493.txt

[14]

Stefano Tomasin, Simone Zulian, and Lorenzo Vangelista. 2017. Security analysis of lorawan join procedure for internet of things networks. In Wireless Communications and Networking Conference Workshops (WCNCW), 2017 IEEE. IEEE, 1--6.

[15]

D. Whiting, R. Housley, and N. Ferguson. 2003. Counter with CBC-MAC (CCM). RFC 3610. RFC Editor. https://www.rfc-editor.org/rfc/rfc3610.txt

Digital Library

Cited By

Kusyanti APrimananda RBakhtiar FSantoso NRini D(2022)Implementation of lightweight block cipher for IoT communication moduleProceedings of the 7th International Conference on Sustainable Information Engineering and Technology10.1145/3568231.3568263(142-147)Online publication date: 22-Nov-2022
https://dl.acm.org/doi/10.1145/3568231.3568263
Kuntke FRomanenko VLinsner SSteinbrink EReuter C(2022) LoRaWAN security issues and mitigation options by the example of agricultural IoT scenariosTransactions on Emerging Telecommunications Technologies10.1002/ett.445233:5Online publication date: 27-Jan-2022
https://doi.org/10.1002/ett.4452
Ribeiro VHolanda RRamos ARodrigues J(2020)Enhancing Key Management in LoRaWAN with Permissioned BlockchainSensors10.3390/s2011306820:11(3068)Online publication date: 29-May-2020
https://doi.org/10.3390/s20113068
Show More Cited By

Index Terms

General Security Considerations of LoRaWAN Version 1.1 Infrastructures
1. Networks
  1. Network protocols
2. Security and privacy
  1. Network security
    1. Mobile and wireless security

Recommendations

LoRaWAN Security: An Evolvable Survey on Vulnerabilities, Attacks and their Systematic Mitigation
The changing vulnerability and threat landscape constantly challenge the security of wireless communication standards and protocols. For the Internet of Things (IoT), LoRaWAN is one of the dominant technologies for urban environments, industrial settings, ...
Energy Attack in LoRaWAN: Experimental Validation
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

Myriads of new devices take their places around us every single day, making a decisive step towards bringing the concept of the Internet of Things (IoT) in reality. The Low Power Wide Area Networks (LPWANs) are today considered to be one of the most ...
Analysis of LoRaWAN v1.1 security: research paper
SMARTOBJECTS '18: Proceedings of the 4th ACM MobiHoc Workshop on Experiences with the Design and Implementation of Smart Objects

LoRa and the LoRaWAN specification is a technology for Low Power Wide Area Networks (LPWAN) designed to allow connectivity for connected objects, such as remote sensors. Several previous works revealed various weaknesses regarding the security of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

MobiWac'18: Proceedings of the 16th ACM International Symposium on Mobility Management and Wireless Access

October 2018

140 pages

ISBN:9781450359627

DOI:10.1145/3265863

General Chair:
Wessam Ajib
University of Quebec de Montreal, Canada
,
Program Chairs:
Rodolfo W. L. Coutinho
University of Ottawa, Canada
,
Frank Li
University of Agder, Norway

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSIM: ACM Special Interest Group on Simulation and Modeling

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 October 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Acceptance Rates

Overall Acceptance Rate 83 of 272 submissions, 31%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
215
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)2

Reflects downloads up to 10 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kusyanti APrimananda RBakhtiar FSantoso NRini D(2022)Implementation of lightweight block cipher for IoT communication moduleProceedings of the 7th International Conference on Sustainable Information Engineering and Technology10.1145/3568231.3568263(142-147)Online publication date: 22-Nov-2022
https://dl.acm.org/doi/10.1145/3568231.3568263
Kuntke FRomanenko VLinsner SSteinbrink EReuter C(2022) LoRaWAN security issues and mitigation options by the example of agricultural IoT scenariosTransactions on Emerging Telecommunications Technologies10.1002/ett.445233:5Online publication date: 27-Jan-2022
https://doi.org/10.1002/ett.4452
Ribeiro VHolanda RRamos ARodrigues J(2020)Enhancing Key Management in LoRaWAN with Permissioned BlockchainSensors10.3390/s2011306820:11(3068)Online publication date: 29-May-2020
https://doi.org/10.3390/s20113068
Yoshizawa TPreneel BLi FZomaya ACoutinho R(2020)Verification Schemes of Multi-SIM Devices in Mobile Communication SystemsProceedings of the 18th ACM Symposium on Mobility Management and Wireless Access10.1145/3416012.3424620(91-97)Online publication date: 16-Nov-2020
https://dl.acm.org/doi/10.1145/3416012.3424620
Mikhaylov KFujdiak RPouttu AMiroslav VMalina LMlynek P(2019)Energy Attack in LoRaWANProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340525(1-6)Online publication date: 26-Aug-2019
https://dl.acm.org/doi/10.1145/3339252.3340525

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents