A4 Artikkeli konferenssijulkaisussa
Security of Join Procedure and its Delegation in LoRaWAN v1.1




Julkaisun tekijät: Tahsin C.M. Dönmez, Ethiopia Nigussie
Kustantaja: Elsevier B.V.
Julkaisuvuosi: 2018
Journal: Procedia Computer Science
Kirjan nimi *: The 15th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2018) / The 13th International Conference on Future Networks and Communications (FNC-2018) / Affiliated Workshops
Tietokannassa oleva lehden nimi: Procedia Computer Science
Volyymi: 134
ISSN: 1877-0509

Tiivistelmä

We examine the security features of LoRaWAN v1.1 and propose
countermeasures for the determined security problems. LoRaWAN is among
the emerging wireless communication technologies for the
internet-of-things (IoT) that provide long-range connectivity for
low-power IoT devices. As most IoT based applications operate without
human intervention and deal with sensitive data, it is crucial to keep
the security of LoRaWAN under scrutiny. The examined features in this
work are key management, the newly introduced delegation of join
procedure to network operators, backward compatibility, and replay
protection for join procedure. The evaluation of key management exposes
the fact that LoRaWAN v1.1 does not provide forward secrecy. The closer
study of the join procedure delegation with backward compatibility
reveals that they cannot securely coexist. The examination of join
procedure demonstrates that when the assumption of trustworthy network
server fails, not only integrity but also confidentiality of application
data may be compromised. To overcome these issues, we proposed
countermeasures that prevent the compromise of integrity and
confidentiality of application data in the cases of join procedure
delegation and malicious network server.


Ladattava julkaisu

This is an electronic reprint of the original article.
This reprint may differ from the original in pagination and typographic detail. Please cite the original version.




Last updated on 2019-29-01 at 12:31