A4 Article in conference proceedings
Security of LoRaWAN v1.1 in Backward Compatibility Scenarios

List of Authors: Tahsin C.M. Dönmez, Ethiopia Nigussie
Publisher: Elsevier B.V.
Publication year: 2018
Journal: Procedia Computer Science
Book title *: The 15th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2018) / The 13th International Conference on Future Networks and Communications (FNC-2018) / Affiliated Workshops
Journal name in source: Procedia Computer Science
Title of series: Procedia Computer Science
Volume number: 134
ISSN: 1877-0509


We present security vulnerabilities of LoRaWAN v1.1 in backward
compatibility scenarios and propose countermeasures. Novel low-power
wireless communication technologies are continuously introduced into the
IoT ecosystem, while the existing ones continue their evolution by
adding new features and fixing known problems. Since most of IoT-based
applications involve communication of sensitive data with remote users,
it is crucial to scrutinize the security of the emerging low-power
wireless communication technologies. LoRaWAN is a Low Power Wide Area
Network (LPWAN) protocol that is optimized for wireless battery-powered
IoT devices. The current LoRaWAN v1.1 states only one possible backward
compatibility scenario without defining all the associated security
behaviors and their implications for the system’s overall security. This
work examines the applicability of v1.0.2 attacks in fall-back cases by
consolidating the vulnerabilities of v1.0.2 and the resulting attacks.
After determining the possible attacks, countermeasures to prevent DoS
attacks that target the join procedure, replay of data, and eavesdropping in backward compatibility scenarios are proposed.

Downloadable publication

This is an electronic reprint of the original article.
This reprint may differ from the original in pagination and typographic detail. Please cite the original version.

Last updated on 2019-21-08 at 20:07