Abstract
Recently, many Low Power Wide Area Network (LPWAN) protocols have been proposed for securing resource-constrained Internet of Things (IoT) devices with negligible power consumption. The Long Range Wide Area Network (LoRaWAN) is a low power communication protocol that supports message authentication, integrity, and encryption using two-session preshared secret keys. However, although the LoRaWAN supports some security functions, it suffers from session key generation and key update problems. This motivates us to introduce a new key management protocol that resolves the LoRaWAN problems and supports key updates. The proposed protocol is based on hash chain generation using a one-way hash function. Network entities share a common hash chain of n key elements to allow using a unique signing key per message. We also propose a salt hashing algorithm that encrypts the original keys into a different form to avoid the physical attacks at the end device side. We analyzed the proposed key generation performance in terms of the computation time, the required storage, and the communication overhead. We implemented and tested the proposed key generation protocol using the NS-3 network simulator. The proposed lightweight key generation protocol significantly enhances the security of the original LoRaWAN at a negligible overhead. The proposed protocol reduces the power consumption and transmission time by two times compared with some previous protocols. In addition, the proposed key generation protocol can resist attacks, such as key compromising attacks and replay attacks, and it supports the Perfect Forward Secrecy, which was not supported by LoRaWAN.
Highlights
It is the Internet of Things (IoT) era, where billions of tiny IoT end devices are maintained and deployed worldwide
The proposed protocol extremely low power case reducing the time on the air by 36%, 26% compared with Security-Enhanced Option (SEO) and Default Option (DO), respectively, for a packet size of 222 bytes using an Spreading Factor (SF) of 12
This paper proposed a key management protocol for Long Range Wide Area Network (LoRaWAN) networks that can support session key updates and defense against key attacks
Summary
It is the Internet of Things (IoT) era, where billions of tiny IoT end devices are maintained and deployed worldwide. In [8], the authors provide an authentication scheme for multi-group communication based on bilinear pairing They prove that this method consume more power and require extra storage which makes it not suitable for IoT networks. The authors of [19] attempted to implement end-to-end security by allowing the AppSKey negotiations between the end device and the application server without including the network server This needs the changing of the original LoRaWAN, making it challenging to apply it in the existing LoRaWAN standard. The proposed protocol enhances the key update mechanism by using n keys for future communication Storing these keys with salt encryption can hide the original value and can prevent any physical attacks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
