Distributed Gateway-based Security Scheme for Guaranteeing LoRaWAN Networks Availability

Abstract

The Internet of Things (IoT) is interconnecting a large number of devices, some of which are constrained in terms of power and computational capability. Currently, battery-powered IoT devices are deployed in large areas, calling for power-efficient and long-range communication technologies. In this context, the Low Power Wide Area Networks (LPWAN) are considered key enablers for such IoT systems. LoRaWAN, an LPWAN technology, is one of the dominant candidates for major IoT communication protocols. Unfortunately, LoRaWAN suffers from various security and privacy issues, which may lead to several attacks on a LoRaWAN network targeting data availability, authentication, and confidentiality. In this paper, we present an effective solution to prevent data and system availability attacks at the gateway level, which is considered the weakest link in the LoRaWAN communication system. The proposed solution is intended to make the LoRaWAN communication between end devices and network servers more secure, resilient, and efficient. To ensure data availability while also reinforcing data confidentiality and integrity for LoRaWAN networks, the proposed solution utilizes the Information Dispersal Algorithm (IDA) over GF(2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">8</sup> ) with a dynamic key derivation scheme. This solution assumes that several gateways (n) are deployed within a LoRaWAN network. The security and efficiency tests show that the proposed solution exhibits a low overhead in terms of computations, resources, and communication while offering a high degree of availability and confidentiality.