The importance of cyber-security shielding in LoRaWAN networks: Part I

The IRIS Sentinel team shares the first in a series of articles on securing IoT devices in LoRaWAN networks.

Nowadays, we are experiencing a significant rise in the number of devices connected to the Internet, including computers, mobile phones and tablets, as well as new devices such as appliances, surveillance cameras, TVs, etc. These less conventional electronic devices in the world of the internet are known as IoT devices (“Internet of Things”). IoT can be defined as the grouping and interconnection of devices like sensors, mechanical devices, and household appliances through a private or public (internet) network. This technology is unique in that there are no limits to the development of new applications that improve both daily life and business environments.

Today’s market and product offering are rapidly evolving. Home automation devices are available for everyday use in homes as well as IoT devices for Smart Cities such as sensors that collect filling level data of recycling bins and containers, allow for temperature, detect motion, control and manage streetlights and more.

The scalability of these applications, reduced infrastructure costs and global connectivity are core characteristics of IoT which add great strategic value, making IoT one of the main trends in digital transformation of the industry.

Among the Smart City Infrastructures, LoRaWAN has been recognized as an international standard by the ITU (International Telecommunications Union) for Low-Power Wide-Area Networks (LPWAN).

LoRaWAN is an LPWAN network protocol built on the LoRa radio modulation technique. It wirelessly connects devices to the Internet and manages communication between these end devices and network gateways.

The LoRaWAN network has connectivity in more than 170 countries and has become the leading network for Smart Cities, among other reasons, because it is an open standard, is being implemented in more than 155 mobile network operators, and because of the large number of deployed projects using this technology worldwide.

To understand the importance of security in this type of network, it is important to point out the different elements in a LoRaWAN network and how information is transmitted.

The main components of a LoRaWAN network are listed below:

  • Nodes: The end devices that send information to the Gateway and receive the data from the sensors.
  • Gateways: The devices responsible for providing coverage to the nodes, communicating with them and integrating them with the Network Server.
  • Networks Servers: All purpose systems that enable sharing, storing and managing of network resources.
  • Application Server: Final server that manages or uses the data transmitted on the network.

Without going into too much detail about the communication between nodes and gateways, a series of message exchanges are carried out between the nodes and the Network Server to ensure the authenticity, confidentiality and integrity of the data that is transmitted. In the next article we will take a closer look at the following topics:

  • What makes up a LoRaWAN frame?
  • Types of LoRa devices (OTAA / ABP)
  • Connection to the network by exchanging messages between nodes and Network Server (JoinRequest / JoinAccept).
  • Sessions and key exchange (AppKey, AppSKey, NwkSKey, etc.)

After having contextualized what makes up these types of networks and how the devices communicate, one can imagine the possible consequences of threats such as node spoofing. In this scenario an attacker introduces a node into the network by spoofing the identifiers and/or keys from another legitimate node to send erroneous information to the network; for example, fill levels of rubbish bins, temperature, motion sensor, etc. We will look into this topic in the final article of this series.