Issue link: https://read.uberflip.com/i/1423199
PROPERTIES OF LoRaWAN™ SECURITY SECURITY IMPLEMENTATION INTRODUCTION The security mechanisms mentioned previously rely on the well-tested and standardized AES 1 cryptographic algorithms. These algorithms have been analysed by the cryptographic community for many years, are NIST approved and widely adopted as a best security practice for constrained nodes and LoRaWAN™ is a Low Power Wide Area Network (LPWAN) pro - tocol that supports low-cost, mobile, and secure bi-directional communication for Internet of Things (IoT), machine-to-machine (M2M), smart city, and industrial applications. The LoRaWAN protocol is optimized for low power consumption and is designed to support large networks with millions of devices. Innovative LoRaWAN features include support for redundant operation, geolocation, low-cost, and low-power applications. Devices can even run on energy harvesting technologies enabling the mobility and ease of use of IoT. LoRaWAN security is designed to fit the general LoRaWAN design criteria: low power consumption, low implementation complexity, low cost and high scalability. As devices are deployed in the field for long periods of time (years), security must be future-proof. The LoRaWAN security design adheres to state-of-the-art principles: use of standard, well-vetted algorithms, and end-to-end security. Later, we describe the fundamental properties that are supported in LoRaWAN security: mutual authentication, integrity protection and confidentiality. Mutual authentication is established between a LoRaWAN end-device and the LoRaWAN network as part of the network join procedure. This ensures that only genuine and authorized devices will be joined to genuine and authentic networks. LoRaWAN MAC and application messaging are origin authenticated, integrity protected, replay protected, and encrypted. This protection, combined with mutual authentication, ensures that network traffic has not been altered, is coming from a legitimate device, is not comprehensible to eavesdroppers and has not been captured and replayed by rogue actors. LoRaWAN security further implements end-to-end encryption for application payloads exchanged between the end-devices and application servers. LoRaWAN is one of the few IoT networks implementing end-to-end encryption. In some traditional cellular networks, the traffic is encrypted over the air interface, but it is transported as plain text in the operator's core network. Consequently, end users are burdened by selecting, deploying and managing an additional security layer (generally implemented by some type of VPN or application layer encryption security such as TLS). This approach is not suited in LPWANs where over-the-top security layers add considerable additional power consumption, complexity and cost. networks. LoRaWAN security uses the AES cryptographic primitive combined with several modes of operation: CMAC 2 for integrity protection and CTR 3 for encryption. Each LoRaWAN device is personalized with a unique 128 bit AES key (called AppKey) and a globally unique identifier (EUI-64-based DevEUI), both of which are used during the device authen - tication process. Allocation of EUI-64 identifiers require the assignor to have an Organizationally Unique Identifier (OUI) from the IEEE Registration Authority. Sim - ilarly, LoRaWAN networks are identified by a 24-bit globally unique identifier assigned by the LoRa Alliance™. As security is a fundamental need in all of the aforementioned applications, it has been designed into the LoRaWAN specification from the very beginning. However, the topic of security encompasses multiple properties and, in particular, the cryptographic mechanisms used to implement security in LoRaWAN deserve careful explanation. This whitepaper aims to present the security of the current LoRaWAN specification. First, we will present the security properties embodied in the LoRaWAN specifications, then details of its implementation and finally some explanations about LoRaWAN security design.