Anglia Ruskin Research Online (ARRO)
Browse

A Novel Session Key Update Scheme for LoRaWAN

Download (3.8 MB)
journal contribution
posted on 2024-10-17, 09:57 authored by Nur Hayati, Susila Windarta, Muhammad Suryanegara, Bernardi Pranggono, Kalamullah Ramli

This paper proposes a novel Long-range Wide Area Network (LoRaWAN) session key updating scheme to enhance the security of LoRaWAN with cost-effective communication that provides a unique key for each communication session. The scheme consists of three sequential stages, i.e., initialization, keying material preparation, and key updating, on the basis of the truncated Photon-256 algorithm with updatable keying materials. These stages are structured by a set of novel communication protocols. To prove the uniqueness of the key, we validated its sequence bit randomness using the NIST 800-22 and ENT statistical test suites. The validation results show that the key passes all test parameters. Subsequently, the communication protocols were validated by using Scyther tools. We proved that these protocols ensure the security of the LoRaWAN key update scheme and guarantee that active interception does not occur. The analysis was performed by focusing on the security features of data confidentiality, integrity protection, mutual authentication, perfect forward secrecy, and replay attack resistance. Finally, a formal security analysis using GNY logic indicated that the overall security goals are achieved. The proposed scheme's performance was evaluated in terms of computational cost, communication cost, and storage. The computational cost needed by the scheme is very small, indicating that there is no additional burden on the backend system. The communication cost requires less traffic than previous solutions, yet it offers more robust security for LoRaWAN by producing a new key in every communication session. The scheme needs insignificant additional storage that is considered negligible.

History

Refereed

  • Yes

Volume

10

Page range

89696-89713

Publication title

IEEE Access

ISSN

2169-3536

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

File version

  • Published version

Language

  • eng

Item sub-type

Journal Article

Affiliated with

  • School of Computing and Information Science Outputs