Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros

Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros

Alternative title Data Security in LoRaWAN Network with Third-Party Network Server
Author de Moraes, Poliana Autor UNIFESP Google Scholar
Advisor da Conceição, Arlindo Flavio Google Scholar
Graduate program Mestrado Profissional Interdisciplinar em Inovação Tecnológica
Abstract The age of the Internet of Things is daily bringing the connection of new devices to the Internet, expecting fifty billion units by 2021. Internet of Things devices are nowadays one of the most relevant targets as an entrance for security attacks. LoRaWAN is a new wide-area wireless network technology used in Internet of Things long-range communication and it is specified to provide high data security resilience using end-to-end encryption. LoRaWAN application is a system of a system concept, and a commercial solution is usually shared with numerous parties. Then, LoRaWAN applications can operate with a third-party network server that can not be assumed as a trusted entity. In that scenario, the data can undergo an integrity attack. As the network server owns the network session key, the payload encryption is done using a XOR operation and the protocol specification is opened allowing to determine easily the data location. Furthermore, in a LoRaWAN specification version 1.0, the network server also knows the parameters to calculate an application session key that allows the network server to perform a confidentiality attack. This study aims to develop a security mechanism to improve data security resilience in LoRaWAN applications that use third-party network servers. Following that objective, an Internet of Things system was designed based on the LoRaWAN specification version 1.0. A prototype was built with Radioenge LoRa communication components in end device and gateway. The Things Network server was applied as network and application server. A risk assessment was executed to demonstrate the hazards of third-party network servers in data security. To mitigate the identified risks against unauthorized data access, a proprietary payload is proposed to be included in the application layer. The proprietary payload is formed by the data and the 4 last bytes of its SHA256 hash to delivery integrity in the application layer. Finally, the entire payload is encrypted by AES-CTR to provide confidentiality to the integrity parameter. To be easily reused in end devices of LoRaWAN applications, the proposed security mechanism was encapsulated in a library, and it is available in https://github.com/polimoraes/LoRaWANDataSecurity. In conclusion, when LoRaWAN is implemented with third-party network servers, it is essential to include additional security mechanisms to increase data security resilience, and the security mechanism developed in this work can provide resilience to LoRaWAN applications complied with 1.0 and 1.1 specification versions.
Keywords LoRaWAN
Security
Internet of Things
xmlui.dri2xhtml.METS-1.0.item-coverage Online
Language English
Sponsor Conselho Nacional de Desenvolvimento Científico e Tecnológico (CNPq)
Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)
Grant number 14/50937-1
15/24485-9
465446/2014-0
Date 2021-06-10
Research area Tecnologia da Informação e Comunicação
Knowledge area Outra
Publisher Universidade Federal de São Paulo
Extent 103 f.
Access rights Open access Open Access
Type Dissertation
URI https://repositorio.unifesp.br/handle/11600/61279

Show full item record




File

Name: Dissertação_Entrega_Poliana_Moraes.pdf
Size: 3.422Mb
Format: PDF
Description:
Open file

This item appears in the following Collection(s)

Search


Browse

Statistics

My Account