Abstract
LoRaWAN, part of the long range Internet of Things (IoT) technologies, is a Low Power Wide Area (LPWA) protocol that enables communication between the battery operated resource constrained devices. Although LoRaWAN provides system-level security, these networks are based on a basic assumption of trust between the network server and the user, which as a result empowers a network server with undue authorities. Moreover, the nature of the LoRaWAN join procedure, which is a key component for ensuring network operation, is highly susceptible to jamming and replay attacks through slight packet manipulation, thus making the network vulnerable. In order to address these deficiencies, we present a blockchain-based distributed framework for the LoRaWAN join procedure, in order to provide a secure and trusted authentication system within LoRaWAN networks. Our proposed solution eliminates the jamming and replay attack threats against the LoRaWAN join procedure and in addition builds trust among LoRa end devices and network servers. The framework is endorsed by a Proof of Concept (PoC) implementation using the Ethereum blockchain which is used to evaluate the proposed system in realistic LoRaWAN network scenarios. The simulations results indicate that the proposed solution achieves efficient system performance up to an upper bound on the load level which involves 30 join requests from 1000 concurrent clients.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ericsson mobility report: On the pulse of the networked society, Ericsson, Tech. Rep., (November 2017). [Online]. https://www.ericsson.com/mobility-report
Han, K.-H., Bae, W.-S.: Proposing and verifying a security protocol for hash function-based IoT communication system. Clust. Comput. 19(1), 497–504 (2016)
Han, K.-H., Bae, W.-S.: Proposing and verifying a security-enhanced protocol for IoT-based communication for medical devices. Clust. Comput. 19(4), 2335–2341 (2016)
Ferreira, Cerqueira, H.G., de Sousa Junior, R.T.: Security analysis of a proposed internet of things middleware. Clust. Comput. 20(1), 651–660 (2017)
Ashraf, N., Hasan, A., Qureshi, H.K., Lestas, M.: Combined data rate and energy management in harvesting enabled tactile IoT sensing devices. IEEE Trans. Ind. Inform. 15(5), 3006–3015 (2019)
Rathee, G., et al.: A trust management scheme to secure mobile information centric networks. Comput. Commun. 151, 66–75 (2019)
LoRa Alliance: LoRaWAN Specification V1.1. [Online] (2017). https://lora-alliance.org/resource-hub/lorawantm-specification-v11
Danish, S.M., Nasir, A., Qureshi, H.K., Ashfaq, A.B., Mumtaz, S., Rodriguez, J.: Network intrusion detection system for jamming attack in LoRaWAN join procedure. In: Proceedings of the 54th IEEE International Conference on Communications (ICC). pp. , (May, 2018)
Danish, S.M., Qureshi, H.K., Jangsher, S., Lestas, M.: Effects of wireless power transfer on LoRaWAN join procedure. In: Proceedings of the 14th IEEE International Wireless Communications and Mobile Computing Conference (IWCMC). (June, 2018)
Tomasin, S., Zulian, S., Vangelista, L.: Security analysis of LoRaWANTM join procedure for internet of things networks. In: IEEE Wireless Communications and Networking Conference Workshops (WCNCW), pp. 1–6 (2017)
Danish, S.M., Qureshi, H.K., Jangsher, S.: Jamming attack analysis of wireless power transfer on LoRaWAN join procedure. In: 2018 IEEE Globecom Workshops (GC Wkshps) (pp. 1–6). IEEE (2018, December)
Butun, I., Pereira, N., Gidlund, M.: Analysis of LoRaWAN v1. 1 security. In: Proceedings of the 4th ACM MobiHoc Workshop on Experiences with the Design and Implementation of Smart ObjectsSensors, p. 5, (2018)
Lin, J., Shen, Z., Miao, C.: Using blockchain technology to build trust in sharing LoRaWAN IoT. In: Proceedings of the ACM 2nd International Conference on Crowd Science and Engineering (ICCSE’17), pp. 38–43, (2017)
https://www.semtech.com/lora/lora-applications/smart-healthcare
Lin, J., Shen, Z., Miao, C., Liu, S.: Using blockchain to build trusted LoRaWAN sharing server. Int. J. Crowd Sci. 1(3), 270–280 (2017)
Lee, J.W., Hwang, D.Y., Park, J.H., Kim, K.-H.: Risk analysis and countermeasure for bit-flipping attack in LoRaWAN. In: International Conference on Information Networking (ICOIN), pp. 549–551, (2017)
Aras, E., Ramachandran, G.S.: Piers Lawrence and Danny Hughes. Exploring The Security Vulnerabilities of LoRa. International Conference on Cybernetics (CYBCONF), pp. 1–6 (2017)
Xueying, Y., Karampatzakis, E., Doerr, C., Kuipers, F.: Security vulnerabilities in LoRaWAN. In: IEEE/ACM Third International Conference on In Internet-of-Things Design and Implementation (IoTDI), pp. 129–140 (2018)
Na, S.J., Hwang, D.Y., Shin, W.S., Kuipers, K.-H.K.: Scenario and countermeasure for replay attack using join request messages in LoRaWAN. In: International Conference on Information Networking (ICOIN), pp. 718–720 (2017)
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. (2008). [Online]. https://bitcoin.org/bitcoin.pdf
Zhang, K., Jacobsen, H.-A.: Towards dependable, scalable, and pervasive distributed ledgers with blockchains. In: ICDCS, pp. 1337–1346 (2018)
Rathee, G., Sharma, A., Iqbal, R., Aloqaily, M., Jaglan, N., Kumar, R.: A blockchain framework for securing connected and autonomous vehicles. Sensors 19(14), 3165 (2019)
Masood, A.B., Lestas, M., Qureshi, H.Q., Christofides, N., Ashraf, N., Mehmood, F.: Closing the Loop in Cyber-Physical Systems using Blockchain: Microgrid Frequency Control Example. IEEE Middle East & North Africa COMMunications Conference, MenaComm, Manama, Bahrain, (November 2019)
Conoscenti, M., Vetro, A., De Martin, J.C.: Blockchain for the internet of things: a systematic literature review. In: IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA), pp. 1–6 (2016)
Hammi, M.T., Bellot, P., Serhrouchni, A.: BCTrust: A decentralized authentication blockchain-based mechanism. In: IEEE Wireless Communications and Networking Conference (WCNC), pp. 1–6 (2018)
Lee, C.H., Kim, K.-H.: Implementation of IoT system using block chain with authentication and data protection. In: IEEE International Conference on Information Networking (ICOIN), pp. 936–940 (2018)
Zhu, X., Badr, Y., Pacheco, J., Hariri, S.: Autonomic identity framework for the internet of things. In: IEEE International Conference on Cloud and Autonomic Computing (ICCAC), pp. 69–79 (2017)
Alexandru, L., Popa, V.: LoRa wide-area networks from an Internet of Things perspective. In: IEEE 9th International Conference on Electronics, Computers and Artificial Intelligence (ECAI), pp. 1–4 (2017)
Hernan, S., Lambert, S., Ostwald, T., Shostack, A.: Uncover security design flaws using the STRIDE approach. MSDN Magazine, (Nov. 2006)
Vitalik, B.: A next-generation smart contract and decentralized application platform. White Paper, (2014)
Ray, J.: (2015). [Online]. https://github.com/ethereum/wiki/wiki/Benchmarks
Winsvega: (2015). [Online]. https://github.com/ethereum/tests
Danish, S.M., Lestas, M., Asif, W., Qureshi, H.K., Rajarajan, M.: A Lightweight blockchain based two factor authentication mechanism for LoRaWAN join procedure. In: Proceedings of the IEEE 53rd International Conference on Communications (ICC). Shangai, China (May 2019)
Kim, J., Song, J.S.: A dual key-based activation scheme for secure LoRaWAN. Wireless Communications and Mobile Computing (2017)
Zhang, K., Vitenberg, R., Jacobsen, H.-A.: Deconstructing blockchains: concepts, systems, and insights. In: DEBS, pp. 187–190 (2018)
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Danish, S.M., Lestas, M., Qureshi, H.K. et al. Securing the LoRaWAN join procedure using blockchains. Cluster Comput 23, 2123–2138 (2020). https://doi.org/10.1007/s10586-020-03064-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-020-03064-8