/
How LoRa protects your data

How LoRa protects your data

Owned by Julie Isebaert
Last updated: Dec 06, 2024
6 min read

LoRa (Long Range) is a wireless communication technology designed for long-range, low-power transmission. It is commonly used in IoT (Internet of Things) applications for connecting devices over long distances with minimal power consumption.

LoRa protects data through multiple security mechanisms, including end-to-end encryption and device authentication. Each device's data is encrypted with unique keys, ensuring confidentiality. The LoRaWAN network provides additional protection by using secure keys for device authentication, preventing unauthorized access. This encryption ensures that only authorized devices can communicate with the network, safeguarding sensitive data throughout the transmission process.

 

Sensor - Cloud communication flow

image-20241206-173555.png

LoRa anti-spoofing

1. Unique Device EUI (DevEUI)

Each LoRa sensor comes with a globally unique identifier, the DevEUI (Device Extended Unique Identifier), typically a 64-bit value that is unique to every device.

This identifier is assigned by the manufacturer and registered with the LoRa Alliance, meaning each device has a unique serial number recognized globally.

Because the DevEUI is unique, the network server can distinguish devices and verify that the transmitted message is indeed from the correct device.

2. Device Authentication via AppKey and Join Procedure

In LoRaWAN, the device is authenticated when it connects to the network through a process called Over-the-Air Activation (OTAA). During this process, the device uses an AppKey (Application Key), which is known to both the sensor and the network server.

When a sensor connects, it generates session keys through an authentication exchange with the network server. This ensures that only devices with the correct key are granted access.

3. Encryption with AppSKey and NwkSKey

LoRaWAN uses AES-128 encryption with two session keys: the AppSKey (for payload encryption) and the NwkSKey (for network communication). Both keys are uniquely generated per device and prevent third parties from deciphering or spoofing messages.

Since these keys are unique to each device and derived from the secret AppKey, only legitimate devices can sign and send data and messages.

  • The AppSKey is used to encrypt the payload data, ensuring that only the server application (and not the gateway or network server) can decode the payload. This guarantees the privacy of the data, even if the network itself is not fully trusted.

  • The NwkSKey secures communication at the network level, ensuring that messages sent via the LoRaWAN gateway to the network server cannot be tampered with. This key is used for authentication and message integrity.

Sensor - Cloud - Data enrichment

image-20241206-174106.png

How safe is communication through LoRa devices?

1. LoRa gateway

A LoRa gateway is a network device that supports wireless communication via the LoRaWAN protocol. It receives signals from LoRa sensors and sends them to a central server (the LoRa network provider) via an internet connection. LoRa gateways are often used in IoT applications due to their long range and low consumption.

A LoRa gateway is similar to a WiFi router in that both devices receive signals from wireless devices and forward them to a network. The difference is that a LoRa gateway works with LoRaWAN (low bandwidth, long distance) and is designed for IoT sensors, while a WiFi router provides high bandwidth for short-range Internet use. In addition, a LoRa gateway supports thousands of devices within a large area, while a WiFi router serves a more limited number of devices within a smaller range.

In the WMS implementation, the role of the LoRa network provider is provided by TTN (The Things Network - headquartered in The Netherlands) and the internet connection is established via a 4G SIM card and thus the data transfer takes place place over the mobile network. In this example we consider the Pico Gateway (LAN,Cellular) installation.

Barriers to acquire access to the gateway

  • LoRa gateways are installed in the customer locations. Therefore, to gain access to the gateways, access to buildings is required. This forms a first barrier.

  • Giving yourself access to a gateway with the aim of stealing or diverting data is considered (physical) intrusion and hacking and is punishable. This forms a second barrier.

  • After gaining physical access to the device: The password of the device is often on the back of the device and often this password is not changed. At customer request, the passwords of the gateways can be changed and the sticker can be removed from the back. However, it is important to note that:

    • It requires the necessary IT knowledge to access the gateway configuration interface: one must be connected to the cable, one must adjust the IP address of the laptop, and so on.

    • Access to the gateway configuration interface allows a user to wrongly configure the gateway, for example by entering a different “server address”. From this moment on, no more data will be forwarded to the IoT cloud, so the effect is similar to turning off the gateway. As this will impact data communication to the Spacewell cloud, this will be noticed through the changing / deteriorating sensor connectivity status.

    • In extreme cases, one would also be able to perform a rogue firmware update on the gateways in order to directly intercept the collected data. However, a hacker can also purchase his own LoRa gateway or use other equipment to intercept data on the 868 MHz LoRa frequency band and achieve the same result. This is also the reason why a gateway password does not provide relevant protection to prevent data interception.

    • The logs available on the gateway only contain information such as signal strength, SNR (signal-to-noise ratio), a timestamp, the uplink frequency and the like. No critical data is stored, so gateway logs will not provide insight in Device IDs, Application names, LoRa addresses or sensor measurements.

2. LoRa sensor

Even if a hacker would be able to intercept the data between the sensor and the gateway (either by taking over the gateway or by allowing another device to listen in), it’s important to realise that, as mentioned in How LoRa protects your data | 3. Encryption with AppSKey and NwkSKey, a LoRaWAN message is encrypted twice, thanks to the use of two different layers of encryption

  • Network layer encryption (AES-128): This protects the communication between the sensor and the network server (TTN). It allows the network server to verify that the message is from a valid device and has not been tampered with.

  • Application layer encryption (AES-128): This layer encrypts the actual payload of the message (= the measured occupancy). Only the application server (= the Spacewell cloud) can decrypt this data with the AppSKey (Application Session Key). This means that not even the network server (TTN) can access the contents of the payload.

LoRa gateways only act as a conduit and do not store user or payload data. This means that a compromised gateway will not provide access to critical data or encryption keys.

If a hacker wants to decrypt an intercepted message encrypted with two AES-128 keys, it would take 158 million years (!!) to decipher the message with the current general computing power of a computer. And this applies to every individually sent message.

Even if the message were decrypted, the data would still be virtually irrelevant: The data sent by the sensor mainly consists of the measured occupancy (0 or 1), a timestamp and the device ID. In order to do anything with that data, one must be aware of which device ID is connected to which workplace (or meeting room). To obtain this information, one must inspect each sensor individually or access the back-end of the Spacewell platform (where device IDs are linked to a location).

LoRa technology itself makes it difficult to intercept data

As described above: physically intercepting and decrypting messages LoRa is almost impossible. On top of that, LoRa also provides mechanisms that are intrinsic to the technology and make it difficult to intercept data.

  • Long-range protocol but with limitations: LoRa operates in an uncontrolled frequency band (868 MHz in Europe), but the low-power and low-bandwidth characteristics of LoRa limit the possibility of large-scale interception and manipulation.

  • Spread Spectrum Technology: LoRa uses Chirp Spread Spectrum (CSS), which makes signals very difficult to distinguish from background noise. This makes attempts at interception or disruption more difficult.

  • LoRaWAN uses frame counters in uplink and downlink messages. This prevents intercepted and retransmitted messages (replay attacks) from being accepted by the network or application server.

 

Related content

LoRa Sensors and Gateways
LoRa Sensors and Gateways
Workplace Knowledge Base (support.spacewell.com)
More like this
Spacewell Hardware Connectivity and Privacy
Spacewell Hardware Connectivity and Privacy
Workplace Knowledge Base (support.spacewell.com)
More like this
A new SIM card for Lora Gateways: WHEREVER SIM
A new SIM card for Lora Gateways: WHEREVER SIM
What's New
More like this
LoRa-sensoren en -gateways
LoRa-sensoren en -gateways
Workplace Knowledge Base (nl.support.spacewell.com)
More like this
Adeunis Field Tester
Adeunis Field Tester
Workplace Knowledge Base (support.spacewell.com)
More like this
LoRa Gateways, Hubs installation guides
LoRa Gateways, Hubs installation guides
Workplace Knowledge Base (support.spacewell.com)
More like this