Journal of Industrial Convergence (산업융합연구)

DAEHAN Society of Industrial Management (대한산업경영학회)
권호 표지
DOI QR코드

DOI QR Code

Blockchain (A-PBFT) Based Authentication Method for Secure Lora Network

안전한 Lora 네트워크를 위한 블록체인(A-PBFT) 기반 인증 기법

  • 김상근 (성결대학교 컴퓨터공학과)
  • Received : 2022.07.04
  • Accepted : 2022.10.20
  • Published : 2022.10.28
Download PDF
⟨ Previous Next ⟩

Abstract

Lora, a non-band network technology of the long-distance wireless standard LPWAN standard, uses ABP and OTTA methods and AES-128-based encryption algorithm (shared key) for internal terminal authentication and integrity verification. Lora's recent firmware tampering vulnerability and shared-key encryption algorithm structure make it difficult to defend against MITM attacks. In this study, the consensus algorithm(PBFT) is applied to the Lora network to enhance safety. It performs authentication and PBFT block chain creation by searching for node groups using the GPS module. As a result of the performance analysis, we established a new Lora trust network and proved that the latency of the consensus algorithm was improved. This study is a 4th industry convergence study and is intended to help improve the security technology of Lora devices in the future.

장거리 무선 표준 LPWAN 표준의 비 대역망 기술인 Lora는 내부 단말 인증 및 무결성 검증에 ABP, OTTA 방식과 AES-128 기반 암호 알고리즘(공유키)을 사용한다. Lora는 최근 펌웨어 변조 취약점과 공유키 방식의 암호 알고리즘 구조상 MITM 공격 등에 방어가 어려운 문제가 존재한다. 본 연구는 Lora 네트워크에 안전성 강화를 위해 블록체인을 합의 알고리즘(PBFT)을 적용한다. GPS 모듈을 활용하여 노드 그룹을 검색하는 방식으로 인증과 PBFT의 블록체인 생성과정을 수행한다. 성능분석 결과, 새로운 Lora 신뢰 네트워크를 구축하고 합의 알고리즘의 지연 시간이 개선했음을 증명하였다. 본 연구는 4차 산업 융합연구로써 향후 Lora 장치의 보안 기술 개선에 도움이 되고자 한다.

Keywords

References

  1. Ministry of the Interior and Safety. (2019. 07. 01.). Guidelines for the introduction of the government IoT. Retrieved from https://www.mois.go.kr/
  2. Gareth Halfacree. (2020. 01. 28.). IOActive Highlights Security Failings in LoraWAN Deployments, Publishes Auditing Framework. Retrieved from https://www.hackster.io/
  3. ETRI. (2018. 07. 10.). Development of LPWAN security technology based on Hardware Security Module for safe IoT devices, Retrieved from https://scienceon.kisti.re.kr/
  4. Kim, S. E. (2017. 08. 10.). Security platform IoT dedicated network solution, LoRa certification, Retrieved from https://www.datanet.co.kr/
  5. Lee, S. M. (2020. 10. 13.). Microchip Introduces Wi-Fi MCU Module to Improve IoT Security, Retrieved from https://www.e4ds.com/
  6. Mah, S.-H., & Kim, B.-S. (2019). Lora Technology Analysis and Lora Use Case Analysis By Country. The Journal of The Institute of Internet, Broadcasting and Communication, 19(1), 15-20. DOI : 10.7236/JIIBC.2019.19.1.15
  7. Lee, D. H., Jang, G. H., Lee, C., Lee, Y. S., Lee, C. H., Kim, N. G., & Cho, S. R. (2020). Investigation on Low Power Communication for Power-Efficient Communication. Journal of Korean Institute of Communications and Information Sciences, 45(5), 805-812. DOI : 10.7840/kics.2020.45.5.805
  8. Actility, (2019. 07. 01.). The LoraWAN Network Server is the brain and the controller of a LoraWAN network, Retrieved from https://www.actility.com/
  9. Mun, T. H., & Kim, J. H. (2017). SK Telecom IoT dedicated network (Lora & LTE-M) construction and business status. Information and Communications Magazine, 34(2), 3-5.
  10. Proxis. (2020. 01. 28.). Articles and Reports IOActive security researchers say LoraWAN networks are vulnerable to cyber-attacks Retrieved from https://www.proxis.ua/
  11. LoRa Alliance, (2017. 07. 01.). lorawan_security_whitepaper, Retrieved from https://lora-alliance.org/
  12. Ann R. Thryft, (2020. 03. 05.). Key management concerns impact LoraWAN IoT device security, Retrieved from https://www.embedded.com/
  13. Kim. H. G. (2018). Research on Authentication and Key Agreement in a wireless sensor network under 1 Kbps communication capability. Kookmin University Graduate School of Financial Information Security Master's Thesis.
  14. Kim., J. H. (2018). Practical security improvement for LoraWAN communication. Yonsei University, Computer Science Ph.D. Thesis.
  15. Lee., J. H. (2018). The Security Vulnerability Analysis and Countermeasure Against Replay-attack in LoraWAN. Ajou University, Graduate School of Computer Science Master's thesis.
  16. Jeon, S. H., Kim, S. G. (2021). A Design of Blockchain-based Lora Multi-hop Network for Smart Grid. Journal of the Korea Institute of Information and Communication Engineering, 25(3), 440-448. DOI : 10.6109/jkiice.2021.25.3.440
  17. Yu Jiang, Hua Fu, Aiqun Hu, Wen Sun, (2021). A Lora-Based Lightweight Secure Access Enhancement System, Security and Communication Networks, vol. 2021, 16. DOI : 10.1155/2021/3530509
  18. Kaven, S., Bornholdt, L., & Skwarek, V. (2021). Authentication by rssi-position based localization in a Lora lpwan. In 2020 6th IEEE Congress on Information Science and Technology (CiSt), 448-454. DOI : 10.1109/ACCESS.2019.2929212
  19. Danish, S. M., Lestas, M., Asif, W., Qureshi, H. K., & Rajarajan, M. (2019). A lightweight blockchain based two factor authentication mechanism for LoraWAN join procedure. In 2019 IEEE International Conference on Communications Workshops (ICC Workshops). 1-6. DOI : 10.1109/ICCW.2019.8756673
  20. Jung, H. T., Lee, S. H., & Kim, K. C. (2019). Implement Detecting Network Attack through Machine Learning in LoraWAN Environment. Journal of Korean Institute of Communications and Information Sciences, 44(8), 1547-1555. DOI : 10.7840/kics.2019.44.8.1547
  21. Sanchez-Iborra, R., Sanchez-Gomez, J., Perez, S., Fernandez, P. J., Santa, J., Hernandez-Ramos, J. L., & Skarmeta, A. F. (2018). Enhancing Lorawan security through a lightweight and authenticated key management approach. Sensors, 18(6), 1833. DOI : 10.3390/s18061833
  22. Anastasiou, A., Christodoulou, P., Christodoulou, K., Vassiliou, V., & Zinonos, Z. (2020, May). Iot device firmware update over Lora: The blockchain solution. In 2020 16th International Conference on Distributed Computing in Sensor Systems (DCOSS), 404-411. DOI : 10.1109/DCOSS49796.2020.00070
  23. Ribeiro, V., Holanda, R., Ramos, A., & Rodrigues, J. J. (2020). Enhancing key management in LoraWAN with permissioned blockchain. Sensors, 20(11), 3068. DOI : 10.3390/s20113068
  24. Tsai, Kun-Lin & Leu, Fang-Yie & Hung, Li-Ling & Ko, Chia-Yin. (2020). Secure Session Key Generation Method for LoraWAN Servers. IEEE Access. PP. 1-1. DOI : 10.1109/ACCESS.2020.2978100