Professional Documents
Culture Documents
Abstract—This research aims to simulate and analyze a Furthermore, about data security, besides preserving data
potential parameter of developing the key generation used for confidentiality, integrity, and availability, another important
encryption in LoRaWAN. Key generation or key scheduling is aspect of data security is providing a bottom-up encryption
an important part of the encryption process because in modern algorithm [11]. Under usual conditions, outsiders can wiretap
security, encryption algorithm will be shared widely so that it into communication lines by radio jamming or
can be developed according to standards, and its strength eavesdropping to obtain confidential data [10]. However,
tested, but the cipher key will remain hidden. In the leaks of classified data can be prevented through the
LoRaWAN network, key generation is part of Advanced encryption process.
Encryption Standard (AES) encryption embedded in the
This paper aims to provide baseline information about
NwkSKey and the AppSKey. Our research provides baseline
information that has the potential to develop the key-
the parameters of key generation in LoRaWAN encryption.
generation algorithm used in LoRaWAN. We conduct This information can be used as a basic reference for further
simulations for gathering field data and then discuss three research in the field. We conduct experiments by simulating
parameters related to the technical development of key existing key generation using an AES 128-bit encryption
generation: processing time, randomness level and key length. algorithm.
Meanwhile for LoRaWAN, there are two additional This paper consists of five chapters. Chapter I introduces
parameters that need to be considered: computation resources the study. Chapter II discusses its underlying theories.
and battery durability. Chapter III presents the methodology. Chapter IV discusses
potential parameters to develop key generation in
Keywords-key generation; symmetric encryption; AES; IoT LoRaWAN encryption. Chapter V provides conclusions
security; LoRaWAN regarding the study‘s results.
58
Time for Loading Initial Cipher Key needed to create an RCon is 8.7991 ms. The next simulation
1 is ten rounds processing of algorithm for each row matrix.
As the graph shows in Figure 6, due to their different
0,8
0,624 0,615
processes, each iteration of the first-row key generation takes
0,516 longer, about 0.886081 s. For the second to fourth rows, the
Time (ms)
0,6 0,457
average time needed is 0.0386 ms, or about 4.36e-05 times
0,4 0,304 0,325
smaller than used for the process at the beginning of each
0,179
0,2
0,15
0,108 0,119 iteration, and this process repeated for ten rounds.
0
1 2 3 4 5 6 7 8 9 10 Total Round Processing Time : Rotword, Sub-Bytes and
XOR
Iteration Number of Experiment 1
Figure 3. Simulation result: Time to load 128-bit initial cipher key. 0,9
0,8
0,7
S-Box Generation Time
0,6
Time (s)
1,02
0,5
1 0,4
0,3
0,98
0,2
0,1
Time (s)
0,96
0
0,94 1 5 9 13 17 21 25 29 33 37
0,88
1 21 41 61 81 101 121 141 161 181 201 221 241 The last simulation is conducted to identify the total time
Process Number used to perform key scheduling processes. This computation
Figure 4. Simulation result: S-Box generation time. includes the time needed to load the initial key, generate the
S-Box and the RCon, and conduct ten rounds of algorithm
The second input parameter used in AES key generation mechanism. We simulate ten iterations and calculate that the
is the S-Box matrix. We analyze the time needed to create an average time used to execute each algorithm is 7.220 s.
S-Box matrix. The S-Box is revoked once during one-time
AES encryption, but it is used in many sub-processes. S-Box The Time of Key Generation AES 128 bit
creation involves 256 characters (a 16 × 16 hexadecimal 10
matrix). The time needed to create an S-Box increases after
8
the first iteration, beginning at 0.923 s and ending with the
highest time: 1.003 s. Figure 4 depicts total S-Box generation
Time (s)
6
time. The time used to create an S-Box is divided into the 4
time to call the function and the looping process.
2
6
4
In addition, we consider the time needed to execute the
entire algorithm, thus we conduct simulation with result is
2
displayed in Figure 7. LoRaWAN does not communicate in
0
1 2 3 4 5 6 7 8 9 10
real time, which means that it is able to transmit data only
every few minutes [16]. The simulation results show that
Iteration Number of Experiment
several parameters require a slightly longer processing time
Figure 5. Simulation result: average time to construct RCon. than the others. For example, the time used to generate the S-
Box is greater than the time used to generate the initial load
The last input used in AES key generation is the RCon. cipher key and the RCON. However, overall, the execution
The RCon is a zero matrix with a size of 10 × 4 except for in time of the key-generation algorithm is relatively short for
the first column. The RCon‘s first column contains a applications that are not real time.
conversion of the bytes using the data power of 2. Figure 5 The simulations suggest that further research is warranted
shows the simulation results obtained regarding RCon to develop a cipher key that can be used to improve
generation. Computed using ten iterations, the average time LoRaWAN security. Future research should consider the
59
processing time involved in constructing the key, including minimum key length for AES for top secret encryption
the time calculations at determination the number of input should be 256 bits. In 2015, the NIST prohibited keys shorter
parameters, the round processing, and the complexity of the than 112 bits [19].
key generation algorithm. Based on this experiment, we LoRaWAN uses 128-bit key lengths, which fulfills the
conclude that the time needed for key generation can be NIST requirements but not the NSA standards. Therefore, to
reduced while still maintaining a level of key security (short improve LoRaWAN security, researchers are advised to
and safe). develop keys with lengths of more than 256 bits. This will
accommodate the emergence of quantum computers, which
B. Randomness Level and Key Length can be misused to breach cipher keys.
Two aspects affect cipher key strength: the level of
randomness and the length of the key. Managing its C. Computation Resources and Battery Durability
randomness level is very important part in generating cipher LoRaWAN is a protocol realized in the form of a small,
key. The more random the key, the more difficult it will be to embedded system that uses little power and has long battery
predict, making it difficult for opponents to carry out attacks life. It has small memory capacity and limited processing
[17]. This parameter must be considered by researchers who capability [20]. These characteristics limit the size of the data
are designing key-generation algorithms. If the cipher key is that can be processed and transmitted. This data limitation
easy to dismantle, the security of the data encryption process can present a challenge to developing security features. In
is decreased. IoT security, additional features increase data overhead,
processor tasks, and memory space needed to accommodate
The value of key changes every round data expansion. Increased data computation and memory
250
Key 1
buffer use also increases the time consumed by processing
Key 2 and transmission. Therefore, security features require a
tradeoff between security level and resource efficiency. The
Key 3
200
Key 4
Decimal number
Key 5
Key 6
results of this study suggest that developing lightweight
150
Key 7
Key 8
encryption, which has low computational overhead, is one
100
Key 9 solution to this problem.
Key 10
Key 11 Batteries are an important element that needs to be
50
Key 12
Key 13 considered in IoT development, especially as they regard
Key 14
Key 15
security. Research [21] shows that batteries can last a long
0
1 2 3 4 5 6 7 8 9 10 11
Key 16
time, depending on the speed of movement, where changes
Round Number from 0 to 10 in computational speed involved in it. Likewise, key-
Figure 8. Simulation result: randomness values during the key-change generation computing will also decrease the battery life. The
process. more complicated the proposed key-generation algorithm,
the more processing it consumes. In future development of
The simulation results of 16 initial key pairs are input key-generation algorithms, it is important to consider power
during the process of making the cipher key, and it appears consumption in conjunction with key strength.
that the key changes are very dynamic as shown in Figure 8.
All 16 pairs of keys, which are hexadecimal data, are V. CONCLUSIONS AND FUTURE RESEARCH
converted to decimal, with beginning values ranging from This paper simulates and analyzes existing key-
0‒255. Each key pair is processed by the AES key- generation using an AES 128-bit encryption algorithm
generation algorithm, which is repeated for as many as 10 proposed for potential use as a platform for LoRaWAN
rounds. From this simulation, we conclude that when security. Several parameters must be considered when
developing new key-generation algorithms, researchers need developing the cipher key in encryption for LoRaWAN
to focus on the level of randomness in the LoRaWAN security, especially key-generation time. In addition, other
security platform. As the simulation results show, existing important factors in the development of sub-encryption are
key-generation algorithms in LoRaWAN show this the level of randomness and key length, as they determine
randomness. security strength. Furthermore, researchers developing key
The baseline of LoRaWAN randomization is very generation for IoT devices must consider computational
accurate, so those developing key-generation algorithms can resources as they relate to battery needs. Future researchers
refer to these results. We conclude that to increase key are advised to conduct simulations that compare several
strength, future development should provide more random lightweight key-generation algorithms that support security
patterns that are hardly recognized. The level of randomness on LoRaWAN.
indicates the difficulty of breaching the algorithm.
In addition, the length of the key is another means of ACKNOWLEDGMENT
strengthening security. Usually, longer keys (which are This research publication is funded by PIT9 Universitas
measured in bits) are needed to provide stronger encryption Indonesia, in which Dr. Suryanegara is the corresponding
[18]. Our simulations use 128-bit key lengths as the initial author. Ms Hayati is in PhD study supported by Beasiswa
encryption-key input. This length has moderate key strength. Unggulan Dosen Indonesia Dalam Negeri (BUDI-DN),
The National Security Agency (NSA) recommends that the Lembaga Pengelola Dana Pendidikan (LPDP), and a
60
cooperation of the Ministry of Research and Higher International Conference on Cybernetics (CYBCONF), Exeter,
Education and the Ministry of Finance of the Republic of United Kingdom, 2017, pp. 1–6.
Indonesia. [11] H. Ning and H. Liu, ―Cyber-Physical-Social Based Security
Architecture for Future Internet of Things,‖ Adv. Internet Things, vol.
02, no. 01, pp. 1–7, 2012.
REFERENCES
[12] K.-L. Tsai, Y.-L. Huang, F.-Y. Leu, I. You, Y.-L. Huang, and C.-H.
[1] S. A. A‘ssri, F. H. K. Zaman, and S. Mubdi, ―The efficient parking Tsai, ―AES-128 Based Secure Low Power Communication for
bay allocation and management system using LoRaWAN,‖ in 2017 LoRaWAN IoT Environments,‖ IEEE Access, vol. 6, pp. 45325–
IEEE 8th Control and System Graduate Research Colloquium 45334, 2018.
(ICSGRC), SHAH ALAM, Malaysia, 2017, pp. 127–131.
[13] M. A. Habib, M. Ahmad, S. Jabbar, S. H. Ahmed, and J. J. P. C.
[2] I. Andonovic, C. Michie, P. Cousin, A. Janati, C. Pham, and M. Diop, Rodrigues, ―Speeding Up the Internet of Things: LEAIoT: A
―Precision Livestock Farming Technologies,‖ p. 6. Lightweight Encryption Algorithm Toward Low-Latency
[3] Bababe, Adam & Jha, Ashish & Kumar, Rajiv. (2017). Lora Based Communication for the Internet of Things,‖ IEEE Consum. Electron.
Intelligent Home Automation System. Intenational Journal of Mag., vol. 7, no. 6, pp. 31–37, Nov. 2018.
Engineering and Advanced Technology(IJEAT). 6. 88-92.. [14] Rijndael Algorithm (Advanced Encryption Standard) AES [Online].
[4] N. Hayati and M. Suryanegara, ―The IoT LoRa system design for ―https://www.lri.fr/~fmartignon/documenti/systemesecurite/5-
tracking and monitoring patient with mental disorder,‖ in 2017 IEEE AES.pdf.‖ .
International Conference on Communication, Networks and Satellite [15] M. McLoone and J. . McCanny, ―High Performance Single-Chip
(Comnetsat), Semarang, Indonesia, 2017, pp. 135–139. FPGA Rijndael Algorithm Implementations,‖ in Cryptographic
[5] Internet of Things forecast [Online]. Hardware and Embedded Systems — CHES 2001, vol. 2162, Ç. K.
―https://www.ericsson.com/en/mobility-report/internet-of-things- Koç, D. Naccache, and C. Paar, Eds. Berlin, Heidelberg: Springer
forecast.‖ . Berlin Heidelberg, 2001, pp. 65–76.
[6] X. Yang, E. Karampatzakis, C. Doerr, and F. Kuipers, ―Security [16] Limitations of LoRaWAN [Online].
Vulnerabilities in LoRaWAN,‖ in 2018 IEEE/ACM Third ―https://www.thethingsnetwork.org/docs/lorawan/limitations.html.‖ .
International Conference on Internet-of-Things Design and [17] ―J. I. Schiller and S. Crocker, ‗Randomness requirements for
Implementation (IoTDI), Orlando, FL, 2018, pp. 129–140. security,‘ 2005.‖ .
[7] B. Oniga, V. Dadarlat, E. De Poorter, and A. Munteanu, ―A secure [18] Sun Directory Server Enterprise Edition 7.0 Reference [Online].
LoRaWAN sensor network architecture,‖ in 2017 IEEE SENSORS, ―https://docs.oracle.com/cd/E19424-01/820-4811/aakfw/index.html.‖
Glasgow, 2017, pp. 1–3.
[19] Y. Suryanto, Suryadi, and K. Ramli, ―A new image encryption using
[8] R. Sanchez-Iborra et al., ―Internet Access for LoRaWAN Devices color scrambling based on chaotic permutation multiple circular
Considering Security Issues,‖ in 2018 Global Internet of Things shrinking and expanding,‖ Multimed. Tools Appl., vol. 76, no. 15, pp.
Summit (GIoTS), Bilbao, 2018, pp. 1–6. 16831–16854, Aug. 2017.
[9] M. Dabbagh and A. Rayes, ―Internet of Things Security and Privacy,‖ [20] ―Technical Overview of LoRa and LoRaWAN,‖ p. 20, 2015.
in Internet of Things From Hype to Reality, Cham: Springer
International Publishing, 2017, pp. 195–223. [21] A. T. Nugraha, R. Wibowo, M. Suryanegara, and N. Hayati, ―An IoT-
LoRa System for Tracking a Patient with a Mental Disorder:
[10] E. Aras, G. S. Ramachandran, P. Lawrence, and D. Hughes, Correlation between Battery Capacity and Speed of Movement,‖ in
―Exploring the Security Vulnerabilities of LoRa,‖ in 2017 3rd IEEE 2018 7th International Conference on Computer and Communication
Engineering (ICCCE), Kuala Lumpur, 2018, pp. 198–201.
61