Research And Implementation Of Key Management Scheme Based On LoRaWAN

The LoRaWAN protocol is a low power wide area network protocol.The network consists of terminals,gateways,web servers,and application servers.The web server is responsible for managing network operations and is oriented toward application servers to form web applications.In terms of network security,the original LoRaWAN protocol uses a pre-configured key AppKey to derive a key scheme of "network session key NkwSKey for communication between a network server and a terminal" and "application session key AppSKey for communication between an application server and a terminal" to protect network security.This type of key management mechanism causes many problems such as the session key cannot be updated,the application server cannot directly establish a session key with the terminal,and the like.Therefore,this paper aims to propose a key management scheme for LoRaWAN and improve it's security.The main research work is as follows:1.Design a matrix and multi-key space key management solution for LoRaWAN,which mainly solves the three aspects of network security problems: The solution can complete it to negotiation key,that the message format of network access request and reply which has been prescribed by the LoRaWAN specified.This solution combines the advantages of the Blom scheme with matrix and multi-key space schemes to improve the network survivability,and enable the network to ensure the secure operation of the network even if the attacker captures a large number of devices.this solution introduces two parameters(the AppCode and NwkCode)to make the application server and the network server can independently generate session keys with the device.Theoretical analysis shows that this scheme can resist brute force attacks,master key and hardware analysis attacks,man-in-the-middle attacks,and replay attacks.2.Because the original LoRaWAN protocol cannot support the update of the session key,and because the devices of the LoRaWAN network generally operate in a Class A mode,in which the server cannot actively send data.In this paper,we designed a unique CAD function through LoRa physical layer,using a long preamble code packet to wake up the network terminal,to achieve the key update.3.This solution is implemented on LoRaWAN terminals and gateway hardware devices that use STM32L053 as the main control chip and SX1276 as the radio frequency chip,and test and verify the solution in the test and verification system.After adding the key update function designed in this paper,compared with the network constructed by the original LoRaWAN protocol: After 1min and 5min of continuous operation,the total amount of communication interaction data of the solution is reduced by 4 bytes and 6 bytes,respectively.After running continuously for 1 week,This program adds 518 bytes;it shows that after adding the key update function,it has no effect on the communication overhead of LoRaWAN.In terms of computational overhead,the calculation delay for the establishment of this scenario session key is 4.8 ms,and the calculation delay for the session key update is 0.84 ms.In terms of storage costs,the security function code accounts for 3.6% of the overall protocol stack code,and the static variables required by the security function account for 6.1% of the overall static stack protocol stack.Therefore,this solution can work well in LoRaWAN networks.