Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros
Autor(a) principal: | |
---|---|
Data de Publicação: | 2021 |
Tipo de documento: | Dissertação |
Idioma: | eng |
Título da fonte: | Repositório Institucional da UNIFESP |
Texto Completo: | https://repositorio.unifesp.br/handle/11600/61279 |
Resumo: | The age of the Internet of Things is daily bringing the connection of new devices to the Internet, expecting fifty billion units by 2021. Internet of Things devices are nowadays one of the most relevant targets as an entrance for security attacks. LoRaWAN is a new wide-area wireless network technology used in Internet of Things long-range communication and it is specified to provide high data security resilience using end-to-end encryption. LoRaWAN application is a system of a system concept, and a commercial solution is usually shared with numerous parties. Then, LoRaWAN applications can operate with a third-party network server that can not be assumed as a trusted entity. In that scenario, the data can undergo an integrity attack. As the network server owns the network session key, the payload encryption is done using a XOR operation and the protocol specification is opened allowing to determine easily the data location. Furthermore, in a LoRaWAN specification version 1.0, the network server also knows the parameters to calculate an application session key that allows the network server to perform a confidentiality attack. This study aims to develop a security mechanism to improve data security resilience in LoRaWAN applications that use third-party network servers. Following that objective, an Internet of Things system was designed based on the LoRaWAN specification version 1.0. A prototype was built with Radioenge LoRa communication components in end device and gateway. The Things Network server was applied as network and application server. A risk assessment was executed to demonstrate the hazards of third-party network servers in data security. To mitigate the identified risks against unauthorized data access, a proprietary payload is proposed to be included in the application layer. The proprietary payload is formed by the data and the 4 last bytes of its SHA256 hash to delivery integrity in the application layer. Finally, the entire payload is encrypted by AES-CTR to provide confidentiality to the integrity parameter. To be easily reused in end devices of LoRaWAN applications, the proposed security mechanism was encapsulated in a library, and it is available in https://github.com/polimoraes/LoRaWANDataSecurity. In conclusion, when LoRaWAN is implemented with third-party network servers, it is essential to include additional security mechanisms to increase data security resilience, and the security mechanism developed in this work can provide resilience to LoRaWAN applications complied with 1.0 and 1.1 specification versions. |
id |
UFSP_b12298cf5ad8ed80c2a2a1ef61b79cd1 |
---|---|
oai_identifier_str |
oai:repositorio.unifesp.br:11600/61279 |
network_acronym_str |
UFSP |
network_name_str |
Repositório Institucional da UNIFESP |
repository_id_str |
3465 |
spelling |
de Moraes, Poliana [UNIFESP]http://lattes.cnpq.br/4759215146674764http://lattes.cnpq.br/1725477351660877http://lattes.cnpq.br/2934786440085983da Conceição, Arlindo FlavioBatista, DanielOnline2021-07-16T13:58:51Z2021-07-16T13:58:51Z2021-06-10https://repositorio.unifesp.br/handle/11600/61279The age of the Internet of Things is daily bringing the connection of new devices to the Internet, expecting fifty billion units by 2021. Internet of Things devices are nowadays one of the most relevant targets as an entrance for security attacks. LoRaWAN is a new wide-area wireless network technology used in Internet of Things long-range communication and it is specified to provide high data security resilience using end-to-end encryption. LoRaWAN application is a system of a system concept, and a commercial solution is usually shared with numerous parties. Then, LoRaWAN applications can operate with a third-party network server that can not be assumed as a trusted entity. In that scenario, the data can undergo an integrity attack. As the network server owns the network session key, the payload encryption is done using a XOR operation and the protocol specification is opened allowing to determine easily the data location. Furthermore, in a LoRaWAN specification version 1.0, the network server also knows the parameters to calculate an application session key that allows the network server to perform a confidentiality attack. This study aims to develop a security mechanism to improve data security resilience in LoRaWAN applications that use third-party network servers. Following that objective, an Internet of Things system was designed based on the LoRaWAN specification version 1.0. A prototype was built with Radioenge LoRa communication components in end device and gateway. The Things Network server was applied as network and application server. A risk assessment was executed to demonstrate the hazards of third-party network servers in data security. To mitigate the identified risks against unauthorized data access, a proprietary payload is proposed to be included in the application layer. The proprietary payload is formed by the data and the 4 last bytes of its SHA256 hash to delivery integrity in the application layer. Finally, the entire payload is encrypted by AES-CTR to provide confidentiality to the integrity parameter. To be easily reused in end devices of LoRaWAN applications, the proposed security mechanism was encapsulated in a library, and it is available in https://github.com/polimoraes/LoRaWANDataSecurity. In conclusion, when LoRaWAN is implemented with third-party network servers, it is essential to include additional security mechanisms to increase data security resilience, and the security mechanism developed in this work can provide resilience to LoRaWAN applications complied with 1.0 and 1.1 specification versions.Conselho Nacional de Desenvolvimento Científico e Tecnológico (CNPq)Fundação de Amparo à Pesquisa do Estado de São Paulo (FAPESP)14/50937-115/24485-9465446/2014-0103 f.engUniversidade Federal de São PauloLoRaWANSecurityInternet of ThingsSegurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de TerceirosData Security in LoRaWAN Network with Third-Party Network Serverinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisinfo:eu-repo/semantics/openAccessreponame:Repositório Institucional da UNIFESPinstname:Universidade Federal de São Paulo (UNIFESP)instacron:UNIFESPInstituto de Ciência e Tecnologia (ICT)Mestrado Profissional Interdisciplinar em Inovação TecnológicaOutraTecnologia da Informação e ComunicaçãoNão se aplicaNão se aplicaNão se aplicaNão se aplicaNão se aplicaNão se aplicaORIGINALDissertação_Entrega_Poliana_Moraes.pdfDissertação_Entrega_Poliana_Moraes.pdfapplication/pdf3422242${dspace.ui.url}/bitstream/11600/61279/1/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf9c7ed6b83bb18ff55f18232e5652f61fMD51open accessLICENSElicense.txtlicense.txttext/plain; charset=utf-85840${dspace.ui.url}/bitstream/11600/61279/2/license.txt73e095b12c643c8770857a151d3bb57aMD52open accessTEXTDissertação_Entrega_Poliana_Moraes.pdf.txtDissertação_Entrega_Poliana_Moraes.pdf.txtExtracted texttext/plain174024${dspace.ui.url}/bitstream/11600/61279/27/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf.txt16499a919bceb2195b49f9c93a916cdbMD527open accessTHUMBNAILDissertação_Entrega_Poliana_Moraes.pdf.jpgDissertação_Entrega_Poliana_Moraes.pdf.jpgIM Thumbnailimage/jpeg4310${dspace.ui.url}/bitstream/11600/61279/29/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf.jpg442093670dfeb8855b16d2439ffebfa8MD529open access11600/612792023-06-03 01:08:45.68open accessoai:repositorio.unifesp.br:11600/61279VEVSTU9TIEUgQ09OREnDh8OVRVMgUEFSQSBPIExJQ0VOQ0lBTUVOVE8gRE8gQVJRVUlWQU1FTlRPLCBSRVBST0RVw4fDg08gRSBESVZVTEdBw4fDg08gUMOaQkxJQ0EgREUgQ09OVEXDmkRPIE5PIFJFUE9TSVTDk1JJTyBJTlNUSVRVQ0lPTkFMIFVOSUZFU1AKCjEuIEV1LCBQb2xpYW5hIE1vcmFlcyAocG9saWFuYS5tb3JhZXNAdW5pZmVzcC5iciksIHJlc3BvbnPDoXZlbCBwZWxvIHRyYWJhbGhvIOKAnFNlZ3VyYW7Dp2EgQ2liZXJuw6l0aWNhIGRlIERhZG9zIGVtIFJlZGVzIExvUmFXQU4gY29tIFNlcnZpZG9yZXMgZGUgUmVkZSBkZSBUZXJjZWlyb3PigJ0gZS9vdSB1c3XDoXJpby1kZXBvc2l0YW50ZSBubyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBVTklGRVNQLGFzc2VndXJvIG5vIHByZXNlbnRlIGF0byBxdWUgc291IHRpdHVsYXIgZG9zIGRpcmVpdG9zIGF1dG9yYWlzIHBhdHJpbW9uaWFpcyBlL291IGRpcmVpdG9zIGNvbmV4b3MgcmVmZXJlbnRlcyDDoCB0b3RhbGlkYWRlIGRhIE9icmEgb3JhIGRlcG9zaXRhZGEgZW0gZm9ybWF0byBkaWdpdGFsLCBiZW0gY29tbyBkZSBzZXVzIGNvbXBvbmVudGVzIG1lbm9yZXMsIGVtIHNlIHRyYXRhbmRvIGRlIG9icmEgY29sZXRpdmEsIGNvbmZvcm1lIG8gcHJlY2VpdHVhZG8gcGVsYSBMZWkgOS42MTAvOTggZS9vdSBMZWkgOS42MDkvOTguIE7Do28gc2VuZG8gZXN0ZSBvIGNhc28sIGFzc2VndXJvIHRlciBvYnRpZG8gZGlyZXRhbWVudGUgZG9zIGRldmlkb3MgdGl0dWxhcmVzIGF1dG9yaXphw6fDo28gcHLDqXZpYSBlIGV4cHJlc3NhIHBhcmEgbyBkZXDDs3NpdG8gZSBwYXJhIGEgZGl2dWxnYcOnw6NvIGRhIE9icmEsIGFicmFuZ2VuZG8gdG9kb3Mgb3MgZGlyZWl0b3MgYXV0b3JhaXMgZSBjb25leG9zIGFmZXRhZG9zIHBlbGEgYXNzaW5hdHVyYSBkbyBwcmVzZW50ZSB0ZXJtbyBkZSBsaWNlbmNpYW1lbnRvLCBkZSBtb2RvIGEgZWZldGl2YW1lbnRlIGlzZW50YXIgYSBVbml2ZXJzaWRhZGUgRmVkZXJhbCBkZSBTw6NvIFBhdWxvIChVTklGRVNQKSBlIHNldXMgZnVuY2lvbsOhcmlvcyBkZSBxdWFscXVlciByZXNwb25zYWJpbGlkYWRlIHBlbG8gdXNvIG7Do28tYXV0b3JpemFkbyBkbyBtYXRlcmlhbCBkZXBvc2l0YWRvLCBzZWphIGVtIHZpbmN1bGHDp8OjbyBhbyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBVTklGRVNQLCBzZWphIGVtIHZpbmN1bGHDp8OjbyBhIHF1YWlzcXVlciBzZXJ2acOnb3MgZGUgYnVzY2EgZSBkZSBkaXN0cmlidWnDp8OjbyBkZSBjb250ZcO6ZG8gcXVlIGZhw6dhbSB1c28gZGFzIGludGVyZmFjZXMgZSBlc3Bhw6dvIGRlIGFybWF6ZW5hbWVudG8gcHJvdmlkZW5jaWFkb3MgcGVsYSBVbml2ZXJzaWRhZGUgRmVkZXJhbCBkZSBTw6NvIFBhdWxvIChVTklGRVNQKSBwb3IgbWVpbyBkZSBzZXVzIHNpc3RlbWFzIGluZm9ybWF0aXphZG9zLgoKMi4gQSBjb25jb3Jkw6JuY2lhIGNvbSBlc3RhIGxpY2Vuw6dhIHRlbSBjb21vIGNvbnNlcXXDqm5jaWEgYSB0cmFuc2ZlcsOqbmNpYSwgYSB0w610dWxvIG7Do28tZXhjbHVzaXZvIGUgbsOjby1vbmVyb3NvLCBpc2VudGEgZG8gcGFnYW1lbnRvIGRlIHJveWFsdGllcyBvdSBxdWFscXVlciBvdXRyYSBjb250cmFwcmVzdGHDp8OjbywgcGVjdW5pw6FyaWEgb3UgbsOjbywgw6AgVW5pdmVyc2lkYWRlIEZlZGVyYWwgZGUgU8OjbyBQYXVsbyAoVU5JRkVTUCkgZG9zIGRpcmVpdG9zIGRlIGFybWF6ZW5hciBkaWdpdGFsbWVudGUsIGRlIHJlcHJvZHV6aXIgZSBkZSBkaXN0cmlidWlyIG5hY2lvbmFsIGUgaW50ZXJuYWNpb25hbG1lbnRlIGEgT2JyYSwgaW5jbHVpbmRvLXNlIG8gc2V1IHJlc3Vtby9hYnN0cmFjdCwgcG9yIG1laW9zIGVsZXRyw7RuaWNvcyBhbyBww7pibGljbyBlbSBnZXJhbCwgZW0gcmVnaW1lIGRlIGFjZXNzbyBhYmVydG8uCgozLiBBIHByZXNlbnRlIGxpY2Vuw6dhIHRhbWLDqW0gYWJyYW5nZSwgbm9zIG1lc21vcyB0ZXJtb3MgZXN0YWJlbGVjaWRvcyBubyBpdGVtIDIsIHN1cHJhLCBxdWFscXVlciBkaXJlaXRvIGRlIGNvbXVuaWNhw6fDo28gYW8gcMO6YmxpY28gY2Fiw612ZWwgZW0gcmVsYcOnw6NvIMOgIE9icmEgb3JhIGRlcG9zaXRhZGEsIGluY2x1aW5kby1zZSBvcyB1c29zIHJlZmVyZW50ZXMgw6AgcmVwcmVzZW50YcOnw6NvIHDDumJsaWNhIGUvb3UgZXhlY3XDp8OjbyBww7pibGljYSwgYmVtIGNvbW8gcXVhbHF1ZXIgb3V0cmEgbW9kYWxpZGFkZSBkZSBjb211bmljYcOnw6NvIGFvIHDDumJsaWNvIHF1ZSBleGlzdGEgb3UgdmVuaGEgYSBleGlzdGlyLCBub3MgdGVybW9zIGRvIGFydGlnbyA2OCBlIHNlZ3VpbnRlcyBkYSBMZWkgOS42MTAvOTgsIG5hIGV4dGVuc8OjbyBxdWUgZm9yIGFwbGljw6F2ZWwgYW9zIHNlcnZpw6dvcyBwcmVzdGFkb3MgYW8gcMO6YmxpY28gcGVsYSBVbml2ZXJzaWRhZGUgRmVkZXJhbCBkZSBTw6NvIFBhdWxvIChVTklGRVNQKS4KCjQuIEVzdGEgbGljZW7Dp2EgYWJyYW5nZSwgYWluZGEsIG5vcyBtZXNtb3MgdGVybW9zIGVzdGFiZWxlY2lkb3Mgbm8gaXRlbSAyLCBzdXByYSwgdG9kb3Mgb3MgZGlyZWl0b3MgY29uZXhvcyBkZSBhcnRpc3RhcyBpbnTDqXJwcmV0ZXMgb3UgZXhlY3V0YW50ZXMsIHByb2R1dG9yZXMgZm9ub2dyw6FmaWNvcyBvdSBlbXByZXNhcyBkZSByYWRpb2RpZnVzw6NvIHF1ZSBldmVudHVhbG1lbnRlIHNlamFtIGFwbGljw6F2ZWlzIGVtIHJlbGHDp8OjbyDDoCBvYnJhIGRlcG9zaXRhZGEsIGVtIGNvbmZvcm1pZGFkZSBjb20gbyByZWdpbWUgZml4YWRvIG5vIFTDrXR1bG8gViBkYSBMZWkgOS42MTAvOTguCgo1LiBTZSBhIE9icmEgZGVwb3NpdGFkYSBmb2kgb3Ugw6kgb2JqZXRvIGRlIGZpbmFuY2lhbWVudG8gcG9yIGluc3RpdHVpw6fDtWVzIGRlIGZvbWVudG8gw6AgcGVzcXVpc2Egb3UgcXVhbHF1ZXIgb3V0cmEgc2VtZWxoYW50ZSwgdm9jw6ogb3UgbyB0aXR1bGFyIGFzc2VndXJhIHF1ZSBjdW1wcml1IHRvZGFzIGFzIG9icmlnYcOnw7VlcyBxdWUgbGhlIGZvcmFtIGltcG9zdGFzIHBlbGEgaW5zdGl0dWnDp8OjbyBmaW5hbmNpYWRvcmEgZW0gcmF6w6NvIGRvIGZpbmFuY2lhbWVudG8sIGUgcXVlIG7Do28gZXN0w6EgY29udHJhcmlhbmRvIHF1YWxxdWVyIGRpc3Bvc2nDp8OjbyBjb250cmF0dWFsIHJlZmVyZW50ZSDDoCBwdWJsaWNhw6fDo28gZG8gY29udGXDumRvIG9yYSBzdWJtZXRpZG8gYW8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgVU5JRkVTUC4KIAo2LiBBdXRvcml6YSBhIFVuaXZlcnNpZGFkZSBGZWRlcmFsIGRlIFPDo28gUGF1bG8gYSBkaXNwb25pYmlsaXphciBhIG9icmEgbm8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgVU5JRkVTUCBkZSBmb3JtYSBncmF0dWl0YSwgZGUgYWNvcmRvIGNvbSBhIGxpY2Vuw6dhIHDDumJsaWNhIENyZWF0aXZlIENvbW1vbnM6IEF0cmlidWnDp8Ojby1TZW0gRGVyaXZhw6fDtWVzLVNlbSBEZXJpdmFkb3MgNC4wIEludGVybmFjaW9uYWwgKENDIEJZLU5DLU5EKSwgcGVybWl0aW5kbyBzZXUgbGl2cmUgYWNlc3NvLCB1c28gZSBjb21wYXJ0aWxoYW1lbnRvLCBkZXNkZSBxdWUgY2l0YWRhIGEgZm9udGUuIEEgb2JyYSBjb250aW51YSBwcm90ZWdpZGEgcG9yIERpcmVpdG9zIEF1dG9yYWlzIGUvb3UgcG9yIG91dHJhcyBsZWlzIGFwbGljw6F2ZWlzLiBRdWFscXVlciB1c28gZGEgb2JyYSwgcXVlIG7Do28gbyBhdXRvcml6YWRvIHNvYiBlc3RhIGxpY2Vuw6dhIG91IHBlbGEgbGVnaXNsYcOnw6NvIGF1dG9yYWwsIMOpIHByb2liaWRvLiAgCgo3LiBBdGVzdGEgcXVlIGEgT2JyYSBzdWJtZXRpZGEgbsOjbyBjb250w6ltIHF1YWxxdWVyIGluZm9ybWHDp8OjbyBjb25maWRlbmNpYWwgc3VhIG91IGRlIHRlcmNlaXJvcy4KCjguIEF0ZXN0YSBxdWUgbyB0cmFiYWxobyBzdWJtZXRpZG8gw6kgb3JpZ2luYWwgZSBmb2kgZWxhYm9yYWRvIHJlc3BlaXRhbmRvIG9zIHByaW5jw61waW9zIGRhIG1vcmFsIGUgZGEgw6l0aWNhIGUgbsOjbyB2aW9sb3UgcXVhbHF1ZXIgZGlyZWl0byBkZSBwcm9wcmllZGFkZSBpbnRlbGVjdHVhbCwgc29iIHBlbmEgZGUgcmVzcG9uZGVyIGNpdmlsLCBjcmltaW5hbCwgw6l0aWNhIGUgcHJvZmlzc2lvbmFsbWVudGUgcG9yIG1ldXMgYXRvczsKCjkuIEF0ZXN0YSBxdWUgYSB2ZXJzw6NvIGRvIHRyYWJhbGhvIHByZXNlbnRlIG5vIGFycXVpdm8gc3VibWV0aWRvIMOpIGEgdmVyc8OjbyBkZWZpbml0aXZhIHF1ZSBpbmNsdWkgYXMgYWx0ZXJhw6fDtWVzIGRlY29ycmVudGVzIGRhIGRlZmVzYSwgc29saWNpdGFkYXMgcGVsYSBiYW5jYSwgc2UgaG91dmUgYWxndW1hLCBvdSBzb2xpY2l0YWRhcyBwb3IgcGFydGUgZGUgb3JpZW50YcOnw6NvIGRvY2VudGUgcmVzcG9uc8OhdmVsOwoKMTAuIENvbmNlZGUgw6AgVW5pdmVyc2lkYWRlIEZlZGVyYWwgZGUgU8OjbyBQYXVsbyAoVU5JRkVTUCkgbyBkaXJlaXRvIG7Do28gZXhjbHVzaXZvIGRlIHJlYWxpemFyIHF1YWlzcXVlciBhbHRlcmHDp8O1ZXMgbmEgbcOtZGlhIG91IG5vIGZvcm1hdG8gZG8gYXJxdWl2byBwYXJhIHByb3DDs3NpdG9zIGRlIHByZXNlcnZhw6fDo28gZGlnaXRhbCwgZGUgYWNlc3NpYmlsaWRhZGUgZSBkZSBtZWxob3IgaWRlbnRpZmljYcOnw6NvIGRvIHRyYWJhbGhvIHN1Ym1ldGlkbywgZGVzZGUgcXVlIG7Do28gc2VqYSBhbHRlcmFkbyBzZXUgY29udGXDumRvIGludGVsZWN0dWFsLgoKQW8gY29uY2x1aXIgYXMgZXRhcGFzIGRvIHByb2Nlc3NvIGRlIHN1Ym1pc3PDo28gZGUgYXJxdWl2b3Mgbm8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgVU5JRkVTUCwgYXRlc3RvIHF1ZSBsaSBlIGNvbmNvcmRlaSBpbnRlZ3JhbG1lbnRlIGNvbSBvcyB0ZXJtb3MgYWNpbWEgZGVsaW1pdGFkb3MsIHNlbSBmYXplciBxdWFscXVlciByZXNlcnZhIGUgbm92YW1lbnRlIGNvbmZpcm1hbmRvIHF1ZSBjdW1wcm8gb3MgcmVxdWlzaXRvcyBpbmRpY2Fkb3Mgbm9zIGl0ZW5zIG1lbmNpb25hZG9zIGFudGVyaW9ybWVudGUuCgpIYXZlbmRvIHF1YWxxdWVyIGRpc2NvcmTDom5jaWEgZW0gcmVsYcOnw6NvIGEgcHJlc2VudGUgbGljZW7Dp2Egb3UgbsOjbyBzZSB2ZXJpZmljYW5kbyBvIGV4aWdpZG8gbm9zIGl0ZW5zIGFudGVyaW9yZXMsIHZvY8OqIGRldmUgaW50ZXJyb21wZXIgaW1lZGlhdGFtZW50ZSBvIHByb2Nlc3NvIGRlIHN1Ym1pc3PDo28uIEEgY29udGludWlkYWRlIGRvIHByb2Nlc3NvIGVxdWl2YWxlIMOgIGNvbmNvcmTDom5jaWEgZSDDoCBhc3NpbmF0dXJhIGRlc3RlIGRvY3VtZW50bywgY29tIHRvZGFzIGFzIGNvbnNlcXXDqm5jaWFzIG5lbGUgcHJldmlzdGFzLCBzdWplaXRhbmRvLXNlIG8gc2lnbmF0w6FyaW8gYSBzYW7Dp8O1ZXMgY2l2aXMgZSBjcmltaW5haXMgY2FzbyBuw6NvIHNlamEgdGl0dWxhciBkb3MgZGlyZWl0b3MgYXV0b3JhaXMgcGF0cmltb25pYWlzIGUvb3UgY29uZXhvcyBhcGxpY8OhdmVpcyDDoCBPYnJhIGRlcG9zaXRhZGEgZHVyYW50ZSBlc3RlIHByb2Nlc3NvLCBvdSBjYXNvIG7Do28gdGVuaGEgb2J0aWRvIHByw6l2aWEgZSBleHByZXNzYSBhdXRvcml6YcOnw6NvIGRvIHRpdHVsYXIgcGFyYSBvIGRlcMOzc2l0byBlIHRvZG9zIG9zIHVzb3MgZGEgT2JyYSBlbnZvbHZpZG9zLgoKU2UgdGl2ZXIgcXVhbHF1ZXIgZMO6dmlkYSBxdWFudG8gYW9zIHRlcm1vcyBkZSBsaWNlbmNpYW1lbnRvIGUgcXVhbnRvIGFvIHByb2Nlc3NvIGRlIHN1Ym1pc3PDo28sIGVudHJlIGVtIGNvbnRhdG8gY29tIGEgYmlibGlvdGVjYSBkbyBzZXUgY2FtcHVzIChjb25zdWx0ZSBlbTogaHR0cHM6Ly9iaWJsaW90ZWNhcy51bmlmZXNwLmJyL2JpYmxpb3RlY2FzLWRhLXJlZGUpLiAKClPDo28gUGF1bG8sIFR1ZSBKdWwgMTMgMjE6Mzg6MzYgQlJUIDIwMjEuCgo=Repositório InstitucionalPUBhttp://www.repositorio.unifesp.br/oai/requestopendoar:34652023-06-03T04:08:45Repositório Institucional da UNIFESP - Universidade Federal de São Paulo (UNIFESP)false |
dc.title.pt_BR.fl_str_mv |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
dc.title.alternative.pt_BR.fl_str_mv |
Data Security in LoRaWAN Network with Third-Party Network Server |
title |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
spellingShingle |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros de Moraes, Poliana [UNIFESP] LoRaWAN Security Internet of Things |
title_short |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
title_full |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
title_fullStr |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
title_full_unstemmed |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
title_sort |
Segurança Cibernética de Dados em Redes LoRaWAN com Servidores de Rede de Terceiros |
author |
de Moraes, Poliana [UNIFESP] |
author_facet |
de Moraes, Poliana [UNIFESP] |
author_role |
author |
dc.contributor.authorLattes.pt_BR.fl_str_mv |
http://lattes.cnpq.br/4759215146674764 |
dc.contributor.advisorLattes.pt_BR.fl_str_mv |
http://lattes.cnpq.br/1725477351660877 |
dc.contributor.advisor-coLattes.pt_BR.fl_str_mv |
http://lattes.cnpq.br/2934786440085983 |
dc.contributor.author.fl_str_mv |
de Moraes, Poliana [UNIFESP] |
dc.contributor.advisor1.fl_str_mv |
da Conceição, Arlindo Flavio |
dc.contributor.advisor-co1.fl_str_mv |
Batista, Daniel |
contributor_str_mv |
da Conceição, Arlindo Flavio Batista, Daniel |
dc.subject.por.fl_str_mv |
LoRaWAN Security Internet of Things |
topic |
LoRaWAN Security Internet of Things |
description |
The age of the Internet of Things is daily bringing the connection of new devices to the Internet, expecting fifty billion units by 2021. Internet of Things devices are nowadays one of the most relevant targets as an entrance for security attacks. LoRaWAN is a new wide-area wireless network technology used in Internet of Things long-range communication and it is specified to provide high data security resilience using end-to-end encryption. LoRaWAN application is a system of a system concept, and a commercial solution is usually shared with numerous parties. Then, LoRaWAN applications can operate with a third-party network server that can not be assumed as a trusted entity. In that scenario, the data can undergo an integrity attack. As the network server owns the network session key, the payload encryption is done using a XOR operation and the protocol specification is opened allowing to determine easily the data location. Furthermore, in a LoRaWAN specification version 1.0, the network server also knows the parameters to calculate an application session key that allows the network server to perform a confidentiality attack. This study aims to develop a security mechanism to improve data security resilience in LoRaWAN applications that use third-party network servers. Following that objective, an Internet of Things system was designed based on the LoRaWAN specification version 1.0. A prototype was built with Radioenge LoRa communication components in end device and gateway. The Things Network server was applied as network and application server. A risk assessment was executed to demonstrate the hazards of third-party network servers in data security. To mitigate the identified risks against unauthorized data access, a proprietary payload is proposed to be included in the application layer. The proprietary payload is formed by the data and the 4 last bytes of its SHA256 hash to delivery integrity in the application layer. Finally, the entire payload is encrypted by AES-CTR to provide confidentiality to the integrity parameter. To be easily reused in end devices of LoRaWAN applications, the proposed security mechanism was encapsulated in a library, and it is available in https://github.com/polimoraes/LoRaWANDataSecurity. In conclusion, when LoRaWAN is implemented with third-party network servers, it is essential to include additional security mechanisms to increase data security resilience, and the security mechanism developed in this work can provide resilience to LoRaWAN applications complied with 1.0 and 1.1 specification versions. |
publishDate |
2021 |
dc.date.accessioned.fl_str_mv |
2021-07-16T13:58:51Z |
dc.date.available.fl_str_mv |
2021-07-16T13:58:51Z |
dc.date.issued.fl_str_mv |
2021-06-10 |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
https://repositorio.unifesp.br/handle/11600/61279 |
url |
https://repositorio.unifesp.br/handle/11600/61279 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
103 f. |
dc.coverage.spatial.pt_BR.fl_str_mv |
Online |
dc.publisher.none.fl_str_mv |
Universidade Federal de São Paulo |
publisher.none.fl_str_mv |
Universidade Federal de São Paulo |
dc.source.none.fl_str_mv |
reponame:Repositório Institucional da UNIFESP instname:Universidade Federal de São Paulo (UNIFESP) instacron:UNIFESP |
instname_str |
Universidade Federal de São Paulo (UNIFESP) |
instacron_str |
UNIFESP |
institution |
UNIFESP |
reponame_str |
Repositório Institucional da UNIFESP |
collection |
Repositório Institucional da UNIFESP |
bitstream.url.fl_str_mv |
${dspace.ui.url}/bitstream/11600/61279/1/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf ${dspace.ui.url}/bitstream/11600/61279/2/license.txt ${dspace.ui.url}/bitstream/11600/61279/27/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf.txt ${dspace.ui.url}/bitstream/11600/61279/29/Disserta%c3%a7%c3%a3o_Entrega_Poliana_Moraes.pdf.jpg |
bitstream.checksum.fl_str_mv |
9c7ed6b83bb18ff55f18232e5652f61f 73e095b12c643c8770857a151d3bb57a 16499a919bceb2195b49f9c93a916cdb 442093670dfeb8855b16d2439ffebfa8 |
bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 MD5 |
repository.name.fl_str_mv |
Repositório Institucional da UNIFESP - Universidade Federal de São Paulo (UNIFESP) |
repository.mail.fl_str_mv |
|
_version_ |
1802764273618780160 |