Extensive Security Verification of the LoRaWAN Key-Establishment: Insecurities & Patches
- Submitting institution
-
The University of Surrey
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 9006196_1
- Type
- E - Conference contribution
- DOI
-
10.1109/EuroSP48549.2020.00034
- Title of conference / published proceedings
- 2020 IEEE European Symposium on Security and Privacy (EuroS&P)
- First page
- 425
- Volume
- -
- Issue
- -
- ISSN
- -
- Open access status
- -
- Month of publication
- -
- Year of publication
- 2020
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
-
- Research group(s)
-
-
- Citation count
- -
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- LoRaWAN is a de-facto Internet of Things technology, standardised by the LoRaAlliance. Herein, we used state-of-the-art theorem-proving to systematically analyse different levels of security and trust in the LoRaWAN JOIN process/protocol. We responsibly disclosed the insecurities found to the LoRaAlliance. Not only are our findings now reflected in the current LoRaWAN specifications, but we became part of the LoRaAlliance Technical Committee and Security Working Group, helping shape LoRaWAN-security further. With LoRaAlliance, we are now looking into privacy analysis of LoRaWAN. Due to our recent affiliation with the LoRaAlliance, the Surrey Council now consults us on their 2020-2023 LoRa-deployments projects.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -