My presentation on IoT LPWAN network security (Sigfox and LoRaWAN)
* Overview of what LPWAN, Sigfox and LoRaWAN is, and why they are important
* What security mechanisms do they provide?
* Raise curiosity: How do I attack/inspect LPWAN traffic?
Jag jobbar som IoT-konsult här i Göteborg Tidigare varit på OP5, som gör en mjukvara för att övervaka servrar och nätverksprylar Sitter i styrelsen för OWASP Göteborg. Ideell organisation med rötterna i USA som jobbar för att göra säkerhetsfrågor och -verktyg mer synliga. Medlem i MySensors core-team. MySensors är ett projekt med öppen mjukvara och hårdvara för att göra egna Arduinobaserade IoT-enheter. Skrivit över 80 artiklar i svenska tidningen Datormagazin, nu senast reportage från IoT-konferenser och hur du kan bygga egna IoT-enheter.
Vad är LPWAN, Sigfox och LoRaWAN och varför är de viktiga? Vilka säkerhetsfunktioner finns? Hur kan du få praktisk erfarenhet av LPWAN?
Låg strömförbrukning: 25% av wifi och 1,25% av 3G Lång räckvidd: Engelska kanalen 250km. TTN LoRaWAN record: 702km väderballong. 0.1-10% duty cycle
* Sigfox: Depends on class, can be lower ** Depends on data rate / spreading factor. Will affect the number of messages allowed. Airtime calculator: https://docs.google.com/spreadsheets/d/1QvcKsGeTTPpr9icj4XkKXq4r2zTc2j0gsHLrnplzM3I/edit#gid=0 Telia’s starter package “IoT connect” is 99EUR per month for 10 devices. LoRaWAN har en annan prismodell men brukar hamna på ungefär samma kostnad
Sigfox har nästan dubblat täckningen varje år. LoRaWAN: TTN 3 700 gateways Comcast (US), KPN (NL), Proximus (BE), Orange (FR), SK telecom (SK), Tata Communications (IN) and more Gothenburg: Sigfox har bra utomhustäckning och ok inomhustäckning Tele2 LoRaWAN testnätverka ungefär samma täckning som Sigfox men inte lätt att få tillgång till. ~5 TTN gateways i Göteborg. Kort räckvidd.
https://github.com/Lora-net open source code for node, gateway and packet forwarder
Jag visar var nätverket tar ansvar och var du måste ta ansvar
Sigfox does not provide a way to update firmware over the air, but radio modules with LTE-M or similar solutions can be used. LoRaWAN: TTN has a working PoC together with ARM, plan is to get it into the LoRaWAN standard.
AES CTR mode Hiding the fact that the device is communicating is tricky, especially with the low message rate allowed.
* This is unfortunately the way Sigfox presents its security. We all know this is marketing speech and usually means nothing. At least they didn’t put “military-grade” in there. To get more information you’ll need to sign a NDA, which usually is a bad sign. You’ll need to decide if you trust Sigfox or not. If you don’t, add additional protection or use an alternative where you take end-to-end responsibility.
“Sigfox is continuously investing in security and partnering with research institutes and domain experts, working on advanced research topics such as machine learning, anomaly detection, and advanced cryptographic algorithms.”
Sizes are in bits Source: Augustin, Aloÿs & Yi, Jiazi & Clausen, Thomas Heide & Mark Townsley, William. (2016). A Study of LoRa: Long Range & Low Power Networks for the Internet of Things. Sensors. 16. 1466. 10.3390/s16091466.
Different LoRaWAN implementations can use slight variations of this More details: https://www.thethingsnetwork.org/wiki/Backend/Home and https://www.thethingsnetwork.org/wiki/LoRaWAN/Security In the current implementation, TTN decrypts payload for you (just like Sigfox).
These devices and networks are already out there.
https://yadom.eu/reseaux-iot/sigfox/carte-breakout-sfm10r1.html 24 EUR https://www.m.nu/pycom/lopy-with-headers 379kr https://github.com/int0x191f2/wireshark-sigfox https://github.com/ltn22/LoRaWAN-Wireshark-Dissector https://bitbucket.org/cybertools/scapy-radio/overview https://github.com/BastilleResearch/gr-lora https://github.com/matthijskooijman/arduino-lmic Arduino LoRaWAN library for devices https://www.youtube.com/watch?v=-YNMRZC6v1s Matt Knight at GRCon16 https://github.com/rpp0/gr-lora https://www.youtube.com/watch?v=NoquBA7IMNc Matt Knight at CCC
Yes, LoRa can use 433MHz as well, but no LoRaWAN networks are using it (yet?)
https://revspace.nl/DecodingLora Matt Knight - Reversing LoRa and his presentation at the RSA conference this year
About Mikael Falkvidd
80+ published articles inChapter leader Core team member
Falkvidd Holding AB
Development Team Lead, OP5
IT Consultant, Accenture
Product Owner, Ericsson
Solution Architect, Ericsson
● An overview of what LPWAN, Sigfox and LoRaWAN is and why they are
● What security mechanisms do they provide?
● Raise curiosity: How do I attack/inspect LPWAN traffic?
What is LPWAN? (1)
● 25mW/14dBm RF output (wifi is 100mW/20 dBm, 3G is 2000mW/33 dBm )
● 2+ years on single lithium cell
● 10+ years on 2xAA
● 15-40 km radius per base station / gateway
● Sub-GHz ISM band (868/902/915 MHz depending on region)
● This is where it get interesting from a security standpoint :-)
What is LPWAN? (2)
● 1 uplink message every 10 minutes max*
● Message size max 12 bytes (Sigfox) or 51–255 bytes (LoRaWAN)**
● No confirmation
● Downlink always initiated by uplink - no unsolicited traffic
● Sigfox: max 4 messages per 24h, max 8 bytes each
● LoRaWAN: 10 messages per 24h, max 51–255 bytes each
Low-cost: Sigfox connectivity costs 15 EUR per year and device for 1 device.
~1EUR per year and device for 50,000 devices (10%-1% of cost with Telia IoT)
Sigfox and LoRaWAN main
differences Sigfox LoRaWAN
Coverage - global 45 countries, 803M people 90+ countries
Coverage - Sweden 60% of population
Local (city-wide) networks
Base stations / gateways Always owned by operator
Anyone can put up a
gateway, hardware cost from
Backend Owned by Sigfox
Local providers, TTN (partly
open source), open source,
● Physical device
● Radio communication
● Base stations / gateways
● Gateway to backend system
● Backend system
● Backend to application
Physical device attacks
● Destroy it
● Extract keys
● Modify firmware
LoRaWAN and Sigfox use per device keys, so compromisation of one device
impacts only that device and its data. The rest is your responsibility:
● Physical protection
● Use secure elements to protect keys
● Signed firmware updates* / verify firmware integrity
Radio communication - Sigfox
● Each Sigfox device is provisioned with a unique symmetrical authentication
● All messages to from the device are protected by a MAC using a key
derived from the symmetrical key, providing authenticity and integrity.
● All messages include a sequence counter, to prevent replay attacks
● Sigfox can provide confidentiality but does not require encryption. Device
makers can add Sigfox-provided encryption as part of certification, or add
their own flavor.
● Sigfox’s goal is to have each location covered by at least 3 base stations, to
increase availability / be more jamming-resistant.
Base stations - Sigfox
● All Sigfox base stations have a Trusted
Platform Module (TPM), which manages
encryption keys and verifies the base
● The operating system uses Secure Boot
● Communication with the backend
system is done through VPN. The VPN
key is stored in the TPM.
Sigfox backend and your application
● Sigfox data centers adhere to SSAE16/ISAE3402 SOC-1 Type II - ISO
27001 - PCI-DSS - FACT - ISO 9001-2008 - ISO 50001
● “State-of-the-art solutions have been deployed to ensure the integrity,
availability and confidentiality of [devices’ authentication keys as well as
traffic metadata.].” *
● Communication between the Sigfox backend and your application uses
● Your application is (of course) your responsibility
LoRaWAN keys in TTN
Network session key (NwkSKey)
● used for interaction between the Node and the Network and routing
● check the validity of messages
Application session key (AppSKey)
● encryption and decryption of the payload
● payload is encrypted between the device and the Handler component of TTN, which
you will be able to run on your own server (LoRaWAN 1.1).
When dynamically activating a LoRaWAN device (OTAA), these keys are re-generated on
every activation. If you statically activate your device (ABP), these keys stay the same
until you change them.
Securitas Direct uses a Sigfox device to report GSM jamming attacks. They have
deployed more than 1.6M units.
The city of Gothenburg received a 2.19 MSEK grant from Vinnova to use
LoRaWAN-based sensors for measuring air and water quality.
Getting your hands dirty
● Sigfox dissector for Wireshark (WIP)
● LoRaWAN dissector for Wireshark (Orange, docs
● GNU Radio scrapy for Sigfox
● Gr-lora for LoRa (LoRaWAN not yet supported)
Get your own radio module / device
Build/buy your own gateway (LoRaWAN)
https://yadom.eu/reseaux-iot/sigfox/carte-breakout-sfm10r1.html Sigfox radio module, controlled by AT
commands on 9600bps serial 24 EUR
https://www.m.nu/pycom/lopy-with-headers Microcontroller that runs python with LoRa radio module 379kr
https://bitbucket.org/cybertools/scapy-radio/overview Sigfox Gnu Radio Companion
https://github.com/BastilleResearch/gr-lora LoRa Gnu Radio Companion
https://github.com/matthijskooijman/arduino-lmic Arduino LoRaWAN library for devices
https://www.youtube.com/watch?v=-YNMRZC6v1s Matt Knight at GRCon16
https://www.youtube.com/watch?v=NoquBA7IMNc Matt Knight at CCC
https://github.com/rpp0/gr-lora another LoRa Gnu Radio Companion, not the same as the one by Bastille
Choose the right security level for
● Example: Outdoor environmental data probably doesn’t need to be kept
confidential (temperature, rainfall, air humidity, barometric pressure, etc)
● In other cases, the fact that the device is communicating at all might reveal
● Know what the network provides for you, and what you need to take