A long-range wide area network (LoRaWAN) is a communication protocol and architecture of a low-power wide area network (LPWA). Since being set as the LPWA technology standard through the ITU-T Y4480 recommendation in December 2021, LoRaWAN has been widely used in academic research as well as industrial implementation. The many uses of LoRaWAN are supported by security features in the form of the use of the AES encryption algorithm to secure data and communication lines.
However, LoRaWAN has weaknesses in its cryptographic management, namely the root key and session key. This weakness attracted Doctor Nur Hayati’s attention to later become the research theme for his doctoral dissertation program at FTUI. Thanks to this research, Nur Hayati won a Doctorate degree with a perfect GPA of 4.00 and Cum Laude predicate at the Doctoral Promotion Session held by the Faculty of Engineering, University of Indonesia, on Wednesday (06/07/22).
“The weakness of the LoRaWAN root key is that it is static, where the value remains the same throughout the life of the device. Meanwhile, the weakness of the LoRaWAN session key is that it is used repeatedly to secure multiple communication sessions. This condition causes the potential for data leakage when the session key is compromised. Besides, the infrequent change of the session key makes it insecure because the key value exceeds the crypto period standard, “explained Nur Hayati.
Several attempts have been made by Doctor Nur Hayati to update the static root key to improve key security and the strength of the LoRaWAN cryptographic system. Meanwhile, efforts to update the session key have also been made. However, the scheme requires extra communication costs incurred by the entities involved.
“The results of this study found that the communication protocol in the key update scheme increases LoRaWAN security, which is stated by the results of the Scyther tools test, namely, the protocol can maintain the confidentiality of messages that occur during communication, communicating entities believe that they agree to exchange information, messages The message received is the same as the message sent, both in order and content, and lastly, that the characteristics of the protocol have exactly one trace pattern, which means that active interception does not occur during the key update,” concluded Nur Hayati.
Nur Hayati is the 144th doctoral graduate from the Department of Electrical Engineering and the 462nd Doctorate at FTUI. The doctoral promotion session was led by the Chair of the Session, Prof.Dr. Ir. Riri Sari, M.M, M.Sc. with the Promoter Prof. Dr.-Ing. Ir. Kallamullah Ramli, M.Eng. and Co-Promoter Dr. Muhammad Suryanegara, S.T., M.Sc., IPU. Examiner Team Prof.Dr.Ir. Anak Agung Putri Ratna, M.Eng., Dr. Muhammad Salman, S.T., M.IT., Dr. Yohan Suryanto, ST., M.T., Dr. Ruki Harwahyu, ST., M.T., M.Sc., Dr. Rudi Lumanto, M.Eng.
Public Communication Bureau
Faculty of Engineering, Universitas Indonesia