Open Access

ARTICLE

Two-Stage High-Efficiency Encryption Key Update Scheme for LoRaWAN Based IoT Environment

Kun-Lin Tsai^1,2,*, Li-Woei Chen³, Fang-Yie Leu^4,5, Chuan-Tian Wu¹

1 Department of Electrical Engineering, Tunghai University, Taichung, 407, Taiwan
2 Research Center for Smart Sustainable Circular Economy, Tunghai University, Taichung, 407, Taiwan
3 Department of Computer and Information Sciences, Chinese Military Academy, Kaohsiung, 830, Taiwan
4 Department of Computer Science, Tunghai University, Taichung, 407, Taiwan
5 Emergency Response Management Center, Industry-Academia Collaboration and University Extension Division, Ming-Chuan University, Taipei, 111, Taiwan

* Corresponding Author: Kun-Lin Tsai. Email:

Computers, Materials & Continua 2022, 73(1), 547-562. https://doi.org/10.32604/cmc.2022.026557

Received 30 December 2021; Accepted 02 March 2022; Issue published 18 May 2022

Abstract

Secure data communication is an essential requirement for an Internet of Things (IoT) system. Especially in Industrial Internet of Things (IIoT) and Internet of Medical Things (IoMT) systems, when important data are hacked, it may induce property loss or life hazard. Even though many IoT-related communication protocols are equipped with secure policies, they still have some security weaknesses in their IoT systems. LoRaWAN is one of the low power wide-area network protocols, and it adopts Advanced Encryption Standard (AES) to provide message integrity and confidentiality. However, LoRaWAN's encryption key update scheme can be further improved. In this paper, a Two-stage High-efficiency LoRaWAN encryption key Update Scheme (THUS for short) is proposed to update LoRaWAN's root keys and session keys in a secure and efficient way. The THUS consists of two stages, i.e., the Root Key Update (RKU) stage and the Session Key Update (SKU) stage, and with different update frequencies, the RKU and SKU provide higher security level than the normal LoRaWAN specification does. A modified AES encryption/decryption process is also utilized in the THUS for enhancing the security of the THUS. The security analyses demonstrate that the THUS not only protects important parameter during key update stages, but also satisfies confidentiality, integrity, and mutual authentication. Moreover, The THUS can further resist replay and eavesdropping attacks.

---

Keywords

---