Leveraging Larger AES Keys in LoRaWAN: A Practical Evaluation of Energy and Time Costs

[en] Internet of Things (IoT) devices increasingly contribute to critical infrastructures, necessitating robust security measures. LoRaWAN, a low-power IoT network, employs the Advanced Encryption Standard (AES) with a 128-bit key for encryption and integrity, balancing efficiency and security. As computational capabilities of devices advance and recommendations for stronger encryption, such as AES-256, emerge, the implications of using longer AES keys (192 and 256 bits) on LoRaWAN devices’ energy consumption and processing time become crucial. Despite the significance of the topic, there is a lack of research on the implications of using larger AES keys in real-world LoRaWAN settings. To address this gap, we perform extensive tests in a real-world LoRaWAN environment, modifying the source code of both a LoRaWAN end device and open-source server stack to incorporate larger AES keys. Our results show that, while larger AES keys increase both energy consumption and processing time, these increments are minimal compared to the time on air. Specifically, for the maximum payload size we used, when comparing AES-256 to AES-128, the additional computational time and energy are, respectively, 750 m s and 236 μJ. However, in terms of time on air costs, these increases represent just 0.2% and 0.13%, respectively. Our observations confirm our intuition that the increased costs correlate to the number of rounds of AES computation. Moreover, we formulate a mathematical model to predict the impact of longer AES keys on processing time, which further supports our empirical findings. These results suggest that implementing longer AES keys in LoRaWAN is a practical solution enhancing its security strength while not significantly impacting energy consumption or processing time.

Disciplines :

Computer science

Author, co-author :

Thaenkaew, Phithak ; Université de Mons - UMONS > Faculté des Science > Service des Réseaux et Télécommunications

Quoitin, Bruno ; Université de Mons - UMONS > Faculté des Science > Service des Réseaux et Télécommunications

Meddahi Ahmed; Centre for Digital Systems, IMT Nord Europe, Institut Mines-Télécom, Lille, France

Language :

English

Title :

Leveraging Larger AES Keys in LoRaWAN: A Practical Evaluation of Energy and Time Costs

Publication date :

14 November 2023

Journal title :

Sensors

ISSN :

1424-8220

eISSN :

1424-3210

Publisher :

Multidisciplinary Digital Publishing Institute (MDPI), Switzerland

Special issue title :

LoRa and LoRaWAN: Latest Advances in Applications, Systems, and Sensor Networks

Volume :

Issue :

Peer reviewed :

Peer Reviewed verified by ORBi

Research unit :

S802 - Réseaux et Télécommunications

Research institute :

Infortech

Available on ORBi UMONS :

since 12 January 2024

Statistics

Number of views

2 (0 by UMONS)

Number of downloads

0 (0 by UMONS)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

Bibliography

Atzori L. Iera A. Morabito G. The Internet of Things: A survey Comput. Netw. 2010 54 2787 2805 10.1016/j.comnet.2010.05.010
Semtech LoRa and LoRaWAN: A Technical Overview. Online 2019 Available online: https://lora-developers.semtech.com/uploads/documents/files/LoRa_and_LoRaWAN-A_Tech_Overview-Downloadable.pdf (accessed on 8 November 2023)
LoRa Alliance LoRaWAN Specification. Specification V1.0.2, LoRa Alliance 2016 Available online: https://resources.lora-alliance.org/document/lorawan-specification-v1-0-2 (accessed on 8 November 2023)
Yang X. Karampatzakis E. Doerr C. Kuipers F. Security Vulnerabilities in LoRaWAN Proceedings of the 2018 IEEE/ACM Third International Conference on Internet-of-Things Design and Implementation (IoTDI) Orlando, FL, USA 17–20 April 2018 129 140 10.1109/IoTDI.2018.00022
Tomasin S. Zulian S. Vangelista L. Security Analysis of LoRaWAN Join Procedure for Internet of Things Networks Proceedings of the 2017 IEEE Wireless Communications and Networking Conference Workshops (WCNCW) San Francisco, CA, USA 19–22 March 2017 1 6 10.1109/WCNCW.2017.7919091
Morris J. Dworkin. Advanced Encryption Standard (AES). Federal Information Processing Standards Publication FIPS 197 National Institute of Standards and Technology Gaithersburg, MD, USA 2001 10.6028/NIST.FIPS.197-upd1
Kietzmann P. Boeckmann L. Lanzieri L. Schmidt T.C. Wählisch M. A Performance Study of Crypto-Hardware in the Low-End IoT Proceedings of the 2021 International Conference on Embedded Wireless Systems and Networks, EWSN’21 Delft, The Netherlands 17–19 February 2021 Junction Publishing New York, NY, USA 2021 79 90
Blanc S. Lahmadi A. Le Gouguec K. Minier M. Sleem L. Benchmarking of lightweight cryptographic algorithms for wireless IoT networks Wirel. Netw. 2022 28 3453 3476 10.1007/s11276-022-03046-1
TOP500 Available online: https://top500.org (accessed on 8 November 2023)
Shor P.W. Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer SIAM J. Comput. 1997 26 1484 1509 10.1137/S0097539795293172
Joseph D. Misoczki R. Manzano M. Tricot J. Pinuaga F.D. Lacombe O. Leichenauer S. Hidary J. Venables P. Hansen R. Transitioning organizations to post-quantum cryptography Nature 2022 605 237 243 10.1038/s41586-022-04623-2 35546191
Grover L.K. A fast quantum mechanical algorithm for database search Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing Philadelphia, PA, USA 22–24 May 1996 10.48550/arXiv.quant-ph/9605043
Grassl M. Langenberg B. Roetteler M. Steinwandt R. Applying Grover’s Algorithm to AES: Quantum Resource Estimates Proceedings of the Post-Quantum Cryptography Takagi T. Springer International Publishing AG Cham, Switzerland 2016 29 43 10.1007/978-3-319-29360-8_3
IBM IBM Quantum Roadmap Available online: https://www.ibm.com/quantum/roadmap (accessed on 8 November 2023)
National Security Agency Announcing the Commercial National Security Algorithm Suite 2.0. Technical Report, National Security Agency. 2022. U/OO/194427-22|PP-22-1338|SEP 2022 Ver. 1.0 Available online: https://media.defense.gov/2022/Sep/07/2003071834/-1/-1/0/CSA_CNSA_2.0_ALGORITHMS_.PDF (accessed on 8 November 2023)
Barker E. Recommendation for Key Management, Part 1-General NIST Special Publication 800-57 Part 1 Revision 5 National Institute of Standards and Technology Gaithersburg, MD, USA 2020 10.6028/NIST.SP.800-57pt1r5
Li S. Song H. Iqbal M. Privacy and Security for Resource-Constrained IoT Devices and Networks: Research Challenges and Opportunities Sensors 2019 19 1935 10.3390/s19081935 31027162
Oniga B. Dadarlat V. De Poorter E. Munteanu A. Analysis, design and implementation of secure LoRaWAN sensor networks Proceedings of the 2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP) Cluj-Napoca, Romania 7–9 September 2017 421 428 10.1109/ICCP.2017.8117042
Tsai K.L. Leu F.Y. Hung L.L. Ko C.Y. Secure Session Key Generation Method for LoRaWAN Servers IEEE Access 2020 8 54631 54640 10.1109/ACCESS.2020.2978100
Hessel F. Almon L. Álvarez F. ChirpOTLE: A Framework for Practical LoRaWAN Security Evaluation Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec ’20 Linz, Austria 8–10 July 2020 Association for Computing Machinery New York, NY, USA 2020 306 316 10.1145/3395351.3399423
Pospisil O. Fujdiak R. Mikhaylov K. Ruotsalainen H. Misurec J. Testbed for LoRaWAN Security: Design and Validation through Man-in-the-Middle Attacks Study Appl. Sci. 2021 11 7642 10.3390/app11167642
Rifà-Pous H. Herrera-Joancomartí J. Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices Future Internet 2011 3 31 48 10.3390/fi3010031
Knežević M. Nikov V. Rombouts P. Low-Latency Encryption—Is “Lightweight = Light + Wait”? Prouff E. Schaumont P. Proceedings of the Cryptographic Hardware and Embedded Systems—CHES 2012 Springer Berlin/Heidelberg, Germany 2012 426 446 10.1007/978-3-642-33027-8_25
Tsao B. Liu Y. Dezfouli B. Analysis of the Duration and Energy Consumption of AES Algorithms on a Contiki-Based IoT Device Proceedings of the 16th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services Houston, TX, USA 12–14 November 2019 Association for Computing Machinery New York, NY, USA 2019 MobiQuitous’19 2019 483 491 10.1145/3360774.3368202
Hung C.W. Hsu W.T. Power Consumption and Calculation Requirement Analysis of AES for WSN IoT Sensors 2018 18 1675 10.3390/s18061675 29882865
Tsai K.L. Leu F.Y. You I. Chang S.W. Hu S.J. Park H. Low-Power AES Data Encryption Architecture for a LoRaWAN IEEE Access 2019 7 146348 146357 10.1109/ACCESS.2019.2941972
Mårlind F. Butun I. Activation of LoRaWAN End Devices by Using Public Key Cryptography Proceedings of the 2020 4th Cyber Security in Networking Conference (CSNet) Lausanne, Switzerland 21–23 October 2020 1 8 10.1109/CSNet50428.2020.9265530
Milani S. Chatzigiannakis I. Design, Analysis, and Experimental Evaluation of a New Secure Rejoin Mechanism for LoRaWAN Using Elliptic-Curve Cryptography J. Sens. Actuator Netw. 2021 10 36 10.3390/jsan10020036
Casals L. Mir B. Vidal R. Gomez C. Modeling the Energy Performance of LoRaWAN Sensors 2017 17 2364 10.3390/s17102364 29035347
Winderickx J. Braeken A. Singelée D. Mentens N. In-depth energy analysis of security algorithms and protocols for the Internet of Things J. Cryptogr. Eng. 2022 12 137 149 10.1007/s13389-021-00274-7
Thaenkaew P. Quoitin B. Meddahi A. Evaluating the cost of beyond AES-128 LoRaWAN security Proceedings of the 2022 International Symposium on Networks, Computers and Communications (ISNCC) Shenzhen, China 19–22 July 2022 1 6 10.1109/ISNCC55209.2022.9851811
National Institute of Standards and Technology Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality Technical Report SP 800-38C National Institute of Standards and Technology Gaithersburg, MD, USA 2004 10.6028/NIST.SP.800-38C
IEEE Std 802.15.4-2020 (Revision of IEEE Std 802.15.4-2015) IEEE Standard for Low-Rate Wireless Networks IEEE New York, NY, USA 2020 1 800 10.1109/IEEESTD.2020.9144691
Semtech Corporation SX1272/3/6/7/8: LoRa Modem Designer’s Guide 1st ed. Semtech Corporation Camarillo, CA, USA 2013 AN1200.13 Available online: https://lora-developers.semtech.com/documentation/product-documents/ (accessed on 8 November 2023)
Arm Mbed Mbed OS Source Code Available online: https://github.com/ARMmbed/mbed-os (accessed on 9 November 2023)
Orne Brocaar Chirpstack Network Server Source Code Available online: https://github.com/brocaar/chirpstack-network-server (accessed on 9 November 2023)
Orne Brocaar Chirpstack Application Server Source Code Available online: https://github.com/brocaar/chirpstack-application-server (accessed on 9 November 2023)
LoRa Alliance LoRaWAN 1.0.2 Regional Parameters. Specification V1.0.2, LoRa Alliance 2017 Available online: https://resources.lora-alliance.org/document/lorawan-regional-parameters-v1-0-2rb (accessed on 8 November 2023)
Zigbee Alliance The Zigbee Specification. Technical Specification 05-3474-22 2017 Available online: https://csa-iot.org/resources/developer-resources/ (accessed on 8 November 2023)
Sigfox Sigfox Device Radio Specifications Available online: https://build.sigfox.com/sigfox-device-radio-specifications (accessed on 8 November 2023)