Content uploaded by Sérgio Ivan Lopes
Author content
All content in this area was uploaded by Sérgio Ivan Lopes on Aug 19, 2023
Content may be subject to copyright.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
Towards Secure Edge-Based LoRaWAN for Next
Generation Wireless Communications
Azin Moradbeikie* ǂ, Hannaneh B. Pasandiǁ, Ahmad Keshavarz л, Habib Rostamiл, Sara Paiva*, Sergio Ivan Lopes* ǂ ¶ ¥
*ADiT–Lab, Instituto Politécnico de Viana do Castelo, 4900-348 Viana do Castelo, Portugal
ǂ CiTin – Centro de Interface Tecnológico Industrial, InovArcos, 4970-786 Arcos de Valdevez, Portugal
ǁ Virginia Commonwealth University, 907 Floyd Ave, Richmond, VA 23284, USA
л PGU – Persian Gulf University, Bandar Bushehr, 7516913817, Iran
¶IT - Instituto de Telecomunicações, Campus Universitário de Santiago, 3810-193 Aveiro, Portugal
¥Corresponding Author: sil@estg.ipvc.pt
Abstract —The next generation of mobile networks called sixth
generation (6G) is predicted to support a highly dense network
for future of Internet of Everything (IoE) with up to 500 billion
devices, leading to a requirement shift from rate-centric services
towards ultra massive Machine Type Communication (umMTC).
Low Power Wide Area Networks (LPWAN) are capable of
providing long-range coverage for umMTC devices with low-
power consumption at a low cost. For example, LoRaWAN
technology is known for delivering large coverage areas between
1 and 10~kms, and more than 5 years of battery lifetime, making
it an exceptional candidate technology to support the IoE
paradigm. However, LoRaWAN comes with its drawbacks,
including scalability, operational latency, and security issues. To
overcome such challenges, we propose a novel holistic edge-based
LoRaWAN encryption system, in which, part of the computation
and authentication is moved to the gateway, i.e., the edge. The
rest of the computation occurs in the cloud, at the application
server, thus reducing operational latency. Edge-based
applications typically demand low latency, real-time, and
intelligent computing applications, just to name a few. The
suggested approach overcomes the inevitable drawbacks of the
classic cloud-based LoRaWAN architectures, as well as enhances
important 5G services such as Ultra-Reliable Low Latency
Communications (URLLC) and umMTC. Given these early but
encouraging results, we examine the system challenges linked to
latency to demonstrate how the proposed solution could be
implemented with minor modifications to existing protocols and
technologies.
Keywords - LoRaWAN; IoT; Edge Computing; Encryption.
I. INTRODUCTION
The next generation of mobile networks called sixth
generation (6G) is predicted to support a highly dense network
for future of Internet of Everything (IoE) with up to 500 billion
devices [1]–[3]. 6G mobile networks are expected to burgeon
in the coming decade to address limitations such as data rate,
latency, reliability, availability, connection density, and global
coverage — spanning over the ground, underwater, and space
— which cannot be addressed by previous communication
technologies. Enforcing the IoE leads to a requirement shift
from rate-centric services toward ultra massive Machine Type
Communication (umMTC) [4]–[7]. umMTC provides a
massive deployment of communication between devices to
deploy machine base services including Location-Based
Systems (LBSs), remote sensing and actuation, device tracking,
etc. One of the key features of enabling umMTC is the long-
range coverage with a low energy consumption that leads to
long battery lifetime. Network communication protocols can be
categorized into three main groups based on coverage range: i)
Short-range (e.g., Bluetooth, RFID, etc.), ii) Medium-range
(e.g., ZigBee, Wi-Fi, etc.), and Long-range (e.g., LoRaWAN,
Sigfox, etc).
Low-Power Wide-Area Networks (LPWANs) are Long-
range communication protocols and different technologies try
to implement its features (e.g., LTE-M, NB-IoT, Sigfox, and
LoRaWAN) including long-range coverage over a licensed or
licensed free band for umMTC devices, low-power
consumption (deliver more than 5 years of battery lifetime for
devices), and low cost. Long range coverage of LPWAN
technologies (a coverage area between 1 and 10 km) make
them an appropriate choice for distinct application domains [8],
i.e., smart monitoring [9]–[11], smart building [12], device
localization [13], [14], etc. A technology such as LoRaWAN
features (long range, high battery life, cost-efficiency, and
latency) which makes it a more suitable candidate to support
the IoE [15]. However, LoRaWAN comes with its own
drawbacks, including scalability, operational latency, and
security issues [16]. Firstly, LoRaWAN is committed to
providing long-range coverage for massive device deployment.
Given the fact that all devices broadcast their packets through
the ALOHA technique, many nodes have to share the
communication medium. To manage the medium interference,
LoRaWAN supports Adaptive Data Rate (ADR). In ADR, a
gateway sends the suitable commands to end devices to adjust
its transmission parameters including data rates, transmission
power, and channels to optimize the use of the shared network
channel. As LoRaWAN is built upon a star topology, no
cooperation exists among gateways, which can cause negative
impacts on end devices and gateways. Uncoordinated
transmissions of LoRaWAN by using adopted ALOHA MAC
protocols leads to poor channel utilization due to collisions
increments [17]. This will lead to a limit regarding the number
of transmitters a LoRaWAN system can support. Therefore,
scalability is one of the most critical drawbacks of LoRaWAN
[18]. In addition, collision increment can lead to an increase in
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
the packet loss rate (PLR). PLR in critical industrial systems is
an important metric for evaluating system safety. For solving
such problems, a smarter LoRaMAC layer can be presented at
the gateway, which can be achieved by providing access to
received packet data from the end node. Secondly, it uses a star
topology. In this topology, end nodes are only connected to
gateways. As a result, it can only communicate with the
LoRaWAN server throw gateways. The gateways typically
operate as packet forwarders and add some metadata to the
received packets before forwarding them to the LoRaWAN
server, thus impacting operational latency. The LoRaMAC
layer provides the medium access control mechanism by
determining transmission parameters (Spreading Factor (SF),
Bandwidth (BW), Transmission Power (TP), and Coding Rate
(CR)). Then, end nodes send packets through the ALOHA
technique based on determined factors. Finally, regarding end
nodes' security and privacy, LoRaWAN provides security for
end nodes through end-to-end encryption by using Advanced
Encryption Standard (AES) as a symmetric-key cryptography
[19], however, several vulnerabilities have been recently
reported [16].
For this purpose, LoRaWAN uses two hard-coded keys
including the Network key (NwkKey) and the Application key
(AppKey). As LoRaWAN provides more than 5 years of
lifetime, using fixed keys for encryption is not secure. In
addition, each end node receives a device address during the
network join request, which only changes with each re-join
request. The device address is then sent to the gateway
unencrypted. Using an unencrypted device address for a long
time can lead to end node identity leakage that may cause
privacy violations. For safety and security LoRaWAN
improvement, it is important to provide a new key management
method that encrypts packets between the end node and
gateway. This paper proposes a new key establishment method
between end nodes and gateway that provide mutual
authentication and integrity check. In addition, the proposed
method reduces the latency by up to 30 percent.
The remainder of this document is organized as follows:
Section 2 presents the related works; Section 3 provides a
primer on the packet structure of LoRaWAN; Section 4
introduces the proposed method for Edge-based LoRaWAN
architecture and the suggested encryption mechanism for key
management; Section 5 present the evaluation of the proposed
method and in the following a discussion around the achieved
results is provided. Lastly, in Section 6 the main conclusions
are undertaken, and future work guidelines are presented.
II. RELATED WORK
LoRaWAN Alliance was developed by Semtech in
February 2015 as a Low-Power Wide-Area Network
(LPWAN) and it aims to provide a long-range, low-power, and
low-cost technology for umMTC. But, as mentioned, it has
important drawbacks that make it inefficient for large-scale
deployment (including scalability, packet loss, and security).
To address these drawbacks, various fog computing based
paradigm have been proposed in several studies [20]–[24].
Smart cities are a real-world example of ultra-massive IoT
deployment. Authors in [25] provide an Edge-Fog-based
architecture that integrates with LPWAN networks to provide
local traffic monitoring and management for smart cities.
Providing such an approach needs a key establishment process
between the end node, gateway, and server to give access to
end node data throughout the gateway. In addition, it improve
the cloud load and delay by distributing computation,
networking, and required storage resources to the gateway,
where data is collected and forwarded to the application server.
In a smart city, LoRaWAN and fog computing can be used to
collect, aggregate, transform, and store data from distinct
sensors, that may be related to environmental pollution,
climate, vehicle traffic, etc. In [26], Arkian et al. present a new
architecture for LoRaWAN. The proposed architecture is based
on fog to provide an open-source software for potable water
management in the city of Valencia, Spain. In this paper, no
details regarding the implemented platform is provided.
Inaddition, they do not provide an overview from identified
and addressed challenges by the platform. Battulga et al. [24]
extends the proposed model for multiple sensors, multiple fog
computing clusters, multi-tenancy, and data management in the
context of smart-marina management. However, no details of
the security process are presented.
Sensors as a part of IoT provide information about the
environment. Obtaining the location information of these
sensors is essential to provide more meaningful data and
effective services. Various efforts focus on LoRa-based indoor
and outdoor localization. One of the main research lines of
localization is based on RSSI. Anjum et al. [27] investigate the
use of RSSI (Received Signal Strength Indicator) based
ranging in LoRaWAN networks using distinct machine
learning approaches (support vector machines, spline models,
decision trees, and ensemble learning), on a training dataset
gathered in both indoor and outdoor environments. Authors in
[13] mentioned that various gateways in LoRaWAN are
implemented in various environment that leads each gateway
experiences different interference. On this basis, they propose
an new RSSI-based LoRaWAN location estimation method
based on Edge-AI techniques. In their proposed method,
location estimation run at each gateway separately to learn and
reduce weather effects on estimated distance. But they do not
provide any detail on the key establishment method to provide
access to received packet data at gateways.
Purohit et al. [28] propose a fingerprinting-based
localization system architecture with interpolation assistance.
To properly handle the substantial amount of missing samples
and outliers brought on by the massive scale and extensive
coverage of LoRaWAN networks, they suggest a deep
autoencoder approach. For fingerprinting-based location
regression, the authors also use three distinct deep learning
models, namely the Artificial Neural Network (ANN), Long
Short-Term Memory (LSTM), and the Convolutional Neural
Network (CNN). To address the issue of localization accuracy
in noisy environments, authors in [29] propose two new
localization algorithms. In the first proposed localization
method, as first step, the noisy position estimate is detected by
using k-means clustering. Then, at the second step, the node
with the biggest estimated RSSI error is eliminated and the
localization procedure repeats. In the second proposed
localization method, authors mentioned that the location
estimation error will be minimal if the estimated location error
of node to other anchor nodes by using the measured RSSI be
minor. Therefore, the authors suggest computing the expected
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
RSSI errors in all potential estimated locations then choosing
the optimal answer.
Scalability is one of the important drawbacks of
LoRaWAN. Authors in [17] introduce FLIP (Fully Distributed
and Open Architecture) for LoRaWAN. In the proposed
method, authors proposed a fundamentally new architecture for
LoRaWAN gateways. They present their idea based on the
management and coordination of gateways. The authors claim
to improve LoRaWAN scalability through the formation of a
federation of gateways.
FLIP provide the connection between all participating
gateways at the IP level by using a decentralized Virtual
Private Network (VPN). The proposed method provides a
gateway to gateway backhaul network to decrease the server
load from one network to gateways of an overlapping network.
But it requires reliable wired backhaul access, which in most
cases cannot be possible. In addition, the proposed model
needs an agreement and cooperation to exchange
authentication keys, which is not acceptable.
III. A PRIMER ON LORAWAN
Uplink and downlink messages in LoRaWAN can be used
to transport both MAC commands and application data and can
be combined in a single message [19]. The most important
MAC commands in LoRaWAN 1.0.x include join request
(uplink message) and join accept (downlink message). In
LoRaWAN 1.1.x, Rejoin-request (uplink message) has been
added, as other significant MAC commands. The join-request
message is not encrypted, but the join-accept message is
encrypted. We can categorize the physical layer attacks into the
following categories:
Side-channel attacks: These attacks exploit the physical
properties of the device to extract secret keys. Examples
of side-channel attacks include power analysis attacks and
timing analysis attacks [30];
Tampering attacks: These attacks involve physically
modifying the end-device to extract or alter data.
Examples of tampering attacks include invasive attacks,
where attackers remove the device's protective casing to
access its circuitry, and non-invasive attacks, where
attackers use techniques such as electromagnetic radiation
or laser beam to extract data from the device [31], [32];
Attacks on gateways: These attacks target the gateway,
which is the intermediary between the end-device and the
cloud server. Examples of gateway attacks include
physical attacks on the gateway's hardware or software,
such as power supply attacks or firmware attacks [33]–
[35];
Denial-of-service attacks: These attacks aim to disrupt
the operations of the gateway or end-device by flooding
them with traffic or by jamming the wireless
communication [36], [37];
Interception attacks: These attacks involve
eavesdropping on the wireless communication between
the end-device and the gateway to obtain sensitive data
[38].
LoRaWAN provides multiple-layer encryption to prepare
security, both in the network and application layers. For this
purpose, for each layer, the Network Session Key (NwkSKey)
and the Application Session Keys (AppSKey) as encryption
keys are generated by using the Application Key (Appkey)
[39]. The LoRaWAN message structure is shown in Fig. 1.
The frame is encrypted by using AppSKey and NwkSKey
before sending from the end device and the application server.
To ensure the integrity and authenticity of the message, the
message integrity code (MIC) is computed based on message's
fields.
According to the mentioned content, gateways do not have
access to end node data. They only receive encrypted packets
of end nodes and add some metadata (such as RSSI, SNR, etc.)
to the packet before forwarding it to the LoRaWAN server. By
increasing the number of end nodes, the blind operation of
gateways against received packets from end nodes will reduce
efficiency.
Fig. 1. LoRaWAN message and encryption structure. Adapted from [39].
To solve these problems, the role of gateways has to change
from a blind packet forwarder into an active member of the
system. In this work, a new LoRaWAN architecture is
proposed, which enables secure gateway access to data. For
this purpose, a new mechanism is introduced for Join-Request,
Rejoin-Request, and Join-Accept messages, which allows
providing an encryption key between the end node, the
gateway, and the LoRaWAN server, using Elliptic-Curve
Cryptography (ECC). The proposed model can effectively meet
the weakness of the current architecture of LoRaWAN in a way
that guarantees computational key secrecy, authentication, and
integrity checking between the node, gateway, and server.
IV. PROPOSED LORAWAN ARCHITECTURE
Edge-based system implementation reduces the
computation cost and bandwidth requirements by outsourcing
part of the works to edge [40]. In this section, the proposed
architecture for Edge-based LoRaWAN is presented and the
suggested encryption mechanism for key management is
provided.
A. Architecture Overview
The proposed Edge-Based LoRaWAN system shifts
gateways from a blind packet forwarder to an active processing
network element. For this purpose, the gateway performs a key
establishment method to provide an encryption key between
the server, gateway, and end node. In the new design, the
gateway is constructed from four main modules to provide
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
encryption and decryption tasks on received data from the end
node. These modules consist of End-node registration, packet
forwarder, Network connector, and packet controller. In the
following, the functions of each module are described:
End-node Registration: when an end-node sends Join-
Request, it provides a key establishment process to
provide a mutual key between the end-node, gateway, and
server;
Packet Controller: after key establishment between end
node and gateway, this module provides message
authority and integrity verification. Then, it decrypts the
uplink messages for further processing and encrypts the
downlink or uplink messages;
Packet Forwarder: It acts similar to the normal
LoRaWAN packet forwarder. The Packet Forwarder
receive the uplink messages and send them to the Packet
Controller. Also, it receives the downlink messages and
send them to the end devices [41];
Network Connector: it sends uplink messages to the
server after pre-processing and receives downlink
messages from the server.
The structure of the proposed Edge-Based LoRaWAN is
shown in Fig. 2. In the proposed architecture, a join-request
from the end node is received by Packet Forwarder and
delivered to End-node Registration. End-node Registration
provides the key establishment process and forwards it to
Network Connector to deliver to LoRaWAN Server.
LoRaWAN server completes the key management process and
sends it to the end node through the gateway. The received
encrypted packets from the end node are sent to Packet
Controller for integrity and authentication check and pre-
processing. After packet confirmation, it will send to Network
Connector to deliver to the LoRaWAN server, or it will send to
Packet Forwarder to deliver to the end node.
B. Key Establishment Method
In this section, the precise explanation of distinct phases of
the proposed key establishment method is presented. The
notations of the proposed method are summarized in Table 1.
The proposed method is composed of two parts: The Pre-
Deployment Phase and Authentication, and the Key Agreement
Phase. In the following, these parts are presented.
Fig. 2. Structure of proposed Edge-Based LoRa.
TABLE 1
THE USED NOTATIONS IN THE PROPOSED KEY ESTABLISHMENT METHOD
Symbol
Meaning
Trusted Authority
Generator of cyclic additive groups
,
Master secret and public key of
Distinct unique identifier of end node
Distinct unique identifier of gateway
Pseudo identity of gateway j
,
,
Picked random nonce by end node, gateway, and server
,
,
Current timestamp of end node, gateway, and server
Generated session key
1) Pre-Deployment Phase: In this phase, the trusted
authority ( ) as a fully trusted entity in the network,
performs the registration of end nodes and gateways. To this
end, determines the following parameters. It picks up as
cyclic additive groups. The selected cyclic additive group has
the identical prime order and is considered as the
generator of . The master secret key of is chosen
randomly. Then, its corresponding master public key is
computed as =.. Furthermore, determines =
(,). Four secure one-way hash functions are also defined
as , , , and . Subsequently, promulgates
{,,,, ,,, }. Both gateways and end nodes
need to be registered with the . In the following, their
registration processes are presented:
End-node Registration: picks an distinct unique
identifier for each end node. The stores the
credentials {,,} for each end
node. Each end node saved its vector
{,,}.
Gateway Registration: picks an distinct unique
identifier for each gateway and compute its pseudo
identity as
=H1(∥ ∥
)where
is a chosen
random number. Each GW saved its vector {,}.
2) Authentication and Key Agreement Phase: The key
management procedure establish a secure key between the end
node, gateway, and server that helps to secure authentication
and message integrity check. The key establishment process
steps are explained in the following.
Step 1: When an end node sends a Join-Request to initiate
secure data transmission to gateway and server, it picks a
random nonce and computes the following parameters:
=.
=.
=( ∥ )⊕
=( ∥ ∥ ∥ ∥ ∥ )
where
is current timestamp. Finally, the end node sends the
message 1 = (,,,1) to the gateway.
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
Step 2: When a gateway receives a Join-Request from an end
node in timestamp
∗, it checks the timeliness of
with the
verifying condition |
∗− | <△ . If it is valid, it picks a
random nonce and computes the following parameters:
=.
=.
= ⊕
=( ∥ ∥ ∥ ∥ ∥ )
where is current timestamp. Finally, the gateway sends the
message (1, 2 = (,,,2)) to the server.
Step 3: When a server receives a Join-Request of an end node
from a gateway in timestamp
∗, it checks the timeliness of
with the verifying condition |
∗−2| <△ . If it is valid, it
picks a random nonce and computes the following
parameters:
=.
=.
=( ∥ )⊕
=( ∥ ∥ ∥
∥ ∥ )
Verify if =? if so, the End node is verified.
= ⊕
=( ∥ ∥ ∥ ∥ ∥ )
Verify if =? if so, the gateway is verified.
=.
=(∥ ∥ ∥ ∥ )
=(∥ ∥ ∥ ∥ )
3 = (,,,,,,,)
where is current timestamp. Finally, the server sends the
message 3 to the gateway.
Step 4: When the gateway receives the response of the server
in timestamp
∗, it checks the timeliness of with the
verifying condition |
∗− | <△ . If it is valid, it forwards it
to the end node and verifies the server, and computes the
established key as follows:
=( ∥ ∥ ∥ ∥ ) (19)
Verify if =? if so, the gateway is verified.
=((,))
where is the established key.
Step 5: When the end node receives the response of the server
from the gateway, it verifies the server and computes the
established key as follows:
=( ∥ ∥ ∥ ∥ )
Verify if =? if so, the gateway is verified.
=((,))
3) Proof of Correctness: In this section, an proof is
provided to show that an identical session key are
engendered during the key management process between all
communicants parts i.e., server, gateway, and end node.
=((,))=((.,.))=
((,)..)
=((,))=.,.=
((,)..)
V. PROPOSED METHOD ANALYSIS
In this section, at first, we evaluate the security of the
proposed key establishment method. In the following
subsections, the latency evaluation of the proposed architecture
is presented for two application scenarios, LoRaWAN-based
localization, and location-based services.
B. Security Analysis
In this subsection, a security analysis of the proposed
method is provided which proves its security strength against
possible attacks.
Proposition 1: The proposed model provides mutual
authentication, and it is resilient against Man-In-The-
Middle attacks (MITM).
Proof: Suppose a malicious entity tries to seize a Join-
Request message of a verified identity and sends
1 = (,∗,∗,
∗) to start a communication with
the server. To launch this attack, the malicious entity can
initiate a random nonce
∗ and current timestamp
∗.
However, without obtaining the secret key and
, the malicious entity cannot re-create another
valid authentication Join-Request message. In addition, if
the malicious entity has access to 3, it can access to
message only in the case of access to , , or .
Proposition 2: The proposed model is resilient against
replay attacks.
Proof: The proposed model utilized various timestamp
values in the authentication and key establishment
procedure among the end node, gateway, and server. In
addition, in each step, a maximum transmission latency △
factor, which is a small value, is determined.
Consequently, a malicious entity cannot gain any
advantage in replaying the old transmitted messages.
C. Use Case I: LoRaWAN-based Localization
The proposed edge-based LoRaWAN architecture can be
implemented for different IoT applications. The studied use
case (harbor assets localization) demonstrates how the
proposed architecture can improve latency.
In the intended case study, every asset in the harbor is
equipped with a LoRaWAN end node. The implemented
system must be capable of providing real-time location
information of end nodes. In the proposed system, each
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
gateway provides distance estimation of the end node by using
measured RSSI and sending it to the LoRaWAN server.
LoRaWAN server computes end node location by using the
received estimated distance. The implemented system has two
main requirements: 1) providing the location information for
many assets, 2) preparing a secure key establishment method
between the end node, gateway, and server to provide data
access for the gateway, and 3) long-range coverage. The
proposed method can considerably improve the time latency
that the system requires to compute distance estimation. The
proposed architecture is implemented in the NS3 LoRAWAN
simulator module.
In the experimental implementation, the number of end
nodes increases from 1 to 1000. Each end node has a random
mobility feature, and it sends a packet with a frequency equal
to 60~second. Ten gateways and one server is considered in the
harbor that receives packets from end nodes. In the cloud base
system, gateways only add some metadata to the received
packets and forward it to the server. Data encryption, distance
estimation, and localization of end nodes are performed in the
cloud. In the edge-based system, received data are encrypted in
the gateways to provide distance estimation. In the following,
the estimated distance is encrypted and sent to the server. All
the received packets are decoded by the server to provide end-
node localization. All the gateways with localization purposes
in the harbor have the same . So, the end node will encrypt
its packet with an established key in the initialization step. The
latency assessment results of two LoRaWAN architecture is
shown in Fig. 3.
Based on the results, the added overhead of encryption and
decryption in the gateway leads to a small processing latency
increase in the case of a low number of end nodes. However,
by increasing the number of end nodes, the proposed Edge-
based architecture reduces the processing latency by up to 30%
percent, since we are moving a significant part of the
computation to the gateway. Thus, in large-scale LoRaWAN
deployments, reducing latency is an essential requirement for
real-time systems.
D. Use Case II: Location Based Services
Location-Based Systems (LBS) is another IoT application
that the proposed edge-based LoRaWAN architecture can
improve its latency by outsourcing part of the computations to
the gateway as edge. LBSs provide information about cities for
users to smartly manage their requirements such as hospitals,
shopping malls, libraries, transportation, and other public
services based on user location. For this purpose, LBS sends
the provided location information by the user's smartphone to
the LoRa server to receive the required information about the
city. In the proposed system, each gateway can provide
information about its environment and send the data to the end
node if its distance from the end node is lower than a defined
threshold. In this case, the number of gateways needs to be
increased to handle the increasing number of requests from end
nodes.
In the experimental implementation, the number of end
nodes is considered to be equal to 700. The number of
gateways increased from 10 to 30 and one server is considered
in the city that receives packets from the server. In the cloud
base system, gateways only add some metadata to the received
packets and forward it to the server. Data encryption and
providing required information based on end nodes' location
are performed in the cloud. In the edge-based system, received
data are decoded in the gateways to provide required
information based on end nodes' locations. In the case that the
distance of the gateway from the end node is bigger than a
predefined threshold, the gateway forwards the packet to the
server for further processing. The latency assessment results of
two LoRaWAN architecture for LBS is shown in Fig. 4.
Fig. 3. The latency assessment results of Cloud-based and Edge-based
Fig. 4. The latency assessment results of Cloud-based and Edge-based LBS.
VI. CONCLUSION AND FUTURE WORK
LoRa radio technology is capable of providing long-range
coverage over a licensed or licensed free band for umMTC
devices in 6G mobile networks. Current studies show that due
to the fundamental limitations of the LoRa signal (such as
signal attenuation caused by barrier penetration and
smoothtime-domain signal waveform), current commodity
LoRa hardware, and these approaches, RSSI-based and (Time-
Difference-Of-Arrivals) TDOA-based, do not appear promising
for Lora-based localization (e.g., low-resolution internal time
counter) [42]. LoRaWAN comes with its drawbacks including
security, privacy, and scalability. In this paper, a novel
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
encryption system for a new kind of LoRaWAN infrastructure
is proposed to shift gateways from a blind packet forwarder to
an active processing system by providing access to received
packet data from end nodes in the gateway. The proposed
method performs a key establishment method to provide an
encryption key between the server, gateway, and end node.
Performing the encryption key makes it possible to move part
of the computation and authentication to the gateway aka, the
edge, and the rest of the service is performed on the cloud side.
Numerical results demonstrated the proposed system reduces
the unnecessary processing latency in many end nodes and
improves the security and privacy of the system. For future
work, we are going to investigate an encryption method
between gateways and evaluate its impact on LoRaWAN
scalability.
ACKNOWLEDGMENT
This research is a result of the project TECH–Technology,
Environment, Creativity and Health, Norte-01-0145-FEDER-
000043, supported by Norte Portugal Regional Operational
Program (NORTE 2020), under the PORTUGAL 2020
Partnership Agreement, through the European Regional
Development Fund (ERDF).
REFERENCES
[1] W. Saad, M. Bennis, and M. Chen, “A Vision of 6G
Wireless Systems: Applications, Trends, Technologies, and
Open Research Problems,” IEEE Netw, vol. 34, no. 3, pp.
134–142, May 2020, doi: 10.1109/MNET.001.1900287.
[2] K. B. Letaief, W. Chen, Y. Shi, J. Zhang, and Y. J. A.
Zhang, “The Roadmap to 6G: AI Empowered Wireless
Networks,” IEEE Communications Magazine, vol. 57, no. 8,
pp. 84–90, Aug. 2019, doi: 10.1109/MCOM.2019.1900271.
[3] S. Dang, O. Amin, B. Shihada, and M.-S. Alouini, “What
should 6G be?,” May 2019, doi: 10.1038/s41928-019-0355-
6.
[4] M. M. Saad, M. T. R. Khan, S. H. A. Shah, and D. Kim,
“Advancements in Vehicular Communication Technologies:
C-V2X and NR-V2X Comparison,” IEEE Communications
Magazine, vol. 59, no. 8, pp. 107–113, Aug. 2021, doi:
10.1109/MCOM.101.2100119.
[5] A. Nauman, T. N. Nguyen, Y. A. Qadri, Z. Nain, K. Cengiz,
and S. W. Kim, “Artificial Intelligence in Beyond 5G and
6G Reliable Communications,” IEEE Internet of Things
Magazine, vol. 5, no. 1, pp. 73–78, May 2022, doi:
10.1109/iotm.001.2100140.
[6] A. Marahatta et al., “Evaluation of a lora mesh network for
smart metering in rural locations,” Electronics (Switzerland),
vol. 10, no. 6, pp. 1–16, Mar. 2021, doi:
10.3390/electronics10060751.
[7] L. Zhang, K. Cheng, Y. Xu, and H. Zhu, “A General Access
Architecture for Blockchain-Based Semi-Quantum 6G
Wireless Communication and its Application,” International
Journal of Theoretical Physics, vol. 61, no. 4, Apr. 2022,
doi: 10.1007/s10773-022-05097-8.
[8] J. C. Liando, A. Gamage, A. W. Tengourtius, and M. Li,
“Known and unknown facts of LoRa: Experiences from a
large-scale measurement study,” ACM Trans Sens Netw, vol.
15, no. 2, Feb. 2019, doi: 10.1145/3293534.
[9] F. Pereira, S. I. Lopes, N. B. Carvalho, and A. Curado,
“RNProbe: A lora-enabled IoT edge device for integrated
radon risk management,” IEEE Access, vol. 8, pp. 203488–
203502, 2020, doi: 10.1109/ACCESS.2020.3036980.
[10] A. Abreu, S. I. Lopes, V. Manso, and A. Curado, “Low-Cost
LoRa-Based IoT Edge Device for Indoor Air Quality
Management in Schools,” in Lecture Notes of the Institute
for Computer Sciences, Social-Informatics and
Telecommunications Engineering, LNICST, Springer
Science and Business Media Deutschland GmbH, 2021, pp.
246–258. doi: 10.1007/978-3-030-76063-2_18.
[11] H. B. Pasandi et al., “Low-cost traffic sensing system based
on LoRaWAN for urban areas,” in EmergingWireless 2022 -
Proceedings of the 1st International Workshop on Emerging
Topics in Wireless, Part of CoNEXT 2022, Association for
Computing Machinery, Inc, Dec. 2022, pp. 6–11. doi:
10.1145/3565474.3569069.
[12] S. I. Lopes, F. Pereira, J. M. N. Vieira, N. B. Carvalho, and
A. Curado, “Design of Compact LoRa Devices for Smart
Building Applications,” in Lecture Notes of the Institute for
Computer Sciences, Social-Informatics and
Telecommunications Engineering, LNICST, Springer Verlag,
2019, pp. 142–153. doi: 10.1007/978-3-030-12950-7_12.
[13] A. Moradbeikie, A. Keshavarz, H. Rostami, S. Paiva, and S.
I. Lopes, “Improvement of RSSI-Based LoRaWAN
Localization Using Edge-AI,” in Lecture Notes of the
Institute for Computer Sciences, Social-Informatics and
Telecommunications Engineering, LNICST, Springer
Science and Business Media Deutschland GmbH, 2022, pp.
140–154. doi: 10.1007/978-3-031-06371-8_10.
[14] A. Moradbeikie, A. Keshavarz, H. Rostami, S. Paiva, and S.
I. Lopes, “Gnss-free outdoor localization techniques for
resource-constrained iot architectures: A literature review,”
Applied Sciences (Switzerland), vol. 11, no. 22. MDPI, Nov.
01, 2021. doi: 10.3390/app112210793.
[15] Y. Li et al., “Toward Location-Enabled IoT (LE-IoT): IoT
Positioning Techniques, Error Sources, and Error
Mitigation,” IEEE Internet of Things Journal, vol. 8, no. 6.
Institute of Electrical and Electronics Engineers Inc., pp.
4035–4062, Mar. 15, 2021. doi:
10.1109/JIOT.2020.3019199.
[16] N. Torres, P. Pinto, and S. I. Lopes, “Security vulnerabilities
in LPWANs-an attack vector analysis for the IoT
ecosystem,” Applied Sciences (Switzerland), vol. 11, no. 7,
Apr. 2021, doi: 10.3390/app11073176.
[17] S. , Delbruel, N. , Small, E. , Aras, J. , Oostvogels, and D.
Hughes, “Tackling contention through cooperation: A
distributed federation in LoRaWAN space,” in arXiv
preprint, 2017.
[18] M. Bor, U. Roedig, T. Voigt, and J. M. Alonso, “Do LoRa
low-power wide-area networks scale?,” in MSWiM 2016 -
Proceedings of the 19th ACM International Conference on
Modeling, Analysis and Simulation of Wireless and Mobile
Systems, Association for Computing Machinery, Inc, Nov.
2016, pp. 59–67. doi: 10.1145/2988287.2989163.
[19] E. Aras, G. Sankar Ramachandran, P. Lawrence, and D.
Hughes, “Exploring The Security Vulnerabilities of LoRa.”
[20] A. Ahmed et al., “Fog Computing Applications: Taxonomy
and Requirements,” Jul. 2019, [Online]. Available:
http://arxiv.org/abs/1907.11621
[21] F. , Bonomi, R. , Milito, J. , Zhu, and S. Addepalli, “Fog
Computing and Its Role in the Internet of Things, first
edition of the MCC workshop on Mobile cloud computing,”
2012, p. 66.
[22] V. K. Sarker, J. P. Queralta, T. N. Gia, H. Tenhunen, and T.
Westerlund, “A Survey on LoRa for IoT: Integrating Edge
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
2023 18th Iberian Conference on Information Systems and Technologies (CISTI)
20 – 23 June 2023, Aveiro, Portugal
ISBN: 978-989-33-4792-8
Computing,” in 2019 4th International Conference on Fog
and Mobile Edge Computing, FMEC 2019, Institute of
Electrical and Electronics Engineers Inc., Jun. 2019, pp.
295–300. doi: 10.1109/FMEC.2019.8795313.
[23] K. Mahmood et al., “Pairing based anonymous and secure
key agreement protocol for smart grid edge computing
infrastructure,” Future Generation Computer Systems, vol.
88, pp. 491–500, Nov. 2018, doi:
10.1016/j.future.2018.06.004.
[24] D. Battulga, M. Farhadi, M. A. Tamiru, L. Wu, and G.
Pierre, “LivingFog: Leveraging fog computing and
LoRaWAN technologies for smart marina management
(experience paper),” in Proceedings of the 25th Conference
on Innovation in Clouds, Internet and Networks, ICIN 2022,
Institute of Electrical and Electronics Engineers Inc., 2022,
pp. 9–16. doi: 10.1109/ICIN53892.2022.9758124.
[25] T. Nguyen Gia, J. P. Queralta, and T. Westerlund,
“Exploiting LoRa, edge, and fog computing for traffic
monitoring in smart cities,” in LPWAN Technologies for IoT
and M2M Applications, Elsevier, 2020, pp. 347–371. doi:
10.1016/B978-0-12-818880-4.00017-X.
[26] H. Arkian, D. Giouroukis, P. Souza Junior, G. Pierre, and G.
P. Potable Water, “Potable Water Management with
integrated Fog computing and LoRaWAN technologies.”
[Online]. Available: https://hal.inria.fr/hal-02513467
[27] M. Anjum, M. A. Khan, S. A. Hassan, A. Mahmood, H. K.
Qureshi, and M. Gidlund, “RSSI Fingerprinting-Based
Localization Using Machine Learning in LoRa Networks,”
IEEE Internet of Things Magazine, vol. 3, no. 4, pp. 53–59,
Jan. 2021, doi: 10.1109/iotm.0001.2000019.
[28] J. Purohit, X. Wang, S. Mao, X. Sun, and C. Yang,
“Fingerprinting-based Indoor and Outdoor Localization with
LoRa and Deep Learning,” in 2020 IEEE Global
Communications Conference, GLOBECOM 2020 -
Proceedings, Institute of Electrical and Electronics
Engineers Inc., Dec. 2020. doi:
10.1109/GLOBECOM42002.2020.9322261.
[29] K. H. , Lam, C. C. , Cheung, and W. C. Lee, “LoRa-based
Localization Systems for Noisy Outdoor Environment, IEEE
13th international conference on wireless and mobile
computing, networking and communications (WiMob),”
2017, pp. 278–284.
[30] X. , Wang, L. , Kong, L. , He, and G. Chen, “mLoRa: A
Multi-Packet Reception Protocol inLoRa networks,” in
International Conference on Network Protocols, IEEE,
2019, pp. 1–11.
[31] M. A. Ullah, K. Mikhaylov, and H. Alves, “Massive
Machine-Type Communication and Satellite Integration for
Remote Areas,” IEEE Wirel Commun, vol. 28, no. 4, pp. 74–
80, Aug. 2021, doi: 10.1109/MWC.100.2000477.
[32] B. Oniga, V. Dadarlat, E. De Poorter, and A. Munteanu, “A
secure LoRaWAN sensor network architecture.” [Online].
Available:
https://labs.mwrinfosecurity.com/assets/BlogFiles/
[33] H. Noura, T. Hatoum, O. Salman, J. P. Yaacoub, and A.
Chehab, “LoRaWAN security survey: Issues, threats and
possible mitigation techniques,” Internet of Things
(Netherlands), vol. 12. Elsevier B.V., Dec. 01, 2020. doi:
10.1016/j.iot.2020.100303.
[34] T. C. M. Dönmez and E. Nigussie, “Security of LoRaWAN
v1.1 in Backward Compatibility Scenarios,” in Procedia
Computer Science, Elsevier B.V., 2018, pp. 51–58. doi:
10.1016/j.procs.2018.07.143.
[35] J. Lee, D. Hwang, J. Park, and K. H. Kim, “Risk analysis
and countermeasure for bit-flipping attack in LoRaWAN,”
in International Conference on Information Networking,
IEEE Computer Society, Apr. 2017, pp. 549–551. doi:
10.1109/ICOIN.2017.7899554.
[36] K. Mikhaylov, R. Fujdiak, A. Pouttu, V. Miroslav, L.
Malina, and P. Mlynek, “Energy attack in Lorawan:
Experimental validation,” in ACM International Conference
Proceeding Series, Association for Computing Machinery,
Aug. 2019. doi: 10.1145/3339252.3340525.
[37] M. Brownfield, Y. Gupta, and N. Davis IV, “Wireless sensor
network denial of sleep attack,” in Proceedings from the 6th
Annual IEEE System, Man and Cybernetics Information
Assurance Workshop, SMC 2005, 2005, pp. 356–364. doi:
10.1109/IAW.2005.1495974.
[38] E. Aras, N. Small, G. S. Ramachandran, S. Delbruel, W.
Joosen, and D. Hughes, “Selective jamming of LoRaWAN
using commodity hardware,” in ACM International
Conference Proceeding Series, Association for Computing
Machinery, Nov. 2017, pp. 363–372. doi:
10.1145/3144457.3144478.
[39] K. L. Tsai, Y. L. Huang, F. Y. Leu, I. You, Y. L. Huang, and
C. H. Tsai, “AES-128 based secure low power
communication for LoRaWAN IoT environments,” IEEE
Access, vol. 6, pp. 45325–45334, Jul. 2018, doi:
10.1109/ACCESS.2018.2852563.
[40] H. B. Pasandi and T. Nadeem, “CONVINCE: Collaborative
Cross-Camera Video Analytics at the Edge; CONVINCE:
Collaborative Cross-Camera Video Analytics at the Edge,”
2020.
[41] Z. Liu, Q. Zhou, L. Hou, R. Xu, and K. Zheng, “Design and
Implementation on a LoRa System with Edge Computing.”
[42] C. Gu, L. Jiang, and R. Tan, “LoRa-Based Localization:
Opportunities and Challenges,” Dec. 2018, [Online].
Available: http://arxiv.org/abs/1812.11481
Authorized licensed use limited to: b-on: Instituto Politecnico de Viana do Castelo. Downloaded on August 19,2023 at 12:54:20 UTC from IEEE Xplore. Restrictions apply.
