LPWAN Security Features

From Franklin Heath Ltd Wiki
Jump to: navigation, search

Table of features for various Low-Power Wide Area Networking technologies, extracted from the LPWA Technology Security Comparison white paper.

The first few rows (with Grey Titles) are not security features as such, but are included as they may be significant factors in choosing one technology over another.

LTE-M NB-IoT EC-GSM-IoT LoRaWAN Sigfox
Bandwidth 1.08MHz 180kHz 600kHz 125kHz (500kHz d/l) 100Hz (1.5kHz d/l)
Maximum Coupling Loss >155.7dB [1] 164dB [2] 164dB [3] 164dB [3] 157dB [3] 153dB [3]
Typical Frequency Bands Below or above 1GHz Below or above 1GHz Below or above 1GHz Below 1GHz Below 1GHz
Maximum Downlink Peak Data Rate 1Mbps 250kbps 74kbps 50kbps 600bps
Maximum Uplink Peak Data Rate 1Mbps 250kbps 74kbps 50kbps 100bps
Typical Downlink Daily Throughput Limited only by battery power Limited only by battery power Limited only by battery power ~200B [4] 24B
Typical Uplink Daily Throughput Limited only by battery power Limited only by battery power Limited only by battery power ~200kB [4] 1.64kB
Typical Module Cost Medium Low Low Low Very low
Globally Unique Identifiers IMSI IMSI IMSI Optional (DevEUI) Yes (32 bits)
Device/Subscriber Authentication UICC or eUICC [5] UICC or eUICC [5] UICC or eUICC [5] Device or Subscriber [6] Device
Network Authentication LTE AKA LTE AKA UMTS AKA Optional No
Identity Protection TMSI TMSI TMSI Partial (DevAddr) No
Data Confidentiality Yes (EEAx) Yes (EEAx) Optional (GEA4/5) Yes (AppSKey) No
End-to-Middle Security No No [7] To visited network Yes (AppSKey) No
Forward Secrecy No No No No No
Data Integrity Limited [8] Optional (with DoNAS) Limited [8] Limited [8] Variable [9]
Control Integrity Yes (EIAx) Yes (EIAx) Optional (GIA4/5) Yes Unknown [10]
Replay Protection Yes Optional (with DoNAS) Limited [11] Yes Yes
Reliable Delivery Yes Yes Yes No No
Critical Infrastructure Class Access Classes 11-15 Access Classes 11-15 Access Classes 11-15 No No
Updatability (Device) Possible Possible Possible Limited [12] No
Updatability (Keys/Algorithms) Optional (SIM OTA) Optional (SIM OTA) Optional (SIM OTA) Limited No
Network Monitoring and Filtering Yes Yes Yes Limited Monitoring only
Key Provisioning Pre-provisioned or RSP Pre-provisioned or RSP Pre-provisioned or RSP Pre-provisioned (ABP) or OTAA Pre-provisioned
Algorithm Negotiation Yes Yes Yes No No
Class Break Resistance Yes [13] Yes [13] Yes [13] Optional [14] Yes [13]
Certified Equipment Required Required Required Optional Required
IP Network Optional Optional Yes No No
  1. According to 3GPP target
  2. According to Sierra Wireless
  3. 3.0 3.1 3.2 3.3 These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology
  4. 4.0 4.1 Based on The Things Network Fair Access Policy
  5. 5.0 5.1 5.2 UICC and eUICC both authenticate the mobile subscription, for a non-removable eUICC the EID also serves to uniquely identify the device
  6. Pre-provisioned NwkSKey authenticates the device, or default AppKey (permitted by The Things Network) authenticates the subscriber, or unique AppKey authenticates both
  7. Under discussion for a future 3GPP release (SA3 work item “Battery Efficient Security for Very-Low-Throughput MTC Devices”)
  8. 8.0 8.1 8.2 Where data encryption is in use, modifying ciphertext will corrupt the data unpredictably
  9. A 16-byte Message Authentication Code is truncated to fit within a fixed size packet: only 2 to 5 bytes are transmitted, depending on the space available in each packet
  10. Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered
  11. Where data encryption is in use, replaying ciphertext will not result in the same plaintext
  12. Firmware update broadcast capability is under discussion for a future LoRaWAN version
  13. 13.0 13.1 13.2 13.3 No private or secret keys are shared between devices
  14. Devices may share a default AppKey, which would then be a potential class break