LPWAN Security Features

Table of features for various Low-Power Wide Area Networking technologies, extracted from the LPWA Technology Security Comparison white paper.

The first few rows (with Grey Titles) are not security features as such, but are included as they may be significant factors in choosing one technology over another.

	LTE-M	NB-IoT	EC-GSM-IoT	LoRaWAN	Sigfox
Bandwidth	1.08MHz	180kHz	600kHz	125kHz (500kHz d/l)	100Hz (1.5kHz d/l)
Maximum Coupling Loss	approx. 160dB ^[1]	164dB ^[1]	164dB ^[1]	157dB ^[1]	153dB ^[1]
Typical Frequency Bands	Below or above 1GHz	Below or above 1GHz	Below or above 1GHz	Below 1GHz	Below 1GHz
Maximum Downlink Peak Data Rate	1Mbps	250kbps	74kbps	50kbps	600bps
Maximum Uplink Peak Data Rate	1Mbps	250kbps	74kbps	50kbps	100bps
Typical Downlink Daily Throughput	Limited only by battery power	Limited only by battery power	Limited only by battery power	~200B ^[2]	24B
Typical Uplink Daily Throughput	Limited only by battery power	Limited only by battery power	Limited only by battery power	~200kB ^[2]	1.64kB
Typical Module Cost	Medium	Low	Low	Low	Very low
Globally Unique Identifiers	IMSI	IMSI	IMSI	Optional (DevEUI)	Yes (32 bits)
Device/Subscriber Authentication	UICC or eUICC ^[3]	UICC or eUICC ^[3]	UICC or eUICC ^[3]	Device or Subscriber ^[4]	Device
Network Authentication	LTE AKA	LTE AKA	UMTS AKA	Optional	No
Identity Protection	TMSI	TMSI	TMSI	Partial (DevAddr)	No
Data Confidentiality	Yes (EEAx)	Yes (EEAx)	Optional (GEA4/5)	Yes (AppSKey)	No
End-to-Middle Security	No	No ^[5]	To visited network	Yes (AppSKey)	No
Forward Secrecy	No	No	No	No	No
Data Integrity	Limited ^[6]	Optional (with DoNAS)	Limited ^[6]	Limited ^[6]	Variable ^[7]
Control Integrity	Yes (EIAx)	Yes (EIAx)	Optional (GIA4/5)	Yes	unknown ^[8]
Replay Protection	Yes	Optional (with DoNAS)	Limited ^[9]	Yes	Yes
Reliable Delivery	Yes	Yes	Yes	No	No
Critical Infrastructure Class	Access Classes 11-15	Access Classes 11-15	Access Classes 11-15	No	No
Updatability (Device)	Possible	Possible	Possible	Limited ^[10]	No
Updatability (Keys/Algorithms)	Optional (SIM OTA)	Optional (SIM OTA)	Optional (SIM OTA)	Limited	No
Network Monitoring and Filtering	Yes	Yes	Yes	Limited	Monitoring only
Key Provisioning	Pre-provisioned or RSP	Pre-provisioned or RSP	Pre-provisioned or RSP	Pre-provisioned (ABP) or OTAA	Pre-provisioned
Algorithm Negotiation	Yes	Yes	Yes	No	No
Class Break Resistance	Yes ^[11]	Yes ^[11]	Yes ^[11]	Optional ^[12]	Yes ^[11]
Certified Equipment	Required	Required	Required	Optional	Required
IP Network	Optional	Optional	Yes	No	No

↑ ^1.0 ^1.1 ^1.2 ^1.3 ^1.4 These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology
↑ ^2.0 ^2.1 Based on The Things Network Fair Access Policy
↑ ^3.0 ^3.1 ^3.2 UICC and eUICC both authenticate the mobile subscription, for a non-removable eUICC the EID also serves to uniquely identify the device
↑ Pre-provisioned NwkSKey authenticates the device, or default AppKey (permitted by The Things Network) authenticates the subscriber, or unique AppKey authenticates both
↑ Under discussion for a future 3GPP release (SA3 work item “Battery Efficient Security for Very-Low-Throughput MTC Devices”)
↑ ^6.0 ^6.1 ^6.2 Where data encryption is in use, modifying ciphertext will corrupt the data unpredictably
↑ A 16-byte Message Authentication Code is truncated to fit within a fixed size packet: only 2 to 5 bytes are transmitted, depending on the space available in each packet
↑ Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered
↑ Where data encryption is in use, replaying ciphertext will not result in the same plaintext
↑ Firmware update broadcast capability is under discussion for a future LoRaWAN version
↑ ^11.0 ^11.1 ^11.2 ^11.3 No private or secret keys are shared between devices
↑ Devices may share a default AppKey, which would then be a potential class break

[mcl-1] 1.0 ^1.1 ^1.2 ^1.3 ^1.4 These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology

[ttn-2] 2.0 ^2.1 Based on The Things Network Fair Access Policy

[uicc-3] 3.0 ^3.1 ^3.2 UICC and eUICC both authenticate the mobile subscription, for a non-removable eUICC the EID also serves to uniquely identify the device

[4] Pre-provisioned NwkSKey authenticates the device, or default AppKey (permitted by The Things Network) authenticates the subscriber, or unique AppKey authenticates both

[5] Under discussion for a future 3GPP release (SA3 work item “Battery Efficient Security for Very-Low-Throughput MTC Devices”)

[blind-6] 6.0 ^6.1 ^6.2 Where data encryption is in use, modifying ciphertext will corrupt the data unpredictably

[7] A 16-byte Message Authentication Code is truncated to fit within a fixed size packet: only 2 to 5 bytes are transmitted, depending on the space available in each packet

[8] Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered

[ctr-9] Where data encryption is in use, replaying ciphertext will not result in the same plaintext

[10] Firmware update broadcast capability is under discussion for a future LoRaWAN version

[cb-11] 11.0 ^11.1 ^11.2 ^11.3 No private or secret keys are shared between devices

[12] Devices may share a default AppKey, which would then be a potential class break

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

LPWAN Security Features

Navigation menu

Views

Personal tools

NAVIGATION

Search

Tools