http://wiki.franklinheath.co.uk/index.php?title=LPWAN_Security_Features&feed=atom&action=history
LPWAN Security Features - Revision history
2024-03-28T18:23:50Z
Revision history for this page on the wiki
MediaWiki 1.23.17
http://wiki.franklinheath.co.uk/index.php?title=LPWAN_Security_Features&diff=932&oldid=prev
Craig: Included varying opinions on LTE-M MCL figure.
2017-05-15T10:26:25Z
<p>Included varying opinions on LTE-M MCL figure.</p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 10:26, 15 May 2017</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 19:</td>
<td colspan="2" class="diff-lineno">Line 19:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left;color:gray" | Maximum Coupling Loss</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left;color:gray" | Maximum Coupling Loss</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|<del class="diffchange diffchange-inline">~160dB </del><ref name="mcl">These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology</ref<del class="diffchange diffchange-inline">></del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| <ins class="diffchange diffchange-inline">>155.7dB <ref>According to [ftp://www.3gpp.org/Information/presentations/presentations_2016/2016_11_3gpp_Standards_for_IoT.pdf 3GPP target]</ref> 164dB <ref>According to [https://www.sierrawireless.com/iot-blog/iot-blog/2017/01/new_research_reveals_ltem_catm1_is_ideal_for_deep_coverage_iot_applications/ Sierra Wireless]</ref></ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">|164dB <ref name="mcl" /</del>></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">|164dB </ins><ref name="mcl">These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology</ref></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|157dB <ref name="mcl" /></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|157dB <ref name="mcl" /></div></td></tr>
<!-- diff cache key my_wiki:diff:version:1.11a:oldid:931:newid:932 -->
</table>
Craig
http://wiki.franklinheath.co.uk/index.php?title=LPWAN_Security_Features&diff=931&oldid=prev
Craig: capitalisation
2017-05-15T10:09:26Z
<p>capitalisation</p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 10:09, 15 May 2017</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 19:</td>
<td colspan="2" class="diff-lineno">Line 19:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left;color:gray" | Maximum Coupling Loss</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left;color:gray" | Maximum Coupling Loss</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|<del class="diffchange diffchange-inline">approx. </del>160dB <ref name="mcl">These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology</ref></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>|<ins class="diffchange diffchange-inline">~</ins>160dB <ref name="mcl">These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology</ref></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|164dB <ref name="mcl" /></div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 128:</td>
<td colspan="2" class="diff-lineno">Line 128:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|Optional (GIA4/5)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|Optional (GIA4/5)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|Yes</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|Yes</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>|<del class="diffchange diffchange-inline">unknown </del><ref>Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered</ref></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>|<ins class="diffchange diffchange-inline">Unknown </ins><ref>Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered</ref></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left" | Replay Protection</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>! style="text-align:left" | Replay Protection</div></td></tr>
<!-- diff cache key my_wiki:diff:version:1.11a:oldid:930:newid:931 -->
</table>
Craig
http://wiki.franklinheath.co.uk/index.php?title=LPWAN_Security_Features&diff=930&oldid=prev
Craig: Based on the features table from our recent LPWAN security white paper
2017-05-15T10:06:40Z
<p>Based on the features table from our recent LPWAN security white paper</p>
<p><b>New page</b></p><div>Table of features for various Low-Power Wide Area Networking technologies, extracted from the [https://fhcouk.files.wordpress.com/2017/05/lpwa-technology-security-comparison.pdf LPWA Technology Security Comparison] white paper.<br />
<br />
The first few rows (with <span style="color:grey;font-weight:bold">Grey Titles</span>) are not security features as such, but are included as they may be significant factors in choosing one technology over another.<br />
<br />
{| class="wikitable" style="text-align:center"<br />
| style="width:20%" |<br />
! style="width:16%" | LTE-M<br />
! style="width:16%" | NB-IoT<br />
! style="width:16%" | EC-GSM-IoT<br />
! style="width:16%" | LoRaWAN<br />
! style="width:16%" | Sigfox<br />
|-<br />
! style="text-align:left;color:gray" | Bandwidth<br />
|1.08MHz<br />
|180kHz<br />
|600kHz<br />
|125kHz (500kHz d/l)<br />
|100Hz (1.5kHz d/l)<br />
|-<br />
! style="text-align:left;color:gray" | Maximum Coupling Loss<br />
|approx. 160dB <ref name="mcl">These figures are provided as a guide only; precise comparisons may be misleading as link budget assumptions vary in the calculations for each technology</ref><br />
|164dB <ref name="mcl" /><br />
|164dB <ref name="mcl" /><br />
|157dB <ref name="mcl" /><br />
|153dB <ref name="mcl" /><br />
|-<br />
! style="text-align:left;color:gray" | Typical Frequency Bands<br />
|Below or above 1GHz<br />
|Below or above 1GHz<br />
|Below or above 1GHz<br />
|Below 1GHz<br />
|Below 1GHz<br />
|-<br />
! style="text-align:left;color:gray" | Maximum Downlink Peak Data Rate<br />
|1Mbps<br />
|250kbps<br />
|74kbps<br />
|50kbps<br />
|600bps<br />
|-<br />
! style="text-align:left;color:gray" | Maximum Uplink Peak Data Rate<br />
|1Mbps<br />
|250kbps<br />
|74kbps<br />
|50kbps<br />
|100bps<br />
|-<br />
! style="text-align:left;color:gray" | Typical Downlink Daily Throughput<br />
|Limited only by battery power<br />
|Limited only by battery power<br />
|Limited only by battery power<br />
|~200B <ref name="ttn">Based on [https://www.thethingsnetwork.org/forum/c/nodes The Things Network Fair Access Policy]</ref><br />
|24B<br />
|-<br />
! style="text-align:left;color:gray" | Typical Uplink Daily Throughput<br />
|Limited only by battery power<br />
|Limited only by battery power<br />
|Limited only by battery power<br />
|~200kB <ref name="ttn" /><br />
|1.64kB<br />
|-<br />
! style="text-align:left;color:gray" | Typical Module Cost<br />
|Medium<br />
|Low<br />
|Low<br />
|Low<br />
|Very low<br />
|-<br />
! style="text-align:left" | Globally Unique Identifiers<br />
|IMSI<br />
|IMSI<br />
|IMSI<br />
|Optional (DevEUI)<br />
|Yes (32 bits)<br />
|-<br />
! style="text-align:left" | Device/Subscriber Authentication<br />
|UICC or eUICC <ref name="uicc">UICC and eUICC both authenticate the mobile subscription, for a non-removable eUICC the EID also serves to uniquely identify the device</ref><br />
|UICC or eUICC <ref name="uicc" /><br />
|UICC or eUICC <ref name="uicc" /><br />
|Device or Subscriber <ref>Pre-provisioned NwkSKey authenticates the device, or default AppKey (permitted by The Things Network) authenticates the subscriber, or unique AppKey authenticates both</ref><br />
|Device<br />
|-<br />
! style="text-align:left" | Network Authentication<br />
|LTE AKA<br />
|LTE AKA<br />
|UMTS AKA<br />
|Optional<br />
|No<br />
|-<br />
! style="text-align:left" | Identity Protection<br />
|TMSI<br />
|TMSI<br />
|TMSI<br />
|Partial (DevAddr)<br />
|No<br />
|-<br />
! style="text-align:left" | Data Confidentiality<br />
|Yes (EEAx)<br />
|Yes (EEAx)<br />
|Optional (GEA4/5)<br />
|Yes (AppSKey)<br />
|No<br />
|-<br />
! style="text-align:left" | End-to-Middle Security<br />
|No<br />
|No <ref>Under discussion for a future 3GPP release (SA3 work item “Battery Efficient Security for Very-Low-Throughput MTC Devices”)</ref><br />
|To visited network<br />
|Yes (AppSKey)<br />
|No<br />
|-<br />
! style="text-align:left" | Forward Secrecy<br />
|No<br />
|No<br />
|No<br />
|No<br />
|No<br />
|-<br />
! style="text-align:left" | Data Integrity<br />
|Limited <ref name="blind">Where data encryption is in use, modifying ciphertext will corrupt the data unpredictably</ref><br />
|Optional (with DoNAS)<br />
|Limited <ref name="blind" /><br />
|Limited <ref name="blind" /><br />
|Variable <ref>A 16-byte Message Authentication Code is truncated to fit within a fixed size packet: only 2 to 5 bytes are transmitted, depending on the space available in each packet</ref><br />
|-<br />
! style="text-align:left" | Control Integrity<br />
|Yes (EIAx)<br />
|Yes (EIAx)<br />
|Optional (GIA4/5)<br />
|Yes<br />
|unknown <ref>Sigfox does not disclose the algorithm for calculating the Message Authentication Code, thus it is unknown how much of the control information (if any) is covered</ref><br />
|-<br />
! style="text-align:left" | Replay Protection<br />
|Yes<br />
|Optional (with DoNAS)<br />
|Limited <ref name="ctr">Where data encryption is in use, replaying ciphertext will not result in the same plaintext</ref><br />
|Yes<br />
|Yes<br />
|-<br />
! style="text-align:left" | Reliable Delivery<br />
|Yes<br />
|Yes<br />
|Yes<br />
|No<br />
|No<br />
|-<br />
! style="text-align:left" | Critical Infrastructure Class<br />
|Access Classes 11-15<br />
|Access Classes 11-15<br />
|Access Classes 11-15<br />
|No<br />
|No<br />
|-<br />
! style="text-align:left" | Updatability (Device)<br />
|Possible<br />
|Possible<br />
|Possible<br />
|Limited <ref>Firmware update broadcast capability is under discussion for a future LoRaWAN version</ref><br />
|No<br />
|-<br />
! style="text-align:left" | Updatability (Keys/Algorithms)<br />
|Optional (SIM OTA)<br />
|Optional (SIM OTA)<br />
|Optional (SIM OTA)<br />
|Limited<br />
|No<br />
|-<br />
! style="text-align:left" | Network Monitoring and Filtering<br />
|Yes<br />
|Yes<br />
|Yes<br />
|Limited<br />
|Monitoring only<br />
|-<br />
! style="text-align:left" | Key Provisioning<br />
|Pre-provisioned or RSP<br />
|Pre-provisioned or RSP<br />
|Pre-provisioned or RSP<br />
|Pre-provisioned (ABP) or OTAA<br />
|Pre-provisioned<br />
|-<br />
! style="text-align:left" | Algorithm Negotiation<br />
|Yes<br />
|Yes<br />
|Yes<br />
|No<br />
|No<br />
|-<br />
! style="text-align:left" | Class Break Resistance<br />
|Yes <ref name="cb">No private or secret keys are shared between devices</ref><br />
|Yes <ref name="cb" /><br />
|Yes <ref name="cb" /><br />
|Optional <ref>Devices may share a default AppKey, which would then be a potential class break</ref><br />
|Yes <ref name="cb" /><br />
|-<br />
! style="text-align:left" | Certified Equipment<br />
|Required<br />
|Required<br />
|Required<br />
|Optional<br />
|Required<br />
|-<br />
! style="text-align:left" | IP Network<br />
|Optional<br />
|Optional<br />
|Yes<br />
|No<br />
|No<br />
|}<br />
<references /></div>
Craig