IoTree: TLS Encryption for LoRaWAN

LoRa­WAN is a Low Power Wide Area Net­work spe­ci­fi­ca­ti­on for wire­less bat­te­ry powe­red sys­tems in a regio­nal, natio­nal or even glo­bal net­work. LoRa­WAN tar­gets the most important requi­re­ments of the Inter­net of Things (IoT), e.g. bidi­rec­tio­n­al com­mu­ni­ca­ti­on, loca­liz­a­ti­on and mobi­li­ty of ser­vices. TLS over LoRa­WAN is a simp­le soft­ware exten­si­on that on the one hand fixes known vul­nera­bi­li­ties and on the other hand pro­vi­des WAN-com­pa­ti­ble end-to-end secu­ri­ty accord­ing to TR-03116–3.

LoRaWAN as the Gold Standard of IoT Connectivity

LoRa­WAN radio tech­no­lo­gy has emer­ged as the Gold Stan­dard for IoT con­nec­ti­vi­ty in recent years. This is due to its spe­cial cha­rac­te­ris­tics, which enab­le the eco­no­mi­c­al ope­ra­ti­on of a wide area network:

  • Long ran­ges with high buil­ding coverage of 1.5 to 2 km (Deep-Indoor in the city)
  • Low power con­sump­ti­on due to low data rates (0.3 kBits/s to 50 kBits/s)
  • No addi­tio­nal trans­mis­si­on cos­ts due to own radio net­work and licen­se-free radio tech­no­lo­gy (ISM Band 868 MHz)

LoRaWAN Requires Additional Security

While the com­mon LoRa­WAN has many advan­ta­ges over other radio tech­no­lo­gies, it does not cor­re­spond to the sta­te of the art in IT secu­ri­ty. Atta­ckers could per­ma­nent­ly dis­rupt the con­nec­tion and decrypt or even mani­pu­la­te the trans­mit­ted data. Thus, the BSI pre­fers TLS encryp­ti­on when using WAN con­nec­tions accord­ing to TR-03116–3, which is not avail­ab­le with the stan­dard LoRa­WAN. Espe­cial­ly when dealing with sen­si­ti­ve com­pa­ny data, per­so­nal data, as well as when using cri­ti­cal infra­st­ruc­tures, secu­ri­ty must not be neglected.

PHYSEC Offers BSI Compliant Security

We are proud to offer a uni­que, self-deve­lo­ped and paten­ted TLS encryp­ti­on for LoRa­WAN. With it we com­bi­ne the tech­ni­cal and eco­no­mi­c­al advan­ta­ges of LoRa­WAN with the high secu­ri­ty requi­re­ments of the BSI. Our solu­ti­on was deve­lo­ped from the user per­spec­ti­ve for Smart Mete­ring, Smart Grid and cri­ti­cal-infra­st­ruc­tu­re-app­li­ca­ti­ons in coope­ra­ti­on with Gelsenwasser.

This is How Our Technology Works

The addi­tio­nal TLS secu­ri­ty lay­er is added to the LoRa­WAN pro­to­col without chan­ging it. Thus the sys­tem is 100% LoRa­WAN com­pli­ant. The secu­ri­ty tech­no­lo­gy used is ful­ly matu­re and uses estab­lis­hed cryp­to standards.

(Minimum-) Requirements

The­re are no spe­cial infra­st­ruc­tu­re requi­re­ments for using encryp­ti­on and plat­form inte­gra­ti­on. Any LoRa­WAN net­work can be used. It is not necessa­ry to exchan­ge the hardware.

The Result: Maximum Security!

  • The paten­ted and in LoRa­WAN uni­que TLS encryp­ti­on pro­tects the con­fi­den­tia­li­ty and authen­ti­ci­ty of your sen­sor and actua­tor data.
  • The matu­re tech­no­lo­gy enab­les you to achie­ve a high level of secu­ri­ty by using estab­lis­hed cryp­to standards.
  • Due to con­stant fur­ther deve­lo­p­ments and updates your net­work will remain secu­re in the future.
  • The ter­mi­nal device and ser­ver soft­ware veri­fy their mutu­al iden­ti­ty with certificates.
  • You retain data sov­er­eig­n­ty — neit­her end device nor soft­ware manu­fac­tu­rers mana­ge key material.

Let us convince you of our consistent solution

LoRaWAN Starterkit

Eva­lua­te the pos­si­bi­li­ties of using your own LoRa­WAN net­work. With our LoRa­WAN Star­ter­kit you recei­ve our expert advice inclu­ding the necessa­ry hard­ware and software.

IoTree-Plattform

Our fle­xi­ble IoTree plat­form offers a user-friend­ly inter­face and is alrea­dy used for a wide ran­ge of applications.

SEAL Integrity Monitoring

Alter­na­tively, we also offer you our paten­ted phy­si­cal inte­gri­ty moni­to­ring. Mani­pu­la­ti­on of con­trol and mea­su­ring equip­ment can be detec­ted remo­te­ly and thus in real time.

Have we sparked your interest?

Con­ta­ct us today and dis­co­ver even more about the use and advan­ta­ges of IoTree LoRa­WAN. Let us help you use LoRa­WAN wire­less tech­no­lo­gy for a varie­ty of use cases. Con­sul­ting and Sup­port is our top prio­ri­ty, sin­ce we know that each cus­to­mer has dif­fe­rent needs.

Personal Consultation

React to the rising secu­ri­ty thre­ats and pre­vent the attacks of tomor­row. We at PHYSEC will glad­ly ans­wer your ques­ti­ons. Talk direct­ly to our exe­cu­ti­ves now.

Dr. Chris­ti­an Zen­ger, CEO
email: christian.zenger@physec.de

Dr. Hei­ko Koep­ke, CFO
email: heiko.koepke@physec.de