Article: Security analysis and improvement of key exchange protocol in LoRaWAN network Journal: International Journal of Sensor Networks (IJSNET) 2025 Vol.49 No.3 pp.148 - 170 Abstract: While using very low-power and inexpensive transmitters, LoRaWAN networks exhibit very high sensitivity and excellent reliability over very long ranges. Although these networks benefit from higher security performance compared to other low-power wide-area communication protocols, some aspects of their security can be greatly improved. Namely, the key exchange protocol was considered as one of the weakest links in the security of LoRaWAN networks. This issue was addressed at the second edition of the LoRaWAN protocol. However, the improvement was achieved at the cost of using much more complicated algorithms. Even then, some of the security issues of the protocol such as vulnerability against node capture attack and forward secrecy remained the same. In this paper, we demonstrate the limitations of new LoRaWAN key exchange protocols using Scyther and ProVerif security analysis tools. Then we propose a novel scheme that while requiring much less complex computations, offers a more robust security for LoRaWAN networks. We use the aforementioned tools to verify that the proposed method considerably improves the resilience of LoRaWAN against known attacks. Inderscience Publishers - linking academia, business and industry through research

Title: Security analysis and improvement of key exchange protocol in LoRaWAN network

Authors: Arman Amjadian; Hamid Meghdadi; Ali Shahzadi

Addresses: Department of Telecommunications, Faculty of Electrical and Computer Engineering, Semnan University, Semnan, Semnan, Iran ' Department of Telecommunications, Faculty of Electrical and Computer Engineering, Semnan University, Semnan, Semnan, Iran ' Department of Telecommunications, Faculty of Electrical and Computer Engineering, Semnan University, Semnan, Semnan, Iran

Abstract: While using very low-power and inexpensive transmitters, LoRaWAN networks exhibit very high sensitivity and excellent reliability over very long ranges. Although these networks benefit from higher security performance compared to other low-power wide-area communication protocols, some aspects of their security can be greatly improved. Namely, the key exchange protocol was considered as one of the weakest links in the security of LoRaWAN networks. This issue was addressed at the second edition of the LoRaWAN protocol. However, the improvement was achieved at the cost of using much more complicated algorithms. Even then, some of the security issues of the protocol such as vulnerability against node capture attack and forward secrecy remained the same. In this paper, we demonstrate the limitations of new LoRaWAN key exchange protocols using Scyther and ProVerif security analysis tools. Then we propose a novel scheme that while requiring much less complex computations, offers a more robust security for LoRaWAN networks. We use the aforementioned tools to verify that the proposed method considerably improves the resilience of LoRaWAN against known attacks.

Keywords: internet of things; IoT; long-range wide-area network; LoRaWAN; network security; over-the-air activation; OTAA; Scyther; ProVerif.

DOI: 10.1504/IJSNET.2025.149892

International Journal of Sensor Networks, 2025 Vol.49 No.3, pp.148 - 170

Received: 16 Jul 2024
Accepted: 08 Jun 2025
Published online: 17 Nov 2025 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Security analysis and improvement of key exchange protocol in LoRaWAN network

Keep up-to-date