{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,9]],"date-time":"2026-06-09T15:36:44Z","timestamp":1781019404721,"version":"3.54.1"},"reference-count":42,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2021,4,23]],"date-time":"2021-04-23T00:00:00Z","timestamp":1619136000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Security is one of the major concerns of the Internet of Things (IoT) wireless technologies. LoRaWAN is one of the emerging Low Power Wide Area Networks being developed for IoT applications. The latest LoRaWAN release v.1.1 has provided a security framework that includes data confidentiality protection, data integrity check, device authentication and key management. However, its key management part is only ambiguously defined. In this paper, a complete key management scheme is proposed for LoRaWAN. The scheme addresses key updating, key generation, key backup, and key backward compatibility. The proposed scheme was shown not only to enhance the current LoRaWAN standard, but also to meet the primary design consideration of LoRaWAN, i.e., low power consumption.<\/jats:p>","DOI":"10.3390\/s21092962","type":"journal-article","created":{"date-parts":[[2021,4,25]],"date-time":"2021-04-25T02:12:57Z","timestamp":1619316777000},"page":"2962","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["A Complete Key Management Scheme for LoRaWAN v1.1"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5926-1692","authenticated-orcid":false,"given":"Xingda","family":"Chen","sequence":"first","affiliation":[{"name":"School of Engineering, RMIT University, Melbourne, VIC 3000, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7860-7289","authenticated-orcid":false,"given":"Margaret","family":"Lech","sequence":"additional","affiliation":[{"name":"School of Engineering, RMIT University, Melbourne, VIC 3000, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7604-1322","authenticated-orcid":false,"given":"Liuping","family":"Wang","sequence":"additional","affiliation":[{"name":"School of Engineering, RMIT University, Melbourne, VIC 3000, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2021,4,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Nakamura, Y., Talusan, J.P., Mizumoto, T., Suwa, H., Arakawa, Y., Yamaguchi, H., and Yasumoto, K. (2021, January 5\u20138). ProceThings: Data Processing Platform with In-situ IoT Devices for Smart Community Services. Proceedings of the ICDCN \u201921: Adjunct Proceedings of the 2021 International Conference on Distributed Computing and Networking, Nara, Japan.","DOI":"10.1145\/3427477.3429275"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Taylor, R., Baron, D., and Schmidt, D. (2015, January 21\u201323). The world in 2025-predictions for the next ten years. Proceedings of the 2015 10th International Microsystems, Packaging, Assembly and Circuits Technology Conference (IMPACT), Taipei, Taiwan.","DOI":"10.1109\/IMPACT.2015.7365193"},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"28177","DOI":"10.1109\/ACCESS.2021.3052867","article-title":"Lightweight Cryptography Algorithms for Resource-Constrained IoT Devices: A Review, Comparison and Research Opportunities","volume":"9","author":"Thakor","year":"2021","journal-title":"IEEE Access"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Sun, Y., Jin, R., Lin, K., and Liu, W. (2021). High-performance Isolation Computing Technology for Smart IoT Healthcare in Cloud Environments. IEEE Internet Things J.","DOI":"10.1109\/JIOT.2021.3051742"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Raghuprasad, A., Padmanabhan, S., Babu, M.A., and Binu, P.K. (2020, January 28\u201330). Security Analysis and Prevention of Attacks on IoT Devices. Proceedings of the 2020 International Conference on Communication and Signal Processing (ICCSP), Chennai, India.","DOI":"10.1109\/ICCSP48568.2020.9182055"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Chen, X., Wang, J., and Wang, L. (2019, January 27\u201329). A Fast Session Key Generation Scheme for LoRaWAN. Proceedings of the 2019 Australian & New Zealand Control Conference (ANZCC), Auckland, New Zealand.","DOI":"10.1109\/ANZCC47194.2019.8945521"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Sanchez-Iborra, R., S\u00e1nchez-G\u00f3mez, J., P\u00e9rez, S., Fern\u00e1ndez, P.J., Santa, J., Hern\u00e1ndez-Ramos, J.L., and Skarmeta, A.F. (2018). Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach. Sensors, 18.","DOI":"10.3390\/s18061833"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Han, J., and Wang, J. (2018). An Enhanced Key Management Scheme for LoRaWAN. Cryptography, 2.","DOI":"10.3390\/cryptography2040034"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"You, I., Kwon, S., Choudhary, G., Sharma, V., and Seo, J.T. (2018). An Enhanced LoRaWAN Security Protocol for Privacy Preservation in IoT with a Case Study on a Smart Factory-Enabled Parking System. Sensors, 18.","DOI":"10.3390\/s18061888"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Xing, J., Hou, L., Zhang, K., and Zheng, K. (2019, January 16\u201319). An Improved Secure Key Management Scheme for LoRa System. Proceedings of the 2019 IEEE 19th International Conference on Communication Technology (ICCT), Xi\u2019an, China.","DOI":"10.1109\/ICCT46805.2019.8947215"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"D\u00f6nmez, T.C.M., and Nigussie, E. (2019, January 8\u201310). Key Management through Delegation for LoRaWAN based Healthcare Monitoring Systems. Proceedings of the 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT), Oslo, Norway.","DOI":"10.1109\/ISMICT.2019.8743947"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Ribeiro, V., Holanda, R., Ramos, A., and Rodrigues, J.J.P.C. (2020). Enhancing Key Management in LoRaWAN with Permissioned Blockchain. Sensors, 20.","DOI":"10.3390\/s20113068"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"75015","DOI":"10.1109\/ACCESS.2018.2883657","article-title":"Secure Session Key Management Scheme for Meter-Reading System Based on LoRa Technology","volume":"6","author":"Xia","year":"2018","journal-title":"IEEE Access"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"2153","DOI":"10.1109\/JSEN.2017.2789121","article-title":"A Secure Device-to-Device Link Establishment Scheme for LoRaWAN","volume":"18","author":"Kim","year":"2018","journal-title":"IEEE Sens. J."},{"key":"ref_15","unstructured":"Weinand, A., de la Fuente, A.G., Lipps, C., and Michael, K. (2021). Physical Layer Security based Key Management for LoRaWAN. arXiv."},{"key":"ref_16","unstructured":"(2019, September 28). LoRaWAN\u2122 Specification v1.1. 11 October 2017. Available online: https:\/\/lora-alliance.org\/resource-hub\/lorawantm-specification-v11."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"54631","DOI":"10.1109\/ACCESS.2020.2978100","article-title":"Secure Session Key Generation Method for LoRaWAN Servers","volume":"8","author":"Tsai","year":"2020","journal-title":"IEEE Access"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"146348","DOI":"10.1109\/ACCESS.2019.2941972","article-title":"Low-Power AES Data Encryption Architecture for a LoRaWAN","volume":"7","author":"Tsai","year":"2019","journal-title":"IEEE Access"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Torres, N., Pinto, P., and Lopes, S.I. (2021). Security Vulnerabilities in LPWANs\u2014An Attack Vector Analysis for the IoT Ecosystem. Appl. Sci., 11.","DOI":"10.3390\/app11073176"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1561","DOI":"10.1109\/JIOT.2018.2846803","article-title":"Fast Authentication and Data Transfer Scheme for Massive NB-IoT Devices in 3GPP 5G Network","volume":"6","author":"Cao","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Oniga, B., Dadarlat, V., de Poorter, E., and Munteanu, A. (2017, January 7\u20139). Analysis, design and implementation of secure LoRaWAN sensor networks. Proceedings of the 2017 13th IEEE International Conference on Intelligent Computer Communication and Processing (ICCP), Cluj-Napoca, Romania.","DOI":"10.1109\/ICCP.2017.8117042"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"204","DOI":"10.1016\/j.procs.2018.07.202","article-title":"Security of Join Procedure and its Delegation in LoRaWAN v1.1","volume":"134","author":"Nigussie","year":"2018","journal-title":"Procedia Comput. Sci."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1016\/j.procs.2018.07.143","article-title":"Security of LoRaWAN v1. 1 in Backward Compatibility Scenarios","volume":"134","author":"Nigussie","year":"2018","journal-title":"Procedia Comput. Sci."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Carvalho, D.F., Ferrari, P., Sisinni, E., and Flammini, A. (2020). Improving Redundancy in LoRaWAN for Mixed-Criticality Scenarios. IEEE Syst. J.","DOI":"10.1109\/JSYST.2020.3015274"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Barker, E., Barker, W., Burr, W., Polk, W., and Smid, M. (2012). Recommendation for Key Management Part 1: General (Revision 3), NIST Special Publication.","DOI":"10.6028\/NIST.SP.800-57p1r3"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Bassham, L.E., Rukhin, A.L., Soto, J., Nechvatal, J.R., Smid, M.E., Leigh, S.D., Levenson, M., Vangel, M., Heckert, N.A., and Banks, D.L. (2010). A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications, NIST. No. Special Publication (NIST SP)-800-22 Rev 1a.","DOI":"10.6028\/NIST.SP.800-22r1a"},{"key":"ref_27","first-page":"219","article-title":"Randomness in digital cryptography: A survey","volume":"13","author":"Marton","year":"2010","journal-title":"Rom. J. Inf. Sci. Technol."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Souaidi, S., Kenaza, T., Djamaa, B., and Aldwairi, M. (2018, January 17\u201319). Dynamic Clustering for IoT Key Management in Hostile Application Area. Proceedings of the International Conference on Computer Science and Its Applications, Kuala Lumpur, Malaysia.","DOI":"10.1007\/978-3-319-98352-3_6"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Schneier, B. (1993). Description of a new variable-length key, 64-bit block cipher (Blowfish). International Workshop on Fast Software Encryption, Springer.","DOI":"10.1007\/3-540-58108-1_24"},{"key":"ref_30","first-page":"6","article-title":"DES, AES and Blowfish: Symmetric key cryptography algorithms simulation based performance analysis","volume":"1","author":"Thakur","year":"2011","journal-title":"Int. J. Emerg. Technol. Adv. Eng."},{"key":"ref_31","first-page":"7052","article-title":"Performance Analysis of AES and Blowfish Encryption Algorithm","volume":"2","author":"Abirami","year":"2013","journal-title":"Int. J. Innov. Res. Sci. Eng. Technol."},{"key":"ref_32","first-page":"28","article-title":"The stream cipher rabbit","volume":"6","author":"Boesgaard","year":"2005","journal-title":"ECRYPT Stream Cipher Proj. Rep."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Robshaw, M., and Billet, O. (2008). New Stream Cipher Designs: The eSTREAM Finalists, Springer.","DOI":"10.1007\/978-3-540-68351-3"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Tahir, R., Javed, M.Y., Tahir, M., and Imam, F. (2008, January 20\u201322). LRSA: Lightweight Rabbit Based Security Architecture for Wireless Sensor Networks. Proceedings of the 2008 Second International Symposium on Intelligent Information Technology Application, Shanghai, China.","DOI":"10.1109\/IITA.2008.523"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Babbage, S., Canniere, C., Canteaut, A., Cid, C., Gilbert, H., Johansson, T., Parker, M., Preneel, B., Rijmen, V., and Robshaw, M. (2008). The eSTREAM portfolio. eSTREAM ECRYPT Stream Cipher Proj., 1\u20136.","DOI":"10.1007\/978-3-540-68351-3_1"},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Feng, X., Liu, J., Zhou, Z., Wu, C., and Feng, D. (2010). A byte-based guess and determine attack on SOSEMANUK. International Conference on the Theory and Application of Cryptology and Information Security, Springer.","DOI":"10.1007\/978-3-642-17373-8_9"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Shao, Z., and Ding, L. (2012, January 17\u201319). Related-Cipher Attack on Salsa20. Proceedings of the 2012 Fourth International Conference on Computational and Information Sciences, Chongqing, China.","DOI":"10.1109\/ICCIS.2012.217"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Fukushima, K., Xu, R., Kiyomoto, S., and Homma, N. (2017, January 1\u20134). Fault Injection Attack on Salsa20 and ChaCha and a Lightweight Countermeasure. Proceedings of the 2017 IEEE Trustcom\/BigDataSE\/ICESS, Sydney, NSW, Australia.","DOI":"10.1109\/Trustcom\/BigDataSE\/ICESS.2017.348"},{"key":"ref_39","first-page":"307","article-title":"Rabbit: A new high-performance stream cipher","volume":"Volume 2887","author":"Boesgaard","year":"2003","journal-title":"International Workshop on Fast Software Encryption"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Gupta, M., and Sinha, A. (2021). Enhanced-AES encryption mechanism with S-box splitting for wireless sensor networks. Int. J. Inf. Technol.","DOI":"10.1007\/s41870-021-00626-w"},{"key":"ref_41","unstructured":"Mahajan, D.P., and Sachdeva, A. (2013). A study of encryption algorithms aes des and rsa for security. Glob. J. Comput. Sci. Technol., Available online: https:\/\/computerresearch.org\/index.php\/computer\/article\/view\/272."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"M\u00e5rlind, F., and Butun, I. (2020, January 21\u201323). Activation of LoRaWAN End Devices by Using Public Key Cryptography. Proceedings of the 2020 4th Cyber Security in Networking Conference (CSNet), Lausanne, Switzerland.","DOI":"10.1109\/CSNet50428.2020.9265530"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/9\/2962\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:51:54Z","timestamp":1760161914000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/9\/2962"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,4,23]]},"references-count":42,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2021,5]]}},"alternative-id":["s21092962"],"URL":"https:\/\/doi.org\/10.3390\/s21092962","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,4,23]]}}}