{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T09:27:06Z","timestamp":1770283626648,"version":"3.49.0"},"reference-count":32,"publisher":"MDPI AG","issue":"13","license":[{"start":{"date-parts":[[2022,7,5]],"date-time":"2022-07-05T00:00:00Z","timestamp":1656979200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The Internet of Things (IoT) is one of the fastest emerging technologies in the industry. It includes diverse applications with different requirements to provide services to users. Secure, low-powered, and long-range transmissions are some of the most vital requirements in developing IoT applications. IoT uses several communication technologies to fulfill transmission requirements. However, Low Powered Wide Area Networks (LPWAN) transmission standards have been gaining attention because of their exceptional low-powered and long-distance transmission capabilities. The features of LPWAN transmission standards make them a perfect candidate for IoT applications. However, the current LPWAN standards lack state-of-the-art security mechanism s because of the limitations of the IoT devices in energy and computational capacity. Most of the LPWAN standards, such as Sigfox, NB-IoT, and Weightless, use static keys for node authentication and encryption. LoRaWAN is the only LPWAN technology providing session key mechanisms for better security. However, the session key mechanism is vulnerable to replay attacks. In this paper, we propose a centralized lightweight session key mechanism for LPWAN standards using the Blom\u2013Yang key agreement (BYka) mechanism. The security of the session key mechanism is tested using the security verification tool Scyther. In addition, an energy consumption model is implemented on the LoRaWAN protocol using the NS3 simulator to verify the energy depletion in a LoRaWAN node because of the proposed session key mechanisms. The proposed session key is also verified on the Mininet-WiFi emulator for its correctness. The analysis demonstrates that the proposed session key mechanism uses a fewer number of transmissions than the existing session key mechanisms in LPWAN and provides mechanisms against replay attacks that are possible in current LPWAN session key schemes.<\/jats:p>","DOI":"10.3390\/s22135065","type":"journal-article","created":{"date-parts":[[2022,7,6]],"date-time":"2022-07-06T21:15:52Z","timestamp":1657142152000},"page":"5065","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["LPWAN Key Exchange: A Centralised Lightweight Approach"],"prefix":"10.3390","volume":"22","author":[{"given":"Gaurav","family":"Pathak","sequence":"first","affiliation":[{"name":"School of Engineering, Computer and Mathematical Sciences, Auckland University of Technology, Auckland 1142, New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2103-8636","authenticated-orcid":false,"given":"Jairo","family":"Gutierrez","sequence":"additional","affiliation":[{"name":"School of Engineering, Computer and Mathematical Sciences, Auckland University of Technology, Auckland 1142, New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Akbar","family":"Ghobakhlou","sequence":"additional","affiliation":[{"name":"School of Engineering, Computer and Mathematical Sciences, Auckland University of Technology, Auckland 1142, New Zealand"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2159-865X","authenticated-orcid":false,"given":"Saeed Ur","family":"Rehman","sequence":"additional","affiliation":[{"name":"College of Science and Engineering, Flinders University, Tonsley, SA 5042, Australia"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2022,7,5]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"198","DOI":"10.1016\/j.jnca.2016.03.006","article-title":"Secure routing for internet of things: A survey","volume":"66","author":"Airehrour","year":"2016","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.icte.2017.12.005","article-title":"A comparative study of lpwan technologies for large-scale iot deployment","volume":"5","author":"Mekki","year":"2019","journal-title":"ICT Express"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Sanchez-Iborra, R., and Cano, M.D. (2016). State of the art in lpwan solutions for industrial iot services. Sensors, 16.","DOI":"10.3390\/s16050708"},{"key":"ref_4","unstructured":"Sornin, N., and Luis, M. (2022, February 12). T.E.T.K.O.: Lorawan\u2122 1.1 Specification. Available online: https:\/\/lora-alliance.org\/sites\/default\/files\/2018-04\/lorawantmspecification-v1.1.pdf."},{"key":"ref_5","unstructured":"Silva, J.d.C., Rodrigues, J.J.P.C., Alberti, A.M., Solic, P., and Aquino, A.L.L. (2017, January 12\u201314). Lorawan x2014; A low power wan protocol for Internet of things: A review and opportunities. Proceedings of the 2017 2nd International Multidisciplinary Conference on Computer and Energy Science (SpliTech), Split, Croatia."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Vangelista, L., Zanella, A., and Zorzi, M. (2015). Long-range iot technologies: The dawn of lora\u2122. Future Access Enablers for Ubiquitous and Intelligent Infrastructures, Springer International Publishing.","DOI":"10.1007\/978-3-319-27072-2_7"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Pathak, G., Gutierrez, J., and Rehman, S.U. (2020). Security in low powered wide area networks: Opportunities for software defined network-supported solutions. Electronics, 9.","DOI":"10.3390\/electronics9081195"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"012027","DOI":"10.1088\/1757-899X\/396\/1\/012027","article-title":"Security mechanisms and vulnerabilities in lpwan","volume":"396","author":"Chacko","year":"2018","journal-title":"Mater. Sci. Eng. Conf. Ser."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Butun, I., Pereira, N., and Gidlund, M. (2019). Security risk analysis of lorawan and future directions. Future Internet, 11.","DOI":"10.3390\/fi11010003"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Yang, X., Karampatzakis, E., Doerr, C., and Kuipers, F. (2018, January 17\u201320). Security vulnerabilities in LoRaWAN. Proceedings of the 2018 IEEE\/ACM Third International Conference on Internet-of-Things Design and Implementation (IoTDI), Orlando, FL, USA.","DOI":"10.1109\/IoTDI.2018.00022"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"1745","DOI":"10.1109\/JIOT.2019.2946919","article-title":"Experimental investigation on wireless key generation for low-power wide-area networks","volume":"7","author":"Ruotsalainen","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1016\/j.procs.2018.07.143","article-title":"Security of lorawan v1. 1 in backward compatibility scenarios","volume":"134","author":"Nigussie","year":"2018","journal-title":"Procedia Comput. Sci."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"614","DOI":"10.1109\/ACCESS.2016.2521718","article-title":"Key generation from wireless channels: A review","volume":"4","author":"Zhang","year":"2016","journal-title":"IEEE Access"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1109\/MWC.2019.1800455","article-title":"Physical layer security for the Internet of things: Authentication and key generation","volume":"26","author":"Zhang","year":"2019","journal-title":"IEEE Wirel. Commun."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Han, J., and Wang, J. (2018). An enhanced key management scheme for lorawan. Cryptography, 2.","DOI":"10.3390\/cryptography2040034"},{"key":"ref_16","unstructured":"Selander, G., Mattsson, J., and Palombini, F. (2022, February 15). Ephemeral Diffie-Hellman over COSE (EDHOC). Available online: https:\/\/tools.ietf.org\/id\/draft-ietf-lake-edhoc-01.html."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Kaufman, C. Internet Key Exchange (Ikev2) Protocol; Report, RFC 4306; IETF, December 2005.","DOI":"10.17487\/rfc4306"},{"key":"ref_18","first-page":"101","article-title":"Rfc 6347: Datagram transport layer security version 1.2","volume":"13","author":"Rescorla","year":"2012","journal-title":"Internet Eng. Task Force"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Noura, H.N., Melki, R., Chehab, A., and Hernandez Fernandez, J. (2020). Efficient and secure message authentication algorithm at the physical layer. Wirel. Netw.","DOI":"10.1007\/s11276-020-02371-7"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"100061","DOI":"10.1016\/j.iot.2019.100061","article-title":"Anonymous mutual iot interdevice authentication and key agreement scheme based on the zigbee technique","volume":"7","author":"Alshahrani","year":"2019","journal-title":"Internet Things"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"6590713","DOI":"10.1155\/2017\/6590713","article-title":"A dual key-based activation scheme for secure lorawan","volume":"2017","author":"Kim","year":"2017","journal-title":"Wirel. Commun. Mob. Comput."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Mostafa, A., Lee, S.J., and Peker, Y.K. (2020). Physical unclonable function and hashing are all you need to mutually authenticate iot devices. Sensors, 20.","DOI":"10.3390\/s20164361"},{"key":"ref_23","unstructured":"Ye, W., and Heidemann, J. (2004). Medium access control in wireless sensor networks. Wireless Sensor Networks, Springer."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Yang, M.L. (2014). An Authenticated Key Agreement Scheme for Sensor Networks. [Ph.D. Thesis, Auckland University of Technology].","DOI":"10.3390\/jsan3030181"},{"key":"ref_25","unstructured":"Blom, R. (1984, January 9\u201311). An optimal class of symmetric key generation systems. Proceedings of the EUROCRYPT 84 Workshop on Advances in Cryptology: Theory and Application of Cryptographic Techniques, Paris, France."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Fontes, R.R., Afzal, S., Brito, S.H., Santos, M.A., and Rothenberg, C.E. (2015, January 9\u201313). Mininet-wifi: Emulating software-defined wireless networks. Proceedings of the 2015 11th International Conference on Network and Service Management (CNSM), Barcelona, Spain.","DOI":"10.1109\/CNSM.2015.7367387"},{"key":"ref_27","unstructured":"Boyd, C., and Mao, W. (1993, January 23\u201327). On a limitation of BAN logic. Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques, Lofthus, Norway."},{"key":"ref_28","unstructured":"Cremers, C.J. (2008, January 7\u201314). The scyther tool: Verification, falsification, and analysis of security protocols. Proceedings of the International Conference on Computer Aided Verification, Princeton, NJ, USA."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1145\/1355734.1355746","article-title":"Openflow: Enabling innovation in campus networks","volume":"38","author":"McKeown","year":"2008","journal-title":"ACM SIGCOMM Comput. Commun. Rev."},{"key":"ref_30","unstructured":"Jens-Peter, K., and Sunar, B. (2006). Energy Comparison of AES and SHA-1 for Ubiquitous Computing, Springer. International Conference on Embedded and Ubiquitous Computing."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Chaudhari, B.S., Zennaro, M., and Borkar, S. (2020). LPWAN technologies: Emerging application characteristics, requirements, and design considerations. Future Internet, 12.","DOI":"10.3390\/fi12030046"},{"key":"ref_32","first-page":"123","article-title":"Lorawan empowers very low-power, wireless applications","volume":"1","author":"Koon","year":"2020","journal-title":"Tech Idea Res."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/13\/5065\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T23:43:10Z","timestamp":1760139790000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/13\/5065"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,5]]},"references-count":32,"journal-issue":{"issue":"13","published-online":{"date-parts":[[2022,7]]}},"alternative-id":["s22135065"],"URL":"https:\/\/doi.org\/10.3390\/s22135065","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,7,5]]}}}