The Internet of Things (IoT) revolution is in full swing, with various LPWAN technologies emerging rapidly, each vying to seize market share.
LoRa, as one of the earliest commercialized LPWAN technologies, has been deployed in 95 countries globally, with over 500 alliance members. In China, Alibaba has announced its comprehensive promotion of LoRa coverage and popularity, collaborating with multiple broadcasting operators to start building city-level LoRa network coverage.
However, many people remain unclear about this technology. This article aims to discuss the unique advantages of LoRa from three key aspects of IoT: “applications,” “connections,” and “security.”
Applications: Rapid Adoption in Smart Cities and Communities
1. Why Can LoRa Be Quickly Adopted?
Customers Are Willing to Pay
The IoT is widely discussed, but for customers, which applications are essential? Which are optional? Are they necessary or just enhancements?
The answer is simple: IoT applications that help customers save money, generate income, ensure personal safety, provide social convenience, and maintain social stability are essential, while convenient and fun applications are merely enhancements.
Case 1: Putuo Intelligent City Brain. When garbage bins are full, gas leaks at home, or manhole covers are improperly placed, the alarm system immediately reports to relevant departments; if a vehicle is parked in a fire lane for more than 5 minutes, the ground sensor automatically alerts… In Putuo District, 41 IoT application scenarios with 90,000 sensors cover an area of 5.5 square kilometers, collecting data to the city brain for real-time analysis and decision-making, generating processing workflows, automatically dispatching orders, integrating police, traffic police, urban management, market management, city appearance, and sanitation forces for timely handling, making the city more orderly, safer, and cleaner.
Case 2: Smart Dream Town. In the Dream Town of Yuhang District, Hangzhou, a LoRa network has been established based on Alibaba Cloud IoT’s Link WAN platform to provide urban management services. In the delivered first phase project, LoRa technology provides convenient services for town managers and residents in applications such as environmental sanitation, smart parking, and manhole cover monitoring.
Operators Can Make Money
Can isolated IoT applications make money? That’s a big question mark. For operators and application providers, the larger the scale of IoT connections, the greater the value, which is self-evident.
Case 3: Shanghai Oriental Pearl Transforms into a Smart City Service Provider. Utilizing LoRa technology, it has implemented and operated intelligent solutions in six districts of Shanghai, comprehensively sensing urban fire safety, community security, and elderly individuals living alone, and accelerating processing workflows through event-triggered interactions with relevant departments, helping the city government improve work efficiency and providing citizens with better services.
For broadcasting enterprises, LoRa is currently the most suitable IoT technology. On one hand, the spectrum resources of broadcasting enterprises can fully support the LoRa network, and the low cost, mature industry, and easy deployment characteristics of LoRa also meet the urgent needs of broadcasting enterprises to enter the digital city construction in various regions. According to currently available information, Beijing Gehua Cable, Oriental Pearl, Huashu Media, and Sichuan Broadcasting Network have announced deep cooperation with Alibaba Cloud IoT in LoRa network and IoT services. Both parties will rely on spectrum resources and full-link IoT resources to quickly and cost-effectively build the IoT network.
2. LoRa Has Unique Value as an Enterprise-Grade WiFi
Like other LPWAN technologies, LoRa features wide coverage, large connections, low power consumption, and low cost, making it suitable for various scenarios.
What sets LoRa apart from other LPWAN technologies is its ease of deployment, autonomy, and security. Through numerous commercial implementations at home and abroad, we can assert that LoRa is more suitable for enterprise users who have high demands for autonomy and speed, as well as continuous and deep coverage in scenarios such as parks, factories, mines, farms, logistics hubs, complexes, and residential communities.
Applications are crucial, connections are fundamental, what is special about LoRa in terms of connections?
Connections: Suitable for Enterprise Private Network Deployment
When it comes to connections, LoRa’s uniqueness lies in its network architecture, which innovatively simplifies and optimizes the common characteristics of LPWAN, such as large connections, wide coverage, low power consumption, and low cost.
As shown in the diagram, the LoRa network architecture consists of four parts: terminal nodes, gateways, network servers, and application servers.
Most networks use mesh topology, which facilitates continuous expansion of network scale, but the downside is that it uses various unrelated nodes to forward messages, leading to convoluted routing, increased system complexity, and total power consumption.
However, LoRa adopts a star topology, where gateways connect to terminal nodes, but terminal nodes are not bound to a single gateway. Instead, the uplink data from terminal nodes can be sent to multiple gateways.
The benefits of LoRa’s star topology are three:
1) Simple Structure, Flexible Deployment
The star topology structure is simple, allowing for flexible gateway selection and deployment with low latency. Since wireless systems are complex and environment-dependent, deploying a network without any experience will inevitably encounter many troubles, consuming a lot of time and energy. Therefore, a simplified integration and flexible network deployment method is a development trend, which is also the original intention of LoRa’s design.
2) Optimizes Power Consumption, Coverage, Capacity, and Other Performance
The star topology can delegate intelligent, complex, and power-hungry tasks to gateways/network servers to extend terminal battery life; gateways execute adaptive data rates to accommodate different terminal node rates and power, thus achieving maximum network capacity and longest terminal battery life; simultaneously, compared to mesh topology, the star topology reduces synchronization overhead and hops, which can further lower power consumption.
3) When terminal nodes are in motion, there is no need to switch between gateways, which is beneficial for asset tracking and other IoT applications.
From the perspective of network architecture, LoRa possesses the same wide coverage, low cost, low power consumption, low rate, and high security characteristics as all other LPWAN technologies, but it also has a dream of being “small, fast, and flexible.” It is suitable for enterprise private network deployment, allowing for the deployment of gateways to cover areas of several kilometers, while also considering large public network deployments similar to mobile networks.
Technology: LoRa’s Five Major Advantages as a Universal IoT Technology for Enterprises
First is wide coverage. The coverage distance of a single LoRa gateway typically ranges from 3-5 km, exceeding traditional cellular networks in complex urban environments and reaching over 15 kilometers in open areas, with distances up to 100 kilometers achievable under specific conditions.
Second is low power consumption, with battery power supporting several years or even over a decade.
Third is high capacity. GSM base stations typically connect a few thousand devices, while home WiFi gateways often support fewer than 20 terminal connections; LoRa gateways can provide over 20,000 terminal connections due to their non-connection state characteristics.
Fourth is extremely low network communication costs, while also supporting narrowband data transmission.
In addition to the above four points, this article focuses on the fifth point: security.
“Proactive Security Design” as a Technical Highlight
As shown in the diagram, LoRaWAN has two security layers: network layer security and application layer security, using NwkSKey and APPSKey session keys to encrypt and protect all network data traffic.
•NwkSKey is used to encrypt the MAC layer payload during transmission between the terminal and the network, calculating the Message Integrity Code (MIC) value to prevent spoofed messages and verify terminal nodes, achieving network layer security.
•AppSKey is used for end-to-end encryption of application payloads between the terminal and application server, achieving application layer security, ensuring that network operators cannot access terminal users’ application data.
The end-to-end encryption mechanism of LoRaWAN ensures that only authorized entities holding the keys can access application data, preventing eavesdropping and protecting data integrity and privacy.
Additionally, MAC utilizes a Frame Counter (FCNT) to ensure that a frame that has already been received is not received again, which helps avoid replay attacks.
How are NwkSKey and AppSKey generated? Next, we will discuss the OTAA activation process of LoRa terminals.
The OTAA activation process, also known as the network joining process, generates each device’s NwkSKey, DevAddr, and AppSKey before sending actual data.
Before understanding this process, let’s look at a root key called AppKey. Each LoRa terminal has a unique 128-bit AppKey, and AppSKey and NwkSKey are generated from the AppKey.
The process is as follows:
1) Join Request
The terminal device sends a Join Request message (signed with AppKey), which contains the following information: AppEUI, DevEUI, and DevNonce.
DevEUI uniquely identifies the terminal device, similar to a MAC address; AppEUI uniquely identifies the application provider, such as a garbage bin monitoring application or smart streetlights, each having its unique ID; AppKey is assigned to the terminal by the application program owner.
DevNonce is a 2-byte random number, and during a session period, the network server tracks the DevNonce value to ensure it is never reused. If detected, the Join Request will be discarded, effectively preventing replay attacks.
2) Authentication and Session Key Generation
After the network server receives the Join Request, it first executes a replay attack prevention process based on the DevNonce. If a reused DevNonce value is found, the network server determines the message to be invalid, and the joining process fails; if the message is valid, the network server authenticates the terminal device using the MIC value. If the terminal device passes authentication, the network server generates AppSKey and NwkSKey.
3) Join Accept
The Join Accept message contains AppNonce, NetID, terminal address DevAddr, transmission delay RxDelay, etc. AppNonce is a random number generated by the network server to create AppSKey and NwkSKey session keys for the terminal.
4) Sending AppSKey
Since AppSKey is designed to protect end-to-end communication between the terminal device and the application server, it should be sent from the network server to the application server.
5) Session Key Generation
The terminal receives the Join Accept message (encrypted with AppKey), decrypts it, and extracts parameters to generate the AppSKey and NwkSKey session keys.
If you read it carefully again, you will find that throughout the process, no keys are sent over the air; only the missing parts needed for calculation on both sides are exchanged, ensuring that no keys can be generated by intercepting traffic over the air.
However, this design still has flaws, as AppSKey and NwkSKey are generated from the same AppKey, posing a risk of AppKey leakage.
This issue has been further addressed in the new version of the LoRaWAN protocol (1.1), which uses two different root keys (NwkKey and AppKey) to generate multiple sets of isolated session keys, ensuring separate encryption for protocol links and application links. Meanwhile, LoRa network service providers, such as Link WAN, use hardware-based key management systems to protect keys, enhancing the security of server-side keys.
Overall, LoRa possesses features such as end-to-end encryption, two-way authentication, and integrity protection in terms of security, effectively preventing eavesdroppers and rogue devices, showcasing comprehensive and proactive security design.
However, there is no absolutely secure network; even authorized frequency band cellular networks are at risk of spoofing attacks. In this world, there are only the most economically reasonable networks. Especially for IoT, in low-power connections, T (Thing) is often price-sensitive, with extremely low computing performance and small size, making security challenges even more daunting.
LoRa should rely on its open standards, allowing everyone to inspect and verify security vulnerabilities, just like the security of Android phones comes not only from Google’s open-source nature but also from the polishing and security capability enhancements by various phone brand companies, collectively promoting a secure and inclusive era of intelligent connectivity.
Finally, here’s a summary for the lazy:
1) LoRa is widely applicable and accessible to everyone. IoT applications should identify essential needs, integrate islands, and leverage scale value.
2) LoRa has flexible scalability, allowing for both large and small scales, which is necessary for the growth and exploration of the IoT industry, making it arguably the most suitable technology for IoT.
3) LoRa is secure and reliable, featuring two-way authentication, end-to-end encryption, and integrity protection. It has comprehensive and proactive security design, but IoT security should not be overlooked and requires continuous industry efforts to promote.
Network optimization freelance submissions email: [email protected]
Long press the QR code to follow
On the road of communication, let’s walk together!