Experimental Investigation on Wireless Key Generation for Low-Power Wide-Area Networks

The wireless key generation is a potential way to implement information-theoretically secure key refreshment for the Internet of Things devices. The state-of-the-art work on key generation mainly utilizes the wireless local area network technologies. However, they have not sufficiently considered the typical characteristics of low-power wide-area network (LPWAN), such as lengthy payloads, duty-cycled transmission and reception, or limitations for channel utilization. In this article, we carry out a comprehensive experimental investigation on key generation applied with LPWAN, taking LoRa/LoRaWAN as case studies. A key generation protocol optimized for typical LPWAN applications is proposed. According to the extensive evaluations with deep in-building and long distance (up to 7 km) outdoor LoRaWAN links, extraction of keys with high randomness becomes feasible. Moreover, we study the achievable AES128 key refreshment periods for different eavesdropper key disagreement rates (KDRs). As indicated by our measurement-based evaluations, the AES128 key can be renewed every 3 h with the proposed key generation protocol and with the maximum LoRaWAN spreading factor setting (longest range). A further interesting evaluation result demonstrates that a secure key refreshment is still possible even when the eavesdropper KDR is very close to the rate of the legitimate users.