Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • LoRa Alliance Key Management Task Force

    Încărcat de

    Beniot V
    3K vizualizări9 pagini
    LoRa Alliance Key Management Task Force presentation.

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PPTX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    LoRa Alliance Key Management Task Force presentation.

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    3K vizualizări9 pagini

    LoRa Alliance Key Management Task Force

    Încărcat de

    Beniot V
    LoRa Alliance Key Management Task Force presentation.

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PPTX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 9

    LoRaTM Alliance

    Key Management Best


    Practices
    SAGEMCOM / Marc Le GOURRIEREC
    STM / Joris DELCLEF

    Santa-Clara AMM
    New Task Force proposal

    Key Management Working Group / Strategy Committee

    Champion/Lead:
    Marc Le Gourrierec
    (SAGEMCOM)

    Workscope
    Timeline

    Supporting Partners
    STm

    Open to Join
    ByTel
    Open Call to other Volunteers

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    What and why in a few sentences

    The LoRaWAN specification makes communication security a premium


    compared to competing technologies
    The drawback of the LoRaWAN solution is that a device, network and
    application have adherence to a JOIN server for the life of a device.
    Comments were received that it is a quite important constraint.
    In addition, some requests were received that the device root key should
    be replaable, when a device migrates network and application. this is in
    fact a JOIN server migration request.
    The proposal is to create a Task Force to analyse key management
    options, and to propose a strategy for the LoRaWAN to include a Key
    Management framework or protocol, up to extent that needs to be
    defined and approved.

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    The current status


    LoRaWAN does not define any process for key management
    We talk about AppKey which is a device key not an application related key
    LoRaWAN defines a unique device key per device which is a security plus
    compared to competing technologies, but has a drawback of a key management
    cost

    Device manufacturers are free to choose whatever options they prefer for
    key generation
    LoRaWAN only recommend that keys are likely to be derived from a
    manufacturer/per device type/per batch root key that is not visible to LoRaWAN

    Keys need to be symmetrically stored in a JOIN server


    LoRa Alliance does not recommend any best practice to move keys to/from device
    manufacturer and JOIN server
    The JOIN server management authority is subject to various models depending on
    business needs
    The JOIN server must be a HA (Highly Available) element of the LoRaWAN
    network
    The JOIN server may not be unique for the life of a device (device migration)
    4

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    Some definitions to share


    Key generation or key factory
    The process to generate keys
    Final security is very sensible to true key random
    Key management
    The process to store & exchange keys between entities and to burn keys into
    devices
    The process to create, delete, permute keys of a device during the device lifecycle (out of session keys that are managed by the LoRaWAN protocol itself)
    Key authority
    The authority that is responsible to securely store keys and control key usage
    during the device life. The JOIN server (or a JOIN server instance) is the physical
    support of the key authority.
    Key migration
    The process to move key material from a key authority to another, with associated
    key management (potential creation of new keys and permutation)
    Note : Roaming is totally independant of key migration and is not discussed here at all
    5

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    The Industry and market needs to discuss


    Certified Key factory
    Recommend best practices
    Poor solutions will create negative buzz against LoRaWAN

    Generic Manufacturing
    Except for specific reasons, the devices should be manufactured independant of
    the final service and network operators
    Generic manufacturing solution can take benefit of key migration is introduced

    Secured Manufacturing
    The device are manufactured without the key material to be accessible to the
    factory or integration plant
    we only consider the keys ; anti-cloning is a device manufacturer specific issue and is out
    of scope of the Alliance.

    Safe Management
    One time provisioning
    Secured migration
    renew keys after initial setup or when service operator is changed
    remap Join server assignment for device
    6

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    The LoRaWAN TC adherence ( possible TC work)


    LoRaWAN does not define any Over-The-Air (OTA) support for key
    management
    Should we leave it open at application layer?
    result in multiple solutions

    Should we specify a support channel (like a dedicated Fport)?


    Means that this specific channel should have specific
    access/routing/processing in device and network

    Should we specify a set of key management commands ?


    create/verify keys and new AppEUI then ROLL and JOIN again
    choose security protocol to manage keys
    symetric admin key based and/or asymetric authentication/encryption
    depends on device hardware capability (with or without SE)
    depends on device security technology (type of SE, ...)

    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    Way-Forward

    Create Task Force within Strategy Committee


    Gather support through more volunteering partners/members
    Draft minimum SRD -like document
    Scope [Technical + Market] & Outcome refinement
    Roadmap/Timeline proposal
    Submit document (SRD released) to BOD for approval
    Obtain general approval / direction
    Implement task force within TC
    Will propose Refined roadmap
    Will define LoRaWAN TC adherence (technical requirements)

    Note : this task force does not intend to replace the security task force, whose role is to
    analyse/enhance the LoRaWAN protocol security level. Key management is independant of
    the LoRaWAN security protocols. Key management provides key material for the
    LoRaWAN security.
    This document and the information contained are Sagemcom property and shall not be copied or disclosed to any third party without Sagemcom prior written authorization

    Thanks

    S-ar putea să vă placă și