35th Chaos Communication Congress: "Lecture: Hunting the Sigfox: Wireless IoT Network Security"

Gerhard Peter


Posted on 09-12-2018

Translate this in all Google supported languages

Schedule 35th Chaos Communication Congress


Ich setze die Ankündigung hier mal ohne jeden weiteren Kommentar rein. Ab dem 28.12.2018 wissen wir dann sicher mehr......


Lecture: Hunting the Sigfox: Wireless IoT Network Security

Dissecting the radio protocol of Sigfox, the global cellular network for the IoT that you have probably never heard of

"Sigfox is an emerging low-power wide-area network (LP-WAN) technology for IoT devices, comparable to LoRa.

This talk recounts my reverse engineering work on Sigfox's radio protocol and presents an open reference implementation of an alternative Sigfox protocol stack.

It confirms that while Sigfox ensures authenticity and integrity, transmitted payloads are not confidential.

Sigfox can be compared to a cellular network, but for mostly battery-powered IoT devices that don't need to transmit much data. While some sparse details on Sigfox's architecture and its security have been published and some basic reverse engineering has been carried out, most of the protocol specifications remain proprietary and closed, so by now, no independent security audit was performed. Advertised use cases of Sigfox include air quality monitoring, weather stations, utilities metering and tracking farm animals. In this talk, I illustrate why these applications are fine, but why one might not want to track a money transporter with Sigfox or base a home alarm system on it.

The Sigfox network is very atypical, with uplink and downlink based on different physical layers.
After a short introduction, I begin the presentation by taking a deep dive into Sigfox's radio protocol with a focus on its Security. Basics of radio technology (SDRs, ultra-narrow band (UNB) modulation, SRD bands) and reverse engineering techniques are briefly summarized and the uplink's and downlink's frame structures are presented.

Subsequently, I show how a radio sniffer that has captured Sigfox messages can extract the uplink's and downlink's contents. While the uplink's payload is already contained in plaintext, the downlink is scrambled, but I demonstrate how the downlink's pseudorandom whitening sequence used for scrambling can be generated or brute-forced by an eavesdropper. Moreover, I outline attacks that could even compromise Sigfox's authenticity checking.

Finally, I provide some suggestions on how to improve Sigfox's security.

The alternative Sigfox protocol stack "librenard" that was created as part of this work as well as reverse engineered protocol specifications will be published immediately after this talk (this might be subject to change as long as the responsible disclosure negotiations with Sigfox are still in progress)."


Bildquelle: Wikipedia.de