Impersonating LoRaWAN gateways using Semtech Packet Forwarder

Abstract: Low Power Wide Area Network (LPWAN) technologies like the Long Range Wide Area Network (LoRaWAN) standard provide the foundation of applications realizing communication and intelligent interaction between almost any kind of object. These applications are commonly called Smart Cities and the Internet of Things (IoT). Offering the potential of great benefits for mankind, these applications can also present a significant risk, especially when their security is compromised. This paper's work analyzes the possibility of two particular scenarios of impersonating a LoRaWAN gateway combining existing attacks. Impersonated gateways are of use when exploiting vulnerabilities already shown by other researchers. We give a basic overview about LoRaWAN, the Semtech Packet Forwarder protocol, attacks needed to perform the impersonation, and assumptions made. We explain our attack and propose countermeasures to increase the security of LoRaWAN networks. We show a gateway impersonation is possible in particular circumstances but can be detected and prevented.