As growth of the Internet of Things (IoT) accelerates, security for IOT is an essential issue.
IoT sensors and gateways can securely connect doctors and their patients, industrial equipment and quality control engineers, irrigation devices and farmers seeking to minimize water usage, retail stores and dispatch processes—only if hackers are prevented from stealing data, bringing down services, or causing disruption by taking control of remote assets.
T-Mobile was recently the first US company to test successfully Narrowband (also called NB-IOT), the preeminent IoT network platform, with several commercial partners in Las Vegas.
Narrowband has significant security advantages over rival IoT platforms Sigfox and LoRa that also run on the Low Power White Area (LPWA) network that is optimized for IoT.
A big reason why Narrowband offers better security:
It is a 3GPP standard that is closely related to LTE. NB-IoT thus inherits the entire body of LTE’s well established security techniques like authentication and encryption. It has security features developed by commercial cellular technologies over many generations of cellular signaling.
By contrast, the proprietary LPWA technologies of Narrowband’s main competitors fall short. While LoRa encrypts its traffic, Sigfox doesn’t even encrypt its communications channel, recommending that security be managed at the application layer, which is typically less effective and efficient. LoRa relies heavily on managing application and network session keys. But industry experience has shown that cryptographic key management is challenging.
Another major LoRa and Sigfox security deficiency:
Both LoRa and Sigfox operate in unlicensed ISM bands, which require no license to transmit on. So it’s legal for anyone — including malicious hackers — to transmit data compatible with the LoRa specification and thereby jam legitimate LoRa data transmissions, creating a denial of service attack on mission critical IoT applications.
A final issue:
As proprietary solutions, Sigfox and LoRa are not subject to multilateral scrutiny that open standards as Narrowband must face. They are therefore less prompted to scrutinize their code and identify vulnerabilities before hackers can exploit them. Nor do they have the same access to industry-wide, collaborative R&D process that serve as a iteration mechanism, constantly improving open standards-based solutions to raise their security game through development.
These are a few of the reasons why Narrowband provides better security than its main rivals. As IoT races forward, Narrowband’s security advantages promise to become an even more compelling.