近年來隨著物聯網的快速發展，物聯網裝置在各種領域被大量使用，而
低功耗廣域網路(LPWAN)更是廣泛應用於不同種類的物聯網系統，其中窄頻
物聯網(NB-IoT)是屬於低功耗廣域網路的技術之一，因為不需要架設額外的
基地台而能夠有效減少建置的系統成本，是目前物聯網系統經常採用的通訊
協議，然而物聯網的系統與資料傳輸安全卻沒有過多的研究，因此本論文提
出一個物聯網系統，能夠確保物聯網裝置的安全性。
本篇論文提出一個基於窄頻物聯網技術的安全感測器系統，透過密碼學
上的加密與驗證，讓使用者能安全的登入系統和傳送感測器資料至伺服器，
且裝置能夠防禦中間人攻擊、重送攻擊、偽裝使用者等經典攻擊手法，而且
經過實驗驗證後，使用安全功能並不會對傳輸階段帶來難以接受的延遲。此
系統透過 nRF52832 微型控制器運作，並使用晶片 DS3231 作為外加的實時時
鐘，控制裝置在非資料傳輸的時間的電池耗電量低於 0.5 毫安培，達成低功
耗的特色。
本系統因硬體設計的靈活性，可以依據不同的外接感測器改變傳送的感
測器資料內容，代表本系統可應用於不同的物聯網領域，能夠加速各種物聯
網系統的開發。

In recent years, with the rapid development of Internet of Things (IoT), IoT
devices are widely used in various fields, and Low Power Wide Area Network
(LPWAN) is widely used in different kinds of IoT systems, among which Narrow Band
Internet of Things (NB-IoT) is one of the technologies belonging to Low Power Wide
Area Network.
This paper proposes a security sensor system based on narrowband IoT technology,
which allows users to log in to the system securely and transmit sensor data to the server
through password encryption and authentication, and the device can resist classic attack
techniques, such as man-in-the-middle attacks, retransmission attacks and user
impersonation attack, etc. The system runs through the micro-controller nRF52832 and
uses the DS3231 chip as an additional real-time clock to reduce system power
consumption during non-data transmission time, making the battery power
consumption less than 0.5 mA, and achieving low power consumption features.
Due to the flexibility of the hardware design, the system can change the content
of the transmitted sensor data according to different external sensors, which means the
system can be applied to different IoT fields and can accelerate the development of
various IoT systems.

Abstract......................................................................................................................... I
中文摘要.......................................................................................................................II
Table of Contents......................................................................................................III
List of Figures.............................................................................................................IV
List of Tables...............................................................................................................V
Chapter 1 Introduction................................................................................................1
Chapter 2 Related Works..........................................................................................14
2.1 IoT ............................................................................................................... 14
2.1.1 LPWAN ............................................................................................15
2.1.2 NB-IoT ..............................................................................................16
2.1.3 MQTT .................................................................................................17
2.2 Bluetooth Low Energy.................................................................................18
2.3 Cryptography ............................................................................................. 18
2.3.1 Advanced Encryption Standard ..........................................................19
2.3.2 MD5 Message-Digest Algorithm........................................................20
2.3.3 Salt ......................................................................................................20
2.4 UART .......................................................................................................... 21
2.4.1 RS-485/EIA-485 .................................................................................21
2.5 Security product......................................................................................... 22
2.5.1 Amazon Ring .....................................................................................22
2.5.2 MOXA security router........................................................................23
2.5.3 Bitdefender BOX ................................................................................23
2.6 Related researches ..................................................................................... 24
4
2.6 IoT verify standard.................................................................................... 28
2.6.1 CNS-16210 ........................................................................................28
2.6.2 Cybersecurity Certification Program ................................................29
2.6.3 IEC-62443...........................................................................................29
Chapter 3 System Design and Implementation.......................................................30
3.1 Hardware design ..........................................................................................30
3.1.1 MCU-nRF52832 .................................................................................32
3.1.2 RTC-DS3231 ......................................................................................32
3.1.3 NB-IoT communication chip-BC20 ...................................................33
3.1.4 Additional sensor-soil, pH, NPK sensor ...........................................33
3.2 Software design ..........................................................................................33
3.2.1 Initial state .........................................................................................35
3.2.2 Waiting state .....................................................................................36
3.2.3 Authentication state ............................................................................37
3.2.4 Communication state ..........................................................................38
3.2.5 Setting state.........................................................................................40
3.2.6 Reading state .....................................................................................42
3.2.7 Shutdown state ..................................................................................43
3.3 Security design ...........................................................................................44
3.3.1 Secure boot and firmware update .....................................................45
3.3.2 External input restrictions .................................................................46
3.3.3 Authentication code generation and authentication process...............48
3.3.4 Message Encryption and Decryption ................................................49
Chapter 4 Experimentation and analysis ..............................................................51
4.1 Security function analysis............................................................................51
5
4.2 Evaluate encryption performance ............................................................55
4.3 Power consumption analysis.......................................................................59
Chapter 5 Conclusion and Future Works ...............................................................64
References...................................................................................................................65

[1] “The Economist survey”, https://www.arm.com/resources/report/economist-iotbusiness-index-2020, accessed: 2021-5-18
[2] “SIPO survey”, https://www.sipo.org.tw/industry-overview/industry-statequo/iot-industry-state-quo.html, accessed: 2021-5-18
[3] D. Xiong, Y. Chen, X. Chen, M. Yang and X. Liu, "Design of Power Failure Event Reporting System Based on NB-IoT Smart Meter," 2018 International Conference on Power System Technology (POWERCON), 2018, pp. 1770-1774
[4] F. Flammini, A. Gaglione, D. Tokody and D. Dohrilovic, "LoRa WAN Roaming for Intelligent Shipment Tracking," 2020 IEEE Global Conference on Artificial Intelligence and Internet of Things (GCAIoT), 2020, pp. 01-02
[5] “fortune business insights”, https://www.fortunebusinessinsights.com/industryreports/internet-of-things-iot-market-100307, accessed: 2021-5-18
[6] “meticulous research”, https://www.meticulousresearch.com/product/agricultureiot-market-5080, accessed: 2021-5-18
[7] “sophoslabs-2019-threat-report”, https://www.sophos.com/enus/medialibrary/PDFs/technical-papers/sophoslabs-2019-threat-report.pdf, accessed: 2021-5-18
[8] Aikaterini Roukounaki, Sofoklis Efremidis, John Soldatos, Juergen Neises, Thomas Walloschke, Nikos Kefalakis, “Scalable and Configurable End-to-End Collection and Analysis of IoT Security Data : Towards End-to-End Security in IoT Systems”, Global IoT Summit (GIoTS), 2019
[9] “Trend Micro 2020 Annual Cybersecurity Report”,
https://www.trendmicro.com/content/dam/trendmicro/global/zh_tw/securityintelligence/threatreport/report/2020%20Trend%20Micro%20Annual%20Security%20Roundup_TW.pdf, accessed: 2021-5-18
[10] “Mirai”, https://github.com/jgamblin/Mirai-Source-Code, accessed: 2021-5-18
[11] C. Kolias, G. Kambourakis, A. Stavrou and J. Voas, "DDoS in the IoT: Mirai and Other Botnets," in Computer, vol. 50, no. 7, pp. 80-84, 2017
[12] “OVH attacked by Mirai”, https://arstechnica.com/informationtechnology/2016/09/botnet-of-145k-cameras-reportedly-deliver-internetsbiggest-ddos-ever/, accessed: 2021-5-18
[13] “leet”, https://www.infosecurity-magazine.com/news/leet-iot-botnet-bursts-onthe-scene/, accessed: 2021-5-18
[14] “iCatch CCTV security issue”,
https://www.cc.ntu.edu.tw/chinese/epaper/0054/20200920_5407.html, accessed: 2021-5-18
[15] Hany F. Atlam, Gary B. Wills,”Chapter Three - Intersections between IoT and distributed ledger” Advances in Computers, vol. 115, Pages 73-113, 2019
[16] Y. P. E. Wang, X. Lin, A. Adhikary, A. Grovlen, Y. Sui, Y. Blankenship, J. Bergman, and H. S. Razaghi, “A Primer on 3GPP Narrowband Internet of Things,” IEEE Commun. Magazine, vol. 55, pp. 117–123, Mar. 2017
[17] M. Chen, Y. Miao, Y. Hao and K. Hwang, "Narrow Band Internet of Things," in IEEE Access, vol. 5, pp. 20557-20577, 2017
[18] A. Lavric and V. Popa, "Internet of Things and LoRa™ Low-Power Wide-Area Networks: A survey," 2017 International Symposium on Signals, Circuits and Systems (ISSCS), 2017, pp. 1-5
[19] D. Han and J. Lim, "Smart home energy management system using IEEE 802.15.4 and zigbee," in IEEE Transactions on Consumer Electronics, vol. 56, no. 3, pp. 1403-1410, Aug. 2010
[20] “LoRaWAN Architecture”, https://lora-alliance.org/, accessed: 2021-5-18
[21] “LoRa transmission distance”, https://lora-alliance.org/lorawan-news/lorawanrdistance-world-record-broken-twice-766-km-476-miles-using-25mwtransmission/, accessed: 2021-5-18
[22] “Design of NB-IoT”,
http://www.sharetechnote.com/html/Handbook_LTE_NB_LTE.html
[23] “NIST Special Publication 800-187”,
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-187.pdf, accessed: 2021-5-18
[24] “MQTT,” https://mqtt.org/, accessed: 2021-5-18
[25] N. Naik, "Choice of effective messaging protocols for IoT systems: MQTT, CoAP, AMQP and HTTP," 2017 IEEE International Systems Engineering Symposium (ISSE), 2017, pp. 1-7
[26] K. Chang, "Bluetooth: a viable solution for IoT? [Industry Perspectives]," in IEEE Wireless Communications, vol. 21, no. 6, pp. 6-7, December 2014
[27] N. Kajikawa, Y. Minami, E. Kohno and Y. Kakuda ,”On Availability and Energy Consumption of the Fast Connection Establishment Method by Using Bluetooth Classic and Bluetooth Low Energy,” 4th International Symposium on Computing and Networking (CANDAR), pp. 286-290, Hiroshima, Japan, 2016.
[28] “Advance Encryption standard”, https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips197.pdf, 2001, accessed: 2021-5-18
[29] “AES MixColumn,”
https://en.wikipedia.org/wiki/Advanced_Encryption_Standard#/media/File:AESMixColumns.svg, accessed: 2021-5-18
[30] “RFC-1321”, https://tools.ietf.org/html/rfc1321, accessed: 2021-5-18
[31] Tao Xie and Dengguo Feng, How To Find Weak Input Differences For MD5 Collision Attacks, Cryptology ePrint Archive, Report 2009/223, 2009.
[32] M. E. Hellman, “A cryptanalytic time-memory trade-off,” IEEE Trans. Inform. Theory, vol. IT-26, pp. 401-406, July 1980.
[33] “UART”, https://zhtw.coderbridge.com/series/c52316e2d64e49049c6f8fc151d89466/posts/a2e586d7f81040ffbf09bae3f02bc7dc, accessed: 2021-5-18
[34] “RS-485”, https://www.ti.com/lit/an/slla070d/slla070d.pdf, accessed: 2021-5-18
[35] “Amazon ring doorbell”, https://www.amazon.com/-
/zh_TW/dp/B08N5NQ869/ref=sr_1_1?child=1&keywords=ring+doorbell&qid
=1622181546&sr=8-1, accessed: 2021-5-18
[36] “MOXA security router”,
https://www.moxa.com.tw/product/Firewall_VPN_Secure_Routers.htm,
accessed: 2021-5-18
[37] “Bitdefender BOX”, https://www.bitdefender.com/box/, accessed: 2021-5-18
[38] “Ring security policy”, https://www.amazon.com/-
/zh_TW/b?node=21225645011&ref=rngsp, accessed: 2021-5-18
[39] “Amazon ring doorbell”, https://www.amazon.com/-
/zh_TW/dp/B08N5NQ869/ref=sr_1_1?child=1&keywords=ring+doorbell&qid
=1622181546&sr=8-1, accessed: 2021-5-18
[40] “Picture of MOXA security router”,
https://www.moxa.com.tw//ImgUpload/ProductImage/201406041758242.jpg, accessed: 2021-5-18
[41] “Picture of Bitdefender BOX”, https://www.bitdefender.com/box/compare/, accessed: 2021-5-18
[42] J. Jung, J. Cho and B. Lee, "A Secure Platform for IoT Devices based on ARM Platform Security Architecture," 2020 14th International Conference on Ubiquitous Information Management and Communication (IMCOM), 2020, pp. 1-4
[43] K. Quist-Aphetsi and M. C. Xenya, "Node to Node Secure Data Communication for IoT Devices Using Diffie-Hellman, AES, and MD5 Cryptographic Schemes," 2019 International Conference on Cyber Security and Internet of Things (ICSIoT), 2019, pp. 88-92
[44] A. Ahmar, E. Aras, W. Joosen and D. Hughes, "Towards More Scalable and Secure LPWAN Networks Using Cryptographic Frequency Hopping," 2019 Wireless Days (WD), 2019
[45] S. Pizzi, C. Suraci, A. Iera, A. Molinaro and G. Araniti, "A Sidelink-Aided Approach for Secure Multicast Service Delivery: From Human-Oriented Multimedia Traffic to Machine Type Communications," in IEEE Transactions on Broadcasting, vol. 67, no. 1, pp. 313-323, March 2021
[46] M. G. Samaila, J. B. F. Sequeiros, T. Simões, M. M. Freire and P. R. M. Inácio, "IoT-HarPSecA: A Framework and Roadmap for Secure Design and Development of Devices and Applications in the IoT Space," in IEEE Access, vol. 8, pp. 16462-16494, 2020
[47] S. Abdolinezhad, M. Schappacher and A. Sikora, "Secure Wireless Architecture for Communications in a Parcel Delivery System," 2020 IEEE 5th International Symposium on Smart and Wireless Systems within the Conferences on Intelligent Data Acquisition and Advanced Computing Systems (IDAACSSWS), 2020, pp. 1-6
[48] J. Cao, P. Yu, M. Ma and W. Gao, "Fast Authentication and Data Transfer Scheme for Massive NB-IoT Devices in 3GPP 5G Network," in IEEE Internet of Things Journal, vol. 6, no. 2, pp. 1561-1575, April 2018
[49] Y. Zhang, F. Ren, A. Wu, T. Zhang, J. Cao and D. Zheng, "Certificateless MultiParty Authenticated Encryption for NB-IoT Terminals in 5G Networks," in IEEE Access, vol. 7, pp. 114721-114730, 2019
[50] Z. Abbas, S. M. Sajjad and H. J. Hadi, "Light Weight Secure Authentication for Accessing IoT Application Resources," 2019 22nd International Multitopic Conference (INMIC), 2019, pp. 1-5
[51] A. Roukounaki, S. Efremidis, J. Soldatos, J. Neises, T. Walloschke and N. Kefalakis, "Scalable and Configurable End-to-End Collection and Analysis of IoT Security Data : Towards End-to-End Security in IoT Systems," 2019 Global IoT Summit (GIoTS), 2019, pp. 1-6
[52] M. A. López Peña and I. Muñoz Fernández, "SAT-IoT: An Architectural Model for a High-Performance Fog/Edge/Cloud IoT Platform," 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), 2019, pp. 633-638
[53] S. G. Abbas, M. Husnain, U. U. Fayyaz, F. Shahzad, G. A. Shah and K. Zafar, "IoT-Sphere: A Framework to Secure IoT Devices from Becoming Attack Target and Attack Source," 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2020, pp. 1402-1409
[54] “CNS-16210”, https://www.cnsonline.com.tw/?node=result&generalno=16120-1&locale=zh_TW, accessed: 2021-5-18
[55] “Internet of Things (IoT) Cybersecurity Certification”,
https://ctiacertification.org/wp-content/uploads/2021/01/CTIA-CybersecurityCertification-Program-for-IoT-Devices-V-1-4.zip, accessed: 2021-5-18
[56] “IEC-62443”, https://webstore.iec.ch/searchform&q=62443, accessed: 2021-5-18
[57] “introduction to IEC-62443”,
https://www.cc.ntu.edu.tw/chinese/epaper/0054/20200920_5408.html, accessed: 2021-5-18
[58] M. Maidl, D. Kröselberg, J. Christ and K. Beckers, "A Comprehensive Framework for Security in Engineering Projects - Based on IEC 62443," 2018 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), 2018, pp. 42-47
[59] “BC20”, https://www.quectel.com/product/lte-bc20-nb-iotgnss%e6%a8%a1%e7%bb%84/?lang=zh-hans, accessed: 2021-5-18
[60] “DS3231”, https://datasheets.maximintegrated.com/en/ds/DS3231.pdf, accessed:
2021-5-18
[61] “nRF52832”, https://www.nordicsemi.com/Products/Low-power-short-rangewireless/nRF52832, accessed: 2021-5-18
[62] “Nordic Semiconductor”, https://www.nordicsemi.com/, accessed: 2021-5-18
[63] “AT command for BC20”,
https://www.quectel.com/download/quectel_bc26bc20_at%e5%91%bd%e4%bb%a4%e6%89%8b%e5%86%8c_v1-1-pdf/?lang=zh-hans, accessed: 2021-5-18
[64] “INFWIN”, http://www.infwin.com.cn/, accessed: 2021-5-18
[65] “JingXunChangTong”, http://jxctdzkj.com/, accessed: 2021-5-18
[66] “nRF toolbox”, https://www.nordicsemi.com/Software-and-tools/DevelopmentTools/nRF-Toolbox, accessed: 2021-5-18
[67] “Memory layout of nrf52832”,
https://infocenter.nordicsemi.com/topic/sdk_nrf5_v16.0.0/bootloader_protection_details.svg
[68] Malladi, S., Alves-Foss, J., and Heckendorn, R. B. “On preventing replay attacks on security protocols”, Tech. rep.,IDAHO UNIV MOSCOW DEPT OF COMPUTER SCIENCE, 2002
[69] Y. Ding and P. Hoster, “Undetectable on-line password guessing attacks,” ACM Operating Systems Review, vol.29, no.4, pp.77-86, October 1995
[70] “MITM attack”, Stacy Prowell, Rob Kraus and Mike Borkin, CHAPTER 6-Maninthe-Middle, In Seven Deadliest Network Attacks, edited by Stacy Prowell, Rob Kraus and Mike Borkin, Syngress, Boston, 2010, Pages 101-120, 2010
[71] “Forward secrecy”, https://avinetworks.com/glossary/perfect-forward-secrecy/, accessed: 2021-5-18
[72] Colin Boyd, Kai Gellert, “A Modern View on Forward Security”, The Computer Journal, Volume 64, Issue 4, Pages 639–652, April 2021
[73] “Denial-of-Service Attacks”, https://uscert.cisa.gov/ncas/tips/ST04-015, accessed: 2021-6-2
[74] Elleithy, K., M. ,“Denial of Service Attack Techniques: Analysis, Implementation and Comparison”, Systemics, Cybernetics and Informatics” Vol. 3, 1-6, 2011
[75] M. Barbeau, J. Hall, and E. Kranakis, ”Detecting Impersonation Attacks in Future Wireless and Mobile Networks,” Lecture Notes in Computer Science, vol. 4074, pp. 80–95, Springer-Verlag, 2006
[76] “AWS Shield Standard”, https://aws.amazon.com/tw/shield/features/#
AWS_Shield_Standard, accessed: 2021-7-5