Cross-layer IoT security using radio frequency fingerprinting and lightweight cryptography

Технічна інженерія DOI: https://doi.org/10.26642/ten-2026-1(97)-324-331 UDC 004.056.55 B.V. Cherniavskyi, Postgraduate Student Oles Honchar Dnipro National University Cross-layer IoT security using radio frequency fingerprinting and lightweight cryptography The paper discusses the results of research on a security protocol for IoT devices in an LPWAN environment. To test the hypothesis, a hybrid protocol using radio frequency fingerprinting (RFF), TESLA, and the lightweight Ascon-128a encryption method was developed and verified. Experimental results were obtained on 8 and 32-bit controllers, on the arm64 platform. This approach to data transmission protection provides an appropriate level of comprehensive protection with minimal computing resources and insignificant transmission delays. The architectural approach demonstrates the ability to effectively resist cloning and replay attacks, which is undoubtedly critically important in wireless networks. Special attention is paid to the problem of resource limitations in LPWAN systems, where the use of traditional DTLS protocols is impractical and resource-intensive, and in some cases technically impossible, since complex operations based on the RSA algorithm are used to agree on AES keys. This approach uses almost all resources for network coordination and encourages the use of more expensive controllers to achieve the required level of security in industrial solutions. The practical implementation was built on the Arduino Uno R4 WIFI platform using the LoRa library and a server component developed in Go for the ARM64 computing architecture, which confirmed the hypothesis. At the stage of system integration, specific synchronization methods were designed to prevent time deviation in the operation of the TESLA protocol, as well as algorithms for deriving radio frequency fingerprints using the database abstraction layer. Profiling on the Arduino platform proves the high efficiency of the approach with millisecond transactions and minimal memory consumption, and the use of radio frequency fingerprints allows you to reliably block malicious traffic even before the start of resource cryptographic checks. Keywords: IoT Security; LPWAN; Radio Frequency Fingerprinting; Ascon; TESLA; Cross-layer Security. Formulation of the problem. The integration of Internet of Things (IoT) architectures into critical infrastructure encompassing smart grids, environmental monitoring, and industrial automation has generated highly intricate security challenges. To facilitate this rapid technological expansion, Low-Power Wide-Area Networks (LPWAN), specifically NB-IoT and LoRaWAN [1], are predominantly utilized due to their optimal balance of energy efficiency and extended transmission range. Nevertheless, a profound vulnerability gap emerges from the fundamental hardware limitations inherent to LPWAN edge devices, which are generally driven by basic 32-bit ARM or 8-bit AVR microcontrollers [2; 3]. Implementing conventional cryptographic frameworks, such as Datagram Transport Layer Security (DTLS) [4], is highly problematic within these resource-deprived contexts. The inherent characteristics of standard protocols specifically their extensive handshake procedures, necessity for packet fragmentation, and heavy computational loads can rapidly exhaust the restricted bandwidth and severely deplete the power reserves of LPWAN deployments [5]. To circumvent these operational bottlenecks, network operators often adopt non-standard, lightweight security mechanisms based on security-by-obscurity paradigms or static cryptographic keys. Ultimately, such compromises inadvertently expose the infrastructure to severe threat vectors, including replay attacks, device cloning, and man-in-the-middle (MitM) interceptions. The fundamental challenge investigated in this dissertation is the absence of a standardized, resource-aware security framework tailored for «Arduino-class» IoT devices, which must simultaneously counteract physical cloning and digital intrusions, such as tampering and replay attacks, while strictly adhering to the severe energy and computational limitations inherent to LPWAN deployments. Analysis of recent research and publications. Although the protection of resource-constrained IoT endpoints has received considerable scholarly attention [6–8], a universally applicable defense paradigm has yet to be established. The current body of research predominantly bifurcates into distinct domains: the mitigation of static key vulnerabilities, optimizations of cryptographic algorithms, physical-layer security enhancements, and the resolution of broadcast authentication bottlenecks. A fundamental flaw in contemporary LPWAN deployments, particularly within the LoRaWAN ecosystem [10; 11], stems from an overreliance on static symmetric keys (typically AES-128 [9]) for both network and application-level security. As highlighted by Ntshabele et al., this static key architecture exposes the infrastructure to severe threat vectors, including replay exploits and device cloning, especially when physical access to the edge node is compromised [12]. While dynamic session key management schemes have been proposed to address these vulnerabilities, they frequently introduce prohibitive 324 © B.V. Cherniavskyi, 2026 ISSN 2706-5847 № 1 (97) 2026 computational costs. Pathak et al. demonstrated that centralized lightweight key exchange mechanisms can reduce transmission overhead [13]. Recent advancements by Sravan et al. utilizing elliptic curve cryptosystems have shown promise in establishing dynamic session keys with forward secrecy [14]. However, the integration of these dynamic schemes on basic 8 or 32-bit microcontrollers continues to generate substantial computational and transmission overhead, rapidly exhausting the restricted bandwidth and severely depleting the power reserves of LPWAN deployments. In response to the operational inefficiencies inherent in traditional cryptographic frameworks like DTLS 1.3 [4] and AES-GCM, the National Institute of Standards and Technology (NIST) finalized its lightweight cryptography standardization in 2023 with the adoption of Ascon [15]. Utilizing a permutation-based architecture, Ascon is specifically tailored for brief message payloads and severely limited hardware, rendering it a far more viable option for LPWAN telemetry. The cipher's ability to provide authenticated encryption with associated data (AEAD) ensures data integrity and confidentiality without the massive computational burden of conventional standards. Nevertheless, reliance on cryptography alone is fundamentally insufficient against physical device cloning attacks in scenarios where malicious actors manage to extract key material directly from a compromised edge node. This limitation necessitates the integration of supplementary security layers that operate independently of stored cryptographic secrets. To address the vulnerabilities of purely cryptographic (...truncated)