Hunting the Sigfox: Wireless IoT Network Security

Dissecting the radio protocol of Sigfox, the global cellular network for the IoT you have probably never heard of

If you suspend your transcription on, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
<a href="">Sigfox</a> is an emerging low-power wide-area network (LP-WAN) technology for IoT devices, comparable to <a href="">LoRa</a>.

This talk recounts my analysis of Sigfox's radio protocol and presents an open reference implementation of an alternative Sigfox protocol stack.

It confirms that while Sigfox ensures authenticity and integrity, transmitted payloads are not confidential.

This presentation is targeted at a technical audience with some basic knowledge of cryptography (security goals, AES), but no knowledge in RF technology (modulation, scrambling, error correction) is required.

<p>Sigfox can be compared to a cellular network, but for mostly battery-powered IoT devices that don't need to transmit much data. While <a href="">some</a> <a href="">sparse</a> <a href="">details</a> on Sigfox's architecture and <a href="">its security</a> have been published and <a href="">some basic reverse engineering has been carried out</a>, most of the protocol specifications remain proprietary and closed, so by now, no independent security audit was performed. Advertised use cases of Sigfox include air quality monitoring, weather stations, utilities metering and tracking farm animals. In this talk, I illustrate why these applications are fine, but why one might not want to track a money transporter with Sigfox or base a home alarm system on it.</p>

<p>The Sigfox network is very atypical, with uplink and downlink based on different physical layers.
After a short introduction, I begin the presentation by taking a deep dive into Sigfox's radio protocol with a focus on its Security. Basics of radio technology (SDRs, ultra-narrow band (UNB) modulation, SRD bands) and techniques for analyzing protocols are briefly summarized and the uplink's and downlink's frame structures are presented.</p>

<p>Subsequently, I show how a radio sniffer that has captured Sigfox messages can extract the uplink's and downlink's contents. While the uplink's payload is already contained in plaintext, the downlink is scrambled, but I indicate how the downlink's pseudorandom whitening sequence used for scrambling can be generated or brute-forced by an eavesdropper. Moreover, I outline attacks that could even compromise Sigfox's authenticity checking.</p>

<p>Finally, I provide some suggestions on how to improve Sigfox's security.</p>

<p>The reference implementation of an alternative Sigfox protocol stack &quot;librenard&quot; that was created as part of this work as well as reconstructed protocol specifications detailing the uplink and significant portions of the downlink protocol will be published immediately after this talk.</p>

Talk ID
4:10 p.m.
Hardware & Making
Type of
Florian Euchner (Jeija)
Talk Slug & media link

Talk & Speaker speed statistics

Very rough underestimation:
161.1 wpm
878.9 spm
169.8 wpm
933.1 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
161.1 wpm
878.9 spm
Florian Euchner (Jeija):
169.8 wpm
933.1 spm