Is 6LoWPAN wireless mesh security for IOT devices bad?

Is 6LoWPAN security enough for critical wireless IOT applications?


1How Important Is 6LoWPan Security for IOT devices

The key skepticism about IOT devices stems from security risks. Imagine a scenario where hackers break into the smart grid application. Alternatively, your home automation devices could be compromised by hackers (read : thieves)
ddos attack architecture
I assume you have read about the 6LoWPAN wireless architecture
Classic attacks on the wireless 6LoWPAN architecture could include “DOS”(denial of service) or “eavesdropping”. Given the security risks and potential damage of compromising IOT applications, security is a key element

2Challenges in implementing security in wireless 6LoWPAN networks

Some of the typical challenges in implementing security in wireless 6LoWPAN IOT networks :

  • The devices at the nodes of the typical 6LoWPAN network are characterized by low computational ability, low battery life, memory and even storage.
  • Given the IPV6 transport protocol, the costs of forwarding data are exponentially higher than the costs of computation
  • The wireless IOT devices at the nodes have low processing power. As a result, it becomes difficult to implement cryptography.

Given the challenges of implementing security in 6LoWPAN wireless networks, it is worthwhile checking whether security is really important for this particular IOT application. For applications such as smartgrid, 6LoWPAN security is a must.

36LoWPan Security Modes for link layer security

The 6LoWPAN wireless IEEE 802.15.4 specification offers two basic security modes:

  • Secure Mode
  • Non Secure Mode

In the secure mode of the 6LoWPAN IEEE 802.15.4 specification, there are 2 options:

Access Control List Mode Secure Mode
In the Access Control List Mode, each device at a node of the 6LoWPAN network maintains its own Access Control List (ACL). The ACL identifies all nodes that are allowed to communicate with this particular node. The Secure Mode is the complete secure mode which includes everything from data integrity to sequencing checks.

4Is the wireless 6LoWPAN link layer security good enough for IOT applications


The 6LoWPAN wireless mesh technology typically uses 128-bit AES-128 bit encryption at the link layer defined by the IEEE 802.15.4 specification
However, it is debatable whether link layer security is good enough. For example,the Access Control List Mode does not even support crytography. Another unanswered question is the state of the ACL list in case of a power failure.

Another option is add Transport Layer security (TLS) mechanisms. TLS running over TCP provides additional transport layer security.

A third option is to add security at the application layer security. Here the application layer security provides protection against “eavesdropping” kind of attacks, and the link layer security provides support against DOS & intrusion attacks.

5In summary, 6LoWPAN security for wireless IOT projects is still a work in progress.


Please enter your comment!
Please enter your name here