Encryption of LoRa messages

  • 10 August 2016
  • 0 reacties
  • 1209 keer bekeken

Reputatie 2
Badge +1
This post has become obsolete as it was incorporated in the LoRaWAN Security: Encryption and Authentication topic.
LoRaWAN forces all devices to encrypt payload and header with the Advanced Encryption Standard (AES), using keys of 128 bits (or 32 hexadecimal characters):
  • Network information is encrypted with a Network Session Key (NwkSKey). This key needs to be shared between device and KPN LoRa Core.
  • Payload information is encrypted with a Application Session Key (AppSKey). This key needs to be shared between device and customer Application Server. The AppSKey does not have to be shared with the network operator, but developers can choose to share the AppSKey with KPN to decrypt the payload and sent the decrypted payload over a secure https connection.
AppSKey and NwkSKey can be generated as a string of 32 random hex characters.

For implementation at the application server, LoRaWAN defines a specific de/encryption scheme using AES. Note that it is not simply putting the payload through standard AES!

Note: The LoRaWAN encryption scheme is set up such that only a AES-encryption scheme has to be implemented and decryption can be done with the same scheme, saving device resources and development effort.

0 reacties

Geen reactie