In contrast to some cellular communications systems, LoRaWAN implements end-to-end encryption for the application data transferred between sensor nodes and application servers. Cellular networks may encrypt data packets for transfers over the wireless part of the network. But the packets are then decrypted to plaintext when they are transferred over the operator’s core network. To provide end-to-end encryption, users need to select and manage additional security protocols such as TLS. These add an extra processing burden to the sensor node that will reduce battery life.
In creating the security mechanisms for LoRaWAN, the protocol designers decided to employ the AES cryptographic algorithms. These algorithms have been analysed by the cryptographic community for many years, are approved by NIST and have become widely adopted as reliable and effective for constrained nodes and networks.
To join a LoRaWAN network, each device must provide credentials that satisfy a network server that it is a legitimate user. Conversely, the device needs to be able to tell whether it is connected to systems for which it is designed. This ensures that only genuine and authorised devices will be connected to genuine and authentic networks.
To support these requirements, at manufacture, each LoRaWAN device is personalised with a unique 128bit AES key, known in the protocol as the AppKey. The device is also provided with a globally unique identifier, DevEUI, that is based on the IEEE EUI64 address space. Each network has its own identifier: based on a 24bit address range and managed by the LoRa Alliance.
The AppKey is central to the over-the-air activation or join procedure in LoRaWAN. It ensures that both end device and the network infrastructure can agree that they are talking to legitimate systems and so continue to bring the device onboard. To initiate the join procedure, the device issues a request that is forwarded to a Join Server that performs the initial authentication routines, such as checking the device’s AppKey. The method used to determine the validity of the AppKey is the AES cipher-based message-authentication code (CMAC) protocol.