Hi, I’m a beginner with Lora just playing around with my own gateway setup.
OTAA seems like it’s obviously the slickest way to go, however I’m not sure I completely understand whether it’s secure.
AFAICT, there can’t be any shared secret between the LoRa node and server ahead of time, and keys are generated by exchanging the AppKey, AppEUI, DevEUI and nonces generated by the node and server “over the air”. I haven’t seen anything to say that these data are in any way encrypted in transit.
Therefore if a device performs an Over the Air join, and an eavesdropped is monitoring that channel, is it possible for that eavesdropped to learn the device secrets and / or NwSKey and AppSKey?
If so, this seems like a potential security concern for new devices joining the network or if devices can be forced to re-join (or re-join periodically based on implementation).
I believe the answer to the question is that in fact the AppKey is never transmitted and is the shared secret between the node and the Network server.
The security implication (especially for large-scale deployments in environmental monitoring situations such as “smart buildings”) is if that if this key is not secured well using a TPM for example, compromising a single device and reading the key from flash or wherever it is stored would enable an attacker to compromise all communications with that application, and it may be very difficult to update that key on all devices at scale.