Home Labs Stories Upgrading LoRaWAN Application by adding Secure Communication and Secure Key Provisioning onto Microchip ATSAMR34 Xplained Pro Kit

UPGRADING LORAWAN APPLICATION BY ADDING SECURE COMMUNICATION AND SECURE KEY PROVISIONING ONTO MICROCHIP ATSAMR34 XPLAINED PRO KIT

image story

ABOUT THIS STORY


Posted on Feb. 25, 2019



Intermediate
2 Hours

Introduction


When it comes to LoRa security, provisioning and storing network server and application server keys is as important as it is complex. Because of this, it is also a known security weakness that attackers may try to use to exploit your system by accessing these keys. This can be avoided by implementing a secure hardened key storage both at the node and in the LoRaWAN™ backend which will strengthen the authentication process by removing exposure of authentication keys to software, firmware, manufacturing sites, end users and other third parties. Microchip’s ATECC608A-MAHTN secure element provides a JIL “high” rated secure key storage to isolate keys in the nodes. This is especially valuable in LoRa systems which are based on a shared key security model and leverage a wide variety of traditional low-power microcontrollers.

To make adding hardware secure key storage easier, the secure element is paired with The Things Industries' (TTI) join server service for turnkey secure authentication. The corresponding AES128 authentication keys are also hosted and protected in TTI’s managed join servers. Through a claim procedure via the TTI portal, the protected keys in the secure element are “claimed” and then owned by the company. This process simplifies the cumbersome unsecure provisioning practice used without secure key storage. This join server is completely agnostic to the network server and/or application server providers to preserve business scalability by leaving freedom of choice to the architects. Flexibility doesn’t stop here, the ATECC608A-MAHTN secure element is a microcontroller-agnostic solution that adds true hardware secure key storage to any LoRa-connected products.

More details are available here:

https://www.microchip.com/design-centers/security-ics/cryptoauthentication/cloud-authentication/lora-security-with-tti-join-server