Encryption Libraries; Transmission Of Sensor Data - Libelium Waspmote Technical Manual

22. Encryption Libraries

The Encryption Libraries are designed to add to the Waspmote sensor platform the capabilities necessary to protect the
information gathered by the sensors. To do so two cryptography layers are defined:
• Link Layer: In the first one all the nodes of the network share a common preshared key which is used to encrypt the in-
formation using AES 128. This process is carried out by specific hardware integrated in the same 802.15.4/ZigBee radio,
allowing the maximum efficiency of the sensor nodes energy consumption. This first security layer ensures no third party
devices will be able to even connect to the network (access control).
• Secure Web Server Connection: The second security technique is carried out in Meshlium -the Gateway- where HTTPS
and SSH connections are used to send the information to the Cloud server located on the Internet.
A third optional encryption layer allows each node to encrypt the information using the Public key of the Cloud server. Thus,
the information will be kept confidentially all the way from the sensor device to the web or data base server on the Internet.

22.1. Transmission of sensor data

Information is encrypted in the application layer via software with AES 256 using the key shared exclusively between the origin
and the destination. Then the packet is encrypted again in the link layer via hardware with AES 128 so that only trusted packets
be forwarded, ensuring access control and improving the usage of resources of the network.
Figure: Communication diagram
-114-
Encryption Libraries
v6.3