Table of Contents
Advertisement
www.keller-druck.com
6.1.10.1 Activation
LoRaWAN devices have a 64-bit unique identifier "Device EUI" that is assigned to the device by the chip manufacturer.
However, all communication is done with a dynamic 32-bit device address "Device Address" a procedure called Activa-
tion.
6.1.10.1.1 Over-the-Air Activation (OTAA / default)
Over-the-Air Activation (OTAA) is the preferred and most secure way to connect with the LoRa network. Devices per-
form a join-procedure with the network, during which a dynamic Device Address is assigned, and security keys are
negotiated with the device.
6.1.10.1.2 Activation by Personalization (ABP)
In some cases, you might need to hardcode the Device as well as the security keys in the device. This means activating a
device by personalization (ABP). This strategy might seem simpler, because you skip the join procedure, but it has some
downsides related to security.
6.1.10.2 LoRaWAN Security
When a device joins the network (this is called a join or activation), an application session key and a network session
key are generated. The network session key is shared with the network, while the application session key is kept pri-
vate. These session keys will be used for the duration of the session.
The Network Session Key is used for interaction between the Node and the Network Server. This key is used to validate
the integrity of each message by its Message Integrity Code (MIC check). This MIC is similar to a checksum, except that
it prevents intentional tampering with a message. For this, LoRaWAN uses AES-CMAC. In the backend of The Things
Network this validation is also used to map a non-unique device address to a unique Device EUI and Application EUI.
The Application Session Key is used for encryption and decryption of the payload. The payload is fully encrypted be-
tween the Node and the Handler/Application Server component of The Things Network (which you will be able to run
on your own server). This means that nobody except you is able to read the contents of messages you send or receive.
These two session keys (network and application session keys) are unique per device, per session. If you dynamically
activate your device (OTAA), these keys are re-generated on every activation. If you statically activate your device
(ABP), these keys stay the same until you change them.
The Application key is only known by the device and by the application. Dynamically activated devices (OTAA) use the
Application Key to derive the two session keys during the activation procedure.
6.1.10.3 Data Rate
There are some knobs you can turn: transmission power and spreading factor. If you lower the transmission power,
you'll save battery, but the range of the signal will obviously be shorter. The other knob is the data rate. This deter-
mines how fast bytes are transmitted. If you increase the data rate you can transmit those bytes in a shorter time. For
those, the calculation is approximately as follows: Making the spreading factor 1 step lower (from SF10 to SF9) allows
you to send 2x more bytes in the same time. Lowering the spreading factor makes it more difficult for the gateway to
receive a transmission, as it will be more sensitive to noise.
6.1.10.4 LoRaWAN Adaptive Data Rate
Adaptive Data Rate (ADR) is a mechanism for optimizing data rates, airtime and energy consumption in the network.
ADR should be enabled for static devices, like the ADT1.
To determine the optimal data rate, the network needs some measurements (uplink messages). The network calculate
the so-called "margin", which is used to determine how much the network can increase the data rate or lower the
transmit power, which means more airtime- and energy efficient. The network could even lower the transmit power to
save more energy and cause less interference.
Version 05/2021
Seite 21 von 32
Advertisement
Table of Contents
