www.keller-druck.com
Version 08/2020
Seite 20 von 24
6.1.8.1
Activation
LoRaWAN devices have a 64-bit
unique identifier “Device EUI” that is assigned to the device by t
he chip manufacturer.
However, all communication is done with a dynamic 32-bit
device address “Device Address” a p
rocedure called
Activa-
tion
.
6.1.8.1.1
Over-the-Air Activation (OTAA / default)
Over-the-Air Activation (OTAA) is the preferred and most secure way to connect with the LoRa network. Devices per-
form a join-procedure with the network, during which a dynamic Device Address is assigned, and security keys are
negotiated with the device.
6.1.8.1.2
Activation by Personalization (ABP)
In some cases, you might need to hardcode the Device as well as the security keys in the device. This means activating a
device by personalization (ABP). This strategy might seem simpler, because you skip the join procedure, but it has some
downsides related to security.
6.1.8.2
LoRaWAN Security
When a device joins the network (this is called a join or activation), an application session key and a network session
key are generated. The network session key is shared with the network, while the application session key is kept pri-
vate. These session keys will be used for the duration of the session.
The
Network Session Key
is used for interaction between the Node and the Network Server. This key is used to validate
the integrity of each message by its Message Integrity Code (MIC check). This MIC is similar to a checksum, except that
it prevents intentional tampering with a message. For this, LoRaWAN uses AES-CMAC. In the backend of The Things
Network this validation is also used to map a non-unique device address to a unique Device EUI and Application EUI.
The
Application Session Key
is used for encryption and decryption of the payload. The payload is fully encrypted be-
tween the Node and the Handler/Application Server component of The Things Network (which you will be able to run
on your own server). This means that nobody except you is able to read the contents of messages you send or receive.
These two session keys (network and application session keys) are unique per device, per session. If you dynamically
activate your device (OTAA), these keys are re-generated on every activation. If you statically activate your device
(ABP), these keys stay the same until you change them.
The
Application key
is only known by the device and by the application. Dynamically activated devices (OTAA) use the
Application Key
to derive the two session keys during the activation procedure.
6.1.8.3
Data Rate
There are some knobs you can turn:
transmission power
and
spreading factor
. If you lower the transmission power,
you’ll save battery, but the range of the signal will obviously be s
horter. The other knob is the data rate. This deter-
mines how fast bytes are transmitted. If you increase the data rate you can transmit those bytes in a shorter time. For
those, the calculation is approximately as follows: Making the spreading factor 1 step lower (from SF10 to SF9) allows
you to send 2x more bytes in the same time. Lowering the spreading factor makes it more difficult for the gateway to
receive a transmission, as it will be more sensitive to noise.
6.1.8.4
LoRaWAN Adaptive Data Rate
Adaptive Data Rate (ADR) is a mechanism for optimizing data rates, airtime and energy consumption in the network.
ADR should be enabled for static devices, like the ADT1.
To determine the optimal data rate, the network needs some measurements (uplink messages). The network calculate
the so-
called “margin”, which is
used to determine how much the network can increase the data rate or lower the
transmit power, which means more airtime- and energy efficient. The network could even lower the transmit power to
save more energy and cause less interference.