Industry’s First End-to-End LoRa® Security Solution Provides Secure Key Provisioning with Microchip and The Things Industries

Industry’s First End-to-End LoRa® Security Solution Provides Secure Key Provisioning with Microchip and The Things Industries

CryptoAuthentication™ device and managed LoRa join servers enable developers to deploy secure connected applications on LoRaWAN™ networks

-

AMSTERDAM, Netherlands, January 31, 2019 — As the LoRa® (Long Range) technology ecosystem accelerates, security remains an area for improvement in the market due to vulnerabilities that leave the network and application server keys accessible in the memory of modules and microcontrollers (MCUs) paired with a LoRaWAN™ stack. If keys are accessed in a LoRaWAN device, a hacker can impersonate it and authorize fraudulent transactions, which can result in a scalable attack with substantial losses in service revenue, recovery costs and brand equity. Microchip Technology Inc. (Nasdaq: MCHP), in partnership withThe Things Industries, today announced the industry’s first end-to-end security solution that adds secure, trusted and managed authentication to LoRaWAN devices at a global scale. The solution brings hardware-based security to the LoRa ecosystem, combining the MCU- and radio-agnostic ATECC608A-MAHTN-T CryptoAuthentication device with The Things Industries’ managed join servers and Microchip’s secure provisioning service.

The joint solution significantly simplifies provisioning LoRaWAN devices and addresses the inherent logistical challenges that come with managing LoRaWAN authentication keys from inception and throughout the life of a device. Traditionally, network and application server keys are unprotected in the edge node, and unmonitored, as LoRaWAN devices pass through various supply chain steps and are installed in the field. The Common Criteria Joint Interpretation Library (JIL) “high”-rated ATECC608A comes pre-configured with secure key storage, keeping a device’s LoRaWAN secret keys isolated from the system so that sensitive keys are never exposed throughout the supply chain nor when the device is deployed. Microchip’s secure manufacturing facilities safely provision keys, eliminating the risk of exposure during manufacturing. Combined with The Things Industries’ agnostic secure join server service to the LoRaWAN network and application server providers, the solution decreases the risk of device identity corruption by establishing a trusted authentication when a device connects to a network.   

Similar to how a prepaid data plan works for a mobile device, each purchase of an ATECC608A-MAHTN-T device comes with one year of managed LoRaWAN join server service through The Things Industries. Once a device identifies itself to join a LoRaWAN network, the network contacts The Things Industries join server to verify that the identity comes from a trusted device and not a fraudulent one. The temporary session keys are then sent securely to the network server and application server of choice. The Things Industries’ join server supports any LoRaWAN network, from commercially operated networks to private networks built on open-source components. After the one-year period, The Things Industries provides the option to extend the service.

“Hardware-based security is imperative for today’s connected applications,” said Nuri Dagdeviren, vice president of Microchip’s Secure Products Group. “Similar to how a subscriber identification module (SIM) card securely stores an international mobile identity number and its related key to authenticate subscribers on cell phones, the ATECC608A adds a hardware root of trust to the LoRa ecosystem to establish a trusted authentication when a device connects to the cloud.”

Microchip and The Things Industries have also partnered to make the onboarding process of LoRaWAN devices seamless and secure. LoRaWAN device identities are claimed by The Things Industries’ join server with minimal intervention, relieving developers from needing expertise in security. Customers can not only choose any LoRaWAN network but can also migrate to any other LoRaWAN join server by rekeying the device. This means there is not a vendor lock-in and customers have full control over where and how the device keys are stored.

“The rapidly growing LoRaWAN market needs an efficient and secure system that provides additional security while reducing the time spent on provisioning devices,” said Johan Stokking, chief technology officer at The Things Industries. “We are excited to collaborate with Microchip to enable this for devices that utilize our global network.”

Development Tools

The ATECC608A is agnostic and can be paired with any MCU and LoRa radio. Developers can deploy secure LoRaWAN devices by combining the ATECC608A with the SAM L21 MCU, supported by the Arm® Mbed™ OS LoRaWAN stack, or the recently-announced SAM R34 System-in-Package with Microchip’s LoRaWAN stack. For rapid prototyping, designers can use the CryptoAuthoXPRO socket board and The Things Industries provisioned parts in samples with the SAM L21 Xplained Pro (atsamd21-xpro) or SAM R34 Xplained Pro (DM320111).

Pricing and Availability

The ATECC608A-MAHTN-T device for The Things Industries, including the initial year of prepaid TTN service, is available in volume production for $0.81 each in 10,000-unit quantities.

For additional information, contact a Microchip sales representative, authorized worldwide distributor or visit Microchip’s website. To purchase products mentioned here, visit Microchip’s purchasing portal.

Trending

AMSTERDAM, Netherlands, January 31, 2019 — As the LoRa® (Long Range) technology ecosystem accelerates, security remains an area for improvement in the market due to vulnerabilities that leave the network and application server keys accessible in the memory of modules and microcontrollers (MCUs) paired with a LoRaWAN™ stack. If keys are accessed in a LoRaWAN device, a hacker can impersonate it and authorize fraudulent transactions, which can result in a scalable attack with substantial losses in service revenue, recovery costs and brand equity. Microchip Technology Inc. (Nasdaq: MCHP), in partnership withThe Things Industries, today announced the industry’s first end-to-end security solution that adds secure, trusted and managed authentication to LoRaWAN devices at a global scale. The solution brings hardware-based security to the LoRa ecosystem, combining the MCU- and radio-agnostic ATECC608A-MAHTN-T CryptoAuthentication device with The Things Industries’ managed join servers and Microchip’s secure provisioning service.

The joint solution significantly simplifies provisioning LoRaWAN devices and addresses the inherent logistical challenges that come with managing LoRaWAN authentication keys from inception and throughout the life of a device. Traditionally, network and application server keys are unprotected in the edge node, and unmonitored, as LoRaWAN devices pass through various supply chain steps and are installed in the field. The Common Criteria Joint Interpretation Library (JIL) “high”-rated ATECC608A comes pre-configured with secure key storage, keeping a device’s LoRaWAN secret keys isolated from the system so that sensitive keys are never exposed throughout the supply chain nor when the device is deployed. Microchip’s secure manufacturing facilities safely provision keys, eliminating the risk of exposure during manufacturing. Combined with The Things Industries’ agnostic secure join server service to the LoRaWAN network and application server providers, the solution decreases the risk of device identity corruption by establishing a trusted authentication when a device connects to a network.   

Similar to how a prepaid data plan works for a mobile device, each purchase of an ATECC608A-MAHTN-T device comes with one year of managed LoRaWAN join server service through The Things Industries. Once a device identifies itself to join a LoRaWAN network, the network contacts The Things Industries join server to verify that the identity comes from a trusted device and not a fraudulent one. The temporary session keys are then sent securely to the network server and application server of choice. The Things Industries’ join server supports any LoRaWAN network, from commercially operated networks to private networks built on open-source components. After the one-year period, The Things Industries provides the option to extend the service.

“Hardware-based security is imperative for today’s connected applications,” said Nuri Dagdeviren, vice president of Microchip’s Secure Products Group. “Similar to how a subscriber identification module (SIM) card securely stores an international mobile identity number and its related key to authenticate subscribers on cell phones, the ATECC608A adds a hardware root of trust to the LoRa ecosystem to establish a trusted authentication when a device connects to the cloud.”

Microchip and The Things Industries have also partnered to make the onboarding process of LoRaWAN devices seamless and secure. LoRaWAN device identities are claimed by The Things Industries’ join server with minimal intervention, relieving developers from needing expertise in security. Customers can not only choose any LoRaWAN network but can also migrate to any other LoRaWAN join server by rekeying the device. This means there is not a vendor lock-in and customers have full control over where and how the device keys are stored.

“The rapidly growing LoRaWAN market needs an efficient and secure system that provides additional security while reducing the time spent on provisioning devices,” said Johan Stokking, chief technology officer at The Things Industries. “We are excited to collaborate with Microchip to enable this for devices that utilize our global network.”

Development Tools

The ATECC608A is agnostic and can be paired with any MCU and LoRa radio. Developers can deploy secure LoRaWAN devices by combining the ATECC608A with the SAM L21 MCU, supported by the Arm® Mbed™ OS LoRaWAN stack, or the recently-announced SAM R34 System-in-Package with Microchip’s LoRaWAN stack. For rapid prototyping, designers can use the CryptoAuthoXPRO socket board and The Things Industries provisioned parts in samples with the SAM L21 Xplained Pro (atsamd21-xpro) or SAM R34 Xplained Pro (DM320111).

Pricing and Availability

The ATECC608A-MAHTN-T device for The Things Industries, including the initial year of prepaid TTN service, is available in volume production for $0.81 each in 10,000-unit quantities.

For additional information, contact a Microchip sales representative, authorized worldwide distributor or visit Microchip’s website. To purchase products mentioned here, visit Microchip’s purchasing portal.

IoT For All
IoT For All
IoT For All is an initiative to build a valuable resource for all stakeholders in the IoT industry. Our goal is to bring together the smartest minds in IoT to share knowledge through various forms of content, all aimed at educating the people who are implementing and enabling IoT.

Building a Blockchain Bodycam Proof of Concept for $25

This is a two part article. In the first part I demonstrate how an IoT device can incorporate a light weight blockchain on a camera device. In the second part I describe the need for open-source bodycams with law enforcement.

How Amazon Is Using IoT to Care for Its Employees

Amazon is putting iot to work in the health space in a major way. From doctor vists and perscriptions, to improved communication, is Amazon Care the future of healthcare?

I Scored 3rd at the Azure AI Hackathon With an IoT Smart Water Meter

This is a step-by-step of how I built an IoT smart water meter using Raspberry Pi, the Microsoft Azure Anomaly Detector API, Soracom Beam and a Soracom IoT SIM card.I've included screenshots and code snippets that I used, along with reasoning why I chose Soracom and how hobbyists could further develop this project.

I Have Nothing to Hide, so Why Should I Care About Privacy?

Next installment in the smart city privacy series. Why is privacy so important and how does surveillance capitalism fit with the development of the smart city?

CES2020: The Rise of AI and Personalized Wellness

From sensors to AI, 5G and the future of mobility, CES 2020 made it clear that partnerships are necessary for how we will build a connected future, personalized wellness is becoming a need to have instead of a nice to have and AI is becoming less of a buzzword and more of an actuality.