Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

LoRa Secure Authentication with the ATECC608A Secure Element

Security With The Things Industries Join Servers

When it comes to LoRa security, provisioning and storing network server and application server keys is as important as it is complex. Because of this, it is also a known security weakness that attackers may try to use to exploit your system by accessing these keys. This can be avoided by implementing a secure hardened key storage both at the node and in the LoRaWAN™ backend which will strengthen the authentication process by removing exposure of authentication keys to software, firmware, manufacturing sites, end users and other third parties. Microchip’s ATECC608A-MAHTN secure element provides a JIL “high” rated secure key storage to isolate keys in the nodes. This is especially valuable in LoRa systems which are based on a shared key security model and leverage a wide variety of traditional low-power microcontrollers.

ATECC608A

To make adding hardware secure key storage easier, the secure element is paired with The Things Industries' (TTI) join server service for turnkey secure authentication. The corresponding AES128 authentication keys are also hosted and protected in TTI’s managed join servers. Through a claim procedure via the TTI portal, the protected keys in the secure element are “claimed” and then owned by the company. This process simplifies the cumbersome unsecure provisioning practice used without secure key storage. This join server is completely agnostic to the network server and/or application server providers to preserve business scalability by leaving freedom of choice to the architects. Flexibility doesn’t stop here, the ATECC608A-MAHTN secure element is a microcontroller-agnostic solution that adds true hardware secure key storage to any LoRa-connected products.

Benefits of using The Things Industries join server for LoRa-based designs

  • Add secure elements to LoRaWAN 1.0.x and 1.1
  • One year of TTI join server access included
  • Microcontroller-agnostic secure element
  • Network and application server agnostic TTI join server
  • Leverage Microchip’s secure provisioning service
  • Ability to provide a unique, trusted, protected and managed identity
  • Supported by Microchip and Arm® LoRaWan stacks
  • Pre-configured authentication, secure boot
  • Re-keying capability between TTI join servers and the secure element
  • JIL rated “high” secure key storage
  • Protection against anti-tampering, side-channel attacks
TTI logo
How does The Things Industries join server service work?
+

The Things Industries’ join server service architecture makes securing LoRaWAN connections both easy and portable. This service is network server agnostic, application server agnostic and gives you the ability to protect your connection from anywhere, at any time. Similar to how a data plan works for a mobile device, each purchase of a Microchip ATECC608A-MAHTN secure element device comes with one year of managed LoRaWAN join service through The Things Industries. Once a device identifies itself to join a LoRaWAN network, the network contacts The Things Industries join server to verify that the identity comes from a trusted device and not a fraudulent one. The derived session keys are then sent securely to your network server and application server of choice. The Things Industries join server supports any LoRaWAN network, from commercially-operated networks to private networks built on open source components. After the one-year period ends, The Things Industries provides the option to extend this service.

Microchip and The Things Industries have also partnered to make the onboarding process of LoRaWAN devices seamless and secure. LoRaWAN device identities are claimed by The Things Industries Join Server with minimal intervention, removing the need for developers to have expertise in security. Customers can not only choose any LoRaWAN network, they can also migrate to any other LoRaWAN join server by rekeying the device. This means no vendor lock-in and full control over where and how the device keys are stored.

What do you really get with this configured and provisioned ATECC608A for LoRa-connected applications?
+

All ATECC608-MAHTN-T secure elements provide:

  • An already defined and configured memory zone within the secure element with all the agreed policies necessary to work with the TTI join server and respect the LoRaWan authentication protocol. More precisely, the ATECC608A-MAHTN is configured for authentication, re-keying and secure boot use cases.
  • Built-in provisioning for the network key and application keys. Both of these authentication keys will be used to connect to the network and application LoRa server of choice. The Things Industry does offer such services, but their join server is agnostic of those layers.

The ATECC608a-MAHTN-T is a secure element which comes with one year of complimentary access to The Thing Industries’ join server. Once the first year elapses, you can work directly with TTI to manage the cost and maintenance of connection to the join server separately.

What’s the value of a configured and provisioned secure element for LoRa-based systems?
+

Without a simplified onboarding process, such as the one provided by Microchip and The Things Industries, the procedure to provision the authentication keys is not only complex but also unsecure. The handling of AES keys is particularly sensitive as the developers will need to be well aware of the security risks associated to the deployment and management of a shared key model not only in the hardware but across all the stacks of the LoRa network including cloud back-end architecture and all of that from prototyping to production at a global scale.

During prototyping and development phases, the first complexity is in the choice of selecting a technology provider in the segmented LoRa industry. Now, security is recognized as a gap and needs to be added which greatly increases the complexity of a design. Examples of the questions you’ll now need to answer are: What is the starting point to securely provision authentication keys in secured storage? How will you to develop, deploy and manage a join server on the LoRaWAN? How will you make sure the keys of the join server and the ones in the edge node match? How will you avoid the keys leaking throughout the whole process? How will you distribute shared keys securely? Where should you start?

During production, assuming the previous questions have been answered and designed in, the question becomes this: how will you handle millions of shared keys in a secured environment between a join server provider, the site where keys are provisioned and how they are exposed through the complete supply chain (semiconductor, distribution partner, design house, ODM to finally arrive to the OEM)?

Microchip and TTI have taken all of those constraints into account to simplify the onboarding and logistics. This bundled solution provides simple-to-use yet robust security foundations for LoRa products. The process can be simplified to:

  1. Purchase the ATECC608a-MAHTN-T secure element
  2. Open a TTI account and activate the join server
  3. Claim the batch of ATECC608a-MAHTN-T secure elements to your TTI join server
  4. Start coding your application, without the design burden of securing your authentication
What’s the importance of secure hardware key storage?
+

Security is often mistaken as just encryption. While encryption is an important element of security, encryption alone doesn’t solve all security needs. Encrypting and storing a key in a standard memory does not mean that a system is secure since firmware and software bugs are a natural part of coding and will always exist. In addition, there is another considerable attack surface to consider during the manufacturing process where keys and other cryptographic assets can be severely exposed to employees and equipment. All these backdoors are attack surfaces which can be exploited to spoof a key and inflict malicious actions on a device or system.

The usage an ATECC608A secure element combined with Microchip’s provisioning service will help to isolate your keys from software, firmware, manufacturing, third-party companies and users. It also simplifies and reduces the cost and complexity of your supply chain by leveraging Microchip’s provisioning service.

The secure element is equipped with active anti-tampering protections as well as side-attack channel protections. All of the cryptographic functions involved with the key are in the same secure boundary as the secure element. This architecture can be used with any microprocessor or microcontroller to reduce backdoors to keys at a very affordable cost for a high grade of security. The ATECC608A secure element has been rated JIL “High” demonstrating its high robustness in protecting keys.

Start Developing Your LoRa Solution with Two Hardware Options

To quickly begin developing your next LoRa-connected design with secure authentication, follow the steps below which include hardware recommendations as well as resources from The Things Industries.

Develop with the SAM R34 Ultra-Low Power LoRa SiP and Microchip LoRaWAN stack

Develop with the SAM L21 MCU and discrete Semtech Radio and Arm mBed™ OS LoRaWAN stack