The LoRaWAN protocol offers two layers of security implemented using the AES128 algorithm. On the network layer, the integrity of a message is enforced by the Message Integrity Code (MIC) and on the application layer the payload is encrypted. This means it is possible to have end-to-end encryption of the LoRa data. For LoRaWAN the used network keys are in the KPN domain and the application keys are in the customer domain and must comply to usage policies to prevent easy to guess variables. In the case of over the air activation (OTAA) the used NwkSKey and AppSKey are managed from the KPN domain (Join service) and can be periodically refreshed. Figure 4 shows the domain of the NwkSKey and the AppSKey. The provisioning of devices and an Application Server are described in Sections 2.1.1 and 0.

Figure 4 NwkSKey and AppSKey domain

KPN depends not only on the included security mechanisms such as over the air activation (OTAA) and AES128 in the LoRaWAN protocol specification but it also applies KPN security mechanisms. The complete solution is hosted in KPN owned datacentre premises on which the Corporate Security Policy Framework (CSPF) is applicable. The KPN CSPF consists of a set of policies, standards and guidelines and is derived from high level KPN Group Corporate Security Policy. The CSPF is based on the international standard for information security (ISO27001 ) and the international standard for business continuity (BS25999).

The connection towards the customer Application Server is using the HTTPS protocol with TLS v1.2 signed certificate requirements. Within this tunnel the application data is authenticated by using bi-directional SHA-256 token calculation. More detailed information about this connection and its security can be found in Section 1.3.