Security solution provides secure key provisioning

As the LoRa (Long Range) technology ecosystem quickens, security continues to be an area for development in the market due to vulnerabilities that leave the network and application server keys accessible in the memory of modules and MCUs paired with a LoRaWAN stack. If keys are accessed in a LoRaWAN device, a hacker can imitate it and authorise fraudulent transactions, which can end in a scalable attack with big losses in service revenue, recovery costs and brand equity. The company, in partnership with The Things Industries, has released what is claimed to be the industry’s first end-to-end security solution that brings secure, trusted and managed authentication to LoRaWAN devices at a global scale. The solution provides hardware-based security to the LoRa ecosystem, combining the MCU and radio-agnostic ATECC608A-MAHTN-T CryptoAuthentication device with The Things Industries’ managed join servers and the company's secure provisioning service. “Hardware-based security is imperative for today’s connected applications,” said Nuri Dagdeviren, vice president of Microchip’s Secure Products Group. “Similar to how a Subscriber Identification Module (SIM) card securely stores an international mobile identity number and its related key to authenticate subscribers on cell phones, the ATECC608A adds a hardware root of trust to the LoRa ecosystem to establish a trusted authentication when a device connects to the cloud.” “The rapidly growing LoRaWAN market needs an efficient and secure system that provides additional security while reducing the time spent on provisioning devices,” said Johan Stokking, chief technology officer at The Things Industries. “We are excited to collaborate with Microchip to enable this for devices that utilise our global network.”