Manuel Van Balen Cedeno.
Manuel Van Balen CedenoHi everyone,
This is an extremely novice question but I’m having issues understanding the security of the Over The Air Authentication on an xDot.
When using the OTA joinmode we specify the network ID (AppEUI) and the network key (AppKey) in both the xDot and the conduit gateway.
If a malicious party gets their hands on one of the xDots they would be able to easily get a hold of that network ID and network key. I’m guessing this would allow them to do things like adding end devices to the network or maybe even adding their own conduit gateway to the network to send command to the end devices or receive their packages.
From what I’ve read, OTAA is supposed to be a more secure option because the compromise of a single end device doesn’t compromise the whole network. But it seems like the compromise of a single xDot would in fact allow an attacker to do quite a lot.
Where am I wrong here?
I’m guessing that I’m misunderstanding something here but can’t get my head around it.
Thanks for your help
Jason ReissYes that is the risk of using the same AppKey configured on end-devices.
It allows convenience of configuration at the expense of some security.
Our next AEP version will bring out the configuration of unique keys for end-devices to the UI.
Manuel Van Balen CedenoOk, thanks.
Is there a way to do this currently through code?
Otherwise, is there an ETA for the next AEP version?
Again, thanks a lot for your help.