Data security is a top priority when deploying Industrial IoT (IIoT) devices in the field. While some systems rely on layered, bolt-on security protection, VoBo keeps it simple and robust by leveraging the security model built directly into the LoRaWAN® protocol.
The VoBo is a LoRaWAN® endpoint bridge that collects analog, digital, or serial sensor data and transmits it wirelessly across the LoRaWAN® network. The VoBo uses the inherent security features that make LoRaWAN® secure, including unique encryption keys, authentication, and message integrity that are built into the protocol.
Let’s explore how VoBo helps LoRaWAN® keep your data safe.
What Makes LoRaWAN® Secure?
LoRaWAN® is one of the most secure LPWAN protocols available. It was designed from the ground up to protect data in motion across long distances using low power.
LoRaWAN® security uses proven, NIST (National Institute of Standards and Technology)-approved AES (Advanced Encryption Standard) cryptographic algorithms, widely adopted for protecting constrained devices and networks. It applies AES with CMAC (Cipher-based Message Authentication Code) for integrity and CTR (Counter) for encryption.
Each device is securely provisioned with a unique 128-bit AppKey and a globally unique DevEUI. DevEUIs require an IEEE-issued Organizationally Unique Identifier (OUI), while networks are identified by a 24-bit ID assigned by the LoRa Alliance™.
Let’s look at this a little closer.
1. Unique Keys for Every Device
Every LoRaWAN® device, including VoBo endpoints, has a unique set of cryptographic keys, which include:
- DevEUI – A 64-bit globally unique device identifier.
- AppKey – A unique application root key used during secure join (OTAA).
- JoinEUI – A 64-bit globally unique identifier that identifies the application server responsible for the device.
These keys are essential to LoRaWAN®‘s end-to-end encryption and are never reused or shared between devices. This means each VoBo has its own unique security identity.
2. Secure Key Delivery to User
Proper key management practices are critical to maintaining the security and reliability of LoRaWAN® deployments. VoBo device keys are securely delivered to the user through the Volley Boast Customer Portal. User account-based access to the keys in bulk uploader formats simplifies small-scale or mass deployments.
3. Over-the-Air Activation (OTAA)
OTAA (Over-the-Air Activation) is the preferred method for adding a LoRaWAN® device to the network. VoBo fully supports OTAA, so every deployment starts with a fresh, secure handshake. With OTAA, VoBo dynamically negotiates the session keys each time it joins the network. These keys include:
- Network Session Key (NwkSKey) – Validates the message authenticity and integrity between the VoBo and the network server.
- Application Session Key (AppSKey) – Encrypts the sensor’s data, ensuring that only the application server can read the payload.
These keys are automatically refreshed during re-joins, which adds another layer of security.
4. End-to-End Data Protection
With end-to-end data protection, LoRaWAN® divides responsibilities between the network and the application layers. The network server handles routing and connectivity. Only the application server can decrypt the sensor data. This protection includes:
- Data confidentiality – Only your system can view the payload.
- Message integrity – A Message Integrity Code (MIC) verifies that messages haven’t been tampered with.
- Replay protection – LoRaWAN® uses frame counters to detect and reject repeated packets.
VoBo Conforms to LoRaWAN® Security
While VoBo does not introduce any proprietary security features, it conforms to the LoRaWAN® standard, including security. This means:
- No extra configuration is required – VoBo is ready to securely join the network using your LoRaWAN® server.
- No open interfaces or services – There are no IP stacks or external network services, so the attack surface is minimal.
- Relies on the strength of LoRaWAN® itself – VoBo benefits from a protocol that’s already trusted in critical infrastructures worldwide.
VoBo stays secure by leveraging the proven cryptographic model of LoRaWAN®, rather than adding complexity or new vulnerabilities to deal with on the network.
VoBo is a Trustworthy Endpoint in Your LoRaWAN® Network
Here are the security features you can expect when deploying VoBo in your LoRaWAN® system:
| Security Feature | How It’s Handled with VoBo |
| Unique Device Identity | VoBo has a unique DevEUI and AppKey |
| End-to-End Encryption | Enabled through LoRaWAN® AppSKey |
| Data Authenticity | Verified with Message Integrity Codes (MIC) |
| Secure Join | Managed with OTAA using unique root keys |
| Minimal Attack Surface | No IP stack, no exposed ports or services |
VoBo operates within this secure framework, building confidence without adding complexity.
Best Practices for Secure LoRaWAN® Networks with VoBo
To make the most of your VoBo devices, follow these simple best practices for secure networks:
- Use OTAA rather than ABP for secure device provisioning.
- Safeguard your device keys (AppKey, JoinEUI, DevEUI) and store them securely to prevent exposure to public networks.
- Physically protect your field devices from unauthorized access.
- Monitor the device’s join behavior and uplink traffic to detect anomalies.
- Use a network and application server that holds the LoRaWAN® security standards.
Conclusion – Simple, Secure, and Ready for Deployment
Rather than introducing new security issues to the LoRaWAN® network or burdening the end user with unnecessarily complex security procedures, VoBo endpoints maintain simplicity by adhering to all the security strengths of the LoRaWAN® protocol.
By leveraging unique device keys, secure OTAA joins, and AES-128 encryption throughout the data lifecycle, VoBo helps protect your IIoT deployment without adding unnecessary complexity.
Regardless of the type of LoRaWAN® system you’re building and its devices, you can trust VoBo to send your data securely and reliably.
Ready to deploy with confidence? Explore the VoBo now or get in touch with our team for integration support.