By default, LoRaWAN encrypts both the application data and the metadata with AES 128. Two authentication methods can be used: ABP (Activation By Personalization) and OTAA (Over-The-Air Activation). OTAA works with a DevEUI (64-bit address) and an AppKey (128-bit key). After each end device’s registration, a new key is generated that remains valid until the cyclic re-joining. Also, a frame counter is used, which further increases security.
