LoRa Mesh security and addressing
I built a program around the LoRa Mesh example.
In the example code only direct neighbors which are in range of the sender are addressed and not the devices which are in the mesh, but only over devices in between.
So i changed the sending process to multicast
MULTICAST_MESH_ALL = 'ff03::1'
and except for a few packet losses, it works.
This brings me to a few general security issues, because everyone with a device running LoRa Mesh on the same settings could sniff my outgoing data!?
So what is the easiest way to make my system a little more secure.
Is it possible to address only my known devices inside the mesh (e.g. by MAC Address)? What's the "normal" way to do this.
Or is it easier to use some kind of encryption...
Thanks for your help!
@catalin Thanks for the heads-up. I really would like to get my hands on the new release just to build my application.
You're well understood, but honestly, I can't promise anything.
I am adding features, like sleepy-end-devices, setting router-leader weights, and multiple meshes support.
@catalin any idea on the release timeframe ?
@ricardolima just change neighbor
s.sendto(msg + str(pack_num), (neighbor, myport))
s.sendto(msg + str(pack_num), ("ff03::1", myport))
@catalin GREAT !
@catalin Good news
kodarn last edited by kodarn
@catalin *Bump* :-)
@catalin Great, what did come out of the meeting ??
hope you can release soon, let us know when to expect the code
@catalin 21 days ago you said that a new release of the mesh code was imminent, where can I find it ?
@catalin Any news on this ? I Really want to make a mesh with devices which does not have direct contact and that feature working will be great :D
@cuca94 Can you tell us what did you to workaround that ? How did you change the sending process to MULTICAST_MESH_ALL = 'ff03::1' ?
@catalin Waiting anxiously for the new release.
I am also facing that issue
It's safer to tag me directly
@catalin, so I am directly notified.
In the latest code, not yet released, I've added in the
Mesh()constructor the 128bits key, which authenticates and encrypts all mesh traffic. Let's call this basic security.
Secondly, I've prepared scripts examples for both symmetric and asymmetric encryption inside Pymesh, this is above the basic security and allows private communication channels in the Pymesh.
To address nodes, in the soon to be released (end of this week) pymesh library, I've added a custom IPv6 address for each node, which resembles LoRa MAC address, so by knowing your devices MAC address, you can try to access them in the mesh (sending an UDP message to the known IPv6 and waiting for ACK).
@catalin maybe u could help me? ;)