SigFox Public key rejected "Invalid private key"



  • When sending a packet to SigFox using a LoPy4 with a Public Key enabled, SigFox reject the packet as "Invalid private key" in the backend.

    sigfox = Sigfox(mode=Sigfox.SIGFOX, rcz=Sigfox.RCZ1)
    sigfox.public_key(True)
    s = socket.socket(socket.AF_SIGFOX, socket.SOCK_RAW)
    s.setsockopt(socket.SOL_SIGFOX, socket.SO_RX, False)
    s.setblocking(True)
    s.send(<some data here>>)

    send() completes without an error but the packet is dropped by SigFox.
    Works OK if "sigfox.public_key(False)" is used.

    Is there something else I need to do at the LoPy4 end?
    Is there a LoPy4 firmware issue?
    Is there a problem at SigFox?

    Thanks, Richard



  • Yes, in principle Sigfox supports encryption between a device and the Sigfox backend. Note, that this does not give you end-to-end encryption between the device and your own service/application/whatever you have behind the Sigfox backend.

    However, no, the implementation in the Pycom devices does not have this support. So either way you would have to roll your own.



  • @Gijs Hello again. Been reading up on SigFox encryption issues. Particularly https://www.disk91.com/2018/technology/sigfox/stop-telling-me-sigfox-is-clear-payload-for-real-youre-just-lazy/

    The author refers to SigFox Payload Encryption that SigFox offer on their radio network that has to be enabled at the SigFox end and relies on software support in the SigFox stack implemented in "modems".

    Do Pycom support this in any devices?

    Thanks, Richard



  • @Gijs Thanks. I was really looking for an explanation of the issue with using "sigfox.public_key(True)" which you have explained, thanks again for that. I've now started down the rabbit hole of looking at the SigFox radio level encryption and the option of encrypting the payload that you described.



  • As I mentioned, the public key is not used for encryption, but for testing. This way, the device can connect to an emulated base-station in the testing facilities.

    The list mentioned on the page refers to modules capable of emulating a Sigfox basestation, and indeed the pycom modules are not listed there.

    As far as I know, Sigfox uses the private key by default for authentication, but Im not sure of the encryption level of the data. As the packets are a maximum of 12 bytes, it would also be hard to use one of the integrated encryption methods (https://docs.pycom.io/firmwareapi/pycom/aes/).

    Im not sure what level of security you are looking for, but you could look at creating a simple encryption algorithm that you can decode in the backend.



  • @Gijs So does this mean, as no Pycom products are listed on that page, it is not possible to encrypt packets sent using SigFox from a LoPy4?



  • So, (I just learned that as well), the sigfox.private_key(...) function does not actually do what you expect it to do. Instead, it is used on test / certification of the device. This is also why you are getting the 'invalid private key' error

    https://support.sigfox.com/docs/public-key


Log in to reply
 

Pycom on Twitter