Clarification on End Node Security

Hi there,
I was hoping someone could clarify the security section of the following document.
I was reading through the documentation on the LoRaWAN Netowrk Elements - Security section: LoRa and LoRaWAN: Technical overview | DEVELOPER PORTAL

Could someone potentially get a hold of my end node device and copy the DevEUI and AppKey to their own end node and begin a JOIN procedure and begin sending uplink messages?
How do we go about securing out end nodes that are deployed such that no one can send incorrect uplink messages?

Yes, if someone has physical access to your device, they could disassemble and/or pull keys from the flash.

There are not many good solutions to this yet. Secure elements (Securing LoRaWAN with Secure Elements) is one, but it’s far from standardized.

1 Like