Is PhyPayload encrypted?

Hello there! I am looking for help about security in LoRA/LoRaWAN. I have been reading a lot of topics related to security in ChirpStack forum but I did not find something about the title question.

Is the PHYPayload encrypted? I am using a RN2903 and the datasheet says it encrypts the payload (phypayload because it is in RF modulation/ physical layer right?) and then my coworker and me checked in the Gateway Admin WebPage (We’re using a LoRa Sentrius RG191) the traffic and got a PHYLOAD: 40FF9EAC00805E0301583CD9F38B0C which corresponds to the data received by another RN2903 which was in Reception Mode (Code available in: and we could see exactly the same 40FF9EAC00805E0301583CD9F38B0C data.

So can we guarantee that the PHYPayload is encrypted? Is there another alternatives to improve the security of this? How could I decrypt that PhyPayload to see the raw data? do I need the internal keys right? How could I get them? (I have read that Physical layer has no security methods but LoRaWAN does through software as in the case of AES-128 algorithm for AppSKey and NtwSKey).

I would appreaciate any help!

There are tons of primers on LoRaWAN security, which aren’t ChirpStack-specific in any way. Check some out:

1 Like