Application Session Key

What is it? 

The application session key (AppSKey) is a key used to encrypt and decrypt payload, i.e., the actual data pack sent to or received from the server. The payload is completely encrypted between a device and the application server, which deals with the network’s application layer. 

How does it work? 

During the join procedure as part of over-the-air-activation (one of the ways to link a LoRa sensor to a LoRaWAN® network), the AppSKey is dynamically generated and unique per device, per session. Therefore, it is regenerated every time the sensor opens a new session. 

On the contrary, activation by personalization (ABP) involves the AppSKey hardcoded into the device and unchanged during the device’s lifetime.