The Encryption Libraries are designed to add to the Waspmote sensor platform the capabilities necessary to protect the information gathered by the sensors. To do so two cryptography layers are defined:
Link Layer: In the first one all the nodes of the network share a common preshared key which is used to encrypt the information using AES 128. This process is carried out by specific hardware integrated in the same 802.15.4/ZigBee radio, allowing the maximum efficiency of the sensor nodes energy consumption. This first security layer ensures no third party devices will be able to even connect to the network (access control).
Secure Web Server Connection: The second security technique is carried out in Meshlium -the Gateway- where HTTPS and SSH connections are used to send the information to the Cloud server located on the Internet.
A third optional encryption layer allows each node to encrypt the information using the Public key of the Cloud server. Thus, the information will be kept confidentially all the way from the sensor device to the web or data base server on the Internet.
Transmission of sensor data:
Information is encrypted in the application layer via software with AES 256 using the key shared exclusively between the origin and the destination Then the packet is encrypted again in the link layer via hardware with AES 128 so that only trusted packets be forwarded, ensuring access control and improving the usage of resources of the network.