Building your own encrypted LoRa infrastructure

Lately I discovered these nice little LoRa boards that make it possible to transmit data over the air on an open frequency without the need to have an extra SIM-card and a cellular data network. They promise up to 10km range so I knew that this would be my new playground :-)

Basically with LoRa you just send out data in clear-text on a predefined channel and everyone else that listens on that channel can read it. Not very safe. Actually not safe at at.

I also learned about LoRaWan that already solves a lot of these problems – especially encryption, addressing and lots more. But at the place where I wanted to deploy LoRa is no LoRaWan coverage and I also did not want to buy+operate a LoRaWan gateway there.

So I decided to build my own LoRa infrastructure. It consists of some nodes sending data via LoRa and another node (my “LoRa Gateway”) listening to them and forwarding the data to my web-backend via WiFi.

Outline of my LoRa infrastructure

I’m using the ESP8266-12 modules programmed via Arduino on both sides as there is already a broad variety of libraries and a big and helping community.

After initial data transmission from the sensor-node to the web-backend finally was working I started to play around with encrypting the payload. There are already a lot of libraries to encrypt and decrypt data on the Arduino that work great. But I did not find a lot of examples to encrypt on the Arduino and decrypt on a webserver.

One that was quite promising was the one that I found here: It uses AES-128-CBC and was the first example project that I got working for my requirement to encrypt on the ESP8266 and decrypt on another platform – a big thanks to :-)

The only problem was that it is using nodejs to decrypt the data but my webhost only supports php. So I wrote a php-port of the decryption part:

function decryptAes($aesKey, $ivB64, $msgB64){
		$plain_iv = bin2hex(base64_decode($ivB64));
		$iv = hex2bin($plain_iv);
		$key = hex2bin($aesKey);
		$bytes = openssl_decrypt($msgB64, "AES-128-CBC", $key, $options=0, $iv);
		$plaintext = base64_encode($bytes);
		$decoded_b64msg = base64_decode($plaintext, true);
		return base64_decode($decoded_b64msg, true);

Sample usage:

	$aesKey = "2B7E151628AED2A6ABF7158809CF4F3C";
	$ivB64 = "iv-in-base64"; 
	$msgB64 = "msg-in-base64";
	$decryptedMsg = decryptAes($aesKey, $ivB64, $msgB64);
	echo $decryptedMsg;

Of course you need to change the $aesKey to the one you have used. The key you see here is the same as in the library of The key is defined as a HEX-String, the IV and message are given Base64-Encoded.

Literal youTUBE TV

To meet the nerdy me in me I created this “literal youTUBE TV”.
I found this super retro/vintage CRT of the Austrian brand Kapsch on the flea market (it even came with a receipt of 1977) and as it uses just RF as input it is basically worthless as TV-stations only broadcast digitally nowadays.
But… you can buy an HDMI-to-RF transmitter which does exactly that: Converting your HDMI-signal to RF that can be injected instead of an antenna signal. After that you just have to plug a Chromecast or whatever HDMI outputting device into it and you have upcycled your old CRT.
Sweet, isn’t it?

  • Kapsch VIENNASTAR CRT, built 1977
  • AIYIMA Transmitter HDMI To RF (find it in your fav. chinese retailer)
  • Google Chromecast
  • Some wiring and setting up

Big thanks to my father who – as a former TV and radio mechanic – took care of adjusting and maintaining the CRT.

E-Ink Weatherstation

I had an old Tolino Shine E-Reader lying around that I did not want to throw out just because I did not use it anymore. After I found out it ran on Android and there is a way to root it I new I had to give it a new life. So I rooted it and created a mini-app that regularly pulls the current weather conditions and displays them. Furthermore I included a button to show current departure times of public transportation around my flat.


[Update October 17th, 2020] Peter emailed me that he found an excellent comparison between various weather APIs. So if you plan to consume a weather API be sure to have a look here – maybe you find an API that better suits your needs.

Pixeltable Reloaded

You might already know my Pixel-Table from a previous blog post (link). Back then it was powered by a Raspberry PI which had the hazards of managing a full OS and struggling with always-corrupted filesystems after power outages or just after some time when the SD card memory gets broken as of too many write-cycles.

So I started to move the hardware towards Arduino (to control the LED Stripe) and an ESP8266 to offer wifi communication. The two microcontrollers communicate via the serial interface.

Basic outline:
Webapp -> ((Wifi)) -> ESP8266 -> (Serial Interface) -> Arduino -> LED Stripe

Finally I also managed to build a grid for the LEDs so they appear far more pixel-shaped.


  • Pixeltable Hardware as of previous post
  • Arduino Nano
  • ESP8266
  • DIY Webapp to send commands to ESP8266
  • Fun!

« Previous PageNext Page »