0

I am looking at the LoraWan protocol specification and I want to capture the over the air activation of a device. So far I have seen the:

https://zakelijkforum.kpn.com/lora-forum-16/over-the-air-activation-otaa-8323

As it seems that it is using nonces in order to generate the key, I thought, "Hey it seems like Diffie Hellman to me."

  • Is the Over the air activation in LoRaWan is as the link mentions?
  • If yes, is Diffie Hellman the key exchange being used?
schroeder
  • 123,438
  • 55
  • 284
  • 319
Dimitrios Desyllas
  • 381
  • 1
  • 2
  • 13

1 Answers1

1

Let AppK the Application Key. The Application Session Key (AppSKey) and the Network Session Key (NwkSKey) are generated by using only the AES algorithm without adopt the Diffie Hellman protocol.

Let us suppose that we have a Device Node that generates a 16 bits pseudorandom nonce namely DevNonce. This nonce is sent to the application server. The application server generates a 22-bits pseudo random nonce namely AppNonce that is sent to the Device Node.

The Network ID, called NetID is pre-shared between the entities. Moreover a standard 32-bit code (for NwkSKey this is 0x01, for AppSKey this is 0x02) is used.

Finally the resulting message is padded to 128-bits.

NwkSKey = aes128_encrypt(AppKey, 0x01 | AppNonce | NetID | DevNonce | pad16)
AppSKey = aes128_encrypt(AppKey, 0x02 | AppNonce | NetID | DevNonce | pad16)

However I advise you this link to deepen the LoraWan Security.

CipherX
  • 190
  • 1
  • 8