<
From version < 17.3
edited by Xiaoling
on 2023/04/19 17:49
To version < 3.1 >
edited by Xiaoling
on 2022/05/27 09:00
Change comment: Uploaded new attachment "image-20220527090005-2.png", version {1}

Summary

Details

Page properties
Content
... ... @@ -1,15 +1,11 @@
1 - **Table of** **Contents: **
1 + **Contents: **
2 2  
3 3  {{toc/}}
4 4  
5 -
6 -
7 7  = 1. Introduce =
8 8  
9 -
10 10  A standard LoRaWAN packet via UDP packet forward to LoRaWAN server is AES128 encryption. In this chapter, we will show how this packet looks like in the server and see the possibility to get the content of this packet.
11 11  
12 -
13 13  [[image:image-20220527085838-1.png]]
14 14  
15 15  Unencrypt Network modified from LoRaWAN
... ... @@ -17,93 +17,63 @@
17 17  
18 18  = 2. Analyze the LoRaWAN packet =
19 19  
20 -
21 21  If the gateway is connected to LoRaWAN server via UDP packet fordward. We can set the server address to a UDP server to get the LoRaWAN packets.
22 22  
18 +[[image:https://wiki.dragino.com/images/thumb/5/57/None_Encryption_1.png/600px-None_Encryption_1.png||height="259" width="600"]]
23 23  
24 -[[image:image-20220527090005-2.png]]
25 -
26 26  UDP Server
27 27  
28 28  
29 29  We can get one of the LoRaWAN packet and analyze it. See below
30 30  
31 -[[image:image-20220527090050-3.png]]
25 +[[image:https://wiki.dragino.com/images/thumb/b/b9/None_Encryption_2.png/600px-None_Encryption_2.png||height="497" width="600"]]
32 32  
33 33  Analyze the data
34 34  
35 -
36 36  (((
37 -From above screen shot, we can see most of the meaning except this** (% style="color:#4f81bd" %)"data":"QHxqASaAygwCXrumS1oFsgRq"(%%)**(% style="color:#4f81bd" %).(%%) This is the AES128 encryption data we mention above, it is base64 format. To decode this data, we need to have the** (% style="color:#4f81bd" %)APP Session Key(%%)**(% style="color:#4f81bd" %) (%%)and (% style="color:#4f81bd" %)**Network Session Key**(%%) of this end node. If we have these two keys, we are able to decode this packet by some LoRaWAN decode website like: [[LoRaWAN Decode Website>>url:https://lorawan-packet-decoder-0ta6puiniaut.runkit.sh/]].
30 +From above screen shot, we can see most of the meaning except this** "data":"QHxqASaAygwCXrumS1oFsgRq"**. This is the AES128 encryption data we mention above, it is base64 format. To decode this data, we need to have the APP Session Key and Network Session Key of this end node. If we have these two keys, we are able to decode this packet by some LoRaWAN decode website like: [[LoRaWAN Decode Website>>url:https://lorawan-packet-decoder-0ta6puiniaut.runkit.sh/]].
38 38  )))
39 39  
40 40  
41 41  (((
42 42  Below is an example, from
43 -
44 -
45 45  )))
46 46  
47 -[[image:image-20220527090122-4.png]]
38 +[[image:https://wiki.dragino.com/images/thumb/4/4c/None_Encryption_3.png/600px-None_Encryption_3.png||height="388" width="600"]]
48 48  
49 49  Decode the packet
50 50  
51 -
52 52  = 3. Difference between OTAA and ABP mode =
53 53  
54 -
55 55  There are two mode for End Node:
56 56  
57 -* (% style="color:blue" %)**OTAA:**(%%) Over the air activation. In this mode, the end node will send a Join Request to server, server will reply with a Join Accept and the end node will parse this Join Accept message to get the Dev Addr / APP Session Key(AppSkey / Network Session Key(NwkSKey). Because the AppSkey and NwkSkey is dynamic, OTAA mode provide more security.
46 +* OTAA: Over the air activation. In this mode, the end node will send a Join Request to server, server will reply with a Join Accept and the end node will parse this Join Accept message to get the Dev Addr / APP Session Key(AppSkey / Network Session Key(NwkSKey). Because the AppSkey and NwkSkey is dynamic, OTAA mode provide more security.
47 +* ABP: Activation by personalization. There is no hand-shake with LoRaWAN server for activition. The end node will use fix Dev Addr / APP Session Key(AppSkey / Network Session Key(NwkSKey) to upload the packet. So the packet can be decode if someone know these fix keys.
58 58  
59 -* (% style="color:blue" %)**ABP:**(%%) Activation by personalization. There is no hand-shake with LoRaWAN server for activition. The end node will use fix Dev Addr / APP Session Key(AppSkey / Network Session Key(NwkSKey) to upload the packet. So the packet can be decode if someone know these fix keys
60 -
61 -
62 -
63 63  = 4. Get and decode the packet =
64 64  
65 -
66 66  According to above, it is possible to get the payload from sensor without LoRaWAN server:
67 67  
68 -* Setting the end node to ABP mode
53 +1. Setting the end node to ABP mode
54 +1. Add decode program and add the keys of the sensor. So to get the payload. There is an example for such application, see [[Communication with ABP End Node>>url:https://wiki.dragino.com/index.php/Communication_with_ABP_End_Node]]
69 69  
70 -* Add decode program and add the keys of the sensor. So to get the payload. There is an example for such application, see [[Communication with ABP End Node>>Communicate with ABP End Node without LoRaWAN Network Server --- LG308]].
71 -
72 -
73 -
74 74  = 5. Use an unencrypt firmware =
75 75  
76 -
77 77  If user doesn't care about the security of the data and use Dragino end node, it is possible that we provide a firmware without AES128 encrytion, so the server no need to decode packet. Please note this software is no LoRaWAN compatible and no security.
78 78  
79 79  (((
80 -The software will disable encryption, so the LoRaWAN payload raw** (% style="color:#4f81bd" %)"data":"QHxqASaAygwCXrumS1oFsgRq"(%%)** will looks like (% style="color:#4f81bd" %)**"data":"4068370126000000000c9e11223361898841"**(%%), and the meaning is as below:
61 +The software will disable encryption, so the LoRaWAN payload raw "data":"QHxqASaAygwCXrumS1oFsgRq" will looks like "data":"4068370126000000000c9e11223361898841", and the meaning is as below:
81 81  )))
82 82  
83 -[[image:image-20220527090341-5.png]]
64 +[[image:https://wiki.dragino.com/images/thumb/d/d6/None_Encryption_4.png/600px-None_Encryption_4.png||height="70" width="600"]]
84 84  
85 85  Unencrypt packet
67 +
86 86  
87 -
88 -(% style="color:red" %)**Note: In some device's firmware . There is a AT Command to Disable Encryption. See below:**
89 -
90 -* (% style="color:blue" %)**AT+DECRYPT=1**(%%)  The payload is uploaded without encryption
91 -
92 -* (% style="color:blue" %)**AT+DECRYPT=0  **(%%) Encrypt when uploading payload (default)
93 -
94 -
95 -
96 96  = 6. limitation =
97 97  
98 -
99 99  * None standard LoRaWAN protocol, it is not compatible with LoRaWAN server.
100 -
101 101  * No device management / ADR management defined in LoRaWAN protocol
102 -
103 103  * No security.
104 -
105 105  * No Downlink
106 -
107 107  * Only use for ABP
108 -
109 -
image-20220527090050-3.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoling
Size
... ... @@ -1,1 +1,0 @@
1 -107.8 KB
Content
image-20220527090122-4.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoling
Size
... ... @@ -1,1 +1,0 @@
1 -220.7 KB
Content
image-20220527090341-5.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.Xiaoling
Size
... ... @@ -1,1 +1,0 @@
1 -31.8 KB
Content
Copyright ©2010-2024 Dragino Technology Co., LTD. All rights reserved
Dragino Wiki v2.0