LoraWAN组播加解密

AES128 在线加解密

McKey_encrypted = aes128_decrypt(McKEKey, McKey)
McKey = aes128_encrypt(McKEKey, McKey_encrypted)

推导步骤：
LoRaWAN 1.0.x使用单独的GenAppKey，而LoRaWAN 1.1+后使用AppKey。

1. McKEKey
• LoRaWAN 1.0.x (GenAppKey)，end-devices SHALL use this scheme:
o McRootKey = aes128_encrypt(GenAppKey, 0x00 | pad16)
o McKEKey = aes128_encrypt(McRootKey, 0x00 | pad16)
• LoRaWAN 1.1+ (AppKey)，end-devices SHALL use this scheme:
o McRootKey = aes128_encrypt(AppKey, 0x20 | pad16)
o McKEKey = aes128_encrypt(McRootKey, 0x00 | pad16)

2. McKey
McKey = aes128_encrypt(McKEKey, McKey_encrypted)

3. McAppSKey和McNwkSKey
McAppSKey = aes128_encrypt(McKey, 0x01 | McAddr | pad16)
McNwkSKey = aes128_encrypt(McKey, 0x02 | McAddr | pad16)

How does it work on the server?
To create a multicast profile, we need to set up three elements: McAddr (A), McKey_encrypted (1), and GenAppKey (2).
McKey_encrypted (1), and GenAppKey (2) are random values.
GenAppKey (2) derivation will build the McEKey used for decrypting McKey_encrypted (1) and we will end up with the McKey.
Thanks to this McKey, McNwkSkey (B) and McAppSKey (C) are generated.
The server now has its full multicast profile: McAddr (A), McNwkSkey (B) and McAppSKey (C).

How does it work on the end-device?
To create a multicast profile, we need to set up one element: GenAppKey (2).
GenAppKey (2) must be the same random value used on the server.
Then, the end-device waits for the McGroupSetupReq command.
In this command, the end-device will find the McAddr (A) and the McKey_encrypted (1).
GenAppKey (2) derivation will build the McEKey and will be used for decrypting McKey_encrypted (1).
We will end up with the McKey.
Thanks to this McKey, McNwkSkey (B) and McAppSKey (C) are generated.
The server now has its full multicast profile: McAddr (A), McNwkSkey (B) and McAppSKey (C).