11.3 Crypto Engine Use With LoRaWAN V1.1.x
All the keys required to sign, authenticate, or encrypt Join traffic, as well as the session keys, can be derived from the
provided root keys (AppKey, NwkKey), following the derivation scheme described in
CryptoDeriveKey(...) function should be computed by the host controller, and supplied to the function as its
Input[1:16] argument, with appropriate padding bytes when applicable. For instance, when computing FNwkSIntKey, the
command should be used as follows:
FNwkSIntKey = CryptoDeriveKey(NwkKey, 0x01 | JoinNonce | NetID | DevNonce | pad
Where pad
is the required number of 0x00 bytes to expand to a 16-byte number.
16
LR1121
User Manual
Rev 1.1
UM.LR1121.W.APP
Mar 2023
Figure 11-1: Key Derivation Scheme For LoRaWAN 1.1.x
www.semtech.com
Figure
11-1. The arguments of the
)
16
Proprietary & Confidential
117 of 130
Semtech