Issue link: https://read.uberflip.com/i/1464683
LoRaWAN ® Fragmented Data Block Transport Specification TS004-2.0.0 ©2022 LoRa Alliance ® Page 14 of 32 The authors reserve the right to change specifications without notice. Note: This can be implemented by initializing the 375 SessionCntPrev[FragIndex] value to -1. 376 377 A FragSessionSetupAns message, with all bits set to 0, indicates reception of a fully valid 378 FragSessionSetupReq command. Subsequently, upon reception of the first DataFragment 379 corresponding to the new session, the end-device SHALL update the 380 SessionCntPrev[FragIndex] internal counter value. This is done by setting 381 SessionCntPrev[FragIndex] = SessionCnt. The counter SHALL be stored in non- 382 volatile memory and SHALL NOT be reset. 383 384 The SessionCnt mechanism guarantees that the same data block cannot be transmitted 385 twice to a given end-device reusing the same fragmentation session context. The current 386 scheme allows up to 2 16 data block transfer per fragmentation index (up to four depending 387 on the end-device's implementation). 388 389 The 4-octet MIC field is computed by the server as follows, according to The AES-CMAC 390 Algorithm [RFC4493]: 391 392 cmac = aes128_cmac(DataBlockIntKey, B 0 | msg) 393 MIC = cmac[0...3] 394 395 Where B 0 is defined as follows: 396 Size (octets) 1 2 1 4 4 4 B 0 0x49 SessionCnt FragIndex Descriptor 0x00 len(data block) in octets (without padding) Table 12: FragSessionSetupReq MIC B 0 block definition And msg = [B1 | B2 |… |Bm], the concatenation of all the uncoded fragments (the data 397 block). 398 399 The DataBlockIntKey is a lifetime, end-device-specific key exclusively used to 400 compute the data block MIC and may be either: 401 • Derived from GenAppKey provisioned in the end-device at any time before the 402 deployment of the end-device in the field. LoRaWAN 1.0.x end-devices SHALL 403 use this scheme: 404 o DataBlockIntKey = aes128_encrypt(GenAppKey, 0x30 | pad 16 ) 405 • Derived from the AppKey. LoRaWAN 1.1+ end-devices SHALL use this scheme: 406 o DataBlockIntKey = aes128_encrypt(AppKey, 0x30 | pad 16 ) 407 AES encryption is defined in Advanced Encryption Standard (AES) [NIST-AES]. 408 409 This MIC allows the end-device to check the integrity and authenticate the data block once 410 reconstructed. 411 412 Once a data block is fully reassembled by the end-device, the end-device SHALL perform 413 the same MIC computation and compare the computed value to the MIC value provided in 414 the FragSetupSessionReq command. If the two values do not match, the data block is 415 corrupted, and SHALL NOT be used. 416 417