Decoding a LoraWAN payload send by your ESP8266 gateway

[ Same post as on myesp8266.blogspot.com ]

If you are receiving a LoraWAN packet on you LoraWAN gateway using the ESP8266 module most probably  you will forward it to a back-end server to be processed by your application. But the message is encoded and encrypted so this is the procedure to do it right.

rxpk update: {"rxpk":[{"tmst":1060664170,"chan":0,"rfch":0,"freq":868.100000,"stat":1,"modu":"LORA","datr":"SF7BW125","codr":"4/5","lsnr":12,"rssi":-28,"size":31,"data":"QGIH4AIAqgABvJNVF4DpUapp/xQN1REVnI+jYoR6Ig=="}]}

Step1. Base64

The "data":"QGIH4AIAqgABvJNVF4DpUapp/xQN1REVnI+jYoR6Ig==" need to be decoded using base64 and the result will be:

64, 98, 7, -32, 2, 0, -86, 0, 1, -68, -109, 85, 23, -128, -23, 81, -86, 105, -1, 20, 13, -43, 17, 21, -100, -113, -93, 98, -124, 122, 34

Step 2. Build the block A(i) according to the 4.3.3.1 

For each data message, the algorithm defines a sequence of Blocks Ai  for i = 1..k 

with k = ceil(len(pld) / 16). In our case the k=2 because the len(pld)=31 so there are 2 blocks that need to be constructed.

An A Block will be like this one:

-----------------------------------------------------------------------------------------------------------

                          | Dir | Device Address     | Fcnt Up/Down       |      | Block number     

-----------------------------------------------------------------------------------------------------------

0x01 | 0x00 0x00 0x00 0x00| 0x00| 0x62 0x07 0xE0 0x02| 0xAA 0x00 0x00 0x00| 0x00 | 0x01

-----------------------------------------------------------------------------------------------------------

                          | Dir | Device Address     | Fcnt Up/Down       |      | Block number     

-----------------------------------------------------------------------------------------------------------

0x01 | 0x00 0x00 0x00 0x00| 0x00| 0x62 0x07 0xE0 0x02| 0xAA 0x00 0x00 0x00| 0x00 | 0x02

Where Dir is direction and it is 0 for uplink and 1 for downlink

Step 3. Encrypt each A Block

The blocks Ai are encrypted to get a sequence S of blocks S(i) :  S(i) = aes128_encrypt(K, Ai) for i = 1..k

So, on this step each A block will be encrypted ( yes encrypted !!!) AES128 with the same

key used on node side. 

A ciphertext will be like:

c7b11d72ec853e8853dd4362a77d71ad

Step 4. XOR the cipher with payload.

S = S1 | S2 | .. | Sk

Don't forget that encryption and decryption of the payload is done by truncating (pld | pad16) XOR S to the first len(pld) octets.

At the end the text {"Hello":"World1"} will be available for your application. If at the node side this text is encrypted your app will need to do a decryption to get it.

Spread factor VS payload size on LoRa

Differences Between North America & Europe

In essence, longer range is possible in Europe because of a higher permissible spreading factor. However, data throughput is generally higher in North America because of Europe’s duty cycle restriction, but keep in mind that using the highest spreading factor for North America (10) limits payload size to 11 bytes. Whereas in Europe the payload can be 51 bytes at the highest spreading factor (12).

Region	North America	Europe
ISM Band	902-928 MHz	863-870 MHz
Regulated by	FCC	ETSI
TX Restriction	400ms tx time	Generally 1% tx duty-cycle
Payload sizes	11 – 242 bytes	51 – 242 bytes
Spreading factors	7 – 10	7 – 12
Data rates	1 – 12.5 kbps	0.3 – 5.5 kbps
Max transmit power	21 dBm	Generally 14 dBm

Spreading Factor & Bandwidth	Transmit Data rate	Maximum Payload Size
		North America	Europe
SF_8 500kHz(AT+SENDH)	12.5 kbps	242 bytes	-
SF_7 125kHz	5.47 kbps	242 bytes	242 bytes
SF_8 125kHz	3.125 kbps	129 bytes	242 bytes
SF_9 125kHz	1.76 kbps	53 bytes	115 bytes
SF_10 125kHz	0.98 kbps	11 bytes	51 bytes
SF_11 125kHz	0.44 kbps	-	51 bytes
SF_12 125kHz	0.25 kbps	-	51 bytes

NOTE: the effective throughput data rate in Europe is generally the transmit data rate divided by 10 after accounting for the duty cycle limitations. Therefore, throughput with SF_12 will be around 25 bps.