US 11,838,751 B2
Privacy preserving message blinding
Joseph Alfonso Knapp, Morgan Hill, CA (US); Thomas Eirich, Rapperswil-Jona (CH); Michael Peter Kuyper, Rapperswil-Jona (CH); Alexandru Mircea Caracas, Rapperswil-Jona (CH); and Thorsten Kramp, Rapperswil-Jona (CH)
Assigned to Semtech (International) AG, Rapperswill (CH)
Appl. No. 16/488,537
Filed by SEMTECH (INTERNATIONAL) AG, Rapperswil-Jona (CH)
PCT Filed Oct. 11, 2017, PCT No. PCT/US2017/056176
§ 371(c)(1), (2) Date Aug. 23, 2019,
PCT Pub. No. WO2018/156206, PCT Pub. Date Aug. 30, 2018.
Claims priority of provisional application 62/463,401, filed on Feb. 24, 2017.
Prior Publication US 2020/0068390 A1, Feb. 27, 2020
Int. Cl. H04W 12/02 (2009.01); H04L 9/08 (2006.01); H04L 9/40 (2022.01); H04W 12/04 (2021.01); H04W 12/06 (2021.01)
CPC H04W 12/02 (2013.01) [H04L 9/0866 (2013.01); H04L 63/0428 (2013.01); H04W 12/04 (2013.01); H04W 12/06 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A method for transmitting low power wide area networking protocol message frames, comprising:
generating, by an end device comprising a processor, a first frame portion of a message frame of the low power wide area networking protocol message frames comprising
a first plain header and a first encrypted payload, the first plain header and the first encrypted payload collectively representing a portion of a physical payload of the message frame, wherein the first plain header contains destination and source routing information and comprises at least a frame header (FHDR) having a device address (DevAddr), and wherein the first encrypted payload is an encrypted form of a frame payload, the frame payload comprising content from a source device;
obtaining a device identifier (DevEUI) and a header blinding key (HdrBKey) of the source device;
generating a first header mask by performing a cryptographic operation on the DevEUI using the HdrBKey;
generating a first blinded header by applying the first header mask to the first plain header, the first blinded header comprising an encrypted form of at least the FHDR including the DevAddr;
generating a first updated portion of the message frame by replacing the first plain header with the first blinded header, the first updated portion of the message frame comprising the first blinded header and the first encrypted payload;
generating a first blinded message frame comprising the first updated frame portion;
transmitting the first blinded message frame to a network gateway, wherein the header binding key (HdrBKey) is known only to the end device and to a network host;
generating, by the end device, a second frame portion of a second message frame of the low power wide area networking protocol message frames comprising a second plain header;
generating a second header mask using the first header mask and the HdrBKey;
generating a second blinded header by applying the second header mask to the second plain header;
generating a second updated portion of the second message frame by replacing the second plain header with the second blinded header;
generating a second blinded message frame comprising the second updated portion; and
transmitting the second blinded message frame to the network gateway.