Security and Data Encryption
ZigBee security and data encryption is based on security defined in 802.15.4 protocol. The encryption algorithm used in ZigBee is AES (Advanced Encryption Standard) with a 128 bit key length (16 Bytes). The AES algorithm is not only used to encrypt the information but to validate the data which is sent. This concept is called Data Integrity and it is achieved using a Message Integrity Code (MIC) also named as Message Authentication Code (MAC) which is appended to the message. This code ensures integrity of the MAC header and payload data attached.
It is created encrypting parts of the IEEE MAC frame using the Key of the network, so if we receive a message from a non trusted node we will see that the MAC generated for the sent message does not correspond to the one that would be generated using the message with the current secret Key, so we can discard this message. The MAC can have different sizes: 32, 64, 128 bits, however it is always created using the 128 bit AES algorithm. Its size is just the bits length which is attached to each frame. The more large the more secure (although less payload the message can take). Data Security is performed encrypting the data payload field with the 128 bit Key.
Figure: IEEE 802.15.4 Frame
The mode used to encrypt the information is AES-CTR. In this mode all the data is encrypted using the defined 128 bit key and the AES algorithm. The Frame Counter sets the unique message ID, and the Key Counter (Key Control subfield) is used by the application layer if the Frame Counter max value is reached.
Figure: AES-CTR Encryption Frame
ZigBee implements two extra security layers on top of the 802.15.4 one: the Network and Application security layers. All the security policies rely on the AES 128 bit encryption algorithm so the hardware architecture previously deployed for the link level (MAC layer) is still valid. There are 3 kinds of keys: master, link and network.
- Master Keys: They are pre-installed in each node. Their function is to keep confidential the Link Keys exchange between two nodes in the Key Establishment Procedure (SKKE).
- Link Keys: They are unique between each pair of nodes. These keys are managed by the Application level. The are used to encrypt all the information between each two devices, for this reason more memory resources are needed in each device.
- Network key: It is a unique 128 bit key shared among all the devices in the network. It is generated by the Trust Center and regenerated at different intervals. Each node has to get the Network Key in order to join the network. Once the trust center decides to change the Network Key, the new one is spread through the network using the old Network Key. Once this new key is updated in a device, its Frame Counter is initialized to zero. This Trust Center is normally the Coordinator, however, it can be a dedicated device. It has to authenticate and validate each device which attempts to join the network.
As explained previously, ZigBee provides secure communications inside a network using 128 bits AES encryption. The API functions enable using security and data encryption.
Enables the 128 bits AES encryption in the modules.
Example of use:
xbeeZB.setEncryptionMode(0); // Disable encryption mode
xbeeZB.setEncryptionMode(1); // Enable encryption mode
xbeeZB.getEncryptionMode(); // Enable encryption mode
xbeeZB.encryptMode→ stores if security is enabled or not
• Enable encryption example:
Configures options for encryption. Available values are:
• 0x01 : Send the security key unsecured over the air during joins • 0x02 : Use Trust Center . ZigBee defines a trust center device that is responsible for authenticating devices that join the network. The trust center also manages link key distribution in the network.
Example of use:
xbeeZB.setEncryptionOptions(0x02); // Use Trust Center
xbeeZB.getEncryptionOptions(); // Get options for encryptions
xbeeZB.encryptOptions→ stores the options for security
Sets the 128 bits AES Encryption Key. If this key is set to zero, a random key is chosen.
Example of use
xbeeZB.setLinkKey(KEY); // Set Encryption Key
xbeeZB.linkKey→ stores the key that has been set in the network
Sets the 128 bits AES Link Key. If 'Link Key' is set to zero, the coordinator will send the network key in clear to joining devices.
Example of use
xbeeZB.setNetworkKey(KEY); // Set Link Key
xbeeZB.networkKey→ stores the key that has been set in the network
Set the application level security. This function decreases the payload by 4 Bytes.
Example of use
xbeeZB.setAPSencryption(XBEE_ON); // Enables APS encryption
xbeeZB.setAPSencryption(XBEE_OFF); // Disables APS encryption
If encryption is enabled in the coordinator, it will apply a security policy to the network when creating it. Enabling security in a network adds an authentication step to the joining process. For example, after a router joins a network, it must then obtain the network security key to become authenticated. If the device cannot obtain the network security key, authentication fails, and the device leaves the network since it cannot communicate with anyone in the network.
A trust center is a single device that is responsible for determining who may join the network. If a trust center is enabled, the trust center must approve all devices before joining the network. If a router allows a new device to join the network, the router sends a notification to the trust center that a join has occurred. The trust center instructs the router to either authenticate the newly joined device or to deny it. A trust center is required for some public ZigBee profiles.
To use a trust center in a ZigBee network, the coordinator should set the "use trust center" bit correctly in the 'Encryption Options' parameter before starting a network. Only the coordinator can serve as a Trust Center.
Modules define a network key and a link key (trust center link key). Both keys are 128-bits and are used to apply AES encryption to RF packets.
The coordinator selects a network security key using the 'Encryption Key' parameter. Similarly, the coordinator must also specify a link key using the 'Link Key' parameter.
When a device joins a secure network, it must obtain the network key from the coordinator. The coordinator will either transmit the network key using a pre-installed link key. If the 'Encryption Options' bit is set to transmit the network key unencrypted, or if the 'Link Key' parameter is set to 0 on the coordinator (select a random link key), the coordinator will transmit the network key unencrypted. Otherwise, if the 'Encryption Options' bit is not set and 'Link Key' is > 0, the coordinator will encrypt the network key with the link key.
If a joining device does not have the right preconfigured link key, and the network key is being sent encrypted, the joining device will not be able to join the network.
Network security requires a 32bits frame counter maintained by each device. This frame counter is incremented after each transmission and cannot wrap to 0. If a neighbour receives a transmission with a frame counter that is less than or equal to the last received frame counter, the packet will be discarded.
To prevent an eventual lockup where the frame counter on a device reaches 0xFFFFFFFF, the network key should be periodically updated (changed) on all devices in the network. To update the network key in the network, the coordinator should issue the 'Encryption Key' parameter with a new security key. This will send a broadcast transmission throughout the network causing the frame counters on all devices to reset to 0, and causing devices to begin using the new network key. All devices will also retain the previous key for a short time until everyone has switched to the new key.