ZB security ZigBee security model
XBee/XBee-PRO ZigBee RF Modules User Guide 76
Frame counter
The network header of encrypted packets includes a 32-bit frame counter. Each device in the network maintains
a 32-bit frame counter that is incremented for every transmission. In addition, devices track the last known 32-bit
frame counter for each of its neighbors. If a device receives a packet from a neighbor with a smaller frame
counter than it has previously seen, the packet is discarded. The frame counter is used to protect against replay
attacks.
If the frame counter reaches a maximum value of 0xFFFFFFFF, it does not wrap to 0 and no more transmissions
can be sent. Due to the size of the frame counters, reaching the maximum value is a very unlikely event for most
applications. The following table shows the required time under different conditions, for the frame counter to
reach its maximum value.
To clear the frame counters without compromising security, the network key can be changed in the network.
When the network key is updated, the frame counters on all devices reset to 0. See Network key updates on
page 76 for details.
Message integrity code
The network header, APS header, and application data are all authenticated with 128-bit AES. A hash is
performed on these fields and is appended as a 4-byte message integrity code (MIC) to the end of the packet. The
MIC allows receiving devices to ensure the message has not been changed. The MIC provides message integrity in
the ZigBee security model. If a device receives a packet and the MIC does not match the device’s own hash of the
data, the packet is dropped.
Network layer encryption and decryption
Packets with network layer encryption are encrypted and decrypted by each hop in a route. When a device
receives a packet with network encryption, it decrypts the packet and authenticates the packet. If the device is
not the destination, it then encrypts and authenticates the packet, using its own frame counter and source
address in the network header section.
Since network encryption is performed at each hop, packet latency is slightly longer in an encrypted network
than in a non-encrypted network. Also, security requires 18 bytes of overhead to include a 32-bit frame counter,
an 8-byte source address, 4-byte MIC, and 2 other bytes. This reduces the number of payload bytes that can be
sent in a data packet.
Network key updates
ZigBee supports a mechanism for changing the network key in a network. When the network key is changed, the
frame counters in all devices reset to 0.
APS layer security
APS layer security can be used to encrypt application data using a key that is shared between source and
destination devices. Where network layer security is applied to all data transmissions and is decrypted and re-
encrypted on a hop-by-hop basis, APS security is optional and provides end-to-end security using an APS link key
that only the source and destination device know. APS security can be applied on a packet-by-packet basis. APS
security cannot be applied to broadcast transmissions.
Average Transmission Rate Time until 32-bit frame counter expires
1 / second 136 years
10 / second 13.6 years
To Next Page
Loading...
Need help?
General
