ZigBee specification. Security
The ZigBee security concept is based on mutual trust ...
As noted earlier in my topics and articles on ZigBee networks, a distinctive feature of ZigBee networks is guaranteed, resistant to interference, multipath attenuation, various failures and failures data transmission.
To this should be added: not only guaranteed, but also safe transmission, which is important for many critical applications.
It is not difficult to imagine what unauthorized interference with the operation of the process control system or security system can lead to.
However, in less critical applications, there should be the possibility of lowering the price of devices due to some reduction in security requirements.
It is this approach that is implemented in the ZigBee security model, which this topic is dedicated to.
The primary privacy mechanism in ZigBee networks is the proper protection of all key data. And the basis of security is a trusting relationship, which is mandatory both at the stage of initial installation of keys and in the process of processing information regarding security. That is, data exchange should be carried out only between trusted parties. This approach sequentially permeates the entire hierarchy of data exchange.
The ZigBee specification governs security at the NWK and APS levels and relies on the basic security framework regulated by the IEEE 802.15.4 standard. Application security is ensured through application profiles (protocol stack can be viewed here)
Keys are the cornerstone of ZigBee security architecture. Their protection is of the utmost importance, and keys should never be transmitted over unsecured channels. A short-term (and only) exception to this rule takes place only at the moment of connection of a previously not configured device to the network.
The ZigBee specification provides for special security measures, since networks created in a particular case may be physically accessible to external devices, and specific working environments may be unpredictable. Moreover, different applications that run simultaneously and use the same transceiver for communication must be mutually trusted, because for cost reasons the model does not provide a firewall between application objects.
In the protocol stack, the various layers are not cryptographically separated, so an access policy is required and requires proper design. An open trust model within the device allows key sharing, which especially reduces the potential cost of the device.
However, the layer that creates the frame is responsible for its security. If there is a risk of malicious devices, the entire payload on the layer that creates it must be encrypted so that unauthorized traffic can be immediately cut off. An exception, as already mentioned, is the transfer of a network key to a new attached device, which transfers the level of unified network security to it.
Security architecture
The security system in accordance with the ZigBee specification is based on a 128-bit AES algorithm. Security services provided by the ZigBee specification define key generation, device management, and data protection.
ZigBee uses 128-bit keys to implement security mechanisms. The key can be associated either with the network (and used by the ZigBee and MAC sublayer) or with the communication channel. The key can be obtained by pre-installation, agreement or transfer. Creating communication channel keys is based on the use of a master key that controls the correspondence of communication channel keys. The initial master key must be obtained through a secure environment (transmission or pre-installation), since the security of the entire network depends on it. The master key and communication channel keys are visible only at the application level. Different services use different variations of the communication key to avoid leakage and security risk.
Key distribution is one of the most important network security features. In a secure network, one special device is assigned to which other devices trust the distribution of security keys - the security control center. Ideally, each device on the network should have a pre-loaded address for the security control center and an initial master key. Applications without special security requirements can use a network key transmitted by the security control center via a channel that is not protected at the time of transmission.
In this way, the Trust Center maintains a network key and provides point-to-point security. Devices will only accept messages encrypted using the key provided by the Security Control Center, with the exception of the original master key.
The security architecture is distributed between network layers:
The MAC sublayer is able to establish reliable communications with a neighboring device. As a rule, it uses the level of security defined by the upper levels.
Network layermanages routing, processes received messages, and can route requests. Outgoing frames will use the key of the corresponding communication channel according to routing, if available; otherwise, a network key will be used to protect the payload from external devices.
Application levelinstalls keys and provides transport services to both the device object (ZDO) and applications. He is also responsible for the distribution of messages about changes in devices within the network that can come from both the devices themselves (for example, a simple change in status) and from the security control center (which can report that a particular device is being removed from the network). The layer also routes requests from the devices of the Trust Center and updates the network key from the Trust Center to all devices.
The ZDO device object supports device security policies.
Security Management Center
A key element of the ZigBee security concept is the Security Management Center.
At the stage of formation or reconfiguration of the network, the security control center allows or prohibits the addition of new devices to the network.
The Trust Center can periodically update the network key and switch to a new key. First, it translates a new key, encrypted using the old network key. Then it informs all devices about the transition to a new key.
Typically, the network security concurrent control center is a network coordinator, but it can also be a dedicated device.
The control center plays the following roles in ensuring security:
a) verifies the authenticity of devices wishing to join the network,
b) supports and distributes network keys,
c) ensures the security of device interaction.
Key Types
ZigBee uses three types of keys for security management:
a) a master key,
b) a network key, and
c) a communication channel key.
Master key
This key is not used for encryption. It is used as a secret code shared by two devices when the devices perform the communication channel key generation procedure.
The master keys created by the Security Control Center are called the master keys of the Security Center, all other keys are called the application-level primary keys.
Network Keys
These keys provide network layer security. A network key has each device in the ZigBee network.
Over wireless channels, high-security network keys should only be sent in encrypted form. Standard network keys can be sent in both encrypted and unencrypted forms.
Communication Channel Keys
These keys provide secure unicast messaging between two devices at the application level.
Standard Security Mode
In standard security mode, the list of devices, master keys, communication channel keys and network keys can be stored both in the security control center and in the devices themselves. The Security Management Center, however, is responsible for maintaining the standard network key and controls the policy of admission to the network. In this mode, the requirements for the memory resources of the security control center are much lower than for the enhanced security mode.
Advanced Security Mode
In enhanced security mode, the security control center stores a list of devices, master keys, communication channel keys and network keys necessary to control and apply the network key update policy and network access. In this mode, as the number of devices on the network grows, the amount of memory needed by the security control center quickly increases.